Archive for the ‘security’ Category

DenyHosts

Monday, July 18th, 2005

SSH dictionary attacks got you down?

DenyHosts parses the SSH log, tracks attempts, and automatically updates /etc/hosts.deny.

(You are using TCP Wrappers, aren’t you?)

Full-Disclosure Weekend

Sunday, May 15th, 2005

Symantec Worm Simulator

Wednesday, May 11th, 2005

Symantec has released a Worm Simulator. I can’t tell whether this is just a sales tool (”Oooh, look at the scary worm! Buy stuff from us or the worm will get you!”) or if it could be useful as a research tool.

If you’re running Windows, download it and let me know.

The DNS Poisoning Attacks

Friday, April 8th, 2005

As of this post, the latest update from SANS was here.

The attacks are serious enough that the Internet Storm Center has raised their Infocon level to “Yellow.” I know this because the icon in my system tray has turned yellow and started flashing.

SIGINT

Wednesday, March 30th, 2005

For those of you who are interested in spy-stuff, I recommend the new book Chatter: Dispatches from the Secret World of Global Eavesdropping by Patrick Radden Keefe.

To quote Scott McNealy (CEO of Sun Microsystems): “You already have no privacy. Get over it.”

The Secret Service and Distributed Computing

Tuesday, March 29th, 2005

The Washington Post has an article on the Secret Service’s internal system for cracking encrypted files. Sort of their own distributed.net.

E-mail address encryption

Saturday, March 19th, 2005

Ok, this is kind of neat: a program that takes your e-mail address, encrypts it using 10-bit RSA, then generates a JavaScript program to decrypt it and generate a mailto: link in a web page. Why do such a thing? Because if you post an e-mail address as plaintext on a web page (like, say, that link to spool@kenytt.net over on the left), it’ll be a matter of minutes before some lowlife scrapes it and spams you.

So I was setting up an autoresponder for homework assignments, and figured I’d give it a shot.

New NSA Security Standard

Monday, March 7th, 2005

The National Security Agency has released a new, recommended set of cryptographic standards for securing sensitive and unclassified data. The standard, called “Suite B,” specifies Elliptic-Curve algorithms for public-key cryptography along with the existing AES and SHA standards for symmetric cryptography and hashing.

Paranoia

Sunday, March 6th, 2005

If you’re not at least a little paranoid by the time you finish this class, then I haven’t been doing my job: from our friends at CAIDA comes “Remote physical device fingerprinting.”

Every computer clock has a bit of skew caused by tiny differences in the hardware. This causes the clock to be slightly different from every other clock, and it could be used to uniquely indentify your computer. It turns out that you can measure this skew from almost anywhere on the Internet, even from behind a firewall. Which means that, potentially, your computer can be tracked even if connects to the Internet through different networks…

Paranoid yet?

An Illustrated Guide to Cryptographic Hashes

Wednesday, February 23rd, 2005

I’ve added a link to Steve Friedl’s An Illustrated Guide to Cryptographic Hashes to the course outline. I’ll say about this page what I said about the Kerberos paper: if you have trouble following the book, see if this helps.