Its been a really long time since my last post. School, as always, is consuming much of my time and I haven't had much time to study security. However, I have recently read a book that is very interesting and involves interviewing successful entrepreneurs that are mostly software and hardware designers that ended up starting companies like Adobe and PayPal, entitled Founders at Work. The book shows you how the founders of companies created new ideas and implemented them. One think I found interesting is that many of the founders interviewed said that its not the idea you come up with that is important. It's the people you work with and choose when initiating a start-up. Open minded people working together will create good ideas just by working together. If you get emotionally tied to an idea, it can actually keep you from becoming successful because it may not actually be a good idea.
This actually ties into computer security pretty well. When looking for security holes, one must keep an open mind about how an intruder might want to attack their system. This is the component of computer security that separates it from monotonous sequential testing and turns it into an art form. One where creativity allows one to see things in different ways, in opening up a new direction of attack when performing a penetration test, or realizing a new optimal way for users to easily access a service while keeping malicious users out. Founders at Work helps you to understand the process of discovering new ideas - which is why I recommend it as a book.
Saturday, March 9, 2013
Monday, April 16, 2012
Long time, no posts
It's been quite a while since a last post, as I've been really busy with life. I don't have any newly discovered information, but may have some coming soon. While you're waiting, here's a link to another blog that occasionally gives useful information about exploits. http://enc0de.blogspot.com/
Wednesday, August 17, 2011
Backtrack 5 R1 Released!
The release of BackTrack 5 R1 has occurred on schedule, just 3 months after the initial release of BackTrack 5. For those of you who haven't been keeping up, BackTrack is the largest and most well known security distribution for the purpose of penetration testing remote machines as well as cracking passwords and other similar goodies. Basically a hacker's dream. While I am unable to find any release notes on the Back Track website, I will download the distro when time permits and have a look. Until then, feel free to enjoy this new release!
Tuesday, August 16, 2011
Stuxnet Industrial Malware Used Vulnerabilites to Take Down Nuclear Plant
If you haven't heard of the Stuxnet bug, this article is a must read. I kid you not. Find a half hour of free time and read the whole thing. By the end you'll be thinking you just finished a fictional novel, but no, it is real life. Its an excellent show of creativity and cunning. And it couldn't have been a one man job. Yet no one knows where the Stuxnet bug came from. Find the article here. I promise you, it will be worth your while.
Friday, August 12, 2011
New Linux Cluster Distro Released
Rocks Cluster has released a new version of their clustering software that greatly simplifies the process on the software side of building a Linux cluster. I have yet to try using it for distributed cracking of passwords, however it should function similarly to most clustered distributions. The update has increased security dealing with root passwords as well as bug fixes and other small changes. The distribution update at distrowatch can be found here and the website can be found here.
Build Your Own Linux Distribution
I know it's been a while. Life gets in the way. I'm here to update with a new perspective on Linux. Not a new distribution, but a DIY style approach. The website Linux From Scratch walks you through the process of building and compiling your own Linux distribution, while teaching you how operating systems are structured and explaining to you the software required to make a minimal working distribution for you to work your magic on. This allows you to be creative, while making a system that is light weight, as it has literally only the software you want installed and nothing else. This means less disk space used by the OS, more stability, and more security, due to not having any mis-configured software with holes that your do not know about.
This website is a perfect use for non-desktop configurations like embedded systems and web servers, however it is quite capable of being used to create your own desktop configuration with an environment and window manager of your choice, however if this website interests you, my guess is that you're a purist and are going to be using this for a custom setup.
This website is a perfect use for non-desktop configurations like embedded systems and web servers, however it is quite capable of being used to create your own desktop configuration with an environment and window manager of your choice, however if this website interests you, my guess is that you're a purist and are going to be using this for a custom setup.
Wednesday, May 18, 2011
Backtrack 5 - Anonymous phone calls
I've realized an interesting way to make completely anonymous phone calls online using a real phone number. Its surprisingly easy as well. It uses three or so well known pieces of software, and can keep you in secure contact with others, without worrying about being tracked online or eavesdropped on. The first thing to do is boot up Backtrack. Backtrack comes with Tor, the software used to keep all of our online activities anonymous. If you don't trust Tor, use another proxy based in a country outside yours. From my understanding this should make it more difficult for government employees to track, as they would have to request the information from the other country and all that goodness. Routing through multiple foreign countries will add to anonymity as far as this theory is concerned, but may reduce sound quality when talking through this internet connection. It may just be easier to use free public wifi with Tor, as that is what I would do. Backtrack also contains macchanger, software used to change your hardware mac address, furthering your anonymity. Lastly, Backtrack comes with chatting software, some of which are compatible with the Skype protocol, which is going to be the voice software used to communicate during the call. If the version of Backtrack you are using does not contain this software, it is all free and can be easily obtained and installed. Note that I have yet to try Backtrack 5, but will post on that separately after getting a feel of the software. If it changes any of the procedure in this post, I will make changes as necessary after testing in the new release.
Friday, May 6, 2011
Securing your Windows PC by deleting stored passwords in web browsers
Passwords are stored throughout your computer in different forms, some being within the registry, while others are stored in files on your computer. The following is a list of programs and where their passwords are stored. Included is information on if and how they are encrypted. In a future post I may include information on recovering this data if possible, depending on the source.
Internet Explorer saves passwords in the Windows registry. These passwords are encrypted and the key is based on the website that they are used with to save. The location of these passwords is as follows:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2
Firefox stores saved passwords in two files. I found these files to be in:
%User%\AppData\Roaming\Mozilla\Firefox\Profiles\[xxxxxxx].default
the files to remove are called signons.txt and key3.db. These can be deleted to remove the passwords. On my Windows 7 machine signons had the extension sqlite instead of txt.
Opera saves its passwords in a file called wand.dat.
I do not use Opera, so I have not had time to experiment with this file, however as I understand it, recovering passwords from Internet Explorer and Firefox is trivial. Some cookies store passwords as well, although if they do, passwords in cookies are almost always encrypted. So a future post may cover recovering these if possible.
Internet Explorer saves passwords in the Windows registry. These passwords are encrypted and the key is based on the website that they are used with to save. The location of these passwords is as follows:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2
Firefox stores saved passwords in two files. I found these files to be in:
%User%\AppData\Roaming\Mozilla\Firefox\Profiles\[xxxxxxx].default
the files to remove are called signons.txt and key3.db. These can be deleted to remove the passwords. On my Windows 7 machine signons had the extension sqlite instead of txt.
Opera saves its passwords in a file called wand.dat.
I do not use Opera, so I have not had time to experiment with this file, however as I understand it, recovering passwords from Internet Explorer and Firefox is trivial. Some cookies store passwords as well, although if they do, passwords in cookies are almost always encrypted. So a future post may cover recovering these if possible.
Tuesday, May 3, 2011
The Tor Network and configuring an anonymous webserver
The Tor network, as stated before, is a virtual network of tunnels (advocated and developed by none other than Jacob Appelbaum) that allows a user to surf the internet anonymously. However, this is not the only thing that Tor is capable of. Tor works as a large network of computers that your data and internet traffic is routed through randomly, allowing information to be sent through the internet without knowing where it is coming from. This also includes webservers. The tor network allows you to serve a website without others knowing the source of the server itself, allowing freedom of speech on the internet. Tor's information on setting up this type of 'hidden service' as they call it is located here.
Wednesday, April 20, 2011
Make your own computer hardware
If you're into computer programming as a hobby, but are looking for something more, you may want to look into building your own custom hardware. It sounds like a difficult feat, however once you become comfortable with circuits and different types of components, its very similar to writing software in that you have a specific design goal and you implement it using groups of components. In this case the components are actual physical hardware components instead of computer libraries or function calls. A lot of useful things can be built on your own when making your own hardware, like biometric scanners, keypads, and other security devices (you may even want to make your own custom hardware keylogger). These are usually controlled using a microcontroller, which is basically a low power computer compressed into a single chip. This means you can program them in assembly (different architectures use different assembly languages) or C using a compiler. Some chip architectures also have higher level programming languages available such as BASIC.
Saturday, March 12, 2011
Security Reference and Guides for Linux
A wonderful website to check out is http://distrowatch.tradepub.com/. It contains a fairly large collection of free books, magazines, whitepapers, and other types of publications that have the purpose of learning something new that deals with Linux. It contains articles for novices, who have no Linux experience, as well as seasoned users, as some articles may be written with the goal of setting up a Linux distro from scratch and will give you information from beginning to end on how to set things up. If you're in the mood for learning something new and you have yet to decide exactly what that is, check out some articles on the page to see what you think of them, and you'll probably learn something new in the process.
Friday, March 11, 2011
Hardware Troubleshooting
Troubleshooting computer problems can sometimes be a daunting task, especially when there is little information about your problem. Often it is best to try to assume that it is a software problem, and go through every possible solution, including replacing the current operating system (which in clients, is almost always windows) with a bootable linux distribution. If a problem persists with the bootable linux distribution, chances are you are dealing with a hardware problem, but there are cases where the bootable distro may not have sufficient drivers and software, so it is not a sure thing, but if you are having a large problem, like random things happening, or the whole computer freezing and rebooting in multiple operating systems, you're probably dealing with a hardware issue. Now on to troubleshooting the hardware problem itself.
Wednesday, February 23, 2011
Programming I: Comparison of Programming Language Categories
There are many programming languages out there in existence, and each has its own purpose. Some do a better job at modeling graphics, while some do a better job at running computations. There are languages that exist for the purpose of being easier to write software in, and there are others that seem to be the exact opposite. There are also different categories of languages. Scripting languages are usually not compiled, but rather interpreted by the computer at run-time. Other languages exist in a virtually compiled state, being run in a virtual environment, therefore being platform-independent, as long as the virtual machine is available for that platform. These languages tend to run slower. The purpose of this post is to help you familiarize yourself with the types of languages and each languages purpose as well as help you figure out what you want in a language, so that next time you decide you want to learn to program, or learn a new language, you will have some guidance to help you narrow down the best language for you.
Tuesday, January 18, 2011
creating a secure SSH environment
Creating a secure SSH environment is really not all that difficult, but it is wonderfully convenient, and is safer than setting up an FTP server, as it is an encrypted connection. Telnet is also similar to SSH, but it does not contain the same security. SSH and FTP however, do not have the exact same purpose, as FTP is for transferring files and SSH is for a remote command line connection. SSH sits atop TCP and IP, allowing things like forwarding of windowed software through the SSH connection. SCP, or secure copy, allows the transfer of files through SSH.
OpenSSH is currently the largest free SSH server software and is very simple to install in Linux.You can either download the source and compile it from the website or install it using your distributions package manager. Once you have OpenSSH installed you can access it by using the SSH default port, port 22. It is recommended that you change this port once you have your SSH server up and running how you like it to increase your server's security.
Your SSH server can be accessed using many different clients in many different operating systems. For example, if you want to access your Linux server via SSH from a windows machine, simply download a program like WinSCP or PuTTY, and type in your server's IP address (or domain name) and port, and use your user name and password to log in. now you will have a remote terminal to that system. If you are using a client on Linux, you can simply use the ssh command which is included in most Linux distributions. Software also exists that allows use of SSH in an internet browser.
OpenSSH is currently the largest free SSH server software and is very simple to install in Linux.You can either download the source and compile it from the website or install it using your distributions package manager. Once you have OpenSSH installed you can access it by using the SSH default port, port 22. It is recommended that you change this port once you have your SSH server up and running how you like it to increase your server's security.
Your SSH server can be accessed using many different clients in many different operating systems. For example, if you want to access your Linux server via SSH from a windows machine, simply download a program like WinSCP or PuTTY, and type in your server's IP address (or domain name) and port, and use your user name and password to log in. now you will have a remote terminal to that system. If you are using a client on Linux, you can simply use the ssh command which is included in most Linux distributions. Software also exists that allows use of SSH in an internet browser.
Friday, December 17, 2010
Cold Boot Attacks on Encryption
Princeton has come up with an interesting way to attack encryption, going with the fact that memory (RAM) does not reset to all zeros (at least not instantly) when power is lost in a computer. They also cooled down the memory to slow down the chemical reaction of the resetting of the 0s and 1s, allowing much more time to grab keys left in memory. This attack is possible because any document, file, or hard drive that is encrypted must have the key in memory to encrypt and decrypt the data on the fly while the computer is on. Many well known software encryption solutions are known to be vulnerable to this attack. (eg: Truecrypt)
The best way to prevent this attack from occurring is simply to only keep virtual encrypted drives open (or mounted) while they're being accessed or modified. Do not log onto your computer, open the virtually encrypted drive, and leave it open while your computer is open. As long as this is done, the attack cannot be accomplished, as the key won't be in memory.
The best way to prevent this attack from occurring is simply to only keep virtual encrypted drives open (or mounted) while they're being accessed or modified. Do not log onto your computer, open the virtually encrypted drive, and leave it open while your computer is open. As long as this is done, the attack cannot be accomplished, as the key won't be in memory.
Subscribe to:
Posts (Atom)