iPhone – ip forwarding YES

November 27, 2009 By Leave a Comment

As I tweeted earlier I was poking around my jail broken iPhone and discovered IP forwarding does work.  I’ve been searching for ways to tether my iPhone to various computers.  I was able to use OpenSSH and establish a SOCKS proxy yesterday.  That works nicely and given the “Location” feature of OS X and the Profile support of Firefox, that does provide a decent solution.

Problem is that Mail.app does not like to speak IMAPS  over a port forwarding SSH tunnel.  Actually it may been SMTPS over an SSH tunnel that it may dislike completely. Which I never did figure out or understand why. From a packet perspective they go into the tunnel and come out.

I’m looking to setup my iPhone into an IP router for my computers.  Now that I know the phone is capable of IP forwarding it is just a matter of getting the rest of the stuff setup. Ideally I want to setup an SSH VPN between my portable computer and my server.  Then all of my traffic will be encrypted until it exits @ my server at which point I don’t care.

I’m going to continue exploring the possibilities of the iPhone as a router and also as a stealth attack device.  Inside Cydia the normal good network goodies of nmap, netcat, tcpdump and are now installed on my phone.

Yes I’ve changed the default root password from ‘alpine’ to something else.  I go a step further on any public facing SSH enabled devices, I only allow key based authentication.

If you have any tips or suggestions let me know.

Filed Under: Blogs, security, Tech Tagged With: , ,

idea for authpf

November 25, 2009 By Leave a Comment

I know some sites trust their servers and let the servers talk to anywhere on the Internet or internally.

Just had a thought, instead all servers should be blocked for all traffic except for business needed traffic. What about updates? The servers need to go fetch updates. (In those cases where the patches/updates are not handled in a centralized method.) Give those who are responsible for patching servers an authpf account that gives the server the permission to go get updates.

When the sysop logouts of the gateway system the rules are reverted back to a very restricted state. The nice part is that this will work 24×7 and the firewall admins need not be around to change the rules.

To further contain possible unwanted behavior, give each application owner their own ID and limit that ID to the specific IPs of the application servers.

What do you think?

Filed Under: Blogs Tagged With: , ,

Create an iso image on a Mac

November 25, 2009 By Leave a Comment

The steps I use to create an ISO image on my Macs.

## make an iso on the command line
## use the exact slice, use df to check
drutil status  # look for Name: /dev/disk*
diskutil unmountDisk /dev/disk
dd if=/dev/disk of=/Users/Shared/Software/name-of-iso bs=2048
# then test with finder/disk util/etc.
Filed Under: HowTo Tagged With: ,

Seek and you shall find

November 25, 2009 By Leave a Comment

I am now following taosecurity on twitter and saw his tweet about http://shodan.surtri.com/

If it works as advertised, then it will make life easier for those looking for such information.  This tool can be used by both black and white hat hackers.  This is what I call freedom of information.  This site is not presenting anything that is not already publicly available.  Though it does make it a bit easier to find it.

I have spent the majority of my career on the defensive side of Information Security.  One of the things that often gets recommended is that banners in services, like SMTP or HTTP, are turned off. Turning that information off does not in any way prevent attacks or mitigate any vulnerabilities.  It does make life a little bit harder for black hat hackers as they can not do a simple drive by, i.e. connect get a banner and then leave.  To find out out what software a system is using to provide a given service they would have to interact with the software a bit more.

Like TCP/IP stacks which have characteristics that can indicate which operating system generated the packets – simply by looking at packet headers – software has characteristics as well.  For example years ago I connected to an SMTP server and got a banner that started with “220 ******* SMTP *** Service*****” or something like that, it had way too many asterisks in it.  I later learned that it was a Cisco PIX firewall.

Changing the banners would at least help a site not be listed for running say Apache, when in fact they very well could be.  Again it does not stop or mitigate vulnerabilities, but it does make it somewhat harder on those wishing to cause the device harm.

Filed Under: security, Tech

taosecurity – defending .gov…

November 24, 2009 By Leave a Comment

This twitter post has me ROTFLOL, quoted here

Defending the .gov & NIST approach to security is like advocating for better locks on screen doors, in a home emptied and burned by thieves.


Filed Under: security
« Older Posts
Newer Posts »