.oO ftp ftp.netcom.com /pub/da/daemon9 Oo. ============================================================================== -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAy9JfcAAAAEEAKtk5VNjdIyvuE7g55VSiwFzFhLlEg7tHCwJ/Qz+7+Q1Gbql PsFFE2UZelkNPw4Y6hm5Pff6ZuWfje3nyht2kxp2hS9ShA2GQemZcyCvfHLm8lRO vhUp7Pna/DvczBd9AcBpHlajiPNXsEZ/x0w8OTu3w3R2s7fHWQtXkSokWGapAAUR tB1JbmZpbml0eSA8ZGFlbW9uOUBuZXRjb20uY29tPg== =kJD9 -----END PGP PUBLIC KEY BLOCK----- ============================================================================== Begin Information TCP/IP Protocol Suite ----------------------------------------------------------------------------- Transmission Control Protocol / Internet Protocol are just two of the many protocols involved in TCP/IP. This is a very brief introduction to the TCP/IP system. Networking protocols are normally developed in layers, each layer responsible for a different facet of communications. TCP/IP is normally considered to be a 4-layer system (the ISO OSI is a 7-layer system). 4 Application FTP, Telnet, SMTP, etc... | 3 Transport TCP, UDP | 2 Network IP, (ICMP, IGMP) | 1 Link Network hardware and device driver 1) Link Layer: (data link, network interface) This is where the device driver of the NIC resides. All the hardware details are handled here. 2) Network Layer: (internet layer) Handles the movement and routing of packets around the network. IP is considered 'unreliable'. 3) Transport Layer: Provides the flow of data between the two parties, for the application layer above. TCP is considered 'reliable', while UDP is not. 4) Application Layer: Handles all the details of the particular application. 5/9/95 ------------------------------------------------------------------------------ Substitution Ciphers ------------------------------------------------------------------------------ A substitution cipher is one where each character in the plaintext is substituted for for another character in the ciphertext. The plaintext is revealed again when the substitution is inverted on the ciphertext. This is *not* remotely secure, as it only obscures the plaintext, rather than encrypt it with a key. There are four basic types: 1) Simple One char in the plaintext is replace by one coressponding char in the ciphertext. See the rot13 example below... 2) Homophonic Similar to a simple substitution cipher, except a single char of plaintext can map to one of several chars of ciphertext. 3) Polyalphabetic Made up of multiple simple substitutions throughout the process. 4) Polygram Blocks of chars are scrambled in groups. /* Rot13.c */ /* Simple substitution cipher, in effect, rotates letters 13 places mod 26 */ /* Uses stdin and stdout, useful in redirection */ #include int main(){ int c; while((c=getchar())!=EOF){ if(c>='a'&&c<='m')c=c+13; else if(c>='n'&&c<='z')c=c-13; else if(c>='A'&&c<='M')c=c+13; else if(c>='N'&&c<='Z')c=c-13; putchar(c); } return 0; } 5/9/95 ------------------------------------------------------------------------------ Locating audit files in Unix ------------------------------------------------------------------------------ This is a very simple four step process that will locate audit files (even undocumented ones). It can easily be automated in a batch file and run as a cron job. It will not enter directories you do not have search permission on, however. 1. Pick an off time to check for them, perhaps late at night. 2. touch a file 'flag' (touch flag). This is your reference file. 3. Execute a command (this should the command you are concerned with, or any you want to check if there is an audit trail on). 4. Execute find (find / -newer flag -print) to look for files with a newer timestamp (some files will be discarded as trivial, the others should be checked into as possible audit files...). 4/12/95 ------------------------------------------------------------------------------ Firewalls --------------------------------------------------------------------------- A brief intro and discussion of Internet firewalls. A firewall is used to secure an internal computer (more likely a network or subnet) from an external untrusted network (Usally the Internet). There are several kinds, ranging from free software only configurations, to expensive turnkey hardware/software based implementations. Three basic types: Router-based firewall: Using a programable router to filter packets can be one of the more cost effective and simple methods. If a dedicated line is present, it is likely a router is also, so no additional cost may be incurred. Routers work by controlling traffic at the IP level. A given packet will be accepted or blocked based on it's 32-bit source/destination address or port information, located in the header. A decent firewall can be constructed this way, but it may be difficult to exclude all the traffic you want. The main problem is that many routers come configured for miminal protection, and are left this way. Also, FTP, DNS, and X11 need special consideration, as they are not handled well by packet filters. Routers are suceptable to IP spoofing... Host-based firewall (The Bastion Host): Using a dedicated computer (or computers) offers much more flexibility and capability than a router alone. Bastion hosts exert their control at the application level, where network traffic can be examined more in depth. Most hosts implement specialized application gateways, and service proxies. In essence, these are secured versions of the programs they replace (or work with). Isolation Networks: A secured network that sits between your internal subnet and the external network. Basically, traffic can pass from the Internet to the Isolation network, and from the subnet to the Isolation network, but not across. 3/26/95 --------------------------------------------------------------------------- TCSEC {Trusted Computer System Evaluation Criteria} ---------------------------------------------------------------------------- [Divsion]: D Class: N/A Type: Minimal Protection Highlights: This division contains only one class. It is reserved for those systems that have been evaluated but fail to meet requirements for a higher division. Examples: MS-DOS machines, Apple Macintosh machines - - - - - - - - - - [Divsion]: C Discretionary Protection Synopsis: Classes in this division provide for discretionary protection and accountability of subjects and actions they initiate. Class: 1 Type: Discretionary Security Protection Highlights: Provides discretionary security requirements by seperating users and data. Incorparates some form of credible controls capable of enforcing access limitations on an individual basis. The class C1 environment is expected to one of cooperating users processing data at the same levels of security. Examples: Unix (some) Class: 2 Type: Controlled Access Protection Highlights: Systems in this class enforce a more finely grained discretionary access control system than C1. Users are individually held accountable for actions through login procedures, auditing of security related events, and resource isolation. Examples: Unix (some), VMS, Windows NT, Primos, SVS/OS CAP, OSF/1 - - - - - - - - - - [Divsion]: B Mandatory Protection Synopsis: The notion of a Trusted Computing Base that preserves the integrity of sensitivity labels and uses them to enforce a set of mandatory access control rules is a major requirement of this division. Systems in this division must carry the sensivity labels with major data structures in the system. The system developer must also provide a security policy model specification on which the TCB is based. Class: 1 Type: Labeled Protection Highlights: All requirements from C2. In addition an informal statement fo the security policy model, data labeling, and mandatory access control over named subjects and objects must be present. The capability must exist for accuratley labeling exported information (hardcopy, etc...). Examples: CMW+, OSF/1 (optional), OS 1100 Class: 2 Type: Structured Protection Highlights: In B2 systems, the TCB is based on a clearly defined and documented formal security policy model that requires the discretionary and mandatory access control enforcement found in B1 to be extended to allsubjects and objects in the system. In addition, covert channels are addressed. Authentication mechanisms are strengthened, trusted facility management is provided in the form of support for system administrator and operator functions, and stringent configuration management controls are imposed. The system is relatively resistent to penetration. Examples: Multics, Trusted XENIX Class: 3 Type: Security Domain Highlights: B3 systems must satisfy reference monitor requirements that it mediate all accesses of subjects to objects, be tamperproof, and be small enough to be subjected to analysis and testing. The TCB is structured to exclude code not essential to security policy enforcement, with significant system engineering during design to minimize complexity. Support is added for a security administrator, audit mechanisms are expanded to signal security related events, and system recovery procedures are required. The system highly resistant to penetration. Examples: XTS-200 (?) - - - - - - - - - - [Divsion]: A Verified Protection Synopsis: Characterized by the use of formal security verification methods to assure that the mandatory and discretionary security controls empployed in the system are can effectively protect classified or other sensitive information stored or processed by the system. Extensive documentation is required to demonstrate that the TCB meets the security requirements in all aspects of design, development, and implementation. Class: 1 Type: Verified Design Highlights: Functionally equivalent to B3 systems, A1 systems differ in the level of assurance. A1 systems undergo intense analysis derived from formal design specification and verification techniques and the resulting high degree of assurance that the TCB is correctly implemented. Examples: SCOMP, SNS 3/14/95 ----------------------------------------------------------------------------- Psuedo-Fake posting to Usenet and Fake-mail the easy way ---------------------------------------------------------------------------- To fake a post to USEnet, you need to find a host that has it's port 119 open to telnet. Then type in the following: group alt.big.purple.car post Subject: Alabama path: Woods!Trees!eggs!babies.com From: Clarance@TR.com Organization: Romance is wonderful Newsgroups: alt.test,alt.flame,alt.dev.null . Fakemail is easier. Most sendmail ports are open to telnet. Telnet to port 25, and if we are talking SMTP, then the following commands are valid: HELO hostname - startup and give your hostname MAIL FROM: - start transaction from sender RCPT TO: - name recipient for message VRFY
- verify deliverability of address EXPN
- expand mailing list address DATA - start text of mail message RSET - reset state, drop transaction NOOP - do nothing DEBUG [level] - set debugging level, default 1 HELP - produce this help message QUIT - close SMTP connection Example: MAIL FROM: "Z@zero.com" RCPT TO: "root@netcom.com" DATA . 3/2/95 ---------------------------------------------------------------------------- PGP ---------------------------------------------------------------------------- Pretty Good Privacy was written and concieved by Phillip R. Zimmerman. It is military grade encryption for the masses. It provides for secure key exchange, sophisticated key management, digital signatures, bulk encryption, key authentication, Message digests, and more. Contrary to what people beleive, PRZ did not "create" a new crypto-system. In the early versions of PGP, he implemented his own symmetric algorithm, but upon meeting with Eli Biham, it was made clear that "Bass-O-Matic" was very insecure. In later versions he dropped the Bass-O-Matic and went a new algorithm from Switzerland, IDEA. PGP uses RSA for key exchange, IDEA for conventional encryption, and MD5 for hashing. Get a copy from MIT at: net-dist.mit.edu . 2/23/95 ---------------------------------------------------------------------------- Network Topology and Internet Security ---------------------------------------------------------------------------- There are several methods to providing Internet service to an interior corporate LAN from a single Internet gateway machine. Some of these provide stalwart protection, others invite diaster. Here are a few: Physical Isolation: Security level: Very high The most simple and secure method. A host is isolated from the rest of the network. No internet user can see the internal LAN, of course, nor can any LAN user see the internet. The server itself is still open to attack, however. This method is therefore not very extensible. Adding a few small workstations (or kiosks) onto the server may increase usabilty somewhat. This would grant some corporate users access to the internet at large. This requires additional hardware, and cost however. Protocol Isolation: Security level: High If computers on the LAN need to see the Internet server, use this, the next most secure method: protocol isolation. This method is deceptively simple, based on the premise that 'Netspeak is TCP/IP. The Internet server needs to be outfitted with two NICs, one for the Internet proper, one for the internal LAN. The NIC connected to the Internet is bound to TCP/IP, and the other NIC is bound to IPX, netBEUI, or some network protocol that is not TCP/IP. The key is that the Internet requires use of IP. Since the corporate LAN is running a different protocol, it cannot communicate with the Internet, and vice versa. This method is useful for corporations that have ftp servers, and users who make data available for disseminination. The resources on the server are available from either direction, but cannot be passed through. Standard firewall. Third-party Router: Security level: High If you are running TCP/IP on a large corporate network with high volume or multiple subnets, you will likely want to use a third-party router connected to a leased line. Some routers will allow for packet filtering, and tracing as well as other features. If implemented correctly, it is usally very secure. Full Gateway Machine: Security level: Low An internal LAN running TCP/IP served by an unprotected Internet gateway machine. Very little protection for the internal network is provided here. A skilled hacker will easily penetrate this type of setup. An unskilled hacker will also likely be able to break in. This setup relies on the host operating system to provide security through file permissions and intrinsic security features. Not highly recommended. 2/19/95 ----------------------------------------------------------------------------- Leonhard Euler ----------------------------------------------------------------------------- (1707-1783) It was said that, "Euler wrote mathmatics as effortlessly as most men breathe." He was probably the most prolific mathematician that ever lived. His energy and capacity for work were boundless. His collected works form more than 100 quarto-sized volumes, and it believed that much of his work has been lost. Despite the fact that Euler was blind the last 17 years of his life, he was at one of his most productive times then. His memory was flawless. Early on in his life, he memorized the Aenenid by Virgil, and at age 70, could not only recite the entire work, but he knew the first and last sentence on every page of the book! He was able to work out problems of immense proportion in his head. He calculated major problems of lunar motion that had baffled Newton, and once did a complicated calculation in his head to settle and arguement between two students whose computations differed in the 50th decimal place. His genius brought cohenrence to the then disorganized calculus. He also tied physics with calculus in never before done manners... He made major contributions to almost every field of mathematics (where would public-key cryptography be w/o him?) as well as optics, planetary motion, electricity, magnetism, and general mechanics. 2/1/95 -------------------------------------------------------------------------- Race Conditions -------------------------------------------------------------------------- A race condition is when two or more processes are running concurrently with shared menory.. The race condition occurs when the order the processes access a certain variable defines the result. For instance assume r is a shared variable, and two processes are both executing r = r + 1 at the same time. There are 2 possible results. Either both get the initial value of r, add 1 and THEN put the value back (result: r = r + 1, probably not intended) or the second process does not access r until AFTER the first has stored the value(result: r = r + 2, likely the correct result) The "r=r+1" is called a "critical section" and the usual way to make the answer come out as expected is to implement mutual exclusion for the critical section, often with semaphores, or an atomic increment/decrement operation (depending on your hardware). Race conditions are the building blocks of discrete security holes... 1/29/95 --------------------------------------------------------------------------- Wordlist building -------------------------------------------------------------------------- There is no "perfect wordlist". Wordlist building is an art onto itself. A passwd file from a site where accounts are free, and user education is proportionally low, passwds will be "type A". A passwd file with 'type A' passwds is relatively easy for a cracker to breach with decent yields. 'Type A' passwds are names, places, things, TV shows, bands, profanities, etc. Bascially a pure dictionay attack (passwds can be compromised with little or no modification from thier dictionary entries). 'Type B' will be passwds like before, with numerics or special chars (n/spc) appended or prepended. This is easy to prepare for. Many Brute Force passwd crackers come with utils to do just this. A 'type C' passwd is harder to crack. This type is generally two or more words concatenated together with or without n/spc. It can also be a acronym for a phrase. Wordlists for these are best created thru more psuedorandom means. Gathering random textual data from Usenet, IRC, or somewhere and manipulating it proves useful here. Lastly, 'type D' passwds are either system generated or by security savvy users/admins. These have no discenable pattern and will contain mixed case, n/spc and not likely to be a pronouncable word. This type is the toughest to crack. You have to be lucky or good. Again random textual data is needed, but complex permutations need to performed on the word to make it suitable. In this case, you would want to make a special 'type D' wordlist, for use after all your other trys. You take the root accounts (and any others desired, yet uncracked) and run them against this list. In any event you simply cannot create a comprehensive worldist. 26+26+10+~30= 92^8. 5.13218873138E15. That is ~5,132,188,731,380,000 possible words. Assuming 1 byte chars, that is ~41,057,509,851,000,000 bytes. That is ~3,823,7785.7817 gigabytes or ~37,341.5876775 terabytes. 1/28/95 --------------------------------------------------------------------------- No Such Agency --------------------------------------------------------------------------- The NSA is shrouded in secrecy. It's alleged mandate is the secrecy and security of US communications. It is Rumored they do much more, from recording all phone conversations in the US (Extermely unlikely) to UFO investigations, communications, and subsequent cover-ups. The NSA was created by President Truman in the late '40s under the DoD, and until recently was kept offically secret. They have the largest budget of any Gov't body, and this goes to a "black list". They have the worlds leading cryptologists employed and it is commonly known that the NSA has cryptographic knowledge that is years ahead of the public sector. Since most of this information is classified, it is hard to know for sure, but safe to assume. The worlds largest resource of computing power is also wielded by the NSA. It is rumoured they have massive rooms of Crays in parallel running specially devised distributed factoring algorithms... All crytographic algorithms for export must first be approved by the NSA. It is widely believed that algorithms approved by the NSA can also be broken by the NSA. It is whispered by those trying to get their algorithm approved that the NSA suggests: - Leak a key bit intermittently in the ciphertext. - Reducing the effective keysize to something in the 30-bit range. The accepted key may be in the 100-bit range, but only a third of the bits are actually used. - Encrypt a known header at the beginning of every chipertext, allowing for a chosen-plaintext attack. - Generate a few random bytes, encrypt them with the key, and put both the plaintext and the ciphertext of those random bytes at the beginning of the message in some pre-determined order. This allows a known-plaintext attack. All this information is, at this point, hearsay... 1/24/95 ----------------------------------------------------------------------------- Information Theory ----------------------------------------------------------------------------- The amount of information in a message is defined by information theory as the minimum number of bits needed to encode all possible meanings of the message. For example, the months of the year only need 12 bits to convey all the needed information, while in actuality up to 9 bytes are used. The amount of information in a message is known as entropy, and is the log base 2 of n, where n is the total number of possible meanings. Entropy also measures uncertainty; which is the number of plaintext bits needed to be recovered when the message in enciphered, in order to learn the plaintext. 1/21/95 ----------------------------------------------------------------------------- Brute Force ----------------------------------------------------------------------------- The security of any symmetric crypto-system is dependent on two things: the strength of the algorithm and the length of the key. Since most tried and true systems brag secure algorithms, consider a brute force attack on the key. 56,64 and 128-bit keys are the most prevailant. A supercomputer able to try 1,000,000 keys per second could find a 56-bit target key in 2000 years. A 64-bit key would take the same machine 600,000 years. And a 128-bit key would take 10^25 years to compute. (A 2048-bit key would take 1,000,000 such computers 10^597 years.) However, massively parallel machines, with multitudes of processors can reduce the time significantly. A brute force attack is tailor made for parallel machines. Each processor can test a subset of keyspace. The processors do not have to communicate among themselves; only a successful breach need be broadcast. Considering this, take the previous machine's CPU and 120,000 like it in parallel, and compute a 56-bit DES key in a week or less. 590,000 processors could compute a 64-bit key in a year. It is yet unfeasible to break a 128-bit key by brute force (NSA?). Also, it is likely that certian agencies with the money and inclination have machines similar to these, but can compute double or quadruple the amount of keys in the same time.... 1/7/95 ----------------------------------------------------------------------------- Unix Password Encryption ----------------------------------------------------------------------------- Unix passwd encryption is based on a modified version of DES. The user enters her login and password at the prompts. The user entered password is used as a key to encrypt a 64-bit block of NULLs. The first seven bits of each character are extracted to form a 56-bit key. (The other eight are used for parity.) This implies that only eight characters are significant to a password. The E-table is then modified using the salt, which is a 12-bit value, coerced into the first two chars of the stored passwd. The salt's purpose is to make precompiled passwd lists and DES hardware chips ineffectual (or more difficult to use). Then, DES is invoked for 25 iterations on the block of zeros. The output is 64-bits long, and is then coerced into a 64 character alphabet (0-9,A-Z,a-z,".","/"). This involves translations in which several different values are represented by the same character. Unix passwd crypts are the product of a one-way hash. The function cannot be reversed. 1/5/95 ---------------------------------------------------------------------------- Secret Splitting ---------------------------------------------------------------------------- There are ways to split a message between n number of people such that apart the fragments are useless, but together, n frags produce the message. The simplest algorithm uses a trusted arbitrator: The Tusted party produces a Random bit string, the length of the message to be split, and then XORs the message with the bit string. The bit string is given to one party, and the cipher text is given to the other. This encryption is a one time pad. and is absolutely secure and completely unbreakable, as long as the pad is kept secure. To split the message among more people, the trusted party simply generates more random bit strings. To reproducve the message the ciphertext is XORed with the bit string(s). One problem is that all partys that participate in the distribution must be present for the reconstruction, or the message is lost. A threshold scheme plans for this contigency. A message can be split into n shadows, such that m number of them are necessary for reconstruction. This is an (m,n)threshold scheme. 1/4/95 ---------------------------------------------------------------------------- Public-key Cryptosystems: ---------------------------------------------------------------------------- Contrast with private-key, in which there is one key used for encryption and decryption. While faster, it is less extensible and makes key-management a problem. In public-key cryptography, there are two keys, public, and private. The private key is kept secret while the public key is published. Plaintext is encrypted with the public key and decrypted with the private one. One such system is RSA. The strength of RSA lies in the difficulty of factoring large numbers. It is based on well-known number-theoretic properties of modular arithmetic and integers. One of these is the Euler Totient function, t(n). t(n) of a number is defined as the number of integers less than that number that are relatively prime (having no common factors other than 1) to it. 12/28/94 ---------------------------------------------------------------------------- Deadlock (Deadly embrace): ---------------------------------------------------------------------------- In a multiprogramming environment, several processes may compete for a finite number of resources. A process requests a particular resource, and if the resource is unavailable, it enters a wait state. It may happen that the waiting processes will never come out of that wait state, because the resource needed is in use (or held) by another waiting process. This situation is called deadlock. 12/25/94 ---------------------------------------------------------------------------- DOS interrupt 26h ABSOLUTE DISK WRITE: --------------------------------------------------------------------------- This interrupt writes data from a buffer pointed to by DS:BX pair to a logical disk sector. Pre Register setup: AL drive(1=A,2=B,3=C...) CX number of sectors to read DX starting logical sector number DS:BX segment:offset buffer Post Register setup: CF 0 if successful / 1 if not AX if unsuccessful, error code 12/12/94 --------------------------------------------------------------------------- Nagle Algorithm: --------------------------------------------------------------------------- A TCP connection can have only one outstanding small segment that has not been acknowledged. No additional small segments can be sent until the acknowledgement is recieved. Instead, small amounts of data are collected by TCP and sent in a single segment when the acknowledgement arrives. The Nagle algorithm is self-clocking: the faster the ACKs come back, the faster the data is sent. 12/5/94 --------------------------------------------------------------------------- End information.