private

News September 8, 2012

How to prevent SSL sniffing through fake certificate injection attack?

SSL stands for Secure Socket Layer and is an encryption protocol used to secure the communication on a network. SSL is used to encrypt the segment of network connections and it uses several methods to encrypt the data, depending on the goal which needs to be achieved: asymmetric cryptography for key exchange, symmetric encryption for privacy, and message authentication codes for message integrity. A certificate injection attack misuses the first type of cryptography algorithms: asymmetric cryptographic algorithms. Asymmetric cryptography system requires two separate keys, one to lock or encrypt the plaintext, and one to unlock or decrypt the cyphertext. Neither key will do both functions. One of these keys is published or public and the other is kept private. If the lock/encryption key is the one published then the system enables private communication from the public to the unlocking key’s owner. If the unlock/decryption key is the one published then the system serves as a signature verifier of documents locked by the owner of the private key. Although in this latter case, since encrypting the entire message is relatively expensive computationally, in practice just a hash of the message is encrypted for signature verification purposes. In order to be able…

News, security January 5, 2012

RSYNC Daemon on Fujitsu Siemens SBLAN2 (NextFW version)

If you own such a device, then the first thing you do with it is to upgrade its firmware to NextFW. The Support forum of Fujitsu-Siemens is full of useful How-Tos which help you reach your goal. After you’ve done that, you may want to enable the rsync daemon . With a running rsync service you can have basically your own private online backup service. This is at least what I tried to achieve. But it is tricky to make it run correctly. Read here about rsync utility and here about rsync daemon (aka rsyncd). Here is how I configured it so that it works also on Windows: amsadmin# cat /etc/rsyncd.conf lock file = /var/run/rsyncd.lock log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid use chroot = no #max verbosity = 1 gid = wheel uid = amsadmin [backup] path = /mnt/home/storage/backup comment = bck export area for storage auth users = amsadmin secrets file = /mnt/.zap/etc/rsyncd.secrets read only = no write only = yes list = yes Make sure you make symlinks to /etc/rsyncd.conf and /etc/rsyncd.secrets. # ln -s /mnt/.zap/etc/rsync.conf /etc/rsyncd.conf # ln -s /mnt/.zap/etc/rsync.secrets /etc/rsyncd.secrets The file rsyncd.secrets is a standard plain text file containing something like:…

antivirus, distributed systems, General, News July 9, 2009

Opera Unite and Security

Have a look at the article that Dirk Knopp wrote in the Avira Techblog. This article was referenced here : http://www.h-online.com/security/Opera-says-Opera-Unite-web-server-is-not-a-security-problem–/news/113719 His concern is that a lot of malware can be now served directly from user’s computer. And he is right. Even more, if there is a flaw in the Opera and somebody can alter the mini HTTP-Server (why mini, it is a full blown server) then, theoretically, it can access the user’s private files. That’s not good !!! Here is what the CEO of Opera says: “Today, we are opening the full potential of the Web for everyone. Technology moves in distinct cycles. PCs decentralized computing away from large mainframes. Opera Unite now decentralizes and democratizes the cloud. With server capability in the browser, Web developers can create Web applications with profound ease. Consumers have the flexibility to choose private and efficient ways of sharing information. We believe Opera Unite is one of our most significant innovations yet, because it changes forever the fundamental fabric of the Web.” And as reply to our concern in the Blog, he says : “When you’re hacking a single system, if you have everything that belongs to everyone in one location, you only…