Transparent Cryptographic File System
Secure file sharing' is a kernel service to help user applications in sharing secure files among a group of users. Each file is given a unique file_id and a user chosen level by means of which users can choose to forbid or to permit access to it.
Monday, November 25, 2002
National Institute of Justice - Technology Programs
NIJ Sponsors technology research, development, assessment, and implementation to improve public safety.
NIJ Sponsors technology research, development, assessment, and implementation to improve public safety.
Thursday, November 21, 2002
Tuesday, November 19, 2002
Inside OE
Inside Outlook Express is a source of technical information, help and tips for users of Microsoft Outlook Express® for Windows, versions 5, 5.01, 5.5 and 6. All articles are valid for all these versions unless otherwise stated.
Inside Outlook Express is a source of technical information, help and tips for users of Microsoft Outlook Express® for Windows, versions 5, 5.01, 5.5 and 6. All articles are valid for all these versions unless otherwise stated.
The Unofficial 802.11 Security Web Page
Lots of people are interested in IEEE 802.11 security nowadays. Given that level of interest, there's a need for accurate information on how the current standards work, what's wrong with them, and the current thinking on how to fix the problems. This page tries to gather relevant papers and standards in a single place.
Lots of people are interested in IEEE 802.11 security nowadays. Given that level of interest, there's a need for accurate information on how the current standards work, what's wrong with them, and the current thinking on how to fix the problems. This page tries to gather relevant papers and standards in a single place.
CRAZYTRAIN.COM
For your reference, my little nook on the Internet will house information pertaining to the Information Security arena, with a few other tidbits here and there.
For your reference, my little nook on the Internet will house information pertaining to the Information Security arena, with a few other tidbits here and there.
Saturday, November 16, 2002
When firewalls and intrusion detection just aren't
Firewalls alone are not enough to thwart today's more sophisticated range of attacks, while Intrusion Detection Systems detect and record attacks, but do not block them. AV products, properly updated, can help protect against malicious code but are necessarily limited in their scope.
So enterprises and telecoms operators face a security gap which vendors are trying to plug with a fresh breed of security appliances, dubbed Intrusion Prevention Systems (IPS).
Into this arena comes Top Layer Networks, which is extending its line of appliances that guard against Denial of Service attacks to provide in-line protection against a wider range of Internet attacks. Top Layer's high speed ASIC-based appliances have impressed in tests on their effectiveness against DoS attacks so its entry into what is becoming a crowded marketplace is nonetheless significant.
Firewalls alone are not enough to thwart today's more sophisticated range of attacks, while Intrusion Detection Systems detect and record attacks, but do not block them. AV products, properly updated, can help protect against malicious code but are necessarily limited in their scope.
So enterprises and telecoms operators face a security gap which vendors are trying to plug with a fresh breed of security appliances, dubbed Intrusion Prevention Systems (IPS).
Into this arena comes Top Layer Networks, which is extending its line of appliances that guard against Denial of Service attacks to provide in-line protection against a wider range of Internet attacks. Top Layer's high speed ASIC-based appliances have impressed in tests on their effectiveness against DoS attacks so its entry into what is becoming a crowded marketplace is nonetheless significant.
Wi-Fi Encryption Fix Not Perfect
The biggest security risk for "Wi-Fi" wireless Internet networks is that users sometimes fail to turn on their encryption software.
But even the responsible ones who use the encryption program -- Wired Equivalent Privacy -- aren't immune to malicious attacks.
A growing trend on the streets of Manhattan are WarDrivers who break into wireless networks for fun. A professional hacker or anyone with significant programming knowledge can hack through WEP and even steal data off the network.
"WEP provides a level of security too low for me to take seriously," said Niels Ferguson, a cryptography consultant in Amsterdam who helped come up with an alternative encryption to WEP.
The WEP replacement, Wi-Fi Protected Access, adopts a more rigorous standard for authenticating users in order to eliminate the former's security flaws.
However, WPA comes with its own set of problems: denial of service attacks that can shut down the network and leave people without wireless Internet access.
Ferguson said that all wireless protocols are susceptible to DoS attacks, but WPA "is subject to all of them plus one extra type of DoS attack."
The biggest security risk for "Wi-Fi" wireless Internet networks is that users sometimes fail to turn on their encryption software.
But even the responsible ones who use the encryption program -- Wired Equivalent Privacy -- aren't immune to malicious attacks.
A growing trend on the streets of Manhattan are WarDrivers who break into wireless networks for fun. A professional hacker or anyone with significant programming knowledge can hack through WEP and even steal data off the network.
"WEP provides a level of security too low for me to take seriously," said Niels Ferguson, a cryptography consultant in Amsterdam who helped come up with an alternative encryption to WEP.
The WEP replacement, Wi-Fi Protected Access, adopts a more rigorous standard for authenticating users in order to eliminate the former's security flaws.
However, WPA comes with its own set of problems: denial of service attacks that can shut down the network and leave people without wireless Internet access.
Ferguson said that all wireless protocols are susceptible to DoS attacks, but WPA "is subject to all of them plus one extra type of DoS attack."
The Peon's Guide To Secure System Development
Increasingly incompetent developers are creeping their way into important projects. Considering that most good programmers are pretty bad at security, bad programmers with roles in important projects are guaranteed to doom the world to oblivion. The author feels that a step toward washing himself clean of responsibility is by writing this document. Checking your memcpy() and malloc() calls have been lectured to death. It's not working. The approach used by this document is to instead shame developers into producing better systems. Enjoy.
Increasingly incompetent developers are creeping their way into important projects. Considering that most good programmers are pretty bad at security, bad programmers with roles in important projects are guaranteed to doom the world to oblivion. The author feels that a step toward washing himself clean of responsibility is by writing this document. Checking your memcpy() and malloc() calls have been lectured to death. It's not working. The approach used by this document is to instead shame developers into producing better systems. Enjoy.
Thursday, November 14, 2002
WLAN
Wireless LAN discovery through the use of applications such as NetStumbler, DStumbler, Wellenreiter and others is an increasingly popular technique for network penetration. The discovery of a wireless LAN might be used for seemingly innocuous Internet access, or to be used as a "backdoor" into a network to stage an attack. This paper reviews some of the tactics used in wireless LAN network discovery and attempts to identify some of the fingerprints left by wireless LAN discovery applications, focusing on the MAC and LLC layers. This fingerprint information can then be incorporated into intrusion detection tools capable of analyzing data-link layer traffic.
Wireless LAN discovery through the use of applications such as NetStumbler, DStumbler, Wellenreiter and others is an increasingly popular technique for network penetration. The discovery of a wireless LAN might be used for seemingly innocuous Internet access, or to be used as a "backdoor" into a network to stage an attack. This paper reviews some of the tactics used in wireless LAN network discovery and attempts to identify some of the fingerprints left by wireless LAN discovery applications, focusing on the MAC and LLC layers. This fingerprint information can then be incorporated into intrusion detection tools capable of analyzing data-link layer traffic.
Wednesday, November 13, 2002
SecNet11 -- Secure Wireless Local Area Network
Harris Corporation provides a revolutionary Type 1 encrypted Secure Wireless LAN (SWLAN) solution that allows COMSEC-approved government agencies to rapidly communicate multimedia information (data, voice, and video) in a secure environment.
The system integrates NSA crypto with commercial chipset based 802.11b PCMCIA cards and access points to create a secure wireless LAN.
Harris Corporation provides a revolutionary Type 1 encrypted Secure Wireless LAN (SWLAN) solution that allows COMSEC-approved government agencies to rapidly communicate multimedia information (data, voice, and video) in a secure environment.
The system integrates NSA crypto with commercial chipset based 802.11b PCMCIA cards and access points to create a secure wireless LAN.
Monday, November 11, 2002
Forensic Acquisition Utilities
This is a collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment. The components in this collection are intended to permit the investigator to sterilize media for forensic duplication, discover where logical volume information is located and to collect the evidence from a running system while at the same time guaranteeing data integrity (e.g. with a cryptographic checksum) and while minimizing changes to the subject system.
This is a collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment. The components in this collection are intended to permit the investigator to sterilize media for forensic duplication, discover where logical volume information is located and to collect the evidence from a running system while at the same time guaranteeing data integrity (e.g. with a cryptographic checksum) and while minimizing changes to the subject system.
Using the Java Cryptography Extension in WebSphere Studio Application Developer 4.03
This article also provides step-by-step instructions and help with the Java™ Cryptography Extension (JCE), which is a set of packages that provides a framework and implementation for encryption, key generation, key agreement, and Message Authentication Code (MAC) algorithms. JCE also supports secure streams and sealed objects.
This article also provides step-by-step instructions and help with the Java™ Cryptography Extension (JCE), which is a set of packages that provides a framework and implementation for encryption, key generation, key agreement, and Message Authentication Code (MAC) algorithms. JCE also supports secure streams and sealed objects.
Friday, November 08, 2002
Network Signals Just Scream to Be Exploited
Organizations ignore the security risks of wireless networking at their peril.
I recently strolled past federal buildings along Connecticut Avenue in Washington, carrying a beta-test model of a tablet PC equipped with an integrated IEEE 802.11b wireless PC Card.
In no time, it auto-detected a wireless network. The tablet asked me if I wanted to connect. I declined, but as I kept walking, the tablet detected signals for three more wireless networks. (Apparently, the Secret Service is curious about these free-ranging signals, too, and has sent teams around Washington snooping for wireless networks that broadcast signals onto the street.)
I did no probing, so I don't know whether the signals my tablet PC detected came from government, corporate or home networks. Nevertheless, they're out there, just waiting for someone to exploit them.
Organizations ignore the security risks of wireless networking at their peril.
I recently strolled past federal buildings along Connecticut Avenue in Washington, carrying a beta-test model of a tablet PC equipped with an integrated IEEE 802.11b wireless PC Card.
In no time, it auto-detected a wireless network. The tablet asked me if I wanted to connect. I declined, but as I kept walking, the tablet detected signals for three more wireless networks. (Apparently, the Secret Service is curious about these free-ranging signals, too, and has sent teams around Washington snooping for wireless networks that broadcast signals onto the street.)
I did no probing, so I don't know whether the signals my tablet PC detected came from government, corporate or home networks. Nevertheless, they're out there, just waiting for someone to exploit them.
How to Keep The Wireless Snoops Away
A wireless network is like hundreds of network cables floating in search of a rogue computer.
A good attacker can get into most networks by taking advantage of a wireless connection and its Wired Equivalent Privacy security.
A wireless network is like hundreds of network cables floating in search of a rogue computer.
A good attacker can get into most networks by taking advantage of a wireless connection and its Wired Equivalent Privacy security.
The FBI's Cybercrime Crackdown
In contrast to the teenage hackers of yore, today's perpetrators -- virtually all of them adults -- mount extremely sophisticated attacks. They don't brag, and they don't leave obvious tracks.
In contrast to the teenage hackers of yore, today's perpetrators -- virtually all of them adults -- mount extremely sophisticated attacks. They don't brag, and they don't leave obvious tracks.
Thursday, November 07, 2002
Understanding Bandwidth and Latency
From the bygone debates over DDR vs. RDRAM to the current controversy over Apple's DDR implementations, one issue is commonly misunderstood in most discussions of memory technology: the nature of the relationship between bandwidth and latency. This article aims to give you a basic grasp of the complex and subtle interaction between bandwidth and latency, so that the next time you see bandwidth numbers quoted for a system you'll be able to better understand how those numbers translate into real-world performance.
This article was written in such a manner that the concepts communicated in it will be applicable to understanding a wide range of systems and parts of systems: from the frontside and memory buses of current P4 and Athlon systems to the buses in Apple's new XServe. Throughout the article, then, I've deliberately avoided getting mired down in the details of specific implementations in hopes that the general concepts will stand out clearly for the reader. The flip side of this simplicity is that for almost every claim I make a technically savvy reader could probably point out various exceptions, workarounds and other caveats peculiar to particular systems and data access scenarios.
From the bygone debates over DDR vs. RDRAM to the current controversy over Apple's DDR implementations, one issue is commonly misunderstood in most discussions of memory technology: the nature of the relationship between bandwidth and latency. This article aims to give you a basic grasp of the complex and subtle interaction between bandwidth and latency, so that the next time you see bandwidth numbers quoted for a system you'll be able to better understand how those numbers translate into real-world performance.
This article was written in such a manner that the concepts communicated in it will be applicable to understanding a wide range of systems and parts of systems: from the frontside and memory buses of current P4 and Athlon systems to the buses in Apple's new XServe. Throughout the article, then, I've deliberately avoided getting mired down in the details of specific implementations in hopes that the general concepts will stand out clearly for the reader. The flip side of this simplicity is that for almost every claim I make a technically savvy reader could probably point out various exceptions, workarounds and other caveats peculiar to particular systems and data access scenarios.
Complete Snort-based IDS Architecture, Part One
Intrusion detection systems (IDS) are one of the fastest growing technologies within the security space. Unfortunately, many companies find it hard to justify acquiring IDS systems due to their perceived high cost of ownership (for example see Justifying the Expense of IDS by Kevin Timm and David Kinn). However, not all IDS systems are prohibitively expensive. This two-part article will provide a set of detailed directions to build an affordable intrusion detection architecture from hardware and freely available software. This discussion will avoid the classic "build or buy" debate and instead focus on building the system at a minimum cost.
Intrusion detection systems (IDS) are one of the fastest growing technologies within the security space. Unfortunately, many companies find it hard to justify acquiring IDS systems due to their perceived high cost of ownership (for example see Justifying the Expense of IDS by Kevin Timm and David Kinn). However, not all IDS systems are prohibitively expensive. This two-part article will provide a set of detailed directions to build an affordable intrusion detection architecture from hardware and freely available software. This discussion will avoid the classic "build or buy" debate and instead focus on building the system at a minimum cost.
Wednesday, November 06, 2002
Essential Home Wireless Security Practices
802.11b networks are proliferating like mad. Even though faster wireless networks are now available, 802.11b offers users what they want at a reasonably low price. While the high throughput of other technologies is attractive to large Local Area Networks (LANs) and people wanting to use wireless for high-end home entertainment purposes, 802.11b's 11Mbit/sec is more than enough to hook up a handful of clients in your home to the Wide Area Network (WAN), which in most cases is simply the Internet.
802.11b networks are proliferating like mad. Even though faster wireless networks are now available, 802.11b offers users what they want at a reasonably low price. While the high throughput of other technologies is attractive to large Local Area Networks (LANs) and people wanting to use wireless for high-end home entertainment purposes, 802.11b's 11Mbit/sec is more than enough to hook up a handful of clients in your home to the Wide Area Network (WAN), which in most cases is simply the Internet.
Tuesday, November 05, 2002
The Journal of Craptology
The Journal of Craptology is an electronic journal on cryptologic issues. Papers accepted for publication in the Journal of Craptology relate to cryptology and fall into one or several of the following categories.
1. It is funny.
2. It is controversial.
3. It is crap.
The Journal of Craptology is an electronic journal on cryptologic issues. Papers accepted for publication in the Journal of Craptology relate to cryptology and fall into one or several of the following categories.
1. It is funny.
2. It is controversial.
3. It is crap.
Subscribe to:
Posts (Atom)
