Is it a problem that instead of walking across my room to see if my Security Warrior book had a chapter on HIDS, I googled for it and searched the table of contents with CTRL+F on O’Reilly’s website?
Less
More
Archive for May, 2006
Oh, if only someone would write a GPG Firefox extension…
I’m slowly getting to crypto utopia. I have:
- I can login to my remote machines without a password over an encrypted link (tutorial on SSH certs)
- I can encrypt my IM conversations in such a way that they are deniable later, without using a PKI (OTR)
- I can load key material into memory without worrying it’ll be written unencrypted to my swap file (cat /usr/share/doc/cryptsetup/CryptoSwap.HOWTO)
- I can auto mount encrypted file system partitions on my USB key in Linux (still working this out on Windows, FreeOTFE is helping tremendously)
- I have a GPG key to encrypt files and e-mail with (my key)
- I have long, easy to remember passwords (APG, tip: after you generate a passphrase, write it down and carry it in your wallet for a week until you’re sure you won’t forget it, try and use it every day)
What’s missing?
- A fully encrypted hard drive (cat /usr/share/doc/cryptsetup/CryptoRoot.HOWTO)
- A good UI for sending encrypted e-mails with
- Friends who use GPG will follow this
- Check out the GPG Firefox extension proposal above
- Interoperable file system encryption! for god’s sake: GEOS, FileVault, EFS, LUKS…
- A good UI to load and use my PGP key(s) and other keys from a smartcard
- a faster laptop
I have a problem with how Windows is handling multi-partition USB keys that I’m hoping someone can answer for me. My USB key is currently formatted to have one 768M unencrypted partition, following by a 256M LUKS encrypted partition. The 768M partition mounts fine in Windows. However, FreeOTFE refuses to recognize and mount the 256M partition. If I reverse it so the 256 comes first and the 768 last, I get the reverse problem. FreeOTFE will mount the 256 encrypted partition, but Windows won’t mount the 768 unencrypted one even when I try to do it from the Disk Manager.
I read an interesting paper by Ross Anderson a few weeks ago and wanted to present it at a weekly SFS meeting, but I didn’t think everyone would be able to understand the significance of his findings without a basic understanding of 4th Generation Warfare and how it has evolved. I set out to write an easy introduction to the generations of warfare defined by the Marine Corps. This is the product of my efforts:
The History of Modern Warfare in 30 or so PowerPoint slides
The History of Modern Warfare commentary (coming soon)
I used the following sources:
- First_generation_warfare
- Treaty_of_Westphalia
- Second_generation_warfare
- Third_generation_warfare
- Fourth_generation_warfare
- 4th Generation Warfare
- Understanding 4th Generation War by William S. Lind
- The Bazaar’s Open Source Platform
- Cascade Failures in Iraq
- Emergent Intelligence in Open Source Warfare
- Stigmergic Learning and Global Guerillas
- Network_Warfare
- OODA and the Rainbow of Generational Warfare at tdaxp
I spent all day writing Perl scripts to help myself study for my Perl exam on Monday. This handy one came out around 5pm.
Download Dan’s Password Statistics
You can feed it an unshadowed password file and it will generate:
- The number of default passwords (you’ll have to modify this yourself, I left it as the last 4 of your SSN)
- The most common passwords
- The lengths of all the passwords, as well as the average length
- Optionally, print the username of anyone with a password less than 5 characters or anyone who chose ‘password’ as their password (idiots!)
Usage: ./dpws.pl unshadowed_cracked_passwd.txt or ./john -show unshadow.txt | ./dpws.pl -stdin
In order to demonstrate both to myself and my professor that I have, in fact, learned Perl this semester, I wrote a simple md5-crypt password cracker.
I plan on extending it to support des-crypt as well as hash table generation and hash table lookups a la Rainbow Tables :-). Nahhh, not really. It was real fun to write though! If anyone adds to my little script, please tell me, I’d like to know.
I’d like to thank Mike, Yan, and Pavel for answering my questions while writing it.
