Finally got around to a blog post about how to block Lan Turtle / poison tap / bash bunny type devices in windows: http://passing-the-hash.blogspot.com/2017/03/blocking-lan-turtle-poison-tap-bash.html …
-
-
Replying to @passingthehash
Isn't the whole thing only an issue if you're submitting credentials or private data to unauthenticated servers or in clear?
1 reply 0 retweets 0 likes -
Replying to @RichFelker @passingthehash
you can use an smb relay attack as the turtle is a MiTM
1 reply 0 retweets 0 likes -
Replying to @UK_Daniel_Card @passingthehash
SMB is unauthenticated to the client. Broken protocol. Don't use.
1 reply 0 retweets 1 like -
Replying to @RichFelker @passingthehash
it's the NTLM 2.0 packets that are the issue, need to use kerbs
1 reply 0 retweets 0 likes -
Replying to @UK_Daniel_Card @passingthehash
Another broken protocol that should not be in use. Right fix is disabling broken protocols not devices.
3 replies 0 retweets 1 like
Any attack that works by providing USB eth works much more easily by providing rogue wifi AP.
6:13 PM - 3 Mar 2017
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.