Monday, April 11. 2011
x11log reloaded
Years ago, I implemented a prototype for an X11 keylogger, providing the advantage of not requiring root privileges to run.
I decided to give the code another chance, did some refactoring work and implemented a couple of nice and hopefully useful features, including local logging to a file, and remote logging to a TCP port and to a webserver via HTTP GET requests.It now has its own projcet on Launchpad where you can fetch the source and report bugs. Moreover, there are already prebuilt Ubuntu packages on one of my Launchpad PPAs for simple installation. The code is licensed under GPLv3.
Tuesday, March 29. 2011
DX DNS DKIM public key TXT record available
Delta-Xi finally offers a DKIM public key DNS record, and adds an X-DKIM header signature to each outgoing message for easy verification.Why? Mainly because GMail sucks. Their spam-filtering is acceptible, but completely intransparent, as quite everything concerning Google. For some reason, messages sent from DX are always put into the spam-folder on Gmail boxes without any comprehensible reason. (Note: Okay, maybe. There was a time, about 2008-2009, when the DX MTA entirely prevented accepting mails from or transmitting mails to GMaill, because I simply don't want to support their evil data-mining; maybe I annoyed Google?
.The DKIM public key is:
"v=DKIM1\; g=*\; k=rsa\;
t=y\;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQKK5YFLSVLyIQMZL90ZGwzSr1p3wjSw+7gbcaOfHqN3aLZbhdVtZnoojXgYQXu3sP601
+KicRFzIu0lo24kKU0t44ptDzZoXSa9Rr7WR4MzFfZpYxdC23XxUT/RXkf3M5BcGB7C9wLLo+EC7AP6n+4CEC3FqzjBshmPJYjco3umwIDAQAB"
Tuesday, February 22. 2011
Release: Open AS Communication Gateway
Finally, the sources of the Open AS Communication Gateway have made their way into public space. The proect aims to be an SMTP gateway for spam- and virus-scanning, which is entirely managed via a pretty web-frontend. It supports recipient maps, RBLs, greylisting, email-based quarantining, and much more.
It's available at Launchpad.
Wednesday, February 16. 2011
A new age has begun
Wednesday, March 11. 2009
Master thesis revealed: Ownership-based PAM with tons of new features
The thesis which served as basis for my Master's Degree in Networks & Security is now freely available for download here, and has been entitled Strong interface-independent authentication enforcement through commidity storage devices under GNU/Linux. The project's source-code is downloadable via this link, and represents the latest snapshot from the git repository. These documents and codes are delivered as-is.
Saturday, January 3. 2009
Data recovery in Linux systems
An article from the DX maintainer about data recovery in Linux systems has recently been released in the german hakin9 print magazine 01/2009, covering file-system reconstruction, forensic imaging, string-analysis, file-carving, slack observation and more.Monday, June 16. 2008
New Release: pam_usbng
The direct successor to USBAuth (pam_usbauth) is called pam_usbng and represents a complete rewrite with many enhancements. It's much easier to get the module up and running, and offers new nice features. You may have a look to the project page hereThe paper according to this new release is found here as PDF.
Source-browsing is done at the SVN web interface.
Tuesday, June 10. 2008
Mysql Remote Authentication Bypassing Exploit
As MySQL versions 4.1, 4.2 and early builds of 5.0 are vulnerable to a simple but devastating bug in the source code of the database server for which I couldn't find any exploit, here's a short description how to code it on your own.You may have a look on the paper, as well as on the presentation slides.
Friday, May 30. 2008
Collaboration with OWASP
The leader of the Backend Security Project of OWASP (Open Web Application Security Project), Carlo Pelliccioni, asked me for collaboration as he took a look into the Delta Xi MySQL hardening paper.The resulting article (still under construction) can be found directly at OWASP.
Saturday, December 22. 2007
Hardening MySQL on Unix-like systems
I decided to take a look in hardening MySQL on Unix-like systems. The resulting paper includes some information about securing the operating system behind, secure local databases and network traffic by using cryptography and some other hints. The paper can be downloaded here.
Wednesday, October 17. 2007
Randomness in cryptography
Cryptographic routines and algorithms often rely on randomness, which is an essential fundament, especially in key-generation applications. This paper discusses how pseudo and real random numbers may be generated and how threatening unconcerness due to lack of entropy may seriously risk security. In addition, a brief overview of well-known and massively-used RNGs like Linux /dev/random are presented.
You may download the paper, as well as the presentation slides.
Sunday, September 23. 2007
X11 Keylogger w/o root-permissions
Most keylogging solutions deserve to be called as root-user; Userspace-Loggers as well as Kernelspace-Loggers. This simple piece of code shows you how you can use X11 to get a nice workaround for keylogging X-sessions.Continue reading "X11 Keylogger w/o root-permissions"
Wednesday, September 5. 2007
Secure authentication systems
An article about secure authentication systems has recently been released in the hakin9 print magazine, also covering USBAuth, which has been renewed and now also supports additional PIN-based hashed authentication for even more security.Also a Gentoo E-Build is finally available, thanks to Hades for these patches. In about one month, I'll release a paper about Randomness in Cryptography, the needs and behaviours of strong cryptographic algorithms which rely on true randomness and how stary-eyed RNGs can defeat strong encipherment.
Update: The German article can now be freely downloaded here.
Monday, June 25. 2007
Online again
Due to contract issues, Delta Xi unfortunately had a downtime for about 6 days. These problems affected not only the HTTP/S service, but also SVN and the USBAuth space. Several updates are to be announced. Thanks to ph030, who's ideas about using USBAuth with non-usb memory devices (e.g. SD), some bug tracking and a Gentoo ebuild will flow into the main code within the next 3-4 weeks.
Wednesday, May 2. 2007
Diffie-Hellmann via SMTP and a release of USBAuth
The paper according to the DX article of symmetric mail cryptography is finally done. You may download the (German) paper here.USBAuth has grown very fast, thank all users for reports, testing and feedback. I've put a lot of security-concerned stuff into the code, which makes USBAuth quite secure and ready for every-day use. The documentation, as well as the source and a Debian package of release 0.3 can be obtained from the USBAuth project site.
Wednesday, April 25. 2007
Local PAM authentication for USB storage devices
Security policies commonly don't fit the laziness of users and system administrators. You shouldn't be logged in as root directly, you shouldn't use short and unsafe passwords, and so on.
pam_usbauth.so let's you authenticate yourself on your system, passwordless with just having something like a "crypto USB device" plugged in - without additional uncommon hardware.
Continue reading "Local PAM authentication for USB storage devices"
Wednesday, April 18. 2007
OTPs: Using s/Key with SSH via OPIE
Passwords are a quite debatable way of authentification. Passwords can be sniffed and widely used with other services, if the same passwords are used on more than one service.
Biometrical identification is another form of authetication, but not quite suitable via remote access. An excellent standard is defined by s/Key. Read how to use this on Linux boxes...
Continue reading "OTPs: Using s/Key with SSH via OPIE"
Tuesday, April 17. 2007
Centralized logging of multiple servers
Syslogd is the friend of all administrators. No serious admin would miss taking a look in /var/log/* consistantly. Reading and working out log files is a very time consuming process, and even more complicated when administrating multiple server boxes.
This mini-howto shows you how to centralize your logs.
Continue reading "Centralized logging of multiple servers"
Monday, April 16. 2007
Featuring a near-HIDS: Mtree for data integrity
One and a half decades before, firewalls have had an exciting hype towards the whole Internet community. A few years later, numberous companies tried to get customers by releasing (partitally really obscure) security systems by calling them "Intrusion detection", then, again a few years later, "Intrusion prevention" and nowadays also prevention is not enough, but the software is called "Intrusion Reaction".
However, something like a host-based intrusion detection system can be established via a small FreeBSD tool called Mtree.
Continue reading "Featuring a near-HIDS: Mtree for data integrity"
Saturday, April 14. 2007
SSL certificate finally available
I really missed to provide an SSL-certificate for HTTPS usage of Delta Xi. You can finally use the more secure access, via https://www.delta-xi.net.Here is a short introduction how to create your own certificates and use them with Apache2.
Continue reading "SSL certificate finally available"
