openVPN – Jupiter Broadcasting

“I have a server with 2 1GB NICs, an un-managed switch, and a single gateway. Ideally, I would like WAN traffic routed through a PIA VPN
using openVPN, and LAN traffic to be routed locally without a VPN.”
Unmanaged switch isn’t ideal, but it’s far from bad.
Assuming the server will act as firewall / gateway
NIC #1 to router/modem, NIC #2 to switch with a static IP (say 10.1.1.1)
run a DHCP server on there, handing out 10.1.1.1 as the default gateway, DNS as you see fit
everything from LAN will go out via NIC #2 of server
server connects to VPN provider via OpenVPN. There are options on to set the default gateway. This is the gateway which the server will use. All traffic leaving your network will go out to that destination.
Not having used PIA, but I’ll guess you want your OpenVPN connection to accept their configuration settings (dns, etc) and use that on your server while it is running OpenVPN.

A Protocol For Distributed Multiparty Chat Encryption

review by nccgroup.
The protocol has the following security properties for group messaging:
Confidentiality: the conversation is not readable to an outsider
Forward secrecy: conversation history remains unreadable to an outsider even if participants’ encryption keys are compromised
Deniable authentication: Nobody can prove your participation in a chat
Authorship: A message recipient can be assured of the sender’s authenticity even if other participants in the room try to impersonate the sender
Room consistency: Group chat participants are confident that they are in the same room
Transcript consistency: Group chat participants are confident that they are seeing the same sequence of messages

I’m giving up on HPKP

what is HTTP PKP?
https://securityheaders.io – belongs to author
Be Afraid Of HTTP Public Key Pinning (HPKP)
Certificate Authority Authorisation – Later this year all CAs will be required to check a new DNS record called CAA before issuing a certificate – you can set a DNS record that specifies which CA you authorise to issue certs for your domain
Certificate Transparency – Once CT is a requirement no CA will be able to issue a certificate in secret without the owner of the domain knowing about it because it will be present in publicly visible CT logs. See crt.sh
OCSP leaks information
What is OCSP (Online Certificate Status Protocol)?

Feedback

Database migrations in Episode 332
Extra skimming prevention tip
Let’s Encrypt uses ~/.well-known/ directory – referenced in How It Works, but not named and explicity named in the Integration Guide

Round Up:

The post HPKP: Hard to Say, Hard to Use | TechSNAP 334 first appeared on Jupiter Broadcasting.

iPhishing Expedition | TechSNAP 281

chris — Thu, 25 Aug 2016 18:49:30 +0000

RSS Feeds:

Become a supporter on Patreon:

Show Notes:

Sophisticated, persistent mobile attack against high-value targets on iOS

“Persistent, enterprise-class spyware is an underestimated problem on mobile devices. However, targeted attack scenarios against high-value mobile users are a real threat.”
“Citizen Lab (Munk School of Global Affairs, University of Toronto) and Lookout have uncovered an active threat using three critical iOS zero-day vulnerabilities that, when exploited, form an attack chain that subverts even Apple’s strong security environment. We call these vulnerabilities “Trident.” Our two organizations have worked directly with Apple’s security team, which was very responsive and immediately fixed all three Trident iOS vulnerabilities in its 9.3.5 patch.”
“Trident is used in a spyware product called Pegasus, which according to an investigation by Citizen Lab, is developed by an organization called NSO Group. NSO Group is an Israeli-based organization that was acquired by U.S. company Francisco Partners Management in 2010, and according to news reports specializes in “cyber war.” Pegasus is highly advanced in its use of zero-days, obfuscation, encryption, and kernel-level exploitation.”
“We have created two reports that discuss the use of this targeted attack against political dissidents and provide a detailed analysis of the malicious code itself. In its report, Citizen Lab details how attackers targeted a human rights defender with mobile spyware, providing evidence that governments digitally harass perceived enemies, including activists, journalists, and human rights workers. In its report, Lookout provides an in-depth technical look at the targeted espionage attack that is actively being used against iOS users throughout the world.”
The target of the attack was Ahmed Mansoor, an internationally recognized human rights defender
“On August 10th and 11th, he received text messages promising “secrets” about detainees tortured in UAE jails if he clicked on an included link. Instead of clicking, Mansoor sent the messages to Citizen Lab researchers. Recognizing the links as belonging to an exploit infrastructure connected to NSO group, Citizen Lab collaborated with Lookout to determine that the links led to a chain of zero-day exploits that would have jailbroken Mansoor’s iPhone and installed sophisticated malware.”
“This marks the third time Mansoor has been targeted with “lawful intercept” malware. Previous Citizen Lab research found that in 2011 he was targeted with FinFisher spyware, and in 2012 with Hacking Team spyware. The use of such expensive tools against Mansoor shows the lengths that governments are willing to go to target activists.”
“Citizen Lab also found evidence that state-sponsored actors used NSO’s exploit infrastructure against a Mexican journalist who reported on corruption by Mexico’s head of state, and an unknown target or targets in Kenya. The NSO group used fake domains, impersonating sites such as the International Committee for the Red Cross, the U.K. government’s visa application processing website, and a wide range of news organizations and major technology companies. This nods toward the targeted nature of this software.”
“Pegasus is the most sophisticated attack we’ve seen on any endpoint because it takes advantage of how integrated mobile devices are in our lives and the combination of features only available on mobile — always connected (WiFi, 3G/4G), voice communications, camera, email, messaging, GPS, passwords, and contact lists. It is modular to allow for customization and uses strong encryption to evade detection.”
“The attack sequence, boiled down, is a classic phishing scheme: send text message, open web browser, load page, exploit vulnerabilities, install persistent software to gather information. This, however, happens invisibly and silently, such that victims do not know they’ve been compromised.”
“We believe that this spyware has been in the wild for a significant amount of time based on some of the indicators within the code (e.g., a kernel mapping table that has values all the way back to iOS 7). It is also being used to attack high-value targets for multiple purposes, including high-level corporate espionage on iOS, Android, and Blackberry.”
CitizenLab report
Lookout Report PDF
Additional Coverage: Arstechnica: Apple releases iOS 9.3.5 with “an important security update”
Additional Coverage: NY Times
Additional Coverage: Motherboard
Additional Coverage: WaPo

Hacking Electronic Safes

An interesting bit of research was brought to my attention via Bruce Schneier’s blog
“On Friday, a hacker known as Plore presented strategies for identifying a safe custom-selected keycode and then using it to unlock the safe normally, without any damage or indication that the code has been compromised”
“Plore’s techniques interesting is what they lack: any physical or even algorithmic sabotage”
“Plore used side-channel attacks to pull it off. These are ways of exploiting physical indicators from a cryptographic system to get around its protections.”
“Plore was able to figure out the keycodes for locks that are designated by independent third-party testing company Underwriter’s Laboratory as Type 1 High Security. These aren’t the most robust locks on the market by any means, but they are known to be pretty secure. Safes with these locks are the kind of thing you might have in your house.”
“In practice, Plore was able to defeat the security of two different safe locks made by Sargent and Greenleaf, each of which uses a six-digit code. “I chose Sargent and Greenleaf locks due to their popularity. They are the lock manufacturer of choice on Liberty brand gun safes, among others, and safes featuring those locks are widely available at major stores,” Plore told WIRED”
“Plore said he didn’t have time before Defcon to try his attacks on other lock brands, but he added, “I would not be particularly surprised if techniques similar to those I described would apply to other electronic safe locks, other electronic locks in general (e.g., door locks), or other devices that protect secrets (e.g., phones).”
I am glad the 6 digit combination lock that protects my house is mechanical
“For the Sargent and Greenleaf 6120, a lock developed in the 1990s and still sold today, Plore noticed that when he entered any incorrect keycode he could deduce the correct code by simply monitoring the current being consumed by the lock.”
““What you do here is place the resistor in series with the battery and the lock, and by monitoring voltage across that resistor we can learn how much current the lock is drawing at any particular time. And from that we learn something about the state of the lock,” Plore explained. As the lock’s memory checked the input against its stored number sequence, the current on the data line would fluctuate depending on whether the bits storing each number in the code were a 0 or a 1. This essentially spelled out the correct key code until Plore had all of its digits in sequence and could just enter them to unlock the safe. Bafflingly easy.”
“For the second demonstration, he experimented with a newer lock, the Sargent and Greenleaf Titan PivotBolt. This model has a more secure electronics configuration so Plore couldn’t simply monitor power consumption to discover the correct keycode. He was able to use another side-channel approach, though, a timing attack, to open the lock. Plore observed that as the system checked a user code input against its stored values there was a 28 microsecond delay in current consumption rise when a digit was correct. The more correct digits, the more delayed the rise was. This meant that Plore could efficiently figure out the safe’s keycode by monitoring current over time while trying one through 10 for each digit in the keycode, starting the inputs over with more and more correct digits as he pinpointed them. Plore did have to find a way around the safe’s “penalty lockout feature” that shuts everything down for 10 minutes after five incorrect input attempts, but ultimately he was able to get the whole attack down to 15 minutes, versus the 3.8 years it would take to try every combination and brute force the lock.”
This is why cryptography is usually implemented in ‘constant time’, where it is purposely slow. Both the right input and the wrong input take the same amount of time to return the result, so the attack can’t learn anything from the amount of time the response takes
““Burglars aren’t going to bother with this. They’re going to use a crowbar or a hydraulic jack from your garage or if they’re really fancy they’ll use a torch,” Plore said. “I think the more interesting thing here is [these attacks] have applicability to other systems. We see other systems that have these sorts of lockout mechanisms.” Plore said that he has been trying to contact Sargent and Greenleaf about the vulnerabilities since February. WIRED reached out to the company for comment but hadn’t heard back by publication time.”
“Even though no one would expect this type of affordable, consumer-grade lock to be totally infallible, Plore’s research is important because it highlights how effective side-channel attacks can be. They allow a bad actor to get in without leaving a trace. And this adds an extra layer of gravity, because not only do these attacks compromise the contents of the safe, they could also go undetected for long periods of time.”
This practical example makes the software versions much easier to understand

Turkish Journalist Jailed for Terrorism Was Framed, Computer Forensics Report Shows

Turkish investigative journalist Barış Pehlivan spent 19 months in jail, accused of terrorism based on documents found on his work computer.
But when digital forensics experts examined his PC, they discovered that those files were put there by someone who removed the hard drive from the case, copied the documents, and then reinstalled the hard drive.
The attackers also attempted to control the journalist’s machine remotely, trying to infect it using malicious email attachments and thumb drives.
Among the viruses detected in his computer was an extremely rare trojan called Ahtapot, in one of the only times it’s been seen in the wild.
The attackers seemed to pull everything out of their bag of tricks,” Mark Spencer, digital forensics expert at Arsenal Consulting, said.
Pehlivan went to jail in February of 2011, along with six of his colleagues, after electronic evidence seized during a police raid in 2011 appeared to connect all of them to a group accused of terrorism in Turkey.
It is not clear who perpetrated the attack, but the sophistication of the malware used, the tightly-targeted way Ahtapot works, and the timing of Pehlivan’s arrest suggests a highly-coordinated, well-funded attack.
A paper recently published by computer expert Mark Spencer in Digital Forensics Magazine sheds light into the case after several other reports have acknowledged the presence of malware.
Spencer said no other forensics expert noticed the trojan, nor has determined accurately how those documents showed up on the journalist’s computer.
However, almost all the reports have concluded that the incriminating files were planted.
What baffled Spencer the most during the investigation was an unusual malware, one he hasn’t seen before. It was installed on Pehlivan’s computer on the evening of February 11, 2011, a Friday. The police raid took place on the following Monday morning.
Spencer called Gabor Szappanos, principal researcher at Sophos, who has been analyzing computer viruses for over two decades. They worked together to find out what happened.
This malware appeared to be in unfinished beta development. It was a Remote Access Trojan (RAT), a malicious software that allows attackers to control a computer without having physical access.
There are clues to suggest the malware is Turkish in origin, including Turkish words in Ahtapot’s code, yet security experts are almost always uncomfortable talking about attribution.
The Sophos researcher believes this Remote Access Trojan was rushed into use out of desperation, after several attacks failed to deliver expected results. “Looking at the code revealed some mistakes that are typical at the beginning of development processes [of a malware],” the researcher said.
Prior to bringing in Ahtapot trojan, the attackers relied on more common malware. First, they tried to infect Pehlivan’s computer with the Turkojan RAT through a thumb drive. Email attachments were also used.
Spencer said, attackers copied both malware and incriminating documents to Pehlivan’s hard drive the nights of February 9 and 11, to cover their bases in case they won’t be able to control the computer remotely using the malware.
They were smart enough to forge the dates associated with these documents, Spencer said. The key to his investigation was constructing the true timeline of the events.
He suspects the journalist’s PC was attacked locally during those two evenings of February 9 and 11, because previous attempts to remotely infect it with malware failed.
“There were about a dozen different malware samples found. Analyzing them in detail revealed that these were not independent incidents, we could find connection between them,” Szappanos said.
He believes this was an expensive targeted attack, which used malware samples and command and control servers dedicated to this case alone.
Most infosec professionals refrain from saying who the attacker is, as attribution is usually difficult to establish in the cyberworld. “We think it was developed by a Turkish speaking person/people. Internal texts found in the malware samples were all in the Turkish language,” Szappanos said.
Meanwhile in Turkey, Barış Pehlivan is getting ready for his next hearing, scheduled for September 21. He believes the trial could end this year, and hopes to be acquitted.

Feedback:

Round up:

The post iPhishing Expedition | TechSNAP 281 first appeared on Jupiter Broadcasting.

Universal Divide | LINUX Unplugged 151

chris — Tue, 28 Jun 2016 19:27:24 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

We go hands on with Linux Mint 18, then discuss the latest batch of desktop killers & Wimpy’s new rig. Plus what makes Mattermost really great, a new new universal package format, the confusing things Red Hat says & we get to know WireGuard!

Get Paid to Write for DigitalOcean

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

Show Notes:

Follow Up / Catch Up

Mattermost does open source the right way.

Mattermost is doing it the right way: designing and building a beautiful user experience, and backing it up with the awesomeness of open source. Now you can make your users happy, and benefit from the four freedoms… that’s the way to do it.

Sean Fennell / mmsetup · GitLab

This script will take a clean Ubuntu 14.04 server on Digital Ocean and set it up to be used as a Mattermost server. It also takes care of securing the server.

Help lower prices with #ubunut76 tweets! 2 days to get them in! You can get up to $350 off https://t.co/jnDUHaBFse pic.twitter.com/R3CL767ZsX

— System76 (@system76) June 28, 2016

A New Ubuntu Phone Is In Development

Midori is the name of a nimble WebKit-based web browser — but might it also be the codename for a new Ubuntu Phone?

Reader Richard S — and big thanks to you Richard! — pointed us to bug #1551811. This bug mentions the device codename ‘Midori’ with regards to a ‘trust prompt’ issue that causes a reboot on the MX4 and the mystery new handset.

A quick Google shows that the codename ‘Midori’ is in keeping with the codenames of previous Ubuntu devices, as it is, is once again, based on a character from the Dragon Ball franchise

TING

Ting – mobile that makes sense

Next-Generation Secure Network Tunnel Announced For The Linux Kernel

It’s much simpler than anything before it, with peers exchanging short Curve25519 public keys just like in SSH. Secure network interfaces can be added and removed using the usual ‘ip-link’ and ‘ip-address’ tools. From there, everything is easily taken care of by the kernel, and secure tunnels are made quite simple. Not only that, but the performance is in fact better than IPsec, which is quite the accomplishment.”

Disclosure, I’ve reviewed various versions of the kernel code, over the past few months, and it seems sane, but note I am not a kernel networking developer :)

What is subuser?

Docker provides an isolated and consistent environment for your programs to run in. Subuser gives your desktop programs access to the resources they need in order to function normally.

Microsoft Announces Open .NET Core 1.0 at Red Hat Summit

Microsoft announced the moves at, of all places, Red Hat Summit. Why would that happen? One of the motivations in open sourcing .NET and other platform tools is to build bridges between .NET infrastructure tools and Linux

Microsoft: Nearly One In Three Azure Virtual Machines Now Are Running Linux

Russinovich said, Microsoft has gone from one in four of its Azure virtual machines running Linux to nearly one in three. The other two-thirds of Azure customers are running Windows Server in their virtual machines.

DigitalOcean

DigitalOcean: SSD Cloud Server, VPS Server, Simple Cloud Hosting

Linux Mint 18 Cinnamon and MATE Editions Are Now Available for Download

Thanks to one of our regular readers who constantly monitored the development progress of the Linux Mint 18 operating systems, we’ve been informed that the final ISO images are now available for download for both Cinnamon and MATE editions.

New features in Linux Mint 18 Cinnamon

Linux Mint 18 is a long term support release which will be supported until 2021. It comes with updated software and brings refinements and many new features to make your desktop experience more comfortable to use.

ISO Downloads

Linux Academy

Linux Academy | Linux and AWS Online Training

Is The Linux Desktop Dead?

All hail our new overlords the mobile, the portable, and slim. With high-end devices like the NUC redefining what it means to be a desktop computer, and mobiles massive market share, and now the latest crop of “desktop killer” laptops make us question how many of us will be running Linux on a “traditional desktop” in 10 years?

Entroware will soon be announcing a new laptop and I had the privilege of na…

Entroware will soon be announcing a new laptop and I had the privilege of naming her! The Entroware Athena will soon be available for purchase, pre-installed with either Ubuntu 16.04 LTS or Ubuntu MATE 16.04 LTS.

Athena

Athena is available now, with either 15“ or 17″ screen, two Intel i7 CPU options, nvidia 970M or 980M GPU, upto 64GB RAM, 2x M.2, 2x SATA and comes pre-installed with either Ubuntu or Ubuntu MATE

Oryx Pro – System76

System76 on Twitter: “Help lower prices with #ubunut76 tweets!

Support Jupiter Broadcasting on Patreon

The post Universal Divide | LINUX Unplugged 151 first appeared on Jupiter Broadcasting.

A Look Back On Feedback | TechSNAP 251

chris — Thu, 28 Jan 2016 08:02:40 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

Since Allan is off being fancy at FOSDEM, we decided that now would be a good time to celebrate the audience & feature some of the best feedback we’ve had over the years!

Thanks to:

Get Paid to Write for DigitalOcean

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

— Show Notes: —

Episode List

The post A Look Back On Feedback | TechSNAP 251 first appeared on Jupiter Broadcasting.

Lights out Management | TechSNAP 250

chris — Thu, 21 Jan 2016 10:00:10 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

The bizarre saga of Juniper maybe finally be coming to a conclusion, details about SLOTH, the latest SSL vulnerability that also affects IPSec and SSH & the attack on the Ukrainian power grid made possible by malware.

Plus your questions with a special theme, a rockin roundup & much more!

Thanks to:

Get Paid to Write for DigitalOcean

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

— Show Notes: —

Still more questions about Dual_EC in Juniper devices

“Juniper Networks announced late Friday it was removing the suspicious Dual_EC_DRBG random number generator from its ScreenOS operating system”
“The networking giant said it was not only removing Dual_EC, but also the ANSI X9.31 algorithm from ScreenOS starting with an upcoming release sometime in the first half of this year”
Questions still remain as to why it was used in the first place
Also, questions about some strange coding decisions that lead to the ANSI X9.31 algorithm being subtle broken
It is still unclear how the backdoors were added to the code, or by whom
At last week’s Real World Crypto conference a team of crypto experts presented a number of revelations, including the news that Juniper’s use of Dual_EC dates to 2009, perhaps 2008, at least a year after Dan Shumow and Neils Ferguson’s landmark presentation at the CRYPTO conference that first cast suspicion on Dual_EC being backdoored by the NSA. Shumow’s and Ferguson’s work showed that not only was Dual_EC slow compared to other pseudo random number generators, but it also contained a bias
“Stephen Checkoway, assistant professor of computer science at the University of Illinois at Chicago, told Threatpost that he and his colleagues on this investigation looked at dozens of versions of NetScreen and learned that ANSI X9.31 was used exclusively until ScreenOS 6.2 when Juniper added Dual_EC. It also changed the size of the nonce used with ANSI X9.31 from 20 bytes to 32 bytes for Dual_EC, giving an attacker the necessary output to predict the PRNG output”
“And at the same time, Juniper introduced what was just a bizarre bug that caused the ANSI generator to never be used and instead just use the output of Dual_EC. They made all of these changes in the same version update.”
“It’s very bizarre. I’ve never seen anything like that before where gone from something that was working and written in a standard manner to something as strange as this,” he said. It’s that bug that enabled another attacker to replace the Dual_EC constant—thought to belong to the NSA—with their own constant
“The scenario harkens back to the documents leaked by NSA whistleblower Edward Snowden, in particular the NSA’s Project BULLRUN, which explains the NSA’s subversion of Dual_EC and eventually the revelation that RSA Security was allegedly paid $10 million by the NSA to use the algorithm in its products”
The SSH backdoor on the other hand, is clearly malicious
A network diagram

SLOTH, the latest SSL/TLS vunerability, but also affects IPSec and SSH

“If you thought MD5 was banished from HTTPS encryption, you’d be wrong. It turns out the fatally weak cryptographic hash function, along with its only slightly stronger SHA1 cousin, are still widely used in the transport layer security protocol that underpins HTTPS. Now, researchers have devised a series of attacks that exploit the weaknesses to break or degrade key protections provided not only by HTTPS but also other encryption protocols, including Internet Protocol Security and secure shell.”
“The attacks have been dubbed SLOTH—short for security losses from obsolete and truncated transcript hashes. The name is also a not-so-subtle rebuke of the collective laziness of the community that maintains crucial security regimens forming a cornerstone of Internet security. And if the criticism seems harsh, consider this: MD5-based signatures weren’t introduced in TLS until version 1.2, which was released in 2008. That was the same year researchers exploited cryptographic weaknesses in MD5 that allowed them to spoof valid HTTPS certificates for any domain they wanted. Although SHA1 is considerably more resistant to so-called cryptographic collision attacks, it too is considered to be at least theoretically broken. (MD5 signatures were subsequently banned in TLS certificates but not other key aspects of the protocol.)”
“”Notably, we have found a number of unsafe uses of MD5 in various Internet protocols, yielding exploitable chosen-prefix and generic collision attacks,” the researchers wrote in a technical paper scheduled to be discussed Wednesday at the Real World Cryptography Conference 2016 in Stanford, California. “We also found several unsafe uses of SHA1 that will become dangerous when more efficient collision-finding algorithms for SHA1 are discovered.””
“The most practical SLOTH attack breaks what’s known as TLS-based client authentication. Although it’s not widely used, some banks, corporate websites, and other security-conscious organizations rely on it to ensure an end user is authorized to connect to their website or virtual private network. It works largely the same way as TLS server authentication, except that it’s the end user who provides the certificate rather than the server.”
OpenVPN uses this to authenticate clients
“When both the end user and the server support RSA-MD5 signatures for client authentication, SLOTH makes it possible for an adversary to impersonate the end user, as long as the end user first visits and authenticates itself to a site controlled by the attacker. The so-called credential forwarding attack is carried out by sending carefully crafted messages to both the end user and the legitimate server. To impersonate the end user, an attacker must complete some 239 (about 5.75 billion) hash computations, an undertaking that requires about an hour using a powerful computer workstation with 48 cores.”
“The impersonation attack is made possible by the susceptibility of MD5 to collision attacks, in which the two different message inputs generate precisely the same cryptographic hash. Because MD5 is a 128-bit function, cryptographers once expected to find a collision after completing 264 computations (a phenomenon known as the birthday paradox reduces the number of bits of security of a given function by one half). Weaknesses in MD5, however, reduce the requirement to just 215 (or 32,768) for a collision or 239 for more powerful chosen-prefix collisions, in which an attacker can choose different message inputs and add values that result in them having the same hash value. Such an attack would be infeasible if MD5 hadn’t been added to TLS in 2008.”
“SLOTH can also be used to cryptographically impersonate servers, but the requirements are steep. An attacker would first have to make an astronomically large number of connections to a server and then store the results to disk. If the attacker made 2X connections, it would then require making 2(128-X) computations. If the number of connections, for example, was 264, the attack would require 264 computations. The precomputation requirements are high enough to be outside the capability of most attackers, but they remain feasible for government-sponsored adversaries or those with similarly deep pockets.”
“The researchers behind SLOTH have been privately working with developers of vulnerable software to come up with a fix. A partial list of protocols that were identified as vulnerable included TLS versions 1.1, 1.2, and 1.3; IKE versions 1 and 2; and SSH version 2. Vulnerable software included various versions of OpenSSL, NSS, Oracle Java, BouncyCastle Java, and PolarSSL/mbedTLS”
The researchers cited this Internet scan indicating 32 percent of TLS servers supported RSA-MD5 signatures.

Attack on Ukrainian power grid, made possible by malware

“The attackers demonstrated planning, coordination, and the ability to use malware and possible direct remote access to blind system dispatchers, cause undesirable state changes to the distribution electricity infrastructure, and attempt to delay the restoration by wiping SCADA servers after they caused the outage. This attack consisted of at least three components: the malware, a denial of service to the phone systems, and the missing piece of evidence of the final cause of the impact. Current evidence and analysis indicates that the missing component was direct interaction from the adversary and not the work of malware. Or in other words, the attack was enabled via malware but consisted of at least three distinct efforts.”
“The cyber attack was comprised of multiple elements which included denial of view to system dispatchers and attempts to deny customer calls that would have reported the power out. We assess with high confidence that there were coordinated attacks against multiple regional distribution power companies. Some of these companies have been reported by media to include specifically named utilities such as Prykarpattyaoblenergo and Kyivoblenergo. The exact timeline for which utilities were affected and their ordering is still unclear and is currently being analyzed. What we do know is that Kyivoblenergo provided public updates to customers, shown below, indicating there was an unauthorized intrusion (from 15:30 — 16:30L) that disconnected 7 substations (110 kV) and 23 (35 kV) substations leading to an outage for 80,000 customers.”
It appears that malware on workstations at the power companies allowed the attackers to gain a foothold in the network and start moving around laterally
They also used this foothold to deny the operators of the power distribution system a correct view of what was happening.
Combined with a denial of service attack against the phone system, the operators were left unaware that a large number of substations had been shut down
The attacks also used the malware to interfere with efforts to regain control of the computers and SCADA systems that control the power grid
From what has been reported, here is the information to date that we are confident took place. The exact timing of the events is still being pieced together.
The adversary initiated an intrusion into production SCADA systems
Infected workstations and servers
Acted to “blind” the dispatchers
Acted to damage the SCADA system hosts (servers and workstations)
Action would have delayed restoration and introduce risk, especially if the SCADA system was essential to coordinate actions
Action can also make forensics more difficult
Flooded the call centers to deny customers calling to report power out
Because of the way the SCADA systems work, it is almost a certainty that the attacks purposefully opened the breakers to turn off the power, as opposed to it just being a side effect of the malware
Luckily, the Ukrainian power grid does not rely heavily on SCADA, using it mostly as a convenience. Other more automated power grids would not have been able to restore power as quickly
“We are very interested in helping power utilities learn as much as they can from this real world incident. We would also note the competent action by Ukrainian utility personnel in responding to the attack and restoring their power system. As a community the power industry is dedicated to keeping the lights on. What is now true is that a coordinated cyber attack consisting of multiple elements is one of the expected hazards they may face. We need to learn and prepare ourselves to detect, respond, and restore from such events in the future.”
Squirrels attacking the power grid

Feedback:

Round Up:

The post Lights out Management | TechSNAP 250 first appeared on Jupiter Broadcasting.

Time for a Change | BSD Now 76

chris — Thu, 12 Feb 2015 13:30:49 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

This week, we’ll be talking to Henning Brauer about OpenNTPD and its recently revived portable version. After that, we’ll be discussing different ways to securely tunnel your traffic: specifically OpenVPN, IPSEC, SSH and Tor. All that and the latest news, coming up on BSD Now – the place to B.. SD.

Thanks to:

Get Paid to Write for DigitalOcean

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

Strange timer bug in FreeBSD 11

Peter Wemm wrote in to the FreeBSD -CURRENT mailing list with an interesting observation
Running the latest development code in the infrastructure, the clock would stop keeping time after 24 days of uptime
This meant things like cron and sleep would break, TCP/IP wouldn’t time out or resend packets, a lot of things would break
A workaround until it was fixed was to reboot every 24 days, but this is BSD we’re talking about – uptime is our game
An initial proposal was adding a CFLAG to the build options which makes signed arithmetic wrap
Peter disagreed and gave some background, offering a different patch to fix the issue and detect it early if it happens again
Ultimately, the problem was traced back to an issue with the recent clang 3.5 import
It only affected -CURRENT, not -RELEASE or -STABLE, but was definitely a bizarre bug to track down

An OpenBSD mail server

There’s been a recent influx of blog posts about building a BSD mail server for some reason
In this fancy series of posts, the author sets up OpenSMTPD in its native OpenBSD home, whereas previous posts have been aimed at FreeBSD and Linux
In addition to the usual steps, this one also covers DKIMproxy, ClamAV for scanning attachments, Dovecot for IMAP and also multiple choices of spam filtering: spamd or SpamAssassin
It also shows you how to set up Roundcube for building a web interface, using the new in-base httpd
That means this is more of a “complete solution” – right down to what the end users see
The series is split up into categories so it’s very easy to follow along step-by-step

How DragonFlyBSD uses git

DragonFlyBSD, along with PCBSD and EdgeBSD, uses git as its version control system for the system source code
In a series of posts, Matthew Dillon (the project lead) details their internal setup
They’re using vanilla git over ssh, with the developers’ accounts set to git-only (no shell access)
The maintainers of the server are the only ones with shell access available
He also details how a cron job syncs from the master to a public box that anyone can check out code from
It would be interesting to hear about how other BSD projects manage their master source repository

Why not try PCBSD?

ITwire, another more mainstream tech site, published a recent article about switching to PCBSD
They interview a guy named Kris that we’ve never heard of before
In the article, they touch on how easy it can potentially be for Linux users looking to switch over to the BSD side – lots of applications are exactly the same
“With the growing adoption of systemd, dissatisfaction with Linux has reached proportions not seen in recent years, to the extent that people have started talking of switching to FreeBSD.”
If you have some friends who complain to you about systemd all the time, this might be a good article to show them

Interview – Henning Brauer – henning@openbsd.org / @henningbrauer

OpenNTPD and its portable variant

News Roundup

Authenticated time in OpenNTPD

We recorded that interview with Henning just a few days ago, and it looks like part of it may be outdated already
While at the hackathon, some developers came up with an alternate way to get authenticated NTP responses
You can now add an HTTPS URL to your ntpd.conf in addition to the time server pool
OpenNTPD will query it (over TLS, with CA verification) and look at the date sent in the HTTPS header
It’s not intended to be a direct time source, just a constraint to keep things within reason
If you receive regular NTP packets that are way off from the TLS packet, those will be discarded and the server(s) marked as invalid
Henning and Theo also weigh in to give some of the backstory on the idea
Lots more detail can be found in Reyk’s email explaining the new feature (and it’s optional of course)

NetBSD at Open Source Conference 2015 Oita and Hamanako

It’s been a while since we’ve featured one of these trip reports, but the Japanese NetBSD users group is still doing them
This time the conferences were in Oita and Hamanako, Japan
Machines running NetBSD included the CubieBoard2 Allwinner A20, Raspberry Pi and Banana Pi, Sharp NetWalker and a couple Zaurus devices
As always, they took lots of pictures from the event of NetBSD on all these weird machines

Poudriere in a jail

A common question we get about our poudriere tutorial is “how do I run it in a jail?” – this blog post is about exactly that
It takes you through the networking setup, zpool setup, nginx setup, making the jail and finally poking the right holes in the jail to allow poudriere to work its magic

Bruteblock, another way to stop bruteforce

We’ve mentioned a few different ways to stop ssh bruteforce attempts in the past: fail2ban, denyhosts, or even just with pf’s built-in rate limiting
Bruteblock is a similar tool, but it’s not just for ssh logins – it can do a number of other services
It can also work directly with IPFW, which is a plus if you’re using that as your firewall
Add a few lines to your syslog.conf and bruteblock will get executed automatically
The rest of the article takes you through the different settings you can configure for blocking

New iwm(4) driver and cross-polination

The OpenBSD guys recently imported a new “iwm” driver for newer Intel 7260 wireless cards (commonly found in Thinkpads)
NetBSD wasted no time in porting it over, giving a bit of interesting backstory
According to Antti Kantee, “it was created for OpenBSD by writing and porting a NetBSD driver which was developed in a rump kernel in Linux userspace”
Both projects would appreciate further testing if you have the hardware and can provide useful bug reports
Maybe FreeBSD and DragonFly will port it over too, or come up with something that’s partially based on the code

PC-BSD current images

The first of our PC-BSD -CURRENT images should be available this weekend
This image will be tagged 11.0-CURRENTFEB2015, with planned monthly updates
For the more adventurous this will allow testing both FreeBSD and PC-BSD bleeding edge

Feedback/Questions

Mailing List Gold

Discussion

Comparison of ways to securely tunnel your traffic

OpenVPN, OpenBSD IKED, FreeBSD IPSEC, OpenSSH, Tor

Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
Right on time for this episode, the ISC NTPd team announced more security problems just a few days ago

The post Time for a Change | BSD Now 76 first appeared on Jupiter Broadcasting.

Xen Gets bashed | TechSNAP 182

chris — Thu, 02 Oct 2014 21:05:42 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

Recent major flaws found in in critical open source software have sent the Internet into a panic. From Shellshock to Xen we’ll discuss how these vulnerabilities can be chained together to own a box.

Plus how secure are VLANs, a big batch of your questions, our answers, and much much more!

Thanks to:

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

— Show Notes: —

Bash plus Xen bug send the entire internet scrambling

A critical flaw was discovered in the bash shell, used as the default system shell in most versions of linux, as well as OS X.
The flaw was with the parsing of environment variables. If a new variable was set to contain a function, if that function was followed by a semi-colon (normally a separator that can be used to chain multiple commands together), the code after the semicolon would be be executed when the shell started
Many people are not aware, that CGI scripts pass the original request data, as well as all HTTP headers to the scripts via environment variables
After those using bash CGI scripts ran around with chickens with their heads cut off, others came to realize that even if the CGI scripts are actually perl or something else, if they happen to fork a shell with the system() call, or similar, to do something, that shell will inherit those environment variables, and be vulnerable
As more people spent brain cycles thinking of creative ways to exploit this bug, it was realized that even qmail was vulnerable in some cases, if a user has a .qmail file or similar to forward their email via a pipe, that command is executed via the system shell, with environment variables containing the email headers, including from, to, subject etc
While FreeBSD does not ship with bash by default, it is a common dependency of most of the desktop environments, including gnome and KDE. PCBSD also makes bash available to users, to make life easier to linux switchers. FreeNAS uses bash for its interactive web shell for the same reason. While not vulnerable in most cases, all have been updated to ensure that some new creative way to exploit the bug does not crop up
Apparently the DHCP client in Mac OS X also uses bash, and a malicious DHCP server could exploit the flaw
The flaw also affects a number of VMWare products
OpenVPN and many other software packages have also been found to be vulnerable
The version of bash on your system can be tested easily with this one-liner:
env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”
Which will print “this is a test”, and if bash has not yet been patched, will first print ‘vulnerable’
ArsTechnica: Bug in bash shell creates big security hole on anything with linux in it
Concern over bash bug grows as it is actively exploited in the wild
First bash patch doesn’t solve problem, second patch rushed out to resolve issue
Now that people are looking, even more bugs in bash found and fixed
Shellshock fixes result in another round of patches as attacks get more clever
Apple releases patch for shellshock bug
There were also a critical update to NSS (the Mozilla cryptographic library, which was not properly validating SSL certificates)
The other big patch this week was for Xen
It was announced by a number of public cloud providers, including Amazon and Rackspace, that some virtual server host machines would need to be rebooted to install security fixes, resulting in downtime for 10% of Amazon instances
It is not clear why this could not be resolved by live migrations
All versions of Xen since 4.1 until this patch are vulnerable. The flaw is only exploitable when running fully virtualized guests (HVM mode, uses the processor virtualization features), and can not be exploited by virtual machines running in the older paravirtualization mode. Xen on ARM is not affected
Xen Security Advisory
Amazon Blog Post #1
Amazon Blog Post #2
Rackspace Blog Post
Additional Coverage: eweek

Cox Communications takes the privacy of its customers seriously, kind of

A female employee of Cox Communications (a large US ISP) was socially engineered into giving up her username and password
These credentials were then used to access the private data of Cox Customers
The attacker apparently only stole data about 52 customers, one of which was Brian Krebs
This makes it sound like a targeted attack, or at least an attacker by someone who is (or is not) a fan of Brian Krebs
It appears that the Cox internal customer database can be accessed directly from the internet, with only a username and password
Cox says they use two factor authentication “in some cases”, and plan to expand the use of 2FA in the wake of this breach
Cox being able to quickly determine exactly how many customers’ data was compromised suggests they atleast have some form of auditing in place, to leave a trail describing what data was accessed
Brian points out: “This sad state of affairs is likely the same across multiple companies that claim to be protecting your personal and financial data. In my opinion, any company — particularly one in the ISP business — that isn’t using more than a username and a password to protect their customers’ personal information should be publicly shamed.” “Unfortunately, most companies will not proactively take steps to safeguard this information until they are forced to do so — usually in response to a data breach. Barring any pressure from Congress to find proactive ways to avoid breaches like this one, companies will continue to guarantee the security and privacy of their customers’ records, one breach at a time.”

Other researches recreate the BadUSB exploit and release the code on Github

The “BadUSB” research was originally done by Karsten Nohl and Jakob Lell, at SR Labs in Germany.
Presented at BlackHat, it described being able to reprogram the firmware of USB devices to perform other functions, such as a USB memory stick that presented itself to the computer as a keyboard, and typed out commands once plugged in, allowing it to compromise the computer and exfiltrate data
Brandon Wilson and Adam Caudill were doing their own work in this space, and when they heard about the talk at BlackHat, decided to accelerate their own work
They have now posted their code on Github
“The problem is that Nohl and Lell—and Caudill and Wilson—have not exploited vulnerabilities in USB. They’re just taking advantage of weaknesses in the manner in which USBs are supposed to behave“
“At Derby Con, they were able to demonstrate their attack with the device pretending to be a keyboard that typed out a predetermined script once it was plugged into the host computer. They also showed another demo where they had a hidden partition on a flash drive that was not detected by the host PC“
“It’s undetectable while it’s happening,” Wilson said. “The PC has no way of determining the difference. The way a PC determines the type of device all happens through the USB and code on the other device. Our ability to control that code means you cannot trust anything a USB device tells you.”
The way around this issue would be for device manufacturers to implement code signing
The existing firmware would only allow the firmware to be updated if the new firmware was signed by the manufacturer, preventing a malicious users from overwriting the good firmware with ‘bad’ firmware
However, users could obviously create their own devices specifically for the purpose of the evil firmware, but it would prevent the case where an attack modifies your device to work against you
At the same time, many users might argue against losing control over their device, and no longer being able to update the firmware if they wish
The real solution may be for Operating Systems and users to evolve to no longer trust random USB devices, and instead allow the user to decide if they trust the device, possibly something similar to mobile apps, where the OS tells the user what functionality the device is trying to present
You might choose to not trust that USB memstick that is also attempting to present a network adapter, in order to override your DHCP settings and make your system use a set of rogue DNS servers

Feedback:

Round Up:

The post Xen Gets bashed | TechSNAP 182 first appeared on Jupiter Broadcasting.

VPN, My Dear Watson | BSD Now 50

chris — Thu, 14 Aug 2014 10:47:27 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

It’s our 50th episode, and we’re going to show you how to protect your internet traffic with a BSD-based VPN. We’ll also be talking to Robert Watson, of the FreeBSD core team, about security research, exploit mitigation and a whole lot more. The latest news and answers to all of your emails, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

MeetBSD 2014 is approaching

The MeetBSD conference is coming up, and will be held on November 1st and 2nd in San Jose, California
MeetBSD has an “unconference” format, which means there will be both planned talks and community events
All the extra details will be on their site soon
It also has hotels and various other bits of useful information – hopefully with more info on the talks to come
Of course, EuroBSDCon is coming up before then

First experiences with OpenBSD

A new blog post that leads off with “tired of the sluggishness of Windows on my laptop and interested in experimenting with a Unix-like that I haven’t tried before”
The author read the famous “BSD for Linux users” series (that most of us have surely seen) and decided to give BSD a try
He details his different OS and distro history, concluding with how he “eventually became annoyed at the poor quality of Linux userland software”
From there, it talks about how he used the OpenBSD USB image and got a fully-working system
He especially liked the simplicity of OpenBSD’s “hostname.if” system for network configuration
Finally, he gets Xorg working and imports all his usual configuration files – seems to be a happy new user!

NetBSD rump kernels on bare metal (and Kansai OSC report)

When you’re developing a new OS or a very specialized custom solution, working drivers become one of the hardest things to get right
However, NetBSD’s rump kernels – a very unique concept – make this process a lot easier
This blog post talks about the process of starting with just a rump kernel and expanding into an internet-ready system in just a week
Also have a look back at episode 8 for our interview about rump kernels and what exactly they do
While on the topic of NetBSD, there were also a couple of very detailed reports (with lots of pictures!) of the various NetBSD-themed booths at the 2014 Kansai Open Source Conference that we wanted to highlight

OpenSSL and LibreSSL updates

OpenSSL pushed out a few new versions, fixing multiple vulnerabilities (nine to be precise!)
Security concerns include leaking memory, possible denial of service, crashing clients, memory exhaustion, TLS downgrades and more
LibreSSL released a new version to address most of the vulnerabilities, but wasn’t affected by some of them
Whichever version of whatever SSL you use, make sure it’s patched for these issues
DragonFly and OpenBSD are patched as of the time of this recording but, even after a week, FreeBSD (outside of -CURRENT) and NetBSD are not

Interview – Robert Watson – rwatson@freebsd.org

FreeBSD architecture, security research techniques, exploit mitigation

Tutorial

Protecting traffic with a BSD-based VPN

News Roundup

A FreeBSD-based CGit server

If you use git (like a certain host of this show) then you’ve probably considered setting up your own server
This article takes you through the process of setting up a jailed git server, complete with a fancy web frontend
It even shows you how to set up multiple repos with key-based user separation and other cool things
The author of the post is also a listener of the show, thanks for sending it in!

Backup devices for small businesses

In this article, different methods of data storage and backup are compared
After weighing the various options, the author comes to an obvious conclusion: FreeNAS is the answer
He praises FreeNAS and the FreeNAS Mini for their tight integration, rock solid FreeBSD base and the great ZFS featureset that it offers
It also goes over some of the hardware specifics in the FreeNAS Mini

A new Xenocara interview

As a follow up to last week’s OpenSMTPD interview, this Russian blog interviews Matthieu Herrb about Xenocara
If you’re not familiar with Xenocara, it’s OpenBSD’s version of Xorg with some custom patches
In this interview, he discusses how large and complex the upstream X11 development is, how different components are worked on by different people, how they test code (including a new framework) and security auditing
Matthieu is both a developer of upstream Xorg and an OpenBSD developer, so it’s natural for him to do a lot of the maintainership work there

Building a high performance FreeBSD samba server

If you’ve got to PXE boot several hundred Windows boxes to upgrade from XP to 7, what’s the best solution?
FreeBSD, ZFS and Samba obviously!
The master image and related files clock in at over 20GB, and will be accessed at the same time by all of those clients
This article documents that process, highlighting some specific configuration tweaks to maximize performance (including NIC bonding)
It doesn’t even require the newest or best hardware with the right changes, pretty cool

Feedback/Questions

All the tutorials are posted in their entirety at bsdnow.tv
We want to give a special thanks to our viewer Adam (aka bsdx) for writing most of today’s OpenVPN tutorial
Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post VPN, My Dear Watson | BSD Now 50 first appeared on Jupiter Broadcasting.

9 Days to Patch | TechSNAP 172

chris — Thu, 24 Jul 2014 18:23:38 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

A comprehensive study shows that you’re probably taking way too long to patch your box.

Plus research on possible iOS backdoors, TOR’s nasty bug, your questions, our answers, and much much more!

Thanks to:

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

— Show Notes: —

Qualys releases “The Laws of Vulnerabilities 2.0”

Qualys, known for the SSL Labs site where you can test the encryption capabilities of your browser and web server, has released the new version of their “laws”
Qualys sells an “on demand vulnerability management solution” which does continuous perimeter monitoring of a network and scans servers for vulnerable versions of software and services
Using the data they have collected they did statistical analysis and came up with some basic laws that cover the “vulnerability half-life, prevalence, persistence and exploitation trends for five critical industry segments including Finance, Healthcare, Retail, Manufacturing and Services.”
The average system remains vulnerable for 30 days. Service sector usually patched within 21 days, whereas Manufacturing usually took 51 days
The most popular vulnerabilities are regularly replaced, leaving some systems almost continuously vulnerable
“the lifespan of most, if not all vulnerabilities is unlimited and a large percentage of vulnerabilities are never fully fixed.”
“Eighty percent of vulnerability exploits are now available within single digit days after the vulnerabilities public release. In 2008, Qualys Labs logged 56 vulnerabilities with zero-day exploits, including the RPC vulnerability that produced Conficker. In 2009, the first vulnerability released by Microsoft, MS09-001 had an exploit available within seven days. Microsoft’s April Patch Tuesday included known exploits for over 47 percent of the published vulnerabilities. This law had the most drastic change from the Laws 1.0 in 2004, which provided a comfortable 60 days as guidance”
Compared to in the past, installing updates in a timely fashion is even more important. The old 60 day window is gone

Payment Card Data Theft: Tips For Small Business

An article at DarkReading.com by Chris Nutt, Director of Incident Response and Malware at Mandiant, on steps small businesses can take to avoid being the next credit card breach
Things to consider when processing credit cards via a computer:
Does the company browse the Internet or read email on the computer used for credit card processing?
Is unencrypted card data transmitted through any exposed cables or over the internal network?
Is the card-processing software configured correctly and up-to-date?
Has the computer’s operating system up to date? has it been hardened?
Is the computer running antivirus and is it up-to-date?
Does the company outsource IT management and is there a remote management port open to the Internet?
Small business often have an advantage in this area, it is easier to upgrade software when there is only a single system involved, not a complex back office system with multiple servers
Some Recommendations
- Use a dedicated LAN (or VLAN) or use a cellular connection instead of running the payment system on the same LAN or WiFi that is used for regular business and/or used by customers
“Do not maintain a Payment Card Industry (PCI) environment or maintain the smallest PCI environment possible”
- Instead, use a PCI compliant reader like Stripe or Square, data should be encrypted and sent directly to the payment processor, never stored on a device
- Never store credit card details, a service like Stripe will give you a unique token that can be used for rebilling, refunds etc, without requiring you store the original card details
- “Do not outsource the maintenance of POS devices to a company that will directly access remote management ports over the Internet.”
- “Protect the physical security of all systems that store, process, or transmit cardholder information. All security is lost if an attacker can alter or replace your equipment”
- “Do not allow systems in you PCI environment to connect to the Internet, aside from the connections required to process card transactions or patch the system”
- “Do not allow systems in your PCI environment to connect to any systems on your network that are not necessary for processing card transactions or patching”
Some possibly bad advice from the article: Use a mobile device or a tablet, they are more secure than a desktop
Where possible, offload the processing to a provider, it might be slightly more expensive, but it moves most of the risk to the provider, rather than you

Government Accountability Office report shows shortcomings in incident response procedures

GAO Report: Agencies Need to Improve Cyber Incident Response Practices
“Based on a statistical sample of cyber incidents reported in fiscal year 2012, GAO projects that these agencies did not completely document actions taken in response to detected incidents in about 65 percent of cases”
“For example, agencies identified the scope of an incident in the majority of cases, but frequently did not demonstrate that they had determined the impact of an incident. In addition, agencies did not consistently demonstrate how they had handled other key activities, such as whether preventive actions to prevent the reoccurrence of an incident were taken.”
“agencies had recorded actions to halt the spread of, or otherwise limit, the damage caused by an incident in about 75 percent of incidents government-wide. However, agencies did not demonstrate such actions for about 25 percent of incidents government-wide.”
“for about 77 percent of incidents government-wide, the agencies had identified and eliminated the remaining elements of the incident. However, agencies did not demonstrate that they had effectively eradicated incidents in about 23 percent of incidents”
“agencies returned their systems to an operationally ready state for about 81 percent of incidents government-wide. However, they had not consistently documented remedial actions on whether they had taken steps to prevent an incident from reoccurring. Specifically, agencies did not demonstrate that they had acted to prevent an incident from reoccurring in about 49 percent of incidents government-wide.”
“In another incident, an agency received a report from US-CERT indicating that login credentials at two of the agency’s components may have been compromised. When contacting the impacted components, agency incident handlers mistyped the potentially compromised credentials for one component and did not respond to an e-mail from the component requesting clarification, and failed to follow up with the second component when it did not respond to the initial alert. Despite these errors, the incident handlers closed the incident without taking further action.”
“In a malware incident, sensors on an agency’s network recorded an agency computer contacting an external domain known to host malicious files, and downloading a suspicious file. Incident handlers closed the ticket without recording any actions taken to contain or otherwise remediate the potential malware infection”
The GAO used NIST Special Publication 800-61: Computer Security Incident Handling Guide as a reference
FireEye, makes of an enterprise security real-time threat protection platform, had some reactions to these findings:
“Anything less than 100% containment is essentially 0% containment”. “If a government agency fails to completely contain an intrusion, any gaps leave the adversary freedom of maneuver. He can exploit the containment failure to proliferate to other systems and remain in control of an organization’s systems.“
“If an adversary retains access to even one system, he can rebuild his position and retake control of the victim”
“If a victim fails to make the environment tougher for the adversary, the intruder will likely return using the same techniques that he utilized to first gain access.” Victims need to learn from intrusions and implement remediation
It is not clear from the report, but if a machine is compromised, it should be reformatted, rather than merely ‘cleaned’. In light of recent reports about persistent malware, the BIOS should also be flashed before the fresh OS is reinstalled.

Feedback:

Round Up:

The post 9 Days to Patch | TechSNAP 172 first appeared on Jupiter Broadcasting.

Cryptocrystalline | BSD Now 16

chris — Fri, 20 Dec 2013 10:53:55 +0000

We\’ll be showing you how to do a fully-encrypted installation of FreeBSD and OpenBSD. We also have an interview with Damien Miller – one of the lead developers of OpenSSH – about some recent crypto changes in the project. If you\’re into data security, today\’s the show for you. The latest news and all your burning questions answered, right here on BSD Now – the place to B.. SD.

Thanks to:

iXsystems: This is what 80 cores and 1TB of RAM looks like!

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

Secure communications with OpenBSD and OpenVPN

Starting off today\’s theme of encryption…
A new blog series about combining OpenBSD and OpenVPN to secure your internet traffic
Part 1 covers installing OpenBSD with full disk encryption (which we\’ll be doing later on in the show)
Part 2 covers the initial setup of OpenVPN certificates and keys
Parts 3 and 4 are the OpenVPN server and client configuration
Part 5 is some updates and closing remarks

FreeBSD Foundation Newsletter

The December 2013 semi-annual newsletter was sent out from the foundation
In the newsletter you will find the president\’s letter, articles on the current development projects they sponsor and reports from all the conferences and summits they sponsored
The president\’s letter alone is worth the read, really amazing
Really long, with lots of details and stories from the conferences and projects

Use of NetBSD with Marvell Kirkwood Processors

Article that gives a brief history of NetBSD and how to use it on an IP-Plug computer
The IP-Plug is a \”multi-functional mini-server was developed by Promwad engineers by the order of AK-Systems. It is designed for solving a wide range of tasks in IP networks and can perform the functions of a computer or a server. The IP-Plug is powered from a 220V network and has low power consumption, as well as a small size (which can be compared to the size of a mobile phone charger).\”
Really cool little NetBSD ARM project with lots of graphs, pictures and details

Experimenting with zero-copy network IO

Long blog post from Adrian Chad about zero-copy network IO on FreeBSD
Discusses the different OS\’ implementations and options
He\’s able to get 35 gbit/sec out of 70,000 active TCP sockets, but isn\’t stopping there
Tons of details, check the full post

Interview – Damien Miller – djm@openbsd.org / @damienmiller

Cryptography in OpenBSD and OpenSSH

Full disk encryption in FreeBSD & OpenBSD

Shows how to install both FreeBSD and OpenBSD with full disk encryption
We\’ll be using geli and bioctl and doing it step by step

News Roundup

OpenZFS office hours

Our buddy George Wilson sat down to take some ZFS questions from the community
You can see more info about it here

License summaries in pkgng

A discussion between Justin Sherill and some NYCBUG guys about license frameworks in pkgng
Similar to pkgsrc\’s \”ACCEPTABLE_LICENSES\” setting, pkgng could let the user decide which software licenses he wants to allow
Maybe we could get a \”pkg licenses\” command to display the license of all installed packages
Ok bapt, do it

The post Cryptocrystalline | BSD Now 16 first appeared on Jupiter Broadcasting.

Who Watches the Monitors | TechSNAP 117

chris — Thu, 04 Jul 2013 18:46:14 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

Extending your office LAN for remote office workers, monitoring the monitoring service, and Zynga\’s embarrassing Apache error.

Plus a HUGE batch of your questions, our answers, and much much more!

Thanks to:

GoDaddy.com

Use our code tech249 to score .COM for $2.49!

Get private registration FOR FREE with a .COM! code: free5

Ting.com

Visit techsnap.ting.com to save $25 off your device or service credits.

Direct Download:

RSS Feeds:

Show Notes:

Monitoring the Monitors

An interesting short article from USENIX that raises the question of how do you monitor your monitoring system?
The article breaks the monitor monitoring systems down based on their features:
Automated vs. manual execution
Automated vs. manual response
Destructive vs. non-destructive response
Monitoring vs. monitoring of notification services
For example, a “dead-man switch” is an example of an automated execution (releasing the trigger happens automatically), automatic response (no other action is required to cause the response) and is generally destructive
Another complication of monitoring systems is how do you monitor the notification service?
If the sysadmin gets notified that a service is down via text message, how do you ensure they actually got the text message?
One solution mentioned in the article is sending a text message to the on-duty admin at the start of each ‘shift’. If they do not get this message, they know something is wrong and investigate
A better solution to this may be a similar alert that they must acknowledge it, possible before the off-going sysadmin is allowed to leave
It is quite possible to ‘miss’ an event, especially when it becomes routine. If you get a text message every morning at 9am, would you notice if you didn’t get it one day?
Instead, what if the text message contained a URL you had to visit in order to acknowledge the message, else the alert would repeat and eventually escalate

A Secure Processor Architecture

A system designed to prevent someone with access to a system from determining what other operations are happening on that system
Seems relevant to our previous discussion about how from inside one VM you could collect enough data to disclose the private encryption keys of another VM running on the same physical hardware
The described system, ‘Ascend’ features ‘Obfuscated Instruction Execution’ and ‘Oblivious RAM’

Zynga directs support inquiries to a random stranger

When Zynga users were confronted with an HTTP Error 500 page from the fb.themepark.zynga.com server, it told them to email someone @themepark.com which they did not actually own
It appears Zynga uses Apache as their web server (no wonder they were throwing 500 errors under load), and had misconfigured the ‘ServerAdmin’ directive, so the error pages contained this incorrect email address
The unfortunate recipient of emails from many whiny facebook gamers complained to Zynga, but got no response
So he decided to have some fun with it, and wrote back responses trolling the users
“I know that For Canada Day, the engineering department wraps the .ca servers in Canadian flags, and then sets a plate of poutine on top. This sometimes can cause the server to overheat, and sometimes even get gravy into the login/logout module.”

Feedback:

[asa]B008U5ZNIG[/asa]

Michael asks about setting up a VPN for remote office workers
Requires the pfSense ‘tap fix’, install it from the pfSense packages menu
OpenVPN Bridge Mode How-To for pfSense
Virtual Box / VmWare images
How do you direct pfsense to direct packets sent to the gateway back to the local subnet?
pfSense Performance Issue Followups
Router DNS Caching?
What is some advice you can give people starting out as a contractor or service provider?
What is your backup?
Secure lan messaging server
First FreeBSD Desktop Questions
Follow up on FreeBSD Media Server

Roundup:

The post Who Watches the Monitors | TechSNAP 117 first appeared on Jupiter Broadcasting.

Not So Secret Answers | TechSNAP 70

chris — Thu, 09 Aug 2012 16:02:55 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

A Gawker Reporter’s entire online presence is hacked, and all his devices wiped. We’ll walk you through the details of this attack, and why it suggests we might be facing some fundamental challenges.

Plus: Your questions, our answers, and so much more.

On this week’s TechSNAP!

Thanks to:

GoDaddy.com

Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

SPECIAL OFFER! Save 20% off your order!
Code: go20off5

Pick your code and save:
techsnap7: $7.49 .com
techsnap10: 10% off
techsnap11: $1.99 hosting for the first 3 months
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans
techsnapx: 20% off .xxx domains

Direct Download:

RSS Feeds:

Support the Show:

Purchase anything at Amazon.com
Purchase anything at Think Geek using this link
Purchase anything at Newegg using this link
Contribute directly on our donation page or check out our advertising options and reach millions of amazing people!
Grab our Chrome Extension and auto-tag your shopping session for us!

Fill out my Wufoo form!

Show Notes:

Gawker Reporter gets entire online presense hacked

Gawker Reporter and formed Wired editor Mat Honan had his entire digital life destroyed in a matter of minutes last week
A hacker going by the pseudonym Phobia, originally targeted Mat’s twitter account because of its 3 character username
The @mat twitter account linked to Mat’s personal website, which listed his gmail address
The attacker then started the password recovery process to reset the password of the gmail account
Since the gmail account had not been configured for two-factor authentication, the reset option was to send a new password to the alternate account configured in gmail
The address of this account is obscured and displayed so you know which email to go check, but when the alternate address for mhonan@gmail.com is displayed as m*****n@me.com it is pretty easy to guess the email address
Now, in order to reset the password of the AppleID, the attackers would normally need the answers to the account’s “Secret Questions”, however, there is a fallback method, when these cannot be provided by the customer
Apple only requires that you provide the billing address and last for digits of the credit card on file for the account
The billing address is fairly easy to come by (phone book, domain whois, people search, blog posts, etc), but the last four digits of the credit card number are less so
Since the hacker knew the victims email address, the next target of the attack was Amazon.com
The attacker had an associate call Amazon and claim to be the victim, wanting to add a new credit card to the account. This process only requires knowing the account holders name, billing address, and the new credit card (Adding a new credit card to your account does not seem like a high security operation, and it would seem to make sense for companies to make this process as easy as possible)
The trick is, you then call Amazon back, and now you are able to provide the account holders name, billing address, and current credit card number. With this information to verify your identity, you are able to change the email address on the account, to one that you control
Now that you control the Amazon account, you simply login, and look at the other cards on file, you don’t get to see the entire credit card number, but the first and last 4 digits are displayed, so that customers can identify which card is which
With that information in hand, it now time to call AppleCare, and reset the password on the AppleID, gaining you access to the iCloud account and @me.com email address of your victim
Next you can reset the password of the gmail account, and then once you control that, reset the password of the twitter account
Now, if you want to prevent your victim from interfering with your actions, you need to disable their ability to fight back. This is where iCloud’s ‘Find My’ service comes into play
The attacker used the service to initiate a remote wipe of the victim’s iPhone, iPad and MacBook, as part of this process, the devices are also locked with a PIN code, which only the attacker has
The next step was to delete the gmail account, so it couldn’t be used to regain control of the twitter account. Normally you are able to undelete a gmail account, however it requires external verification, in this case via a text message to the cell phone tied to the gmail account, which the victim had not yet regained control of
All of this points out that the serious weak link in most all security systems, are the people, and the ways around the security systems we put in place, for when people forget their passwords
As we have seen in other cases like this, with some basic personal information that is pretty easy to acquire, and attacker could have transferred the phone service from the victim’s cell phone to another device in order to intercept verification text messages from services such as gmail or the victim’s online banking
Mat Honan admits that a number of the security problems that made this attack possible were his own fault, not having recent backups of his devices, not using two-factor authentication for gmail and other services and having only a 7 character password for his AppleID (although this didn’t factor into this attack as originally believed, it is still a security failure)
Wired did its own tests using the methodology that the attacker claimed to have used, and was able to completely compromise two other Wired employees
Apple and Amazon have both since stopped doing password resets over the phone

Secret Questions Don’t Work

The problem with Secret Questions is that in order for a question to be general enough that it will apply to most people and static enough that the answer won’t change by time you need to use the questions to recover your password, the answers end up being very generic and can usually be found with a bit of research
You also have to consider who may be attacking your secret questions, if the question is “What was the name of your first Teacher”, what if the attacker is someone you went to school with?
Another problem is how strictly the answers are verified, a common security question when calling your credit card company is your mother’s maiden name. In a great deal of cases, if you just mumble something this will be accepted and you will be able to make changes to the account
A good security question must maximize these four criteria:
Definitive: there should only be one correct answer which does not change over time.
Applicable: the question should be possible to answer for as large a portion of users as possible (ideally, universal).
Memorable: the user should have little difficulty remembering it
Safe: it should be difficult to guess or find through research
Feedback: Send in your ideas for good secret questions, and we’ll critique some of the suggestions next week
Bruce Schneier on Secret Questions

Feedback:

Round-Up:

The post Not So Secret Answers | TechSNAP 70 first appeared on Jupiter Broadcasting.