Menu:
Hacking the XBox
The xbox-linux project published an article detailing the xbox’s security architecture and how it was repeatedly compromised.
17 Mistakes Microsoft Made in the Xbox Security System
It’s an interesting read. I have never taken an interest in game consoles in the first place, but their use as a cheap, quiet, and cool set-top server is increasingly appealing to me. Clearly, the PS2 was always open to running Linux, which makes me wonder if the hardware was similarly subsidized (I suppose so). If the article has it right, Sony managed to both open the PS2 a lot wider where it didn’t bother them, while locking it down a lot better where it did.
Posted by markus on Tuesday, July 04, 2006(0) Comments • Permalink • In the news • IT Security
OpenSWAN/Watchguard IPSEC interoperability
After running head-first into a brick wall a year or two ago trying to make openswan and a Watchguard SOHO6 interoperate, I had occasion to revisit this combination with a more recent version of openswan and a Watchguard X50 Edge.
Executive summary: openswan and the Edge interoperate, MUVPN and openswan interoperate. See below the fold for details.
Click to read MORE...Posted by markus on Wednesday, May 17, 2006
(0) Comments • Permalink • IT Security
IPSEC rant
Note to self: When building complex VMware labs to model unusual network topologies for IPSEC VPNs using X.509 certificate authentication, shutdown and reboot rather than suspend and resume VPN gateways. Their clocks tend to get stuck in the past and certificates that are seemingly issued in the future don’t work too well.
Apropos, before poring over IPSEC logs to pin-point an annoying problem, double-check the firewall and NAT configuration first.
Posted by markus on Thursday, June 24, 2004(0) Comments • Permalink • IT Security
Agnitum Outpost vs. VMware
All versions of the Agnitum Outpost firewall that I ever used block bridged network traffic to and from VMware guest. Here is a quick workaround:
Add a system rule (i.e. Options -> System -> Global Application and System Rules). If the subnet of the network interface used by VMware’s bridged network is e.g. 192.168.1.0/255.255.255.0, you’d use a rule like
Where the local host is: 192.168.1.*
Allow it
Ignoring that this is poor security practice, the only practical problem I’ve run into so far is that Outpost still drops IPSEC/ESP.
Posted by markus on Monday, June 14, 2004(0) Comments • Permalink • IT Security