Security

The thesis which served as basis for my Master's Degree in Networks & Security is now freely available for download here, and has been entitled Strong interface-independent authentication enforcement through commidity storage devices under GNU/Linux. The project's source-code is downloadable via this link, and represents the latest snapshot from the git repository. These documents and codes are delivered as-is.

An article from the DX maintainer about data recovery in Linux systems has recently been released in the german hakin9 print magazine 01/2009, covering file-system reconstruction, forensic imaging, string-analysis, file-carving, slack observation and more.

The direct successor to USBAuth (pam_usbauth) is called pam_usbng and represents a complete rewrite with many enhancements. It's much easier to get the module up and running, and offers new nice features. You may have a look to the project page here

The paper according to this new release is found here as PDF.

Source-browsing is done at the SVN web interface.

As MySQL versions 4.1, 4.2 and early builds of 5.0 are vulnerable to a simple but devastating bug in the source code of the database server for which I couldn't find any exploit, here's a short description how to code it on your own.

You may have a look on the paper, as well as on the presentation slides.

The leader of the Backend Security Project of OWASP (Open Web Application Security Project), Carlo Pelliccioni, asked me for collaboration as he took a look into the Delta Xi MySQL hardening paper.

The resulting article (still under construction) can be found directly at OWASP.

I decided to take a look in hardening MySQL on Unix-like systems. The resulting paper includes some information about securing the operating system behind, secure local databases and network traffic by using cryptography and some other hints. The paper can be downloaded here.

Most keylogging solutions deserve to be called as root-user; Userspace-Loggers as well as Kernelspace-Loggers. This simple piece of code shows you how you can use X11 to get a nice workaround for keylogging X-sessions.

An article about secure authentication systems has recently been released in the hakin9 print magazine, also covering USBAuth, which has been renewed and now also supports additional PIN-based hashed authentication for even more security.

Also a Gentoo E-Build is finally available, thanks to Hades for these patches. In about one month, I'll release a paper about Randomness in Cryptography, the needs and behaviours of strong cryptographic algorithms which rely on true randomness and how stary-eyed RNGs can defeat strong encipherment.

Update: The German article can now be freely downloaded here.

Security policies commonly don't fit the laziness of users and system administrators. You shouldn't be logged in as root directly, you shouldn't use short and unsafe passwords, and so on.

pam_usbauth.so let's you authenticate yourself on your system, passwordless with just having something like a "crypto USB device" plugged in - without additional uncommon hardware.

Passwords are a quite debatable way of authentification. Passwords can be sniffed and widely used with other services, if the same passwords are used on more than one service.

Biometrical identification is another form of authetication, but not quite suitable via remote access. An excellent standard is defined by s/Key. Read how to use this on Linux boxes...

One and a half decades before, firewalls have had an exciting hype towards the whole Internet community. A few years later, numberous companies tried to get customers by releasing (partitally really obscure) security systems by calling them "Intrusion detection", then, again a few years later, "Intrusion prevention" and nowadays also prevention is not enough, but the software is called "Intrusion Reaction".

However, something like a host-based intrusion detection system can be established via a small FreeBSD tool called Mtree.

I really missed to provide an SSL-certificate for HTTPS usage of Delta Xi. You can finally use the more secure access, via https://www.delta-xi.net.




Here is a short introduction how to create your own certificates and use them with Apache2.

PGP is a wonderful tool. It implements asymmetric cryptography and allows everybody to send mails all over the world, in a very secure way. But asymmetric algorithms doesn't fit very well on users who don't have the knowledge about public and private keys.

I recently developed a tool called SMC, which is a proof-of-concept realization that secure mailing isn't limited to asymmetric cryptography...

There is quite a wide range of keyloggers for Win32/64 operating systems, OSS as well as commercial ones. This fact differs on Linux boxes, but some administrative tasks deserve logging keyboard inputs (or at least, make them much easier). Here you'll read how to code your own logger.

Most people ask why they should use raw sockets nowadays. The answer is: There is no reason. At least, for most programming purposes. On the other hand, raw sockets offer a wonderful method for writing own packets of OSI layers 3 (network) and 4 (transport).


Writing sniffers, scanners, injection tools as well as TCP connection resetters isn't difficult, like shown in this mini-howto.

After taking a look on MPlayer, I decided to have an eye on VLC, the
OSS media players which is more frequently used in Win32-systems than
MPlayer, although both are available on a couple of platforms.

When browsing the source for possible overflow vulnerabilities, the programmers of VLC didn't make it hard to find an overflow .. they explicitely found 'em themselves.

I recently discovered a (previously unknown?) buffer overflow
vulnerability in the mplayer sources. It's hopefully not enough to
execute homebrewn code, but can still crash the application.