Posted on

Goolag Scanner goes fishin

Storing ..um.. classified Information on your webserver in hidden directories is not exactly very bright because you can be sure that google will index anything it can get.

The goolag scanner, which was recently released by the famous hacker group cultDeadcow actually found pornography on chinese government owned (gov.cn) sites and security holes on western servers.

http://www.cultdeadcow.com/archives/2008/03/cult_of_the_dead_cow.php3

Please assume that files being stored in http://mydomain.com/_this/is/a_super/secret/directory/ will easily be found by simple methods such as specially designed search queries:

intitle:index.of +”last modified” +”parent directory” +(pdf|doc) +”Secret” -htm -html -php -asp

Posted on

Attacks on disk encryption keys

A Princeton computer scientist team has released a white paper which documents their cold boot attacks on encryption keys. The scenarios are based on a key recovery involving primarily laptop computers using various methods to keep the key stored in dram on a power off.

Very interesting article and a guideline on preventing attacks like this. The most effective way is certainly limiting boot options in order do prevent anyone booting up tools to steal your encryption key.

http://citp.princeton.edu.nyud.net/pub/coldboot.pdf
SecuriTeam Article

Posted on

Gnome SSH Tunnel Manager

If you use encrypted ssh tunnels a lot you may find this tool pretty interesting.

Gstm is a fully functional gui for managing all your ssh tunnels and redirects.I really like this on the EEE PC because it saves a lot of keyboard interaction.

A simple apt-get install gstm will immediately install the software package, providing you have the correct repositories.

bildschirmfoto-ssh-tunnel-manager.png bildschirmfoto-tunnel-properties.png

http://sourceforge.net/projects/gstm/