Monday, January 28, 2019

Chrome and xclip

Have been watching a number of crackme-type walk-throughs, where the speaker relies heavily on xclip to capture a command line output so that the mouse can be used to paste data into the browser. I could never get it to work with Chrome, until today. To use xclip with Chrome, add the following to ~/.bashrc (or .bash_aliases if you have it): alias xclip="xclip -selection clipboard" After that, it should work as expected.

Thursday, January 10, 2019

My VLAN beef

After all these years, why is it that pundits still associate use of VLANs with security? Any security afforded by use of a VLAN is a side effect and is considered (by those in security) as not assurable (e.g., it cannot be proven by testing), is easily broken, and is very easily mis-configured.

A VLAN is a traffic management tool, designed to increase overall (employable) bandwidth in an architecture. It does not employ authentication or encryption. Security is increased (often negligibly) by ensuring that traffic doesn't "go" somewhere. In some architectures (e.g., VoIP phones on the same network segments as the workstations), this separation doesn't exist.