Irongeek's Security Site

New 2600 Meet in Louisville, KY

Tue, 08 Jul 2008 16:22:53 +0000

Announcing the forming of a new 2600 meeting in the Louisville, KY, New Albany/Jeffersonville/Clarksville, IN and the surrounding area. We are looking for old faces and new faces to come and join us in discussion and hopefully projects in all things hacking. From computer security, to programming, to penetration testing and exploiting. It has been far too long since Louisville and its surrounding area have seen a group of security talent and we want to change that. If you want to be a regular, have a general interest or just want to converse with fellow techies please join us for our inaugural meeting.

When: Thursday July 31, 2008 @ 6:30pm
Where: Highland Coffee behind the Blockbuster near Bardstown road and Grindstead in Louisville, KY.
Google Map Link

Contact me if you think you can attend.

Ironkey High Security Flash Drive: Use and Review

Sun, 06 Jul 2008 20:48:42 +0000

New Video:Ironkey High Security Flash Drive: Use and Review
The Ironkey is a high security thumb drive designed to provide strong AES encryption, tamper resistance and other security services. I’d seen the Ironkey advertised quite a bit, and even read about its crypto systems and ruggedness, but was left wondering about how it works in operation. Since the hardcore tech side has been covered elsewhere, I’ll concentrate on the Ironkey’s usability and features. Some of the topics covered will include: How is the drive mounted without admin privileges in Windows? How is it mounted in Linux? How does the “Self Destruct” feature work? What is Secure Sessions? How is the Ironkey better than just using Truecrypt? I made this video to answer those sorts of questions for myself and others. If you want more details on the crypto involved, see the links section at the end of this video. The model I will be working with is the 1GB Ironkey Personal. I’ll show its use and give my opinions on the device.

By the way, you may notice that I'm making fewer posts over the next month or so. I'll be busy studying for the GRE, wish me luck.

Web Bug Article Updated With PHP/MySQL Source Code

Fri, 04 Jul 2008 14:25:10 +0000

I've updated my very old article on web bugs/web beacons to straighten out some bad formatting and to add an example of a web bug that uses PHP and MySQL. For those that don't know, Web Bugs are images (Gifs, Jpegs, PNGs, etc.) that companies and organizations put into web pages, e-mails and other HTML supporting documents to track information about the viewer. These images are sometime know by other names such as tracking bugs, pixel tags, web beacons or clear gifs. What ever the name, their function is largely the same.

Dreamhost Review Updated

Fri, 04 Jul 2008 13:39:49 +0000

It came to my attention that my Dreamhost review was a bit dated and had wrong information based on changes that Dreamhost has made over the last year. I've updated it to reflect some of Dreamhost's new polices, my experiences and how the discount codes differ from when I last updated it (1/31/2007). I've also have five limited discount codes to give away that grant the following: 2TB disk and 20TB bandwidth, gives $150 off a 5-year signup or $200 off a 10-year signup. Contact me if you want one of my five one time use codes.

Setting up a Tarpit (Teergrube) to slow worms and network scanners using LaBrea (The "Sticky" Honeypot and IDS)

Wed, 25 Jun 2008 21:14:22 +0000

New Video:Setting up a Tarpit (Teergrube) to slow worms and network scanners using LaBrea (The "Sticky" Honeypot and IDS)
A network Tarpit, sometimes know by the German word Teergrube, is a service or set of hosts that deliberately try to slow malicious network connections down to a crawl. The idea is to put up unused hosts or services on the network that respond to an attacker, but do things to waste their time and greatly slow their scanning (or spreading in the case of Worms). For this video I’ll be using a package called LaBrea by Tom Liston and tarpitting unused IP addresses on my home LAN.

Also, DecaffeinatID Intrusion Detection System ver. 0.07 is out.

Ironkey at the Kentuckiana ISSA meeting on June 27th 2008

Mon, 23 Jun 2008 20:33:58 +0000

Steve Tonkovich from Ironkey will be giving a talk at the ISSA-Kentuckiana Chapter Meeting on Friday June 27, from 11:30 am to 1:00 pm. Ironkey’s discussion will be on securing mobile data. The meeting will be held at their new location: Innovative Productivity / McConnell Technology
Hopefully I can convince Steve to give me a demo unit of the Ironkey thumb drive to test for a review on my website.

As a side note, DecaffeinatID ver. 0.06 is out.

Compiling and Configuring DHCPD from Source

Sun, 22 Jun 2008 08:23:48 +0000

Devil2005 has created a video on compiling and configuring dhcpd from source. He’s using the Fedora 9 distro of Linux for the video, but the lessons learned should be applicable to other distros. For that matter, even if you are not interested in installing dhcp in this way it’s still a good lesson on how to download and compile various applications from source.

Doktor Kaboom's Smoke Ring Cannon

Sat, 21 Jun 2008 16:03:16 +0000

Even though this is not computer security related, it was such a cool display I had to share it with my hacker buddies. I guess you could call it hardware hacking of sorts, with cool science principles. Make sure you re-watch the first few seconds a couple of times to get the full effect. I saw Doktor Kaboom's Smoke Ring Cannon at this years Kentucky Renaissance Faire. Now it's time to make one of these things for myself. Check out Doktor Kaboom's site at:
http://www.doktorkaboom.com/

DecaffeinatID: A Very Simple IDS / Log Watching App / ARPWatch For Windows

Wed, 18 Jun 2008 20:37:16 +0000

DecaffeinatID started because I wanted a simple ARP Watch like application for Windows. In a short matter of time, feature creep set in. DecaffeinatID is a simple little app that acts as an Intrusion Detection System (more of a log watcher really) to notify the user whenever fellow users at their local WiFi hotspot/ LAN are up to the kind of "reindeer games" that often happen at coffee shops and hacker cons.

PEBKAC Attack Script: Finding passwords in event logs

Tue, 10 Jun 2008 17:49:39 +0000

Ever wanted to quickly search a Windows Event Log to find passwords users inadvertently typed into the user name field? Well, this script should make it easy to do such audits. Read the rest of the article for details. Also, if you are interested in using BackTrack for pen-testing, check out my friend Lee Baird's collection of videos and documentation on BackTrack and other hacking topics.