Merry christmas

Merry Christmas everyone -Posted from my IPhone 4S

Location:Okemos Rd,,United States

GPU Password Cracking

We used to have a little comfort that if someone got a hole of your password hashes, it would at least take them considerable time to crack and extract the passwords.

Those days are gone !

Brute force cracking password hashes is becoming too easy thanks to apps that make use of the multiple cores in graphics cards.

CPU Password cracking

Core 2 Duo 2.13 GHz - 2.5 Million Hashes / Second

Core i7 980x - 19. Million Hashes / Second

GPU Password cracking


Radeon HD 5830 ($109) - 290 Million Hashes / Second

Radeon HD 6990 (($740) - 760 Million Hashes / Second


Multi GPU setups can achieve staggering rates of performance.

The White Pixel system (http://whitepixel.zorinaq.com/) has 4 AMD Radeon HD 5970 graphics cards and custom software. (each 5970 Card has dual GPU ‘s and costs around $400).

it can churn through more than 33 Billion Password hashes per second.

What's the best Alternative to passwords ?

-Posted from my IPhone 4S

Honeypot Folders

Everyone knows that a honeypot server is a system on the network which contains what appears to be juicy valuable PHI or other confidential data.
I recently heard mention of setting up a system using honeypot folders on servers as a easier and cheaper alternative.

Basically, you can do the following.
1. Configure a folder on each server and place one or several documents in it which appear to contain confidential data. The folder name should indicate that it is important, like “Accounting Backup Data” but the data within it is actually fake and may even be misleading.

2. Notify users that the folder is not to be accessed.


3. Configure logging of all access to the folder and also alerting

Should an intruder gain access into the network, they will almost certainly look in the folder, which will generate and aid in their detection.



1. Configure a folder on each server and place one or several documents in it which appear to contain confidential data. The folder name should indicate that it is important, like “Accounting Backup Data” but the data within it is actually fake and may even be misleading.

2. Notify users that the folder is not to be accessed.


3. Configure logging of all access to the folder and also alerting

Should an intruder gain access into the network, they will almost certainly look in the folder, which will generate and aid in their detection.


-Posted from my IPhone 4S

Location:Okemos Rd,,United States

iPhone 4s rocks

After 3 weeks I'm still enjoying my work iPhone 4s.
Siri has issues with my new Zealand accent but short commands work ok.

Just need to migrate from my Motorola zoom to an iPad next.




-Posted from my IPhone 4S

Location:Work

NetWitness

NetWitness is a great tool for network visibility but trying to get that into the managements mindset is like putting a nail into a steel wall.


-Posted from my IPhone 4S

iPhone 4s

This IPhone 4s rocks. My only gripe thus far is the small 3.5 inch screen. A 4.5 inch screen would have made this a diamond!

Posted from my IPhone 4S

Location:Okemos Rd,,United States

New IPhone 4S

My new work iPhone 4S arrived Thursday and I'm loving it's speed and features.


- Posted using BlogPress from my iPhone

Location:Okemos Rd,,United States

Data Exfiltration

Are your network monitoring systems warching for data exfiltration over voip ? Probably not.

I saw a great demo of a exploited system using voip to call into a conference number and the hacker calling into the conference number and isuing commands to the hacked system. He even had the hacked system read back the contents of a text file from its drive and the commands were issued from a simple dumb cellphone.

scary stuff.

External Port Scanners

Hackers continually scan prospective targets looking for vulnerabilities.

What if we analysed each request in real time and generated a reply to indicate we were vulnerable, when in actuality we are not.

The external hacker will try to exploit these false positives and give us,  on the defensive team, more time to analyse thier attacks and gather evidence while not having to worry about the risk of the hacker being successful.

This will also help to hide the real vulnerabilities we may have in an ocean of false ones.

Passive Offensive

A new view of honey pots.

A honey pot has traditionally been a vulnerable system you place in your dmz (which has fake data on it)for hackers to attack so you can gain info on the attacker while the attacker thinks they have penetrated an important system.

Why not integrate a fake network in your dmz, add a few virtual honeypot systems with virwual firewalls.
Write a few extra input form pages in your production web apps which your regular users canot navigate to. These fake pages will be found by hackers doing eb scans and the form inputs can be pointed to a fake database on a fake server.

Giving the hackers all this virtual booty will slow them down allow you to weed out the more dangerous smart hackers, monitor them and gather info for a legal case if necessary.

Stay tuned for more.

Playing to win - Active network security

Current information security doctrine leads to reactive security. We incorporate layers of firewalls and monitoring tools into our networks in the vain hope of stopping most hackers and slowing down and monitoring the smart few who can penetrate the security.

This defensive only playbbook is a recipe for disaster as can be seen in the news every week as company after company suffers data breaches.
With the complexity of modern networks and the inability to fully automate everything fully the human error factor will eventually leave an opening for hackers to get in.

Its time to re-evaluate our approach to security and take a page out of another playbook. The information security battle is just that, a battle between two teams, The good guys trying to protect confidentiality - integrity and availability of the data, and the bad guys trying to access that data or deny others access to it.

You dont win a battle by sidelining your offense. Admittedly legal issue prevent us from hacking the hackers but we can safely integrate passive defensive tequniques and systems to make it much more difficult for hackers to gain access. And if its too hard the majority of hackers will go looking for an easier target.

Passive Offensive can be implemented in a number of ways and I will describe them in following articles.

Lets play to win and not rely on a purely defensive network infrastructure.

Another lame email scam

Got this lovely email scam and lame phishing attempt in my gmail inbox today......

We are shutting down some accounts that are not presently updated on our database system and your account was authomatically choosen. We are sending you this Email to verify and let us know if you still want to use this account..

*Full Name :
*Email ID :
*Password :
*Occupation :
*Alternative Email:
*Region/Territory :

Note: This email is only for Gmail users (Users should reply within 48 hours to avoid "Permanently Lockup" Account)

Thank you for using Gmail !

The Gmail Team

-------
If it hadnt been from google-inc.com I still wouldnt have fallen for it. I feel for the thousands of victimw out there who do fall for these and wish I could track down the senders and make thier online lives miserable as the victimes will be.

testing blogger on my Motorola Xoom

Time to blog a little.

Telephone calls on the Motorola Xoom

Install Groove IP and link it to your Google voice account and then you can dial out and receive calls over wifi on your Xoom.

Motorola Xoom overclock

My Xoom is currently running the tiamat kernel. Its over locked to 1.4 ghz, but when I kick it up to 1.7ghz the quadrant score tops 3800.

Michael happy and healthy.

Trip to florida was fun

Well, we are back from florida. Tons of pictures and a bag full of toys for the kids.
Will be posting pics soon.

Motorola xoom

Just got a motorola xoom last night. I love it.
.
I installed Fring which will let me video chat to someone with an iphone.