Tag Archives: Vulnerability

About network attacks…

I will post later a few examples of network attacks. But, before that, I want to clarify what I call a network attack.

I see many people making a confusion about the use of this term, even among professional or specialized journalists. Whenever there is a hack originated from the Internet, they call it a network attack.

This is a true misunderstanding of the reality. We will see why when a website is hacked, or a domain name spoofed, we can’t call it a network attack.

First of all, we need to have a good picture of the way the protocols of the Internet are organized.

We can visualize it with the OSI concept, whose scheme is below :

This model offers 7 layers to contain all protocols involved in the data transportation, from the system or the program of a local computer to its peer on the other side of the network.

Continue reading

The SSL/SSH disaster

Due to the recent security hole discovered in Debian, which has also concerned various distributions – of course including Ubuntu – for 2 years, I simply closed all my SSH and OpenVPN accesses.

I have had no time so far to check all the keys on my server. I prefer to stay on the safe side, though I have some reason to believe that my keys might not be so vulnerable : I generated them a long time ago, maybe before the Debian maintainer sad mistake.

It is going to be pretty easy now, for those who are motivated, to get access to the ssh server running keys generated during the 2 last years…

I recommend this article which summarize pretty well the situation. You may also use this tool, which checks if your keys are vulnerable :

$  perl dowkd.pl file ~/.ssh/*.pub

It find it funny to think that I chose to use certificates for security (avoiding brute force attacks).
What’s less funny is the pure disaster for the reputation of Debian.

I already noticed in the past that some companies switched their servers from Debian to Red Hat because of such security problems. They claimed about some security holes being patch much too slowly and about the lack of official support to rely on in such a crisis.
This kind of news is not going to enforce trust from companies.

I myself will think twice in the future about what system to use when I design my networks.

Cold boot attack, not a threat to Full disk encryption (FDE)

Since the new cold boot attack hack is on the news, touching most of the software encryption solutions, I have wondered if it had any chance to concern also hardware encryption.

Hardware encryption is provided by a few laptop makers, generally on high-range an business models.

It has much less performance impact than software encryption, and protect the data independently from your system configuration and its partitions.

Full disk encryption is the so called hardware encryption technology used by Lenovo on my Thinkpad.

Continue reading

md5 hash googling – and WordPress password weakness

Some Md5 password implementation – without a salt, become more insecure than ever. There is an issue right now with WordPress, I hope they will fix it soon !

Check this interesting article.

No need to take out your rainbow tables anymore, just google your hash ! I hope your password is strong enough…

You could also use one of these :

http://md5.rednoize.com

http://md5.cryptobitch.de