Show Notes: extras.show/45

The post Self-Hosted: Fixing Brent's WiFi | Jupiter Extras 45 first appeared on Jupiter Broadcasting.

We take a deep dive into the basics of getting a home network up and running. It you’ve lived with whatever the ISP has given you have no fear, not only are we going to show you how to do it, it’s going to be all done from Linux!

Plus Firefox has a major flaw that impacts Linux users, an update on the Jolla tablet, we discuss our big format experiment & more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | WebM Torrent | MP3 Audio | OGG Audio | YouTube | HD Torrent

RSS Feeds:

HD Video Feed | Large Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Brought to you by: System76

Overview

• Default configurations are less secure and limited
• Ability to setup VPN
• Ability to setup DNS
• Most consumer equipment is a modem/router/switch/access point all in one (Spork Syndrome)

Default Settings on Mikrotik

• IP 192.168.88.1
• username: admin
• no password

Default Settings on (most) Linksys

• IP 192.168.0.1
• username: admin
• password: admin

DHCP – Dynamic Host Configuration Protocol

• Useful to push information to the clients about the network.
• Can be setup on most routers
• Comes setup by default
• Linksys limits you to /24 meaning a maximum of 254 clients.

DNS – Domain Name Service

• Phonebook of the internet
• Useful to point non-registered hostnames to IP addresses
• Can be used (somewhat) to block access to websites.

Firewall

• Used to block traffic
• Can be used on enterprise routers to separate switchports

Static IP (If your ISP allows it)

• What is and Setting static IP
• What is and Setting net mask
• What is and Setting Default Gateway

Setting up an Access Point

• Enable wireless on Mikrotik or Linksys
• Purchase separate access point and use WebUI
• Proper Channeling
• Proper Power
• POE

Easy Linux Networking

IPFire

From a technical point of view, IPFire is a minimalistic, hardened firewall system which comes with an integrated package manager called Pakfire. The primary task of Pakfire is to update the system with only a single click.

It is very easy to install security patches, bugfixes and feature enhancements, which make IPFire safer and faster – or simply, better.

Another task of Pakfire is to install additional software that adds new functionality to the IPFire system.
Some useful of them are:

• File sharing services such as Samba and vsftpd
• Communications server using Asterisk
• Various command-line tools as tcpdump, nmap, traceroute & many more.

Smoothwall.org

The goals of the project can be summed up as:

• Be simple enough to be installed by home users with no knowledge of Linux
• Support a wide variety of network cards, modems and other hardware
• Work with many different connection methods and ISPs from across the world
• Manage and configure the software using a web browser
• Run efficiently on older, cheaper hardware
• Develop a supportive user community
• Use sponsorship from Smoothwall Limited to further these goals

The Smoothwall Open Source Project is funded and supported by Smoothwall Limited.

• Smoothwall Express Download

— PICKS —

Runs Linux

• School Bell in the UK – Runs Linux!

Fantastic show, keep up the good work.
I wanted to share my own small runs Linux with you. I’m an IT Tech working in a secondary school in the UK. I got fed-up of our old outdated lesson change bell system from the 70’s so i made a pi powered one. It uses cron to run a python script that turns the relay on for a set amount of time. The cron file is edited via the UI that runs on php, MySQL on top of Apache. Photos of the UI and the project build attached.
its been in production since feb and still going strong.

Hope you like it

Thanks

Sent in by Robin T.

Desktop App Pick

• Zoiper

Our VoIP softphone will look everywhere for your contacts and will display them in a combined list for easy access. Outlook, windows/mac, LDAP, XMPP, XCAP, android, iOs. You name it, we got it and we will lookup incoming calls as well so you know who calls before you answer.

Weekly Spotlight

• SeaFile

Organize files into libraries. A library can be selectively synced into any device. Reliable and efficient file syncing improves your productivity.

A library can be encrypted by a password chosen by you. Files are encrypted before syncing to the server. Even the system admin can’t view the files.

Sharing into groups and collaboration around files. Permission control, versioning and activity notification make collaboration easy and reliable.

The core of Seafile server is written in C programming language. It is small and has a fantastic performance.

Upgrade can be done via running a simple script within a few seconds. Seafile records very few items in database. No huge database upgrade is needed.

AD/LDAP integration, group syncing, fine-grained permission control make the tool easily applied to your enterprise environment.

Celebrate BSD Now’s 2 year Anniversary!

BONUS SPOTLIGHT

• Privacy Badger, an Addon That Algorithmically Blocks Online Trackers

Online tracking has become a pervasive invisible reality of the modern web. Most sites you load are likely to be full of ads, tracking pixels, social media share buttons, and other invisible trackers all harvesting data about your web browsing. These trackers use cookies and other methods to read unique IDs associated with your browser, the result being that they record all the sites you visit as you browse around the internet. This sort of tracking is invisible to most web users, meaning they never get the option to agree to or opt-out of it. Today the EFF has launched the 1.0 version of Privacy Badger, an extension designed to prevent these trackers from accessing unique info about you and your browsing.

— NEWS —

Firefox exploit found in the wild | Mozilla Security Blog

Yesterday morning, August 5, a Firefox user informed us that an advertisement on a news site in Russia was serving a Firefox exploit that searched for sensitive files and uploaded them to a server that appears to be in Ukraine. This morning Mozilla released security updates that fix the vulnerability. All Firefox users are urged to update to Firefox 39.0.3. The fix has also been shipped in Firefox ESR 38.1.1.

LibreOffice 5.0 Released!

It is also the first version to come in 64 bits for Windows. As such LibreOffice 5 serves as the foundation of our current developments and is a great platform to extend, innovate and collaborate with!

LibreOffice 5.0 ships an impressive number of new features for its spreadsheet module, Calc: complex formulae image cropping, new functions, more powerful conditional formatting, table addressing and much more. Calc’s blend of performance and features makes it an enterprise-ready, heavy duty spreadsheet application capable of handling all kinds of workload for an impressive range of use cases.

New icons, major improvements to menus and sidebar : no other LibreOffice version has looked that good and helped you be creative and get things done the right way. In addition, style management is now more intuitive thanks to the visualization of styles right in the interface.

LibreOffice 5 ships with numerous improvements to document import and export filters for MS Office, PDF, RTF, and more. You can now timestamp PDF documents generated with LibreOffice and enjoy enhanced document conversion fidelity all around.

LibreOffice 5 combines innovative features and long term efforts towards enhanced stability. As a result, expect both improvements in performance and in stability over the lifetime of the 5.0.x series.

LibreOffice under the hood: progress to 5.0

Gtk3 backend: Wayland

An very rough, initial gtk3 port was hacked together long ago by yours truly to prototype LibreOffice online via gdk-broadway.
However thanks to Caolán McNamara (RedHat) who has done the 80% of the hard work to finish this, giving us a polished and complete VCL backend for gtk3.
His blog entry focuses on the importance of this for running LibreOffice natively under wayland – the previous gtk2 backend was heavily tied to raw X11 rendering, while the new gtk3 backend uses CPU rendering via the VCL headless backend, of which more below.

OpenGL rendering improvements

The OpenGL rendering backend also significantly matured in this version, allowing us to talk directly to the hardware to accelerate
much of our rendering, with large numbers of bug fixes and improvements.
Many thanks to Louis-Francis Ratté-Boulianne (Collabora), Markus Mohrhard, Luboš Luňák (Collabora), Tomaž Vajngerl (Collabora), Jan Holesovsky (Collabora), Tor Lillqvist (Collabora), Chris Sherlock & others.
It is hoped that with the ongoing bug-fixing here, that this can be enabled by default as a late feature, after suitable review, for LibreOffice 5.0.1 or at the outside 5.0.2.

LibreOffice 5.0 Is a Milestone Release for Ubuntu Touch

LibreOffice will land on Ubuntu Touch

The developers from The Document Foundation haven’t gone into much detail about their plans, but they have said that the office suite is coming to Android. Coupled with the things we already know about Ubuntu Touch, we can safely say that LibreOffice 5.0 will bring some very interesting changes to the mobile platform from Canonical.

“A new version for new endeavours: LibreOffice 5.0 is the cornerstone of the mobile clients on Android and Ubuntu Touch, as well as the upcoming cloud version. As such, LibreOffice 5.0 serves as the foundation of current developments and is a great platform to extend, innovate and collaborate!” reads the announcement from The Document Foundation.

Jolla Tablet – First Batch out of Factory

Last week was very busy for Jolla, but few issues delaying the process by couple of days were catch up during the weekend by hard working Sailors. The first batch of Jolla Tablets is now complete and is told to look great! This batch is pre-production batch delivered to selected developers and internal test personnel

July 27th all the components were ready to be mounted on the circuit boards in China. All that was missing was the circuit boards themselves, as the flight delivering them was delayed by couple of hours. This delay was short, and assembling the boards was started as planned without major issues.

Earlier delays with material preparation and board delivery forced Jolla to agree on a new schedule with the assembly factory. July 30th, circuit boards were tested and the batch was sent to factory to be assembled on the next day. Surprise came with a glue machine, display assembly wasn’t possible

• Jolla Tablet

White House Petition to use FOSS whenever possible

We believe that the federal government, for the security of the information it manages and the efficient allocation of the public’s funds, should divest itself of costly proprietary software contracts wherever possible.

Healthcare.gov’s initial failings had much to do with the old, proprietary infrastructure that government contracting details required the application be built on. The US Navy recently spent considerable amounts of taxpayer money to extend support for Windows XP and Office 2003, both inherently obsolete and insecure.

Use of proprietary software costs our taxpayers needless money. It’s become clear that governments such as those of the UK and much of the European Union can adopt open source software and be better off for it. We should join them.

Feedback:

• https://slexy.org/view/s21WAMBD7L

• https://slexy.org/view/s2FgS2pShD

• https://slexy.org/view/s25ZrXOyoO

• Some crazy LAS idea

• Support Jupiter Broadcasting on Patreon

Chris’s Twitter account has changed, you’ll need to follow!

Chris Fisher (@ChrisLAS) | Twitter

— CHRIS’ STASH —

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— NOAH’S STASH —

Noah’s Day Job

Altispeed Technologies

Contact Noah

noah [at] jupiterbroadcasting.com

Find us on Google+

• Chris
• Noah J. Chelliah
• Jupiter Broadcasting’s Page

Find us on Twitter

• Chris – ChrisLAS
• Noah – Kernellinux

Follow us on Facebook

• Jupiter Broadcasting on Facebook
• Noah – Kernellinux

Catch the show LIVE Sunday 10am Pacific / 1pm Eastern / 6pm UTC:

• https://jblive.tv
• Network Calendar

The post Level Up Your LAN | LAS 377 first appeared on Jupiter Broadcasting.

A back backdoor found in many common routers gets covered up instead of patched, and all it takes is a knock on the door to exploit it. We’ll share the details.

Plus cross VM attacks just got much easier, a great batch of your questions – our answers, and much much more!

On this week’s episode of TechSNAP!

Thanks to:

— Show Notes: —

Intentional backdoor in home routers, when reported vendor just attempts to hide it better

• Back around Christmas researchers found a backdoor in 24 different models of routers from Cisco, Linksys, Netgear and Diamond. The backdoor gave an attacker who knew about the flaw a full root shell on the router, and allowed them to dump the entire config, and make changes to the configuration
• This could allow an attacker to get inside your network by forwarding ports etc, but also conduct a Man-in-the-Middle attack by changing the DNS resolvers on your router to be malicious ones that would direct your traffic to the wrong location
• Shortly there after, Netgear released updated firmware from the vendor (sercomm)
• When the researchers dissected the firmware, they found that the backdoor was still there, but was only listening on a UNIX domain socket, inaccessible from the network
• However, they found that in specific circumstances, the backdoor will be reenabled
• If the router receives a specially crafted ethernet frame, it will reenable the backdoor via TCP
• They also found additional capabilities, including the ability to change query the router for its MAC access, change the LAN IP address, or cause different LED lights on the modem
• Since this requires a specially crafted ethernet frame, it can only be sent from 1 hop away
• This means that the backdoor can only be enabled from the local LAN or WLAN, or by the ISP
• A number of the features of this ‘backdoor’ would appear to be useful to an ISP, querying data from the routers and reprogramming them etc
• However the negative security aspects outweigh all of the gain
• Researcher PDF

Fine grain Cross-VM Attacks on Xen and VMware

• Researchers from Worcester Polytechnic Institute have published new research showing the cloud services may be vulnerable
• “we show that AES in a number popular cryptographic libraries including OpenSSL, PolarSSL and Libgcrypt are vulnerable to Bernstein’s correlation attack when run in Xen and VMware (bare metal version) VMs, the most popular VMs used by cloud service providers (CSP) such as Amazon and Rackspace. We also show that the vulnerability persists even if the VMs are placed on different cores in the same machine. The results of this study shows that there is a great security risk to AES and (data encrypted under AES) on popular cloud services.”
• Use a separate machine for each client, although this basically breaks the entire purpose of ‘the cloud’
• Using AES-NI mitigates the attack entirely, however many clouds still use older machines that do not support AES-NI
• Newer versions of the various libraries seem to mitigate the attack against the last round of crypto, but are still susceptible during the first round
• The researchers suggest using AES256 instead of AES128 because 256 uses 14 rounds to 128’s 10

Feedback:

• RE: Brett bare metal backup

• Question for System Network Administration Experts

• Forking OpenSSL is bad

• Tricky home printing scenario

• Follow Up: Arch ZFS readonly issue // Slexy 2.0

Round Up:

• Chrome Extension Stealing Bitcoins
• Mozilla offers $10,000 bounty for bugs to incentivize auditing of the new certificate verification library before it ships with a future version of Firefox
• Tech Titans Launch \’Core Infrastructure Initiative\’ to Secure Key Open Source Components
• Cisco proposed RFC 3924 – Architecture for Lawful Intercept in IP Networks
  
• Google Offered to Help Samsung in its Patent Battles with Apple
• The design flaw that almost wiped out an NYC skyscaper – a lesson in responsible engineering
• F.C.C., in a Shift, Backs Fast Lanes for Web Traffic
• Vulnerability in Netsupport Manager could allow attackers to steal data
• Verizon’s Data Breach Investigations Report reveals that the most common cause of data breaches is weak credentials
• DDoS attacks increasingly being used to cover up or distract from theft and fraud

The post Intentional Backdoor | TechSNAP 159 first appeared on Jupiter Broadcasting.

The Mask, an advanced persistent threat is revealed, a slew of various home router models are actively being exploited, we’ll share the important details.

Plus some routing basics explained, and much much more.

On this week’s TechSNAP

Thanks to:

— Show Notes: —

Kaspersky discovered “The Mask” APT

• We got some hints about Careto (also know as “The Mask” or “The Masked APT”) a few weeks ago, and speculation suggested that the unusual native language of the attackers was Korean
• In an even bigger surprise, it turns out the attackers are Spanish speaking
• the Spanish-speaking attackers targeted government institutions, energy, oil & gas companies and other high-profile victims via a cross-platform malware toolkit
• Full Research PDF
• The APT has been going on since 2007 or earlier
• “More than 380 unique victims in 31 countries have been observed to date”
• “What makes “The Mask” special is the complexity of the toolset used by the
  attackers. This includes an extremely sophisticated malware, a rootkit, a bootkit, 32 and 64 bit Windows versions, Mac OS X and Linux versions and possibly versions for Android and iPad/iPhone (Apple iOS)”
• “The Mask also uses a customized attack against older versions of Kaspersky Lab products to hide in the system, putting them above Duqu in terms of sophistication and making it one of the most advanced threats at the moment. This and several other factors make us believe this could be a nation state sponsored campaign”
• “When active in a victim system, The Mask can intercept network traffic, keystrokes, Skype conversations, PGP keys, analyse WiFi traffic, fetch all information from Nokia devices, screen captures and monitor all file operations”
• “The malware collects a large list of documents from the infected system, including encryption keys, VPN configurations, SSH keys and RDP files. There are also several extensions being monitored that we have not been able to identify and could be related to custom military/government level encryption tools”
• “Overall, we have found exploits for Java, Flash SWF (CVE-2012-0773), as well as malicious plugins for Chrome and Firefox, on Windows, Linux and OS X. The names of the subdirectories give some information about the kind of attack they launch, for instance we can find /jupd where JavaUpdate.jar downloads and executes javaupdt.exe”
• “CVE-2012-0773 has an interesting history. It was originally discovered by French
  company VUPEN and used to win the “pwn2own” contest in 2012. This was the first
  known exploit to escape the Chrome sandbox. VUPEN refused to share the exploit
  with the contest organizers, claiming that it plans to sell it to its customers”
• “A Google engineer offered Bekrar (of VUPEN) $60,000 on top of the $60,000 he had already won for the Pwn2Own contest if he would hand over the sandbox exploit and the details so Google could fix the vulnerability. Bekrar declined and joked that he might consider the offer if Google bumped it up to $1 million, but he later told WIRED he wouldn’t hand it over for even $1 million.”
• This suggests that the threat actor may be a government
• However, Chaouki Bekrar denies the VUPEN exploit was used
• “Several attacks against browsers supporting Java have been observed.
  Unfortunately, we weren’t able to retrieve all the components from these attacks, as
  they were no longer available on the server at the time of checking”
• Also exploits CVE-2011-3544 against Java
• Additional Coverage

Linksys Router Malware

• Researchers say they have uncovered an ongoing attack that infects home and small-office wireless routers from Linksys with self-replicating malware, most likely by exploiting a code-execution vulnerability in the device firmware.
• Johannes B. Ullrich, CTO of the Sans Institute, told Ars he has been able to confirm that the malicious worm has infected around 1,000 Linksys E1000, E1200, and E2400 routers, although the actual number of hijacked devices worldwide could be much higher.
• A blog post Sans published shortly after this article was posted expanded the range of vulnerable models to virtually the entire Linksys E product line. Once a device is compromised, it scans the Internet for other vulnerable devices to infect.
• Compromised routers remain infected until they are rebooted. Once the devices are restarted, they appear to return to their normal state. People who are wondering if their device is infected should check for heavy outbound scanning on port 80 and 8080, and inbound connection attempts to miscellaneous ports below 1024.
• The attack begins with a remote call to the Home Network Administration Protocol (HNAP), an interface that allows ISPs and others to remotely manage home and office routers. The remote function is exposed by a built-in Web server that listens for commands sent over the Internet.
• Typically, it requires the remote user to enter a valid administrative password before executing commands, although previous bugs in HNAP implementations have left routers vulnerable to attack.
• After using HNAP to identify vulnerable routers, the worm exploits an authentication bypass vulnerability in a CGI script.
• Infected devices are highly selective about the IP ranges they will scan when searching for other vulnerable routers. The sample Ullrich obtained listed just 627 blocks of /21 and /24 subnets.
• The discovery comes a week after researchers in Poland reported an ongoing attack used to steal online banking credentials, in part by modifying home routers\’ DNS settings.
• The phony domain name resolvers listed in the router settings redirected victims\’ computers, tablets, and smartphones to fraudulent websites masquerading as an authentic bank service; the sites would then steal the victims\’ login credentials.
• The objective behind this ongoing attack remains unclear. Given that the only observable behavior is to temporarily infect a highly select range of devices, one possible motivation is to test how viable a self-replicating worm can be in targeting routers.
• Two days after this article was published, Linksys representatives issued the following statement:

Linksys is aware of the malware called “The Moon” that has affected select older Linksys E-Series routers and select older Wireless-N access points and routers. The exploit to bypass the admin authentication used by the worm only works when the Remote Management Access feature is enabled. Linksys ships these products with the Remote Management Access feature turned off by default. Customers who have not enabled the Remote Management Access feature are not susceptible to this specific malware.
+ Additional Coverage Internet Storm Center
+ These are not the only routers that have problems
+ Home Routers pose the biggest threat to consumer security
+ An old backdoor from 2005 was found in brand new Cisco home “Gigabit Security Routers”
+ As the covered last year, 40-50 million routers have uPnP flaw
+ Yesterday, researchers found a stack overflow bug in Linksys WRT120N routers
+ The new protocol that proposes to make “security” easier on the next generation of home routers may cause more harm than good
+ Asus Routers are also vulnerable including the RT-AC66R, RT-AC66U, RT-N66R, RT-N66U, RT-AC56U, RT-N56R, RT-N56U, RT-N14U, RT-N16, and RT-N16R

Feedback:

• Do you do disk or filesystem level encryption? If so, how do you manage the keys?

• confused about default routes

• Migrating ZFS

  • ZFS Replication

• Smart Wire Modems

• \”I just don\’t want to see the internet just walled off in different areas of the world\”

Round Up:

• Email attack on Vendor was source of Target breach
• Target\’s cybersecurity team raised concerns months before hack
• Schneier on Security: My Talk on the NSA
• Are 400gbps DDoS attacks the new normal?
• Verizon seeks payment for carrying Netflix traffic, WSJ reports
• RAID reliability calculator
• More than 2000 Tesco.com accounts leaked
• The History of Data Storage
• Important Kickstarter Security Notice
• FreeBSD PEFS file system security audit
• Tour of the Verizon Terremark Data Center
• Intel introduces new 15 core Xeon CPU, Xeon E7-8893 v2 (LGA2011), 3.4 GHz (3.7 GHz turbo), 37.5 MB cache, 1536 GB max ram, 8 way system would have 240 logical CPUs
• US Health care sector vulnerable to Hackers

The post 7 Year Malware | TechSNAP 150 first appeared on Jupiter Broadcasting.

If you thought Stuxnet was a big deal, wait till you meet Red October. The incredible story of some of the most sophisticated malware yet surfaces, and we’ve got the details.

Plus: A Nasty 0-Day exploit for Linksys routers, a HUGE batch of your questions, and much much more – On this week’s episode of TechSNAP!

Thanks to:

Use our code tech295 to get a .COM for $2.95.

Something else in mind? Use go20off5 to save 20% on your entire order!

Pick your code and save:
techsnap7: $7.49 .com
techsnap10: 10% off
techsnap11: $1.99 hosting for the first 3 months
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans
techsnapx: 20% off .xxx domains

 

Support the Show: