My web wanderings

Two articles I need to read and put into practice.
CLI Magic: rsync for backups
CLI Magic: rsnapshot

This app allows auditing and security.

Article #1
Article #2
Article #3

A look at Microsoft’s internal SDL with the new Trustworthy Computing initiative.

Hacking Google for fun and profit

Information of the new homeland security badge. We are looking for something similar at work.

XSS (Cross Site Scripting) Cheatsheet: Esp: for filter evasion - by RSnake

This is going to come in handy during my pen test of our web site.

Article on Securing removable media
Author: Magnus Ahlberg, Managing Director of Pointsec Mobile Technologies

This is a clever idea.

By schneier

We know that people forget their passwords all the time, and I’ve already written about how secret questions as a backup password are a bad idea. Here’s a system where a voiceprint acts as a backup password. It’s a biometric password, which makes it good. Presumably the system prompts the user as to what to say, so the user can’t forget his voice password. And it’s hard to hack. (Yes, it’s possible to hack. But so is the password.)

But the real beauty of this system is that it doesn’t require a customer support person to deal with the user. I’ve seen statistics showing that 25% of all help desk calls are by people who forget their password, they cost something like $20 a call, and they take an average of 10 minutes. A system like this provides good security and saves money.

Firewalls’ False Sense of Security - Computerworld

FEBRUARY 28, 2005 (COMPUTERWORLD) - The Internet front door to almost every bank and financial services company in the world is guarded by two sets of firewalls defining a DMZ. Nearly every e-commerce site sits in a similar DMZ in what has become the de facto standard in Web security architecture. According to Sun Microsystems, “In today’s tumultuous times, having a sound firewall/DMZ environment is your first line of defense against external threats.” But I would argue that guarding the perimeter is lulling organizations into a false sense of security that results in ignoring the implementation of other security mechanisms in their applications and databases.

In contrast, the Internet front door to MIT doesn’t have a DMZ and pretty much doesn’t even have a firewall. Universities begin with an assumption that everything is open, but these large organizations are arguably no more vulnerable to external threats than banks and financial institutions, and perhaps less vulnerable to internal threats.

A key reason for reduced vulnerability is the approach many universities take to creating authorization and application-level security in the absence of a secure perimeter. For more than a decade, universities have been implementing homegrown systems and working with vendors to ensure that their products don’t make assumptions about working behind a firewall. We look for systems to incorporate application-level security based on verifiable user identities — an approach that continues to gain ground as organizations realize that firewalls alone don’t provide the level of security they need in today’s world.

Interesting article from SecurityFocus on IPsec VPN’s

Here is an article on Filesystem integrety checkers. There are several filesystem integrity checker applications, both commercial and open source. I chose to deploy afick, because it is written in Perl, which makes it lightweight and easily portable between different operating systems. Though by nature designed for the command line, afick also has an optional Webmin module and a graphical interface written in perl-Tk.

Here is an article on Filesystem integrety checkers. There are several filesystem integrity checker applications, both commercial and open source. I chose to deploy afick, because it is written in Perl, which makes it lightweight and easily portable between different operating systems. Though by nature designed for the command line, afick also has an optional Webmin module and a graphical interface written in perl-Tk.

www.leastprivilege.com - Turning on Remote Desktop - remotely

if you want to turn on Remote Desktop on a WinXP or 2003 machine over the the network, this little WMIC command will help

wmic /NODE:Server /USER:administrator RDTOGGLE WHERE ServerName=”Server” CALL SetAllowTSConnections 1

Build an Open Source Network Sniffer
This article reviews common issues of wireless security, and shows how to use open source software to suss out wireless networks, get information about them, and start recognizing common security problems. You will learn how build a lightweight wireless sniffer that runs on open source software and see how simple it is to interact with wireless networks

A tool that collects configuration data on Unix/Windows systems.

After nearly five months of development, version 2.3 of the Metasploit Framework has been released. Version 2.3 includes a dozen new exploits, new and improved payloads, a new msfweb interface, the Meterpreter, and many speed and functionality enhancements. Please see the release notes for more information. Additionally, the Opcode Database has been refactored and is currently in beta mode.

SourceForge.net: Project Info - Enterprise Monitoring, Windows Systems
Centrally monitor eventlogs, no agents needed; Send alerts to different people on different events; Integrated with ticket tracking system; Forward events to syslogd; Archive events into MYSQL/MSSQL; Web interface to search for events;

SQL Injection Attacks by Example
Steve Friedl’s Unixwiz.net Tech Tips
A customer asked that we check out his intranet site, which was used by the company’s employees and customers. This was part of a larger security review, and though we’d not actually used SQL injection to penetrate a network before, we were pretty familiar with the general concepts. We were completely successful in this engagement, and wanted to recount the steps taken as an illustration.

“SQL Injection” is subset of the an unverified/unsanitized user input vulnerability (”buffer overflows” are a different subset), and the idea is to convince the application to run SQL code that was not intended. If the application is creating SQL strings naively on the fly and then running them, it’s straightforward to create some real surprises.

Found via Larkware

WARNING: Running this tool WILL DESTROY ALL DATA ON A DISK IN A WAY THAT IS NOT RECOVERABLE!!!! DO SO AT YOUR OWN RISK!!!!

Secure that computer before donating or recycling it. You are recycling old computers right? Just because you format or FDisk your computer does not mean that all your old data is gone. In order to make sure that no data can be recovered before doing away with an old computer use DBAN (Darik’s Boot and Nuke) utility to securely delete old data for hard drives. I highly recommend this tool to ensure that your private information is not stolen. I use this tool at work to securely delete data from Desktops and servers. If you like the tool then send Darik a donation (note to self) in thanks for securing your data.