(IN)Secure Magazine Issue 29, March 2011 has been released

Mar 09
2011

Probably the best security magazine :)

Topics covered:

  • Virtual machines: Added planning to the forensic acquisition process
  • Review: iStorage diskGenie
  • Managers are from Mars, information security professionals are from Venus
  • PacketWars: A cyber security sport for a cyber age
  • Q&A: Graham Cluley on Facebook security and privacy
  • Financial Trojans: Following the money
  • Mobile encryption: The new frontier
  • Report: RSA Conference 2011
  • Combating public sector fraud with better information analysis
  • Q&A: Stefan Frei on security research and vulnerability management
  • The expanding role of digital certificatesÉ in more places than you think
  • 5 questions to ask when reevaluating your data security solution
  • How to achieve strong authentication on the Web while balancing security, usability and cost

Download

Speed up your (ubuntu) Linux box with preload

Mar 06
2011

There is a very nice way of utilizing the spare gigabytes of memory on your (laptop) computer.

Preload is a tool which actively monitors the usage of programs running on your machine and preloads the libraries of the most used ones. Thus dramatically increasing the loading time of those applications. It is very intelligent, so the only think you need to do is isntall it. On an ubuntu based distro you can easy do that by typing:

sudo apt-get install preload

Alternatively you can download it from its home page.

It will then run in the background and do its magic :)

The only drawback one can see is the slightly lager memory usage, but who cares since RAM is cheap and you probably have more that you need, but that’s not certainly the case with your hard drive. I believe very few laptops come with solid state disks where reading  libraries from the disk every time is not an issue. Most of us are unlucky to own a 5.4k rpm hard disk with 8-16M cache… and this costs us sometimes what seems like an age to load a text editor or the browser.

A few points to note:

  • logs are kept in /var/log/preload.log
  • absolutely no configuration is needed, however you can tune the parameters of /etc/preload.conf to suit your needs
  • sudo /etc/init.d/preload {start, stop, reload} can be executed to start, stop and reload config file

As some test results claim on the Internet it will be able to speed up loading of your most frequently used programs with an average of up to 50% :-0

 

Very quick and very basic overview of network security.

Mar 01
2011

Hi guys

That’s what I wrote for one of my school’s assignments on network security. It is a quick, rather incomplete overview of the security threads on the network, so it is suitable for anybody with little or no knowledge at all in this area.

Warning: Not experienced users.
Allergy advice: May contain trace of nuts :D

Download

Open Pentest bookmark collection

Mar 01
2011

There it is guys a nice collection of “hackery”  bookmarks. They are not all inclusive and some sections need to be parsed but they are all good reference materials. I find having this Hackery folder in Firefox an easy way to reference syntax, tricks, methods, and generally facilitate and organize research. Hopefully the initial set will grow and expand.
Opening it up to everyone will facilitate a knowledge transfer.

 

If you use dropbox, there’s my public link to the latest version.

 

Author : http://www.securityaegis.com/

 

jaChat Project started

May 18
2010

I am glad to announce the start of a new project. It’s working name is jaChat, comes from java & chat.

It is a complete chat system(i.e. server & client). The first version will be really like existing IRC chat systems. But with the tendentious to be more like skype (I exclude the VoIP for now, because it is beyond my capabilities).

As the name suggest base language is Java SE. Honestly there isn’t much point to make it, but it is a good exercise.

One of my intentions is to use it in our school as a message exchanger in labs etc. The other one is to be used a real chat system, because the newest version of skype is full of bugs and my messages cannot reach half of my friends.

The first version or the first draft uses the code name of: appletiser probably all of the releases will use a drink name . Do not ask me why! The technical details of the server are 0.1.alpha.

As the previous sentence suggests the server has a working version, it is fully documented. Documentation can be found here. Please bare in mind that this is really a draft, so documentations probably contains typos, grammar error etc.

Extremely small set of command is implemented at his point :

EHLO nickName  - every connection must start with authentication
USERS - the server returns all of the currently connected users
TALK nickName message - sends the message to nickName
STNCK newNickName - changes the screen name for that user
QUIT - log out
——————————-
Server command:
DSCN – sent from the server to the client, says “I am disconnection you”
USERS listOfUsers – tells the client all of the users availabe to talk to
MSGF user message – you just received message from user
INCK – invalid nick name

I just started the client, so its progress is about 10%. I have done the main class (sets up connection, starts threads). Progress will be regularly poster here :)

CUPP

May 04
2010

The most common password attack is the dictionary one, isn’t it ?

Unfortunately there is enormous amount of users out there who use weak passwords, or even worse the same password as the username. Common pass phrases are:

  • family names
  • wife/husband names
  • phone numbers
  • street name
  • etc

CUPP is a tool which generates a text file containing most of these common passwords and their variations such as password, p@ssword, p@ssw0rd, etc.

It is a python script therefore it is very easy to alter according to your needs and requirements.

You can download its current version 3.0 here.

Ubuntu 10.04 release

May 04
2010

The new Ubuntu version is already out for a number of days. As always I upgraded my OS to the newer version immediately.

For the first time I have to confess that Ubuntu is really good OS. During last 3-4 years Canonical developers were doing huge amount of work on their OS, but this time they did something different, they made it extremely fast ! Yes, Ubuntu 10.04 boots in seconds! On my laptop I am able to use my computer for no more than 40 secs, after pressing enter on grub. My machine is :

AMD Turion 64 x2 @ 1.9 GHz
2 GB RAM @ 800MHz
HDD @ 5200 rpm

Obviously the boot time is so long because of the slow hard drive. I suppose on a desktop machine where the hard disk spins at 720o rpm it will perform better.

But, it is not only the boot time, it is everything that loads immediately ! There is almost no delay from pressing the button and the actual rendering of the windows on the screen. For now I have no idea what they have done to the new version, but it is a good hit.

This distro of Linux is my favorite one now.  I strongly recommend it to every novice/intermediate user.

encrypting your traffic using ssh

Apr 22
2010

An interesting approach to secure your connection within an insecure, public network is to encrypt your packages using an ssh tunnel. This is very reliable technique, provided that you’ve go a spare ssh server +  proxy server with real ip address.

The idea is extremely simple! Imagine the following situation: you are running an ssh daemon on your home computer and squid or other proxy server on port 6969 on the same machine. Ssh provides you with a facility to set up a tunnel from your local machine to the remote on, which does the encryption for you!

If you type:

ssh -L 6969:localhost:6969 user@remoteHost

into your console then you will get a tunnel available on port 6969 on the local machine, which connects you to the remote port 6969, where in fact the proxy is listening to.

Using this approach guarantees you with a secure connection within a public wireless network, or prevents your ISP from dropping your packages to torrent sites or other sites which are restricted.

camera problems with skype on linux

Apr 18
2010

A common problem for Linux’s skype is the camera. Often it doesn’t handle the input data from the camera correctly. Usually green lines are being displayed where the proper image should be. This happens to users with 64 bit OS or users with older cameras.

The problem is easily solved if you enter the following code in your shell.

LD_PRELOAD=/usr/lib32/libv4l/v4l1compat.so skype &

Basically you load your skype with the 32 bit libraries for video capturing.

This code works absolutely fine for Ubuntu 9.10. I assume that it will work on other Ubuntu versions  as good as it does on my machines. The only problem may be the path. But a quick find will do the job for you.

Welcome

Apr 13
2010

This is my first blog post, obviously. I decided to post some stories about stuff in here :) I say stuff, because I intend to post all sorts of trash, therefore the blog will be categorized handy, or at least I hope so. I will mostly talk about computer things, trying to create a discussion on a particular topics (e.g. network security). Definitely I will consider other things like:

  • Fitness – really important part of my life;
  • News and things about me,  I want to “make public” and share;
  • School – I mean university
  • All kind of life matters :)

Probably, that is what I want to say… now. There will be more, I promise :)

Visit Our Friends!

A few highly recommended friends...

Archives

All entries, chronologically...

Pages List

General info about this blog...