Security
Get flash to fully experience Pearltrees
An Illustrated Guide to Cryptographic Hashes
With the recent news of weaknesses in some common security algorithms (MD4, MD5, SHA-0), many are wondering exactly what these things are: They form the underpinning of much of our electronic infrastructure, and in this Guide we'll try to give an overview of what they are and how to understand them in the context of the recent developments. But note: though we're fairly strong on security issues, we are not crypto experts. We've done our best to assemble (digest?) the best available information into this Guide, but we welcome being pointed to the errors of our ways. A "hash" (also called a "digest", and informally a "checksum") is a kind of "signature" for a stream of data that represents the contents.It’s black magic. Bad Behavior manages to block nearly all link spam without ever looking at the spam. While it might be useful to do so, for performance reasons, Bad Behavior does not analyze received spam. I’ve found that this way lies madness; spammers are constantly buying new domain names, so it’s possible to miss a lot of spam by looking at it. Instead, Bad Behavior pioneered an HTTP fingerprinting approach. Instead of looking at the spam, we look at the spammer.
Bad Behavior / Bad Behaviour: How Bad Behavior Works
Comodo Secure DNS is a domain name resolution service that resolves your DNS requests through our worldwide network of redundant DNS servers. This can provide a much faster and more reliable Internet browsing experience than using the DNS servers provided by your ISP and does not require any hardware or software installation. When you choose to use Comodo SecureDNS, your computer's network settings will be changed so that all applications that access the internet will use Comodo SecureDNS servers. Your computer's primary/secondary DNS settings will be changed to 8.26.56.26 and 156.154.70.22. Comodo Secure DNS gives you a safer, smarter and faster Internet because it's:
Secure DNS
Safe Browsing API - Google Code
What is Safe Browsing? Safe Browsing is a service provided by Google that enables applications to check URLs against Google's constantly updated lists of suspected phishing and malware pages. The Safe Browsing API is an experimental API that enables applications to download an encrypted table for local, client-side lookups of URLs that you would like to check. In early 2010, we made a new version (v2) of the Safe Browsing API available.
Status: CURRENT as of 2009/3/10. This specification is not yet for general use. Do not use this protocol without explicit written permission from Google. Notes: The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119. Google provides data for the anti-phishing feature implemented in Firefox 2 and Google Desktop. These clients get their blacklist and whitelist data using an "update protocol".
Protocolv2Spec - google-safe-browsing - Client specification for the Google Safe Browsing v2.2 protocol - protect users from malicious web pages - Google Project Hosting
Sebastian Kübeck's Weblog : Weblog
Detecting and Preventing ReDoS Vulnerabilities, Part 2 In my previous post on ReDoS , I tried to explain the problem and proposed a solution for fixing regular expression engines by reducing the execution time and recursion depth of the execution. Now I want to explain some strategies to detect vulnerable expressions. In general, there are three approaches to achieve this: Fuzzing is a very simple approach by which the execution of an expression is tested against random samples of input.
Detecting and Preventing ReDoS Vulnerabilities Regular expressions are omnipresent in today's applications, they are used for input validation and parsing in web applications, web frameworks (in the browser and on the server side) and especially in security related applications, tools and libraries. Today's regular expression engines are pretty well tuned for performance. Even complex expressions are usually executed extremely fast. However, there are some combinations of expressions and input that slow down execution drastically and this can be abused by attackers for very effective (D)DoS attacks also called ReDoS (Regular Expression Denial of Service) attacks. The Problem
Sebastian Kübeck's Weblog : Weblog
Nikto2 | CIRT.net
Download: Version 2.1.4 bz2 or gz Nikto is an Open Source ( GPL ) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software.
Our biggest sign of it is via google. Google reported our site on Jan 7th as having problems, we looked into it, didn’t find anything, and Google’s complaint went away very quickly. The flag went up again on Jan 31st and this time they emailed our webmaster. Note that this could be a false positives but the rare occurrence of this indicates that this could be something serious. Malware in websites often exploit browser vulnerabilities to infect the browsers of visitors.
Sebastian Kübeck's Weblog : Weblog
Web-based DNS Randomness Test | DNS-OARC
US-CERT's Vulnerability Note VU#800113 describes deficiencies in the DNS protocol and implementations that can facilitate cache poisoning attacks. The answers from a poisoned nameserver cannot be trusted. You may be redirected to malicious web sites that will try to steal your identity or infect your computers with malware. Working exploits for this issue are already widely circulated! Upgrade your nameservers ASAP if you haven't done so already!
I am guessing it shouldn't be too hard to put the keys and the config information in the openvpn network manager (as provided in, at least, Ubuntu).
automatically run vpn on login
There’s really no such thing as security in the abstract. Security can only be defined in relation to something else. You’re secure from something or against something. In the next 10 years, the traditional definition of IT security—that it protects you from hackers, criminals, and other bad guys—will undergo a radical shift.
on Security: Security in 2020
Sebastian Kübeck's Weblog : Weblog
I have received a mail regarding the early development of the OpenBSD IPSEC stack. It is alleged that some ex-developers (and the company they worked for) accepted US government money to put backdoors into our network stack, in particular the IPSEC stack. Around 2000-2001.dm-crypt is a transparent disk encryption subsystem in Linux kernel versions 2.6 and later and in DragonFly BSD . It is part of the device mapper infrastructure, and uses cryptographic routines from the kernel's Crypto API . Unlike its predecessor cryptoloop , dm-crypt was designed to support advanced modes of operation, such as XTS, LRW and ESSIV (see disk encryption theory ), in order to avoid watermarking attacks . [ 1 ] In addition to that, dm-crypt also addresses some reliability problems of cryptoloop. [ 2 ] dm-crypt is implemented as a device mapper target and may be stacked on top of other device mapper transformations. It can thus encrypt whole disks (including removable media ), partitions , software RAID volumes, logical volumes , as well as files .
dm-crypt - Wikipedia, the free encyclopedia
SocialAuth - Java Library for seamless authentication for oAuth and OpenID providers - TheServerSide.com
SocialAuth is a Java library for you if your web application requires: Authenticating users through external oAuth providers like Yahoo, Google, Twitter, Facebbook etc as well as through OpenID providers like myopenid.com. Easy user registration.Cracking
Livebox
Public vulnerabilities