My Securi-Tay 2019 Keynote

On March 1st, I had the amazing honour of giving the opening keynote at this year’s Securi-Tay conference at Abertay University in Dundee. It was a really well-organised event with a sell-out crowd in attendance. I definitely learnt from the experience, and watching the recording below has made me pick up on a few things I would like to improve for future talks I give. Please do give it a watch if you want. »

Moving From WordPress to Hugo

For a while now I’ve been toying with the idea of switching my site from WordPress to a static site generator. There are a few reasons why I’ve been considering it: WordPress is lovely, but it’s the only reason I have PHP running on my web server WordPress doesn’t have a fantastic track record regarding security, though this is mostly down to poorly written plugins I very rarely update my site, so running a full-on content management system with all its bells and whistles seems a tad overkill Using a static site generator lets me play with some new things I like the concept of using version control so I can treat the site as code, and undo changes when I go down a rabbit hole In theory it’s much faster and more secure to have a statically built website A lot of people I respect are using static site generators There are a few options for static site generators, including: »

Author image Nick Murison

Cycling in the UK - Dispelling some myths

Those of you who know me are likely aware of my (un)healthy obsession with cycling. I regularly commute to work on my trusty steed, and will soon be upping my distance from a respectable 25 miles round trip to approximately 34 miles. There are several reasons for my preference for the velocipede as a form of transport, which I should probably write a separate blog post on. For now, here are some highlights: »

Goodbye old VPS, hello Mythic Beasts!

For the past few years, I’d been leveraging a VPS provider based in Germany, with hosting in France. It was a big step up from my previous shared hosting provider, and let me take control of various aspects of my website and mail server setup: Configuring (and hardening) the server setup, instead of relying on the hosting provider’s “OK for most people’s needs” setup Leveraging my own properly signed SSL certificates, instead of needing to pay the hosting provider extra for the privilege IPv6 support (sort of… more on that later) At first, the move to the (old) VPS provider was a great improvement. »

Author image Nick

FreeRADIUS-WPE and Quirky WPA Supplicants

I was recently on a wireless testing gig where I was faced with a relatively typical scenario: a corporate wireless network leveraging PEAP with MSCHAPv2 for authentication, and wireless clients that were configured to not check for a valid certificate when communicating with the RADIUS server. My standard approach to this on Backtrack follows the one Robert Portvliet describes in his post Capturing and cracking a PEAP challenge/response with FreeRADIUS-WPE (go read it): »

Author image Nick on #wifi,