Archive

Posts Tagged ‘Security’

RockYou hacked passwords weak.

January 21st, 2010 Jimmy No comments

Late last year some 32million accounts were hacked at RockYou. What was the most common factor for these accounts? Weak passwords. Passwords are your lifeline for your Internet accounts and you shouldn’t be using guessable words and numbers as your passwords. I’m not saying you should use a giant 32 character password, but adding a few combinations of numbers and special characters can make it difficult for hackers to guess.

Create a new password now.
1. Open up the dictionary
2. Look for a cool word that you can remember.
3. Add two numbers to the end of the word.
4. Add two special characters as well.

Example: slapstick72**

In reality, slapstick72 is a perfectly good password without the *’s.

RockYou accounts had passwords such as “12345″ and “123456789″, but those are obviously easy to guess. It really is laughable.

“Only 0.2% of users had what would be considered a strong password of eight or more characters that contains a mixture of special characters, numbers and both lower and upper case letters, says the study.” -TechCrunch

That is sad.

Weak passwords were also the cause of the Major twitter hack not too long ago.

Setting up a firewall in Linux with iptables.

January 7th, 2010 Jimmy No comments

Setting up a firewall in Linux is actually surprisingly easy. With Ubuntu you may want to make sure the iptables package is installed. If you run Slackware, the best Distro on Earth, you’ve already got it. Iptables is the heart of most firewall scripts in Linux.

I’m going to assume that you are running a Linux box with two Ethernet cards installed. One controller will be on the public network side, the other on the private network side. For this example we’ll also be using the 192.168.1.* network as the private network and 10.10.8.* as the public (outside) network.

Ok now it’s time to jump into the firewall script. I created a simple bash script called rc.firewall.

#!/bin/sh

###Firewall Kernel Modules and base configuration###
iptables -F -t nat
iptables -F -t mangle
iptables -F -t filter

iptables -X
iptables -t nat -X
iptables -t mangle -X
iptables -t filter -X

echo "1" > /proc/sys/net/ipv4/conf/all/forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

/sbin/modprobe iptable_nat
/sbin/modprobe iptable_filter
/sbin/modprobe ip_tables
/sbin/modprobe ip_nat_ftp
/sbin/modprobe ip_conntrack
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ipt_REJECT
/sbin/modprobe ipt_REDIRECT
/sbin/modprobe ipt_MASQUERADE
/sbin/modprobe ipt_LOG

###Now we want to forward all web traffic to a server on the internal network.
iptables  -t nat -A PREROUTING -d 10.10.5.56 -p tcp --dport 80 -j DNAT --to 192.168.1.27:80

##Lets configure a secure web connection too.
iptables  -t nat -A PREROUTING -d 10.10.5.56 -p tcp --dport 443 -j DNAT --to 192.168.1.27:443

##A configuration to a telnet port on another Linux box? Forward public traffic on port 2000 to port 23 on an internal server.
iptables  -t nat -A PREROUTING -d 10.10.5.55 -p tcp --dport 2000 -j DNAT --to 192.168.1.210:23

###We can't forget to route Quake Arena traffic as well.
iptables  -t nat -A PREROUTING -i eth0 -p udp --dport 28960 -j DNAT --to 192.168.1.64:28960

##Now lets BLOCK a bunch of IP addresses. Basically we are blocking the INPUT, OUTPUT and FORWARDING for all data, source and destination for the given IP address of 213.2.31.55.
iptables  -A FORWARD -p tcp -s 213.2.31.55/8  -j DROP
iptables  -A INPUT -p tcp   -s 213.2.31.55/8  -j DROP
iptables  -A OUTPUT -p tcp -s 213.2.31.55/8  -j DROP
iptables  -A FORWARD -p tcp -d 213.2.31.55/8  -j DROP
iptables  -A INPUT -p tcp   -d 213.2.31.55/8  -j DROP
iptables  -A OUTPUT -p tcp -d 213.2.31.55/8  -j DROP

###Route all web based surfing and Internet access through this firewall.
iptables  -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Thats basically it. Save and run the firewall script. You can test by trying to surf from within the network. Make sure the Gateway on your workstation is set to the internet IP address where this script is running.

You can also call a friend or someone to try to access a web server or whatever for testing.

Implement SSH using libssh.

December 11th, 2009 Jimmy No comments

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote programs. With its Secure FTP implementation, you can play with remote files easily, without third-party programs others than libcrypto (from openssl).

Features

* Full C library functions for manipulating a client-side SSH connection
* SSH2 and SSH1 protocol compliant
* Fully configurable sessions
* Server support
* SSH agent authentication support
* Support for AES-128, AES-192, AES-256, Blowfish, 3DES in CBC mode
* Use multiple SSH connections in a same process, at same time
* Use multiple channels in the same connection
* Thread safety when using different sessions at same time
* POSIX-like SFTP (Secure File Transfer) implementation with openssh extension support
* SCP implementation
* RSA and DSS server public key supported
* Compression support (with zlib)
* Public key (RSA and DSS), password and keyboard-interactive authentication
* Full poll() support and poll-emulation for win32.
* A complete doxygen documentation about its API
* Runs and tested under x86_64, x86, ARM, Sparc32, PPC under Linux, BSD, MacOSX, Solaris and Windows
* Developers listening to you
* It’s free (LGPL)!

Categories: General Tags:

Serena Williams outburst leads to Virus influx.

September 18th, 2009 Jimmy No comments

Serena Williams’ latest outburst incident at the U.S. Open has lead to hackers creating websites with the terms “Serena Williams Outburst” and the infection of who knows how many computers. The main site in question, pixnat.com, hosts a variety of viruses and Malware, specifically fake anti-virus pop ups. Another perfect example of how hackers are tacking advantage of Search Engine Optimization tactics to spread their Spyware. Read more…

Secure FTP with FileZilla.

August 27th, 2009 Jimmy 1 comment

I don’t know why I didn’t think of this early, maybe the bad round of gold today freed my mind! Get rid of FTP forever on your Linux machines! We recently got a bad Linux worm from an FTP vulnerability. FTP security has been a big problem for us lately and I think I found a solution. The good news is it’s already installed and running on most Linux distributions!
Read more…

Categories: General Tags: ,

How to better secure your online accounts with two passwords.

June 21st, 2009 Jimmy No comments

Many of us have accounts all over the Internet; Ebay, Gmail, Yahoo, World of Warcraft, EVE Online and the list goes on. You can take just a few steps in making sure your online accounts don’t get hacked. With your personal information so readily available, hackers can easily hack almost any of your online accounts.
Read more…