Vikash Jhagroe’s Post

My last video I showed you how to set up Policy Based Routing with #pfSense using source IP. In this video I will show you how to set up Policy Based Routing using the destination. That means destination IP, destination URL, destination network, hostname or FQDN: https://lnkd.in/ebgUybEp

𝗫𝗔𝗘𝗦-𝟮𝟱𝟲-𝗚𝗖𝗠 - Here comes a new hybrid cryptosystem 👌 𝗫𝗔𝗘𝗦-𝟮𝟱𝟲-𝗚𝗖𝗠 is an authenticated encryption with additional data (AEAD) algorithm with 256-bit keys and 192-bit nonces. The algorithm was designed with the following goals : ✅ supporting a nonce large enough to be safe to generate randomly for a virtually unlimited number of messages (2⁸⁰ messages with collision risk 2⁻³²); ✅ full, straightforward FIPS 140 compliance; and trivial implementation on top of common cryptographic libraries. The large nonce enables safer and more friendly APIs that automatically read a fresh nonce from the operating system’s CSPRNG for every message, without burdening the user with any birthday bound calculations. Compliance and compatibility make it available anywhere an AEAD might be needed, including in settings where alternative large-nonce AEADs are not an option. Like XChaCha20Poly1305, XAES-256-GCM is an extended-nonce construction on top of AES-256-GCM. That is, it uses the key and the large nonce to compute a derived key for the underlying AEAD. https://lnkd.in/dFaud9WF https://lnkd.in/g3CTne82

TCP 3-way handshake succinctly explained.. 1. Client sends sync request to the server with a random sequence number, say x. 2. The server responds with a sync - ack. The ack number is set to one more than the received sequence number(x + 1). The server sends another random sequence number, say y. 3. The client sends ack with acknowledgment number greater than the one recieved(y+1) Bi-directional TCP connection is established. This is one step out of all the steps that happens under the hood when you type a domain name in the browser and hit search…

TCP uses a three-way handshake to establish a reliable connection. The connection is full duplex, and both sides synchronize (SYN) and acknowledge (ACK) each other. The exchange of these four flags is performed in three steps—SYN, SYN-ACK, and ACK—as shown in Figure 3.8. Step 1 (SYN): In the first step, the client wants to establish a connection with a server, so it sends a segment with SYN(Synchronize Sequence Number) which informs the server that the client is likely to start communication and with what sequence number it starts segments with Step 2 (SYN + ACK): Server responds to the client request with SYN-ACK signal bits set. Acknowledgement(ACK) signifies the response of the segment it received and SYN signifies with what sequence number it is likely to start the segments with Step 3 (ACK): In the final part client acknowledges the response of the server and they both establish a reliable connection with which they will start the actual data transfer

An https client get request program using an openSSL x509 self signed certificate. It works with basic https websites but other websites such as google return 301. I guess they are expecting more properties in the request header such as User-Agent. https://lnkd.in/gmrcmrvC

ci.dll ( Driver Signature Enforcement ) Hello, i wont take time from you by reading this :). So i have been reversing ci.dll ( Integrity Module ) and i have found something intrested me ( CiBlackBoxInitialize ), So basically i been checking about how Microsoft are checking ( Unsgined kernel driver ) if it's signed or not as known to load kernel driver it must be signed by microsoft or by other 3rd parties such as ( DigiCert / Comodo etc.. ), so what i have done i used VDM ( Syscall ) and getting kernel module ( ci.dll ) then i toke ModuleBase + CiBlackBoxInitialize Address ( 0x??? ) and writing value ( 0 ) then loading my kernel unsigned driver and the result was possitive and it worked but it seems after +30 minute got blue screen ( BSOD ) it seems after using WinDbg Microsoft checking ci.dll There's PatchGaurd and BSOD was from it, so what i have managed in my second test is before writing value ( 0 ) i'm storing old value then writing the value ( 0 ) then loading my unsigned driver ) and results was possitive and it worked and no BSOD caused :) Results:

The CA/Browser Forum has adopted Multi-Perspective Issuance Corroboration (MPIC) for Certification Authorities (CAs) conducting the Domain Control Validation (DCV) and Certification Authority Authorization (CAA) checks for TLS certificates. MPIC requires CAs to perform their checking from multiple viewpoints on the Internet, making it more difficult for adversaries to launch attacks such as DNS cache poisoning and BGP hijacking, which typically only affect a portion of the internet routing system. Should the CA get different DNS results from its different network perspectives, then there is a high likelihood that an attack is occurring.  Starting in March 2025, CAs must implement MPIC for TLS, using at least two network perspectives. However in this warmup stage, the CA may investigate and choose to issue, even if MPIC results show conflicts. However, starting in September 2025, MPIC conflicts will block issuance. By the end of 2026, CAs will need to operate at least five network perspectives in their MPIC deployment. The MPIC ballot included essential contributions from a CABF non-member, Princeton University, which opened an extended discussion of intellectual property rights, and several versions of the ballot before its successful vote with support from 25 root programs and CAs. Following on from the TLS adoption, the S/MIME Certificate Working Group is also considering adopting the MPIC requirements for email certificates. See https://lnkd.in/eWCGuEGf (particularly section 3.2.2.9).

#AzureDaily 📢 Microsoft Access v2310 Update! 🚀 7 key issue fixes released in October. Improved compatibility, stability, and performance for users. Keep your Access database running smoothly. Update now! ⚙️ #MicrosoftAccess #AzureCloud #Update #SoftwareFixes #DatabaseManagement

#AzureDaily 🚀 Microsoft Access Update: Version 2311 brings 7 crucial bug fixes! Enhancements include solution for query crashes, navigation pane font issues, and missing Access database engine selections. Keep your Access up to date for a smoother experience! ⚙️ #MicrosoftAccess #Update