Delta Xi.

Master thesis revealed: Owership-based PAM with tons of new features

nospam@example.com (Erik Sonnleitner) — Wed, 11 Mar 2009 23:01:00 +0100

The thesis which served as basis for my Master's Degree in Networks & Security is now freely available for download here, and has been entitled Strong interface-independent authentication enforcement through commidity storage devices under GNU/Linux. The project's source-code is downloadable via this link, and represents the latest snapshot from the git repository. These documents and codes are delivered as-is.

Data recovery in Linux systems

nospam@example.com (Erik Sonnleitner) — Sat, 03 Jan 2009 12:37:00 +0100

An article from the DX maintainer about data recovery in Linux systems has recently been released in the german hakin9 print magazine 01/2009, covering file-system reconstruction, forensic imaging, string-analysis, file-carving, slack observation and more.

New Release: pam_usbng

nospam@example.com (Erik Sonnleitner) — Mon, 16 Jun 2008 19:47:20 +0200

The direct successor to USBAuth (pam_usbauth) is called pam_usbng and represents a complete rewrite with many enhancements. It's much easier to get the module up and running, and offers new nice features. You may have a look to the project page here

The paper according to this new release is found here as PDF.

Source-browsing is done at the SVN web interface.

Mysql Remote Authentication Bypassing Exploit

nospam@example.com (Erik Sonnleitner) — Tue, 10 Jun 2008 16:43:00 +0200

As MySQL versions 4.1, 4.2 and early builds of 5.0 are vulnerable to a simple but devastating bug in the source code of the database server for which I couldn't find any exploit, here's a short description how to code it on your own.

You may have a look on the paper, as well as on the presentation slides.

Collaboration with OWASP

nospam@example.com (Erik Sonnleitner) — Fri, 30 May 2008 20:00:00 +0200

The leader of the Backend Security Project of OWASP (Open Web Application Security Project), Carlo Pelliccioni, asked me for collaboration as he took a look into the Delta Xi MySQL hardening paper.

The resulting article (still under construction) can be found directly at OWASP.

Hardening MySQL on Unix-like systems

nospam@example.com (Erik Sonnleitner) — Sat, 22 Dec 2007 22:39:55 +0100

I decided to take a look in hardening MySQL on Unix-like systems. The resulting paper includes some information about securing the operating system behind, secure local databases and network traffic by using cryptography and some other hints. The paper can be downloaded here.

Randomness in cryptography

nospam@example.com (Erik Sonnleitner) — Wed, 17 Oct 2007 16:19:25 +0200

Cryptographic routines and algorithms often rely on randomness, which is an essential fundament, especially in key-generation applications. This paper discusses how pseudo and real random numbers may be generated and how threatening unconcerness due to lack of entropy may seriously risk security. In addition, a brief overview of well-known and massively-used RNGs like Linux /dev/random are presented.

You may download the paper, as well as the presentation slides.

X11 Keylogger w/o root-permissions

nospam@example.com (Erik Sonnleitner) — Sun, 23 Sep 2007 15:17:30 +0200

Most keylogging solutions deserve to be called as root-user; Userspace-Loggers as well as Kernelspace-Loggers. This simple piece of code shows you how you can use X11 to get a nice workaround for keylogging X-sessions.

Continue reading "X11 Keylogger w/o root-permissions"

Secure authentication systems

nospam@example.com (Erik Sonnleitner) — Wed, 05 Sep 2007 15:23:58 +0200

An article about secure authentication systems has recently been released in the hakin9 print magazine, also covering USBAuth, which has been renewed and now also supports additional PIN-based hashed authentication for even more security.

Also a Gentoo E-Build is finally available, thanks to Hades for these patches. In about one month, I'll release a paper about Randomness in Cryptography, the needs and behaviours of strong cryptographic algorithms which rely on true randomness and how stary-eyed RNGs can defeat strong encipherment.

Update: The German article can now be freely downloaded here.

Online again

nospam@example.com (Erik Sonnleitner) — Mon, 25 Jun 2007 17:52:40 +0200

Due to contract issues, Delta Xi unfortunately had a downtime for about 6 days. These problems affected not only the HTTP/S service, but also SVN and the USBAuth space. Several updates are to be announced. Thanks to ph030, who's ideas about using USBAuth with non-usb memory devices (e.g. SD), some bug tracking and a Gentoo ebuild will flow into the main code within the next 3-4 weeks.

Diffie-Hellmann via SMTP and a release of USBAuth

nospam@example.com (Erik Sonnleitner) — Wed, 02 May 2007 15:29:30 +0200

The paper according to the DX article of symmetric mail cryptography is finally done. You may download the (German) paper here.

USBAuth has grown very fast, thank all users for reports, testing and feedback. I've put a lot of security-concerned stuff into the code, which makes USBAuth quite secure and ready for every-day use. The documentation, as well as the source and a Debian package of release 0.3 can be obtained from the USBAuth project site.

Local PAM authentication for USB storage devices

nospam@example.com (Erik Sonnleitner) — Wed, 25 Apr 2007 10:55:02 +0200

Security policies commonly don't fit the laziness of users and system administrators. You shouldn't be logged in as root directly, you shouldn't use short and unsafe passwords, and so on.

pam_usbauth.so let's you authenticate yourself on your system, passwordless with just having something like a "crypto USB device" plugged in - without additional uncommon hardware.

Continue reading "Local PAM authentication for USB storage devices"

OTPs: Using s/Key with SSH via OPIE

nospam@example.com (Erik Sonnleitner) — Wed, 18 Apr 2007 09:27:00 +0200

Passwords are a quite debatable way of authentification. Passwords can be sniffed and widely used with other services, if the same passwords are used on more than one service.

Biometrical identification is another form of authetication, but not quite suitable via remote access. An excellent standard is defined by s/Key. Read how to use this on Linux boxes...

Continue reading "OTPs: Using s/Key with SSH via OPIE"

Centralized logging of multiple servers

nospam@example.com (Erik Sonnleitner) — Tue, 17 Apr 2007 03:03:00 +0200

Syslogd is the friend of all administrators. No serious admin would miss taking a look in /var/log/* consistantly. Reading and working out log files is a very time consuming process, and even more complicated when administrating multiple server boxes.

This mini-howto shows you how to centralize your logs.

Continue reading "Centralized logging of multiple servers"

Featuring a near-HIDS: Mtree for data integrity

nospam@example.com (Erik Sonnleitner) — Mon, 16 Apr 2007 12:35:59 +0200

One and a half decades before, firewalls have had an exciting hype towards the whole Internet community. A few years later, numberous companies tried to get customers by releasing (partitally really obscure) security systems by calling them "Intrusion detection", then, again a few years later, "Intrusion prevention" and nowadays also prevention is not enough, but the software is called "Intrusion Reaction".

However, something like a host-based intrusion detection system can be established via a small FreeBSD tool called Mtree.

Continue reading "Featuring a near-HIDS: Mtree for data integrity"