- Telnet -> OpenSSH (latest patches)
- SSH Server: Protocol 2, do not allow root login
- SSH Client: Protocol 2
- Prevent root login (su/sudo only)
- Install ossec: http://www.ossec.net
- Confirm needed services in xinetd / inetd
- Confirm runlevel is multi-user mode and not starting X by default
- Review banners: motd, /etc/issue, sshd, ftpd, httpd…
- Restrict access to system logs
Archive for January, 2009
Hardening Checklist
Jan 31
Cracking Windows SAM file
Jan 30
A friend of mine showed me a great online video shows cracking the Window’s SAM file using the BackTrack live CD.
The Windows SAM file which is a database stored as a registry file stores users’ passwords in a hashed format.
The video can be found here and the BackTrack live CD can be downloaded here.
I have a company provided Blackberry. One thing that really peeves me off is that there is no way to disable the snapping photograph sound when you take a picture. I’ve heard there is a hack someone came up with on the crackberry forums but I have not tried it.
I became very upset once I read the cnet article below. A politician wants to pass legislation to force cell phone manufacturers to always emit a tone when the camera phone is utilized:
http://news.cnet.com/8301-17938_105-10150671-1.html?part=rss&tag=feed&subj=News-Wireless
Do you have a Microsoft Windows PC running slow? The first but usually most painful solution is to reformat and or reinstall.
However before proceeding with such drastic steps there are two things I recommend checking:
1) Do you have enough physical memory? You want to reduce the frequency of virtual memory paging activity. Run Task Manager by pressing CTRL+SHIFT+ESC. See below:
*Note: If you have Windows Vista or 7 remember you can add additional member on the fly with a USB stick by using ReadyBoost
2) Make sure your hard drive(s) is running in DMA mode. It is unfortunately not uncommon for Windows to revert to PIO mode which means transfer speeds of 3-4mbps instead of 50-60mbps. Basically remember that PIO=slow, DMA=fast. Open Device Manager by pressing WinKey+R and typing “devmgmt.msc”
We’ve heard all the talk about Obama giving up his cellphone when he takes over as president. There are things to worry about such as the data retention and the Presidential Records Act not to much mention privacy and security concerns.
However, there may be a solution for Obama. The NSA has approved several defense contractors’ cell phones for Top Secret communication. Read more in this CNET article….
—
According to this BBC article it appears that Obama has not given up his Blackberry and has no plans to do so.
‘Application Data’ passwords
Jan 23
If you’re running Windows XP or Vista have a look in
C:\Documents and Settings\username\Application Data
***you may need to show hidden files/folders
This is a warning if you have applications store or remember your username and especially password. These applications may very well be storing them in plain text and it would be easy for someone to steal your credentials. Instant messenger applications, games, FTP clients, etc…
The pidgin IM client (formely gaim) has an interesting article about why they do not encrypt their passwords: http://developer.pidgin.im/wiki/PlainTextPasswords
Google for im passwords: http://tinyurl.com/8fnc9t
It’s a bad idea to have any application remember your password! If you don’t like to remember your passwords then try KeePass or the original Password Safe.
Largest data breach ever?
Jan 20
It’s just being reported that Heartland Data Systems, a credit card processing company, was breached for a large portion of 2008. They’ve just recently discovered the problem. They process CC transactions for millions of merchants and accept Mastercard, Visa, Discover. You may want to watch your statement carefully — but if the culprits have captured god-knows-how-many-numbers what’s the chance they would use yours?
Heartland has created a website about this event here: http://2008breach.com/
Impersonation
Jan 20
If you’re not a member of Bruce Schniere’s CRYPTO-GRAM mailing list I suggest you sign up right now. It’s a wonderful monthly mailing where Bruce talks about everything from security to cryptographyand comments on the latest news.
In the latest CRYPTO-GRAM there’s an interesting story about one of the first well published cases of impersonation, Martin Guerre. Guerre was a 16th century French peasant who was impersonated for 3yrs — the impersonator living with his wife and kids!!!
In Late December the Center for Strategic and International Studies published Securing Cyberspace for the 44th Presidency. It’s a very good read albeit some parts can become long and dry. It sounds more like a child’s unrealistic Christmas wish list than anything else. The whitepaper is heavily suggesting creating a new agency to head up cyberspace security and recommends creating a spot in the president’s inner council.
You can find some interesting critiques of the whitepaper here:
http://www.cs.columbia.edu/~smb/blog/2008-12/2008-12-15.html
http://www.interesting-people.org/archives/interesting-people/200812/msg00093.html
Trying to keep your Windows box secure? Trying to keep your Windows box secure for cheap? For free?
The quickest, easiest, and most affordable things you can do to lock down your Microsoft Windows PC are:
1) Configure MVPS’ customized hosts file
2) Install Firefox and the NoScript Add-On (ok, ok, this should be 2 steps…)
–
3) If you have a few more minutes of time to spare you may want to consider a free Virus Scanner: AVG