There’s bunch of instruction talking about how to reset password on raspbian. But they all require physical access to the raspberry pi and take out the SD card and need keyboard and monitor the reset the password.
My case is I forgot my password of course. There’s many reasons: The system is seldomly used. Forgot to put the password into password manager app. The login credential is remembered in SSH client. However, because the credential is kept in SSH client which means I can still log into the raspbian, only thing is I don’t know the password now, and no way to change it.
I tried all possible ‘dictionary attack’ to my pi but no success. Then at the last resort, I figured out something works.
Continue reading “How to reset Raspbian forgotten password if you still have SSH login”
The IT technologies are changing from closed on premise infrastructure to cloud platform. Security is no longer segregated trusted zone but more zero trust approach. What will happen in 2025 of Information Security industry? Any focusing areas and new opportunities? Here’s my point of view.
Continue reading “Security Trends Forecast 2025”
Leveraging Pi-Hole, you can force kids to redirect google search traffic to google safesearch, safe youtube and etc.
Here’s the script I use in Pi-Hole dnsmasq configuration.
Continue reading “Force kids device to Google SafeSearch and Safe Youtube”
There is a need to provide some level of parent control and kids safe Internet access at home. Using OpenDNS is a easy and cost free solution.
To customize the web security filtering policies for your own case, you need to update home Internet public IP to OpenDNS so that the customized your policy will be applied. In a dynamic IP situation, it is essential to keep telling OpenDNS the latest correct Internet IP. Instead of install OpenDNS updater client on MAC/WIN/LINUX, we can use Mikrotik RouterOS scripts to update the IP directly.
Continue reading “Mikrotik RouterOS Dynamic Update Script for OpenDNS”
I have a spare Cisco Aironet 3702i but I do not have Cisco Wireless Controller to manage it. But I do like its wireless capability and I want it to replace ASUS RT-AC68U as home main wireless access point.
I also have a Mikrotik hex POE 960PGS router to provide both connectivity and power to surveillance camera.
I want to fully utilize the gears I have and just use a cost effective solution to achieve secure home wireless network.
- Multiple SSIDs with different VLANs, different encryption and authentication methods
- Each SSID network needs to be segregated with others
- One SSID needs to be in the same subnet of local wired network
Continue reading “Mikrotik RouterOS work with Cisco Aironet AP”
Trust Is Tops
- Only use trusted apps or software.Download apps directly from trusted app stores such as iTunes and software from well-known sites. Be especially careful of apps or software you’ve never heard of or malware posing as legitimate apps. If you’re unsure if an app is legitimate, check the ratings and reviews in the app store. If it’s a major retailer and it only has one review or a low rating, it might be a copycat.
- Don’t trust every search result.Just because you get dozens of search results for “free golf handicap spreadsheet calculator” doesn’t mean you should download each one to try them all.
- Office documents and spreadsheets are notorious for hosting malware within embedded macros. If you frequent forums or communities of interest, ask what software others have used.
- Beware of extras when installing software.Even legitimate software or browser add-ons can be accompanied by malware. Remember that every new app or software you install is a new potential entry point for cybercriminals. Be sure to uncheck extra software options unless you really need them.
Don’t Click That
- Beware of unexpected emails. IBM X-Force has observed scammers using fraudulent package tracking emails, for example, to spread malware such as Locky ransomware. Be cautious and wary of unsolicited emails.
- Double-check links. Scrutinise links in emails and social media posts. Hover over the URL to make sure a link directs to a legitimate website before clicking it.
Protect Your Passwords
- Don’t save your info. Yes, it’s a pain to retype your info every time you want to order something online, but you should never save your password or credit card information in retail or bill payment sites, especially those you don’t frequent.
- Use a special shopping email address and password. Have a separate email address just for retail websites and create unique passwords for each account. Use a password wallet to store your login credentials.
- Get creative with password reset questions.When filling out account information, opt for the password reset question that doesn’t involve public information. For example, don’t use your high school mascot, since that could be found online. Instead, pick a subjective question (favourite dessert, favourite song, etc.) and enter answers that only you would know.
- You can also create unique answers to each question and store them securely in a password wallet.
Control Your Credit Cards
- Opt for credit over debit cards. Use credit cards instead of debit cards whenever possible. Credit card providers offer protection if your card is compromised and won’t dock your checking account if there’s an issue.
- Use one-time credit cards. You may want to consider a one-time credit card when buying from a nontrusted or entirely new retailer. That way, you can avoid putting your personal card data at risk.
SSL / TLS / HTTPS
- Is TLS fast yet – A great site debunking the myths of SSL/TLS speed cost
- Firesheep – A watershed moment for SSL by demonstrating the ease with which unprotected traffic can be intercepted and sessions hijacked
- Qualys SSL Labs – Tests a variety of attributes of the SSL implementation by pointing it at any URL
- CloudFlare – Get SSL for free on any website
- Let’s Encrypt – It’s coming, and it promises to fix the current mess that is CAs and configuring certs
- Betsy’s free wifi – Shows a young girl standing up a rogue wifi hot spot
- Chromium HSTS preload list – All the sites submitted for HTTP strict transport security preload (a depressingly small number of them)
- HTTP Shaming – Sensitive data sent insecurely? Name and shame!
Continue reading “Some Security Links”