Information Security

One great thing about being a dad, is that you get to indulge in media for kids. Many folks will know that we have a little collection of old fairy tales, because I have a near physical revulsion for many modern saccharine induced renditions of them. Take note Disney: A fairy tale that has had its moral surgically removed via key-hole knobbery, has no value at all.

That said, new tales are always welcome and Two Frogs has oodles of charisma and charm, especially amongst the mums and dads who have an appreciation for security.

Two frogs are sitting on a lily pad and one of them has a stick. The stick, he says, is to beat off the dog. But there is no dog. Yet. So begin the trials and adventures of this hapless pair.

Alas, I very nearly became the victim of bandwidth thieves. My monthly provider bill came in, and usage was higher than usual. Checking out the graphs which my provider — er — provides, I noticed that disk usage was the culprit. So after a bit of forensics, I discover that some bright spark was linking to a locally hosted image in a comment they’d made to another blog!

A free cigar if you can guess what this new configuration snippet will do:

Yes, I know that’s bandwidth theft as well, but let’s face it. Lemon Party is a site which I’m sure expects this kind of usage.

Recently, I’ve been doing quite a bit of research and usage in the field of Rainbow Tables. “Rainbow Tables” refers to an pre-generated series of hashes arranged in chains, ultimately exploring an entire phase space of hashing algorithms, enabling users to crack a password using the improved time-memory trade-off technique as proposed by Philippe Oechslin.

The practical upshot of which is that with a fully generated set of Rainbow Tables, it’s possible to crack any un-salted one-way hashed password in a reasonable amount of time (we’re talking minutes). Their usage includes, but is not limited to WPA-PSK, Poisoned NTLM/LM Challenge/Response, MD4, MD5, SHA-1, LM, MS-CACHE and NTLM cracking.

Free Rainbow Tables is a newly rejuvenated project which uses distributed computing technology in order to compute diverse Rainbow Tables for all to use on-line, and download for offline usage.

Any *hat worth their salt will probably tell you a lot of technical reconnaissance, enumeration and planning goes into a vulnerability assessment or attack. However, the same group will also inform you, in some circumstances it’s far easier to have someone let you into a system, than to force entry. Social Engineering carries it’s own form of information reconnaissance, enumeration and planning, but it’s an entirely different tool-set.

Google is a great first stop for many searches, but it doesn’t provide relational links to re-construct a person’s (or organisation’s) entire web-presence, including their relationships with other subjects and resources. This is where Paterva’s Evolution offering comes into play. To assess the power of the engine, there is a simplified web interface, however for graphical representation of association, there’s also a GUI based interface for Windows, *nix, and MacOS.

This is a very powerful and interesting way of manipulating search data via objects. This tool is a social engineer’s and auditor’s gold mine, and will probably also be gracing the desktop of any budding cyber-stalker :-| However, it’s all public information that’s available via searching through a number of online tools. What’s unique here is the ease of the search, and the representation of relationships and data. A great test is to audit just how much data you’ve leaked onto the Internet.

I had a techie exam today, and not one that I was looking forward too. This issue I have with exams, is that they’re great when you know the subject, and why would you put yourself forward to be examined for anything else?

So, today, I took an exam in a product that I’ve never used outside of the classroom environment. I took the exam to certify, so that I can hopefully use the product in my current job. Odd huh?

Anyway, I passed, barely (being naked is proven to aid recall.)

I now have a CCSA NGX, and next friday is the CCSE NGX exam :S

technorati tags:exam, checkpoint, ccsa, ccse, tech