security Archives - Page 6 of 10

June 30, 2011

Debian Squeeze 6.0.2 update (Security – important)

Debian project has released update on Debian 6.0 (Squeeze) which addressed several security issues and bugfix. Debian Squeeze users are advised to update their installation using “apt-get update” and “apt-get upgrade” command to ensure all of the updates are installed properly.

p/s: Although I currently use Ubuntu, I was actually a Debian user and I continue to use Debian on my VPS to host this website till this very day. Without Debian, I would never has discovered thousands of wonderful open source software in it vast software repositories :)

June 29, 2011

Comprehensive List of Default Router Passwords

RouterPasswords.com is a website that list a collection of default router passwords from popular vendor.

This is handy should you lose the instruction manual or forgotten the default password.

June 28, 2011

How to limit MySQL port access to specific network

MySQL service port are not meant to be accessible to the outside world as it would become a security concern to the administrator.

Although MySQL server (mysqld) by itself has a built-in mechanism to deny access from unauthorized ip-address, it still does not protect it from being overwhelmed by multiple malicious requests or buffer overflow attack directed to the server.

One of the solution is to limit the MySQL port access to trusted network using iptables

This assume your trusted network has the address within the range of 192.168.1.1-192.168.1.254

iptables -A INPUT -i eth0 -p tcp -s 192.168.1.0/24 --dport 3306 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 3306 -m state --state ESTABLISHED -j ACCEPT

MySQL server (mysqld) uses port 3306.

Note: Always assume the internet as the untrusted network!

June 20, 2011June 19, 2011

How to crack SHA1, MD5 and Windows NTLM password hash using Rainbow tables in Linux

Rainbow tables is a form of attack method used to crack stored cryptographic hashes commonly used as passwords in various application.

It is similar to brute-force and dictionary attack that it will try to compare the resulting hash with the hash it attempts to crack, except in Rainbow tables, the possible matching hashes are all precomputed before hand, and it uses reduction function to double the lookup speeds at the expense of the storage space (time vs space trade off).

Project Rainbow-Crack offer downloadable binaries (free but not opensource) for GNU / Linux and Microsoft Windows operating system. The application package comes with several tools that can help in generating (rtgen), sorting (rtsort) and cracking (rcrack) sha1,md5 and NTLM hashes.

How to use rtgen, rtsort and rcrack ?
First before starting to crack sha1 hashes, we need to generate rainbow table with rtgen.
rtgen
rtgen sha1 loweralpha-numeric 1 8 0 5000 6553600 0

Usage:
rtgen <hash type> <loweralpha | loweralpha-numeric | numeric | mixalpha-numeric| alpha-numeric> <min length> <max length> <table_index> <chain_len> <chain_num> <part_index>

rtsort
Then we need to use rtsort to sort the rainbow tables generated by rtgen.
rtsort *.rt

rcrack
Finally run rcrack to crack the hashes
rcrack *.rt -l hash1.txt
or

rcrack *.rt -h af8978b1797b72acfff9595a5a2a373ec3d9106d

For more examples to generate and use rainbow tables, please refer to Project Rainbow-Table Example

May 2, 2011April 25, 2011

Iptables rule to safeguard SSH server from crackers

Secured Shell or SSH is a service to enable users to access remote system securely. However, SSH servers depending on password-based authentication might be vulnerable to dictionary-based (or brute-force) attacks by crackers.

Luckily iptables can be used with ‘–limit-burst‘ and ‘–limit’ option to reduce the number of attempts and connection that a cracking tool can make in a period of time.

For example, in order to limit an IP address to making only 5 connections per minute in burst of 2 connections, you can use this iptables rules:

iptables -A INPUT -p tcp --dport ssh -m limit --limit 5/minute --limit-burst 2 -j ACCEPT

This will result in the iptables will only allow up to 5 connections per minute with 2 maximum initial number of connections, which will make any brute-force or dictionary-based attack uneconomical/unfeasible for the server.

Read more about iptables –limit and –limit-burst in Linux Iptables Limit the number of incoming tcp connection / syn-flood attacks

April 29, 2011April 25, 2011

Restricting normal user account access on Ubuntu Server

Here’s a tip to restrict normal user account access so that common users may not be able to explore other directories beyond his/her own /home directory.

First you need to chmod all /home dir to 0700
Then, you need to set the default umask to 077, to do that, you ned to edit /etc/profile, and replace “umask 022” with “umask 077“.
Optionally, you can also update PAM configuration in /etc/pamd.d/common-session so that the line reads “pam_umask.so umask=077 usergroups“

The tips has been adapted from – superuser.com