Archive

Posts Tagged ‘security’

Congressman Barber’s Response to Inquiry About DHS Alleged MRAP and Ammo Orders

April 19th, 2013 3 comments

640px-Navistar_MaxxProRegarding the Department of Homeland Security’s (DHS) alleged purchases of 2,700 Mine-Resistant Ambush Protected (MRAP) vehicles and billions of rounds of ammunition, I just got off the phone with a fellow named Mike from Congressman Barber’s (D-AZ) office. Congressman Barber is on the House Armed Services Committee. I was concerned about these reported unusual purchases, and I wrote a letter in February. I asked for answers; they investigated. Here is their answer.
Read more…

ShieldsUP! Strange Results

March 15th, 2011 No comments

ShieldsUP! from Steve Gibson is a great service that helps you assess your computer’s protection on the Internet. Debugging some recent router troubles, I tried turning on DMZ mode, which redirected all incoming traffic to a Mac (OS X 10.6.6) on my network. I was surprised to see the striped pattern below:

Now that’s weird. Could it be some kind of reactive firewall technique on the Mac? I don’t know, but it’s a pattern, and that certainly caught me off guard.

Categories: Utility Tags: , , ,

Locate Your Mac Laptop If It Is Missing

January 19th, 2011 18 comments

There are commercial services to help you locate lost laptops, but I wanted a feature that required less software to be installed and fewer Big Brothers helping me out along the way. Using a few free tools and shell scripts, I cobbled together my own LoJack-type system that notifies me whenever my laptop awakes (I can’t help you if your computer is turned off).

Tools Used:

  • SleepWatcher: Executes commands of your choice when computer wakes, sleeps, etc
  • bash: Shell scripting
  • LocateMe: Free command line tool (from me) using Apple’s geolocating API
  • Notifo: Lightweight notification for iPhones, etc
  • Google Maps: Displaying your laptop location

Downloads:

Read more…

Categories: Utility Tags: , , ,

Be Notified of SSH Logins with Notifo

September 11th, 2010 6 comments

I’ve been finding all kinds of neat uses for Notifo, a multipurpose notification tool for the iPhone, and I wanted to be notified when anyone (should only be me) logged in to my home computer via SSH. I wrote a Pluggable Authentication Module (PAM) that sends a notice to Notifo whenever someone logs in or activates the PAM module another day (yes, I know that “PAM module” is redundant).

Check it out on SourceForge at http://iharder.net/pam_notifo. I developed it on a Mac. I don’t know if it will compile properly on Linux. Please try it out.

Categories: Utility Tags: , , ,

I Use CrashPlan for Live Offsite Backup

February 19th, 2010 5 comments

One of my favorite podcasts SecurityNow had an advertiser that offered an online/offsite backup service and after trying Carbonite, Mozy, JungleDisk, and CrashPlan, I ended up settling with CrashPlan as my favorite to back up my Macs.

Unfortunately this all happened a few months ago, so I don’t remember all the details about why I liked or disliked each of the products, but here are some brief thoughts on each one.
Read more…

Categories: Utility Tags: ,

Jam Resistant Communication Without a Shared Key

December 7th, 2009 4 comments

BBC Decoding TreeSome US Air Force Academy (USAFA) and National Security Agency (NSA) smart guys (Baird, Bahn, and Collins – BBC) have come up with a way to achieve the kind of jam resistance that shared keys provide (like spread spectrum) but without the need for a shared key. For the crypto guys out there, this would be analogous to what the Diffie-Hellman key exchange brought to the world of symmetric cryptography. In fact one would probably use such a key exchange over BBC and then revert to traditional jam-resistant communication techniques, just as we do with asymmetric/symmetric crypto. Their ideas extend beyond jam resistance, but that’s what we’ll look at here.

Read more…

Categories: Utility Tags: , , , ,

Two Factor Authentication in Snow Leopard SSH with Perfect Paper Passwords

September 2nd, 2009 4 comments

If you’re nobody special like me, you probably “only” get a few thousand failed SSH logins to your computer each day. If you run a high profile system, it’s probably worse. Of course you have a good password for your account (right?), but should someone actually get your password, like with a keystroke logger on the remote computer you’re using to log in, what protection do you have then?

Two factor authentication can increase your security by requiring more than just your password (one factor) to log in. I like using Perfect Paper Passwords from Gibson Research Corporation (GRC.com). With this system after entering my username and password (even a wrong password) in an SSH session, I am then prompted for a four-digit passcode that I’ve previously printed out and stashed in my wallet. Each code is only used one time, and protects me even if someone manages to get my password. In the case where attackers are guessing my password, they cannot tell if the password or passcode was guessed incorrectly.

Sample PPP passcard (courtesy grc.com)

Sample PPP passcard (courtesy grc.com)

There’s only a little bit of trickery involved to compile it for Mac OS X 10.6 Snow Leopard, and if you had it working before in Leopard, you’ll need to recompile the PAM module (I know, it’s like “ATM machine”) for 64-bit mode.

Read more…