Category: Security

Security Articles

Posted on

UCSniff 3.0 Released – VoIP/IP Video Sniffing Tool

UCSniff is a Voice over IP (VoIP) & IP Video Security Assessment tool that integrates existing open source software with several useful features, allowing VoIP and IP Video owners and security professionals to rapidly test for the threat of unauthorized VoIP and Video Eavesdropping. Written in C/C++, and available on Linux and Windows, the software is free and available for anyone to download, under the GPLv3 license.

Why?

UCSniff was created as a Proof of Concept (POC) demonstration tool and a method of creating awareness around VoIP/UC threats. It can be used by VoIP/UC Administrators to test their own VoIP or Video Infrastructure in a pilot before vulnerabilities are rolled into production. It can also be used by security professionals as a method of convincing IT decision makers that security best practices should be applied to VoIP/UC in the same way that they are applied to other TCP/IP based, client-server applications.

New Features

  • Real time VoIP and Video monitoring.
  • New codec support, G729, G726, G723.
  • GUI version of Windows and Linux.
  • TFTP MitM Modification of IP phone settings.
  • New VideoSnarf tool – Converts offline RTP pcap file to media file.
  • Windows VLAN implementation, for VLAN Hopping in Windows.

Download UNCShiff 3.0 here.

Posted on

Yubikey Two Factor Authentication

Yubikey is a security device from the innovative Swedish startup Yubico. It is a very small piece of hardware, in the form of a USB key that fits on your key chain. What makes Yubikey so smart is that it does not need any client software and it can be used on any computer with a USB port.

The intended use is for secure and efficient authentication of users to services over the Internet. It works just like a computer keyboard connected to a USB slot. In fact, it is more or less a computer keyboard, since all it does is to simulate a keyboard in order to enter long passwords into textboxes when you want to login to for example a web site.

The Yubikey has one button. If you insert the Yubikey into a computer and press this button, it generates the user’s identity and a passcode, just like if you would have written it yourself on the keyboard. It is possible to re-program a Yubikey to for example generate static (never changing) passcodes instead of the default which are so called one time passcodes (hereafter called OTPs).

The Yubikey is used for applications such as to login to single-sign-on services such as OpenID and MashedLife.com, Microsoft Windows, blogs, forums, and more. In most cases one time passcodes, OTPs, are used and validated against some validation server. The yubikey can also be used completely offline without validation, for example to enter a complex but static passcode to unlock an encrypted disc that is protected with TrueCrypt.

To order a Yubikey online click here. For more information visit Yubico’s website.

Posted on

Nikto 2.1.0 – Web Server Security Auditing Tool

It’s been almost 2 years since the last release Nikto, version 2 and finally, 2.1.0 is out.

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

Nikto is not designed as an overly stealthy tool. It will test a web server in the shortest timespan possible, and it’s fairly obvious in log files. However, there is support for LibWhisker’s anti-IDS methods in case you want to give it a try (or test your IDS system).

Changes

Version 2.1.0 has gone through significant rewrites under the hood in order to make it more expandable and usable.

  • Rewrite to the plugin engine allowing more control of the plugin structure and making it easier to add plugins
  • Rewrite to the reporting engine allowing reporting plugins to cover more and also ensuring that output is written if Nikto is quit before finishing
  • Addition of caching to reduce amount of calls made to the web servers, as well as a facility to disable smart 404 guessing.
  • Addition of simple guessing for whether a system is an embedded device and to report what it is
  • Plugin to use OWASPs dictionary lists to attempt to brute force directories on the remote web server (as mutate 6)
  • Plugin to attempt to brute force domains (as mutate 5)
  • Allow username guessing (mutate 3 and 4) to use a dictionary file as well as brute forcing, hurray!
  • Support for NTLM authentication
  • Lots of bug fixes and new security checks

You can download Nikon 2.1.0 from here or read more here.

Posted on

How do I remove a passphrase from an OpenSSL key?

Have you grown tired of typing your passphrase every time your secured application starts? You can decrypt your key, removing the passphrase requirement, using the rsa or dsa option, depending on the signature algorithm you chose when creating your private key.

If you created an RSA key and it is stored in a standalone file called key.pem, then here’s how to output a decrypted version of the same key to a file called newkey.pem.

# You'll be prompted for your passphrase one last time
openssl rsa -in key.pem -out newkey.pem

Often, you’ll have your private key and public certificate stored in the same file. If they are stored in a file called         mycert.pem, you can construct a decrypted version called newcert.pem in two steps.

# You'll need to type your passphrase once more
openssl rsa -in mycert.pem -out newcert.pem
openssl x509 -in mycert.pem >>newcert.pem

More helpful instructions on OpenSSL certificate, CA and key management can be found here.

Posted on

Secure SSH with DenyHosts

DenyHosts is a script designed to thwart SSH server attacks – also known as dictionary based attacks and brute force attacks.

If you’ve ever looked at your ssh log (/var/log/secure on CentOS/Redhat) you may be alarmed to see how many crackers attempted to gain access to your server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn’t it be better to automatically prevent that attacker from continuing to gain entry into your system?

DenyHosts attempts to address this problem… and more.