Our operation was in Hailuoto, a small island (200.53 km²) in the Gulf of Bothnia with a population less than thousand people. This is my story about our expedition.

The day started by packing the car and catching the ferry departing 10:00 local time. We arrived early to our benefit…

In IPv6 header it’s called “Next Header” and in IPv4 header it’s just “Protocol”. This eight bit value contains information about what kind of content we can expect after the IP header. Usual suspect being a value for all familiar TCP, UDP and ICMP. But there’s also other familiar protocols…

Hacking is a good way to learn and hackathons are a great place to learn with other like-minded people. And that was exactly what we had in mind when we invited our friends and signed in as a team to the first 5G hackathon in the world.

We had no…

This is a short story about a survival scenario I played in the game Space Engineers by Keen Software House. I got inspiration to play this through after someone said the “Space Suit” respawn option for survival shouldn’t be there since it’s only useful for creative mode. …

Code injection attack is a method of taking advantage of a flaw where an application can be tricked to relay malicious code from a system to another system which then executes it. Common examples of such flaws are SQL injections and cross-site scripting (XSS) attacks. In OWASP Top 10 Most…

Testing a network or service availability continuously has the benefit of getting an alert as soon as something changes or breaks. Many networks and services are monitored with for example a cronjob running every hour. We pondered how fast we should test and what should the test interval be.

Our…

Changes to network configuration can be difficult and time consuming to do. Today’s networks are virtualized, complex and outsourced to 3rd party data centers ran by contractors.Many things can go wrong, and it takes time and effort to communicate, implement and validate the needed changes. This difficulty makes adopting new…

Beacon sends Pings towards Home. Ping contain just enough information (and nothing more) for Home to understand where the Ping came from, who sent it and where it was sent to. If Home receives a Ping, it studies the content and sends an alert informing you that something happened.

Our…

Trying to learn from consumer electronics twists your mind. Especially if you mind is more geared towards network hacks. We are close to launching our product which tests the security of your network segregation. The product has two moving parts, a fleet of beacons and a home they try to…

This is the last part in series of three blog posts talking about exploiting Domain Name System (DNS) caching as a carrier. In the first part we went through a bit of background and theory. In the second part we introduced a new software library. …

Ossi Herrala

Co-founder and R&D lead of @sensorfu. Interested about software and network security.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store