The Bank of New Zealand deploys Red Hat Enterprise Linux 5

August 14, 2009

Two years ago, the bank began overhauling its mission-critical front-end IT environment, including its Internet banking and bank teller functions, and its middleware layer providing connectivity through to its core back-end data.

"It then migrated its systems to Red Hat Enterprise Linux 5 running under z/VM on the mainframe.

"Today, the bank utilizes both IBM System z10 and z9 systems, exclusively running Red Hat Enterprise Linux 5, to power the bank’s customer-facing banking systems, including Internet banking and teller platforms.

Comments (0)

Introduction Wireless Encryptions

August 13, 2009

WEP - Wired Equivalent Privacy (WEP) algorithm

    - See page 13 and pg 28 for pics ( Acsac.org )
    - WEP uses 40-bit RC4 encryption
    - uses 64 or 128-bit encryption keys
    - WEP key is static
    - RC4 is a stream cipher commonly used by SSL
    - WEP is already cracked (in Feb 2001 ) by Scott Fluhrer, Mantin, Shamir
    - Those exploit scripts was posted around Aug 2001 by someone
    - WEP keys can be reversed in as little as 15 minutes ( Jerry Wang )
    - the 24-bit IV (initialization vector) is used by 64-bit and 128-bit keys
    - short IV subjectto brute force attacks
    - subject to man-in-the-middle attacks
    - the message can be modified
    - no user authentication
    - no key management
TKIP - Temporal Key Integrity Protocol (replaces WEP )
    - See page 13 and pg 28 for pic Acsac.org )
    - initially referred to as WEP2
    - uses 48bit Initialzation Vector
    - starts with a shared 128-bit key among clients and access points
    - combines the temporal key with the client’s MAC address
    - adds a relatively large 16-octet initialization vector
    - still uses the RC4 to perform the encryption
    - changes temporal keys every 10,000 packets

AES - Advanced Encryption Standard (to replace TKIP )

EAP - Extensible Authentication Protocol ( RFC-2284 )

    EAP-MD0n login and passwd
    EAP-Cisco ( LEAP ) uses MS-CHAPv1 w/ known vulnerabilities
    EAP-TLS uses X.509 digital certificates
    EAP-TTLS ( PEAP ) alternative to EAP-TLS

WPA - Wi-Fi Protected Access ( Wi-Fi.org )
    - up to 256-bit encryption keys
    - WPA key is dynamic, changes every 50min on linksys
    - WPA-Personal mode, aka Pre-Shared Key (WPA-PSK)
    - WPA-Enterprise mode, aka WPA-RADIUS
    - WPA automatically generates a new unique encryption key periodically for each client
    - uses temporal keys ( TKIP )
    - user authentication ( Radius, LDAP )
    - Supports MIC - Message integrity code - 64-bit cryptographic tag
    - WPA2 uses AES instead of RC4
MIC - Message Integrity Check ( aka Michael )
SSN - Simple Secure Networks
RSA/HiFn - proposal include Ron Rivest

Comments (0)

10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery)

August 12, 2009

1. BackTrack

The newest contender on the block of course is BackTrack, which we have spoken about previously. An innovative merge between WHax and Auditor (WHax formely WHoppix).

Get BackTrack Here.

2. Operator

Operator is a very fully featured LiveCD totally oriented around network security (with open source tools of course).

Operator is a complete Linux (Debian) distribution that runs from a single bootable CD and runs entirely in RAM. The Operator contains an extensive set of Open Source network security tools that can be used for monitoring and discovering networks. This virtually can turn any PC into a network security pen-testing device without having to install any software. Operator also contains a set of computer forensic and data recovery tools that can be used to assist you in data retrieval on the local system.

Get Operator Here

3. PHLAK

PHLAK or [P]rofessional [H]acker’s [L]inux [A]ssault [K]it is a modular live security Linux distribution (a.k.a LiveCD). PHLAK comes with two light gui’s (fluxbox and XFCE4), many security tools, and a spiral notebook full of security documentation. PHLAK is a derivative of Morphix, created by Alex de Landgraaf.

Get PHLAK Here (You can find a PHLAK Mirror Here as the page often seems be down).

4. Auditor

Auditor although now underway merging with WHax is still an excellent choice.

The Auditor security collection is a Live-System based on KNOPPIX. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes. Independent of the hardware in use, the Auditor security collection offers a standardised working environment, so that the build-up of know-how and remote support is made easier.

Get Auditor Here

5. L.A.S Linux

L.A.S Linux or Local Area Security has been around quite some time aswell, although development has been a bit slow lately it’s still a useful CD to have. It has always aimed to fit on a MiniCD (180MB).

Local Area Security Linux is a ‘Live CD’ distribution with a strong emphasis on security tools and small footprint. We currently have 2 different versions of L.A.S. to fit two specific needs – MAIN and SECSERV. This project is released under the terms of GPL.

Get L.A.S Linux Here

6. Knoppix-STD

Horrible name I know! But it’s not a sexually trasmitted disease, trust me.

STD is a Linux-based Security Tool. Actually, it is a collection of hundreds if not thousands of open source security tools. It’s a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer. Its sole purpose in life is to put as many security tools at your disposal with as slick an interface as it can.

Get Knoppix-STD Here

7. Helix

Helix is more on the forensics and incident response side than the networking or pen-testing side. Still a very useful tool to carry.

Helix is a customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD. You can still boot into a customized Linux environment that includes customized linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics.

Get Helix Here

8. F.I.R.E

A little out of date, but still considered the strongest bootable forensics solution (of the open-source kind). Also has a few pen-testing tools on it.

FIRE is a portable bootable cdrom based distribution with the goal of providing an immediate environment to perform forensic analysis, incident response, data recovery, virus scanning and vulnerability assessment.

Get F.I.R.E Here

9. nUbuntu

nUbuntu or Network Ubuntu is fairly much a newcomer in the LiveCD arena as Ubuntu, on which it is based, is pretty new itself.

The main goal of nUbuntu is to create a distribution which is derived from the Ubuntu distribution, and add packages related to security testing, and remove unneeded packages, such as Gnome, Openoffice.org, and Evolution. nUbuntu is the result of an idea two people had to create a new distribution for the learning experience.

Get nUbuntu Here

10. INSERT Rescue Security Toolkit

A strong all around contender with no particular focus on any area (has network analysis, disaster recovery, antivirus, forensics and so-on).

Get INSERT Here

Comments (0)

Taking FOSS Security Seriously

Developers of open source software projects should be just as concerned about security as anyone developing a proprietary app. However, the nature of the two development processes can be very different at times, and debate still rages about which is inherently more secure — a secret code kept by a company, or a public one that all eyes can see. Just as important is how each community reacts once a problem is spotted. Code hunters are spotting with greater frequency defective coding that could open security holes in free and open source (FOSS) software.

The Open Source Report 2008 and the Architecture Library Report, conducted by Coverity for the U.S. Department Homeland Security Cybersecurity Open Source Hardening Project, shows more than 10,000 defects fixed since project launch in March 2006.

Comments (0)

BIND 9 DNS under attack - time to update

August 11, 2009

"It was about a year ago that security researcher Dan Kaminsky reported his DNS flaw that affected many vendors and the internet itself. DNS - particularly BIND 9 is now at risk from another flaw for which an exploit is already available.

"BIND 9 is a popular open source DNS server, and arguably the most deployed DNS server in use today. So even though this is a flaw in one DNS server (as opposed to DNS itself which was Kaminsky’s flaw), it is highly critical."

Comments (0)

BackTrack 4 Pre Release

BackTrack 4 Pre Release !!

NOTE: Due to massive downloads and missing bandwidth, some servers might be unreachable and you need to hit either reload or click again on the download link.

Description: DVD Image
Name:: bt4-pre-final.iso
Size: 1390 MB
MD5: b0485da6194d75b30cda282ceb629654
Download: Click here

Disklabel: bt4-label.png

Comments (0)

Secure Passwords Keep You Safer

Secure Passwords Keep You Safer Ever since I wrote about the 34,000 MySpace passwords I analyzed, people have been asking how to choose secure passwords. My piece aside, there’s been a lot written on this topic over the years — both serious and humorous — but most of it seems to be based on anecdotal suggestions rather than actual analytic evidence. What follows is some serious advice. The attack I’m evaluating against is an offline password-guessing attack. This attack assumes that the attacker either has a copy of your encrypted document, or a server’s encrypted password file, and can try passwords as fast as he can. There are instances where this attack doesn’t make sense. ATM cards, for example, are secure even though they only have a four-digit PIN, because you can’t do offline password guessing. And the police are more likely to get a warrant for your Hotmail account than to bother trying to crack your e-mail password. Your encryption program’s key-escrow system is almost certainly more vulnerable than your password, as is any "secret question" you’ve set up in case you forget your password. Offline password guessers have gotten both fast and smart. AccessData sells Password Recovery Toolkit, or PRTK. Depending on the software it’s attacking, PRTK can test up to hundreds of thousands of passwords per second, and it tests more common passwords sooner than obscure ones. So the security of your password depends on two things: any details of the software that slow down password guessing, and in what order programs like PRTK guess different passwords. Some software includes routines deliberately designed to slow down password guessing. Good encryption software doesn’t use your password as the encryption key; there’s a process that converts your password into the encryption key. And the software can make this process as slow as it wants. The results are all over the map. Microsoft Office, for example, has a simple password-to-key conversion, so PRTK can test 350,000 Microsoft Word passwords per second on a 3-GHz Pentium 4, which is a reasonably current benchmark computer. WinZip used to be even worse — well over a million guesses per second for version 7.0 — but with version 9.0, the cryptosystem’s ramp-up function has been substantially increased: PRTK can only test 900 passwords per second. PGP also makes things deliberately hard for programs like PRTK, also only allowing about 900 guesses per second. When attacking programs with deliberately slow ramp-ups, it’s important to make every guess count. A simple six-character lowercase exhaustive character attack, "aaaaaa" through "zzzzzz," has more than 308 million combinations. And it’s generally unproductive, because the program spends most of its time testing improbable passwords like "pqzrwj." According to Eric Thompson of AccessData, a typical password consists of a root plus an appendage. A root isn’t necessarily a dictionary word, but it’s something pronounceable. An appendage is either a suffix (90 percent of the time) or a prefix (10 percent of the time).
Comments (0)

Get free blog up and running in minutes with Blogs.ie | Theme designs available here