Category Archives: Security

Disk encryption methods : hacked !

Damned !

A team of researchers found a way to defeat all the most common disk encryption methods – including dm-crypt for Linux that I previously described on this blog.

A team of researchers found a way to defeat all the most common disk encryption methods – including dm-crypt for Linux that I previously described on this blog.

All systems are actually concerned, because the attack is low level. It is based on the RAM chips properties. After shutdown, and therefore no more electricity powering, a chip will still contain some readable information during a few seconds.

The data contained is deteriorating, but for example if you cool the chip enough, for example with a computer dry air dust cleaner, you can keep the data several minutes !

The problem concerning data encryption is that the decryption key is kept in RAM, and that way be stolen to read all your data.

The attack would not so easy in practice, if suspend-to-ram did not exist.

But as many users, including me, use heavily suspend-to-ram with their laptop, this issue is rather problematic…

The team provides a rather impressive video :

I no longer use dm-crypt since my Thinkpad provides hardware encryption, but I wonder now where the key is stored in my case. I don’t think it is in RAM, but I have to check it to make sure.I will do it tomorrow, since I need to rest now.

OpenID is gaining popularity

Yahoo just announced that it will support OpenID.

OpenID is an interesting initiative to provide single-sign-on to user. It is both secure and simple, so it will be probably spread out quickly.

You can get your own OpenID by suscribing to a provider or setting up your own server if you got a domain name.

I will soon write an complete post about it, but now you can already check the official OpenID site.

Note that this blog already supports OpenID !

md5 hash googling – and WordPress password weakness

Some Md5 password implementation – without a salt, become more insecure than ever. There is an issue right now with WordPress, I hope they will fix it soon !

Check this interesting article.

No need to take out your rainbow tables anymore, just google your hash ! I hope your password is strong enough…

You could also use one of these :

http://md5.rednoize.com

http://md5.cryptobitch.de

Disk Encryption on Linux

I finally encrypted some partitions of my hard drive.

An external hard drive that I just bought (320 Gb) that allowed me to back up my entire /home partition and consider encrypting it.

I mainly used this tutorial, but I derived a little from it about the unlocking system : I did not want to input a password while the machine boots, I wanted it to be transparent while I log in. This how to provides more complete information, if needed.

So I will summarize here the actions to get an encrypted volume.

The tools

dmcrypt is a device mapper supported by the 2.6 Linux kernel. Roughly, this is an abstraction layer between the kernel and the real file system, doing all encrypting / decrypt operations. It is a replacement of cryptoloop, which created a loop device in a file within the file system. It can’t encrypt a whole partition and can be considered now as less reliable and secured.

The encryption is based on LUKS is a userland tool aiming to simplify the set-up of dm-crypt. It also stores some set-up information related to the encryption in the partition header, to make easy the transportation of the data from a machine to another, changing the passphrase without having to re-encode the entire partition, and even support having multi passphrases for the same device.

What to encrypt and why ?

The first thing is to decide what you will encrypt and how. Of course, I consider that your drive is rightly partitioned with, at least, the /, /home and swap having each a separated partition.

It is the case on my laptop. I chose to encrypt both the /home and the swap partitions.

In my case, there were little interest in encrypting the / partition. It contains only configuration files (without any password hardcoded), the /temp and applications – nothing to keep secret. But of course it might be different for you, depending on the security level you are looking for.

To the contrary, the /home partitions contains a lot of private data that I wouldn’t like anyone access in any case.

Then, it is rather important to encrypt the swap, because it is roughly a partial of you RAM and therefore contains all kind of information from your opened session. The annoying thing is that hibernation (suspend to disk) will not work anymore. It is anyway worth to be done, as it is well explained by this blogger.

Preparing the software

Using Debian Etch or Ubundu Festy/Gutsy, it is easy though the provided kernel (2.6) already supports device mapper, crypt target and AES cipher algorithm as modules :

$ apt-get install dmsetup cryptsetup libpam-mount

Encrypting swap

UPDATE 2008/04/13 : it is now possible to encrypt the swap in a way that preserve suspend-to-disk.

It is a good test to start with the swap, as there is no risk that you loose some valuable data.

First, let’s deactivate the current swap before any operation :

$ swapoff /dev/hda2

We suppose that hda2 is your swap partition :

$ cryptsetup luksFormat -c aes-cbc-essiv:sha256 /dev/hda2

add this line to the /etc/crypttab file :

swap    /dev/hda2       /dev/urandom     swap

It means that we are going to create a mapper named swap for the /dev/hda2 device. It will use a random key as a passphrase for the encryption.

There is a choice to do between /dev/random and /dev/urandom. The latter is in theory a little bit less secure (the randomizing is inferior to the /dev/random, as it reuses the internal pool data for the generation), but it is preferable if you don’t want to be blocked at boot time, while the kernel is trying to get more entropy (you can shorten this by pressing some keys, though).

Now starts this script :

$ /etc/init.d/cryptdisks start

It will create a mapper named swap to the /dev/hda2 partition, as set in the crypttab file.
This is equivalent to this command :

$ cryptsetup -y create swap /dev/hda2

Now, we need to create the file system :

$ mkswap /dev/mapper/swap

Now we need to update the /etc/fstab file, commenting the old entry for hda2 and adding a new one for the mapped device :

/dev/hda2       none            swap    sw              0       0
/dev/mapper/swap        none    swap    sw      0       0

Now you are ready to test ! Just reboot, and without any user interaction, you should get an encrypted swap with a randomized key.

Encrypting /home

Now let’s encrypt the /home. Before doing anything, be SURE that you made a BACK UP of ALL your data. The entire /home will be ERASED !

We consider that hda3 is the /home partition :

$ cryptsetup luksFormat -c aes-cbc-essiv:sha256 /dev/had
$ cryptsetup -y create home /dev/hda
$ mkfs.ext3 /dev/mapper/home

We won’t use neither the crypttab file or the fstab one, because we don’t want to be prompted at boot time for a password. And of course we can’t afford to crypt our data with a randomized key, changing at every boot !

What we want is the encryption to be done at log-in time, without prompting the user for another passphrase. Don’t we have enough passwords to memorize to add one more !?

We are going to use PAM, the Linux authentication mechanism, with its libpam-mount module. It is designed to mount some devices while the user log in, exactly what we need ! The user Linux password will be used as the encryption passphrase.

Of course, the security level will depend on your user password – take a good care on its length and complexity (though it must be already the case, encryption or not). A good compromise is probably an 8 digits password. Of course, if you are looking for the top level security, prefer the boot time passphrase prompting method…

To activate it, create or edit the /etc/security/pam-mount.conf.xml file and add this line :

<volume user="user" fstype="crypt" path="/dev/mapper/home" mountpoint="/home" options="fsck,relatime" />

Also add this at the end of the /etc/pam.d/common-auth file :

# cryptsetup
auth    optional        pam_mount.so use_first_pass

That’s done ! Testing is easy : log off, log in and check that your /home partition is well monted. It should not been mounted or readable for other users, including root.

Encrypting a removable device

We assume that you have a usb key (once again BACK UP your data) inserted, corresponding to the /dev/sda device :

$ cryptsetup luksFormat -c aes-cbc-essiv:sha256 /dev/sda1

We open manually the luks partition :

$ cryptsetup luksOpen /dev/sda1 usbkey

We format it with the filesystem of your choice (here ext3) :

$ mkfs.ext3 /dev/mapper/usbkey

We close the partition :

$ cryptsetup luksClose usbkey

Now every time you insert the key, you will be prompted for the password (at least by Gnome through the keyring manager box, though I haven’t tested yet with a different window manager).

Conclusion

This was a much easier experience than I previously thought. Much work has been made to hide the complex layers behind that, and it now takes only a few steps to get a pretty well secured hard drive.

However I think it really must become more user-friendly for the masses. Most of people will still be scared to open a terminal and type the commands above, so I am looking forward to seeing some graphical front-end to manage all that. Sure there are coming, and if you already know some project, please let me know.

About performance, if encryption must have a resource cost, I could not notice any slow down on a pretty modest hardware (celeron M 1,5 Ghz).

How to connect to a Cisco device using the serial port on Linux

Using the serial port is still necessary to manage some devices, when it is reseted to factory defaults. It could be also a security choice…

Nowadays many computers – and especially laptops don’t have anymore a built-in serial port. Not a problem, there are many cheap serial-usb converters like this.

As an alternative to the Hyperterminal of Microsoft, there is Minicom on Linux.

It is very easy to install and configure :

$ apt-get install minicom lrzsz

Before going further, you need to know what is the corresponding Linux device for the port where you plugged the router. As I used an usb adapter, my device was /dev/ttyUSB0. Otherwise, it will probably be one of the /dev/ttyS* devices.
Checking the dmesg output while you plug the device will give you the right device to use.

Now start minicom this way to edit the configuration :

$ minicom -s

In the menu, select Serial Port Configuration and :

  • press A and update the serial port path with the one you found in dmesg
  • press E and then C to change the speed to 9600
  • press F to switch off the hardware flow control
  • select Save the configuration as… and name it as, let’s say, “cisco”

You should be able to connect right now. Next time, just start Minicom like this :

$ minicom cisco

That’s it !

FTP configuration issues

I found that it was a real mess to set up a FTP server in a DMZ, behind a firewall Cisco Asa (501 model with IOS version 7.0).

The FTP server is on the DMZ area, and therefore I natted a public IP to the private IP in the DMZ subnet of this server.

static (dmz,outside) <public IP> <private_IP> netmask 255.255.255.255

Doing so, I expect that my FTP server (like Vsftpd on Linux) to be reachable within its public IP, from the Asa external interface.
Continue reading