protection

  • Windows Vista  includes a new defense against buffer overrun exploits called address space layout randomization. ASLR. is just a way to hide insecure code, and make harder automated attacks on millions of machine except if....but I will come on that later

    Address space layout randomization (ASLR) is a computer security technique which involves arranging the positions of key data areas, usually including the base of the executable and position of libraries, heap, and stack, randomly in a process' address space.[WIKIPEDIA]

    In Vista, a DLL or EXE could be loaded into any of 256 locations, which means an attacker has a 1/256 chance of getting the address right. In short, this reduce the number of successful exploits. Vitsa address-space layouts are randomized only at boot time. Ae You safer with Vista? YES! and NO!

    On a 32 bits machine, this protection is not working, simply because some smart people, have already worked on a way to circumvent ASLR, so a Linux PC  will be more or less 216 seconds longer safe!
    Google when typing ASLR give a second link (sic) this handy white paper: On the Effectiveness of AddressSpace Randomization
    we demonstrate a derandomization attack that will convert any standard buffer-overow exploit into an exploit that works against systems protected by address-space randomization. The resulting exploit is as effective as theoriginal exploit, although it takes a little longer to compromise a target machine: on average 216 seconds to compromise Apache running on a Linux PaX ASLR system.
    http://www.stanford.edu/~blp/papers/asrandom.pdf

    Why it take so much time? because they have decide to translate the buffer overflow issue in the translated address space.. and brute forcing till success. In Apache, the famous opensource webserver,  that mean 2^16 = 65; 536 probes at worst and 32,768 probes on the average....Vista has only 256 slots for a dll or exe...so how much time would it take?  For all reader which like to play with pointer, the white paper is worth reading...

    Vista has also long pointer obfuscation, long living address being encrypted and decrypted at runtime when needed...this long pointer values will have particularities like a high  entropy values so easily reperable in memory even if they move then periodically or randomly from place to place (Like PGP caching keys in memory).

    Implementation which randomizes the base address of the stack, heap, and code segments and adds random padding to stack frame and malloc() function calls. Since for sure the obfuscation algorithm is secret, it will break quite fast, as security by obscurity has always be known to failed.

    What would I like to say? first that this technology is nothing special, it is one technique among others, and will be broken quite fast depending on how informations the Operating system leak or how it was implemented Moreover, it is existing since a long time.
    • In OpenBSD since year (BSD 4.0),
    • In Linux since Kernel 2.6.12  (17 Jun 2005) or as an addon http://pax.grsecurity.net
    • Third party company are selling addons for windows here are some: BufferShield (since 1998 forXP, 2000, 2003, NT4),  WehnTrust (XP, 2000, 2003), StackGuard (compiler Canary and ASLR)
    Canaries are not implemented in Vista but are also worth mentionning:

    StackGuard is a modified compiler which places canaries (the term canary can be used interchangeable with our use of the term cookie) around the return pointer in function. A buffer overflow will modify the canary on its way to overwriting the adjacent return pointer. If the function epilog detects a dirty canary, it rightly infers that an exploit has occurred, it logs the exploit and it aborts the program.

    Nothing will replace a well written code, that mean architecturally reviewed,  with an open code, open to see, open to critics. Open Source IS the future. 
  • Someone has asked for more detailed pictures of the Dainese V Neck 2, so here they are:

    &160;

    &160;

    dainese.neck.v2.06 dainese.neck.v2.01&160; dainese.neck.v2.03 dainese.neck.v2.04

  • Equipement et vetements


    Quad en France - All Terrain Vehicle aux USA - Véhicule Tout Terrain au Québec

    Cette page vous présente le meilleur équipement a posséder si vous voulez pratiquer le quad de manière sportive et vous protéger un maximum. Comme vous allez le voir, le budget est conséquent, mais encore une fois, il s'agit de votre peau et de plus il est plus intelligent d'investir dans un bon équipement que dans un pot carbone....

    Sur le Quad

    • Les nerf bars, il s'agit de barre en acier qui protège les pieds et orteils des chocs avec les pieres ou tronc d'arbre afleurant a la surface du sol. C'est un gadget indispensable.
    • Le fanion, oui cela n 'est pas très beau, et ne fait pas frime, mais être vu c'est important, et cela surtout en rase campagne.
    • Le gyrophare, est un plus, a monter sur un tube plastique (qui ne vous blessera pas en cas de retournement du quad)
    • Rouler toujours phare alumée comme pour une moto.

    Le pilote

    Bottes
    Alpinestar tech 8 black prix pubic 350€
    Acheté 315€ port comprit avec un jersey "No Fear" taille Xl en cadeau (valeur 56€) sur www.ebay.de
    Gant
    Gant moto DAINESE reutilisé de ma Hornet 600
    240€
    Casque
    Integral NOLAN
    reutilisé de ma Hornet 600
    Lunettes Non
    Plastron
    Acerbis Fusion black 159€
    Acheté 100€ sur www.ebay.de
    Plaque dorsale
    Plaque dorsale DAINESE
    Airspace 2 (reutilsation de mon équipement moto)
    100€
    Pantalon, veste

    Roxy 179€ la veste, 139€ le pantalon
    Coudières,
    Genouillères

    DAINESE knee pro 45€ (en bas) et Elbow pro 29€ (en haut)
    Je les utilise en snowboard et en VTT aussi.
     

    viewfull">http://www.evs-bmx.com/product_details.asp?ProductID=68&ProductSubcatID=22viewfull

    350$

    Â

    La trousse a outil

    • Un réservoir additionnel de 12 litres pour les longues ballades, adapté a votre quad
    • Les clés les plus courantes sur le quad, kit anti crevaison, mini pompe électrique ou bouteille. Quelques vis et boulons les plus courants et les plus longs...et une pince pour les couper....
    • Fil de fer, colle cyanocrylate, colle bi-composant métal (pour coller une petite pièce ou boucher un trou).
    • Cadenas si jamais il faaut immobiliser le quad sans surveillance en nature suite à une panne par exemple.
    • Une petit couteau suisse à caler sous la selle ou sous la mécanique. (jamais dans le sac ou sur vous)

    Le sac

    N'y mettre que des objets mous et non contendants ou dur qui ne peuvent pas comprimer la colonne vertébrale en cas de chute!!

    • Téléphone portable,
    • Barre énergétique, boisson,
    • Pansements, 3X bandages, alcool 90°, de quoi faire un garrot.
    • Couverture de survie, gants (pour vous ou si vous rammasez un blessé)
    • Perso j'ai aussi une matraque électrique car sans être le bronx, on peut faire partout de mauvaise rencontre.

    L'electronique

    Un GPS et une carte IGN sont un plus pour les très longues randonnées ou l'on part à l'inconnue.

    Les gadgets...

    http://www.bumpernuts.com/

  • First let's refresh some definitions...
    set user ID (SUID)

    The SUID permission causes a script to run as the user who is the owner of the script, rather than the user who started it. It is normally considered extremely bad practice to run a program in this way as it can pose many security problems.

    set group ID (SGID)

    The SGID permission causes a script to run with its group set to the group of the script, rather than the group of the user who started it. It is normally considered extremely bad practice to run a program in this way as it can pose many security problems.

    Latest versions of the Linux kernel will even prohibit the running of shell scripts that have SGID/SUID attribute set.

    Use of the SUID bit on binaries (to run with root privileges, aka &8221;setuid bit&8221;) MUST be limited to those shown in
    the following list:

    /bin/ping
    /bin/su
    /usr/bin/at
    /usr/bin/chage
    /usr/bin/chfn
    /usr/bin/chsh
    /usr/bin/crontab
    /usr/bin/gpasswd
    /usr/bin/newgrp
    /usr/bin/passwd


    The other binaries that were installed with the SUID bit set MUST have this bit removed. Administrators can still run
    these binaries normally, but they are not available for ordinary users. There are also a number of SGID files on the system that are needed, it may depending on the number of tools, or your distribution. Use Google and query the web for the right list ;-)

    Similarly, the SGID bit MUST NOT be used to give group &8221;root&8221; privileges to any binary.
    To generate a list of all SUID/SGID programs on the system simply run the following command:

    # find / -not -fstype ext3 -prune -o \ -type f \( -perm -4000 -o -perm -2000 \) \ -print


    Then, for each file in this list that is not one of the permitted SUID or SGID programs, run the command
    # chmod -s FILE

    to remove the SUID and SGID bits. When done, re-run the find command to verify that the list matches the
    permitted programs.

    I recommend you installing also FAF (File Anomaly Finder) on your server to check periodically for file with too much rights or privileges

  •  .htaccess files are very versatile, and can easily protect some area of Your Homepage. In the case of Mambo, I am here giving You a way to secure it in less than 5 minutes. 

    All You have to do is to drop a file named .htaccess in Your /administrator directory

    Here is a templates of .htaccess You can use
    # Do not allow any user to access this file - to copy in all .htaccess
    <Files .htaccess>
    order allow,deny
    deny from all
    </Files>

    force admin area with .htaccess password
    AuthType Basic
    AuthUserFile /pathto/.htpasswd
    AuthGroupFile /dev/null
    AuthName "Walter Cedric Administrator Area"
    <Limit GET POST>
    require valid-user
    </Limit>

    • pathto should normally be outside you public webserver directory!
      In plesk, that means outside the httpdocs directory!
    • .htpasswd is a Text file which contains a mapping login:password.

    Example of .htpasswd
    admin:XXXXXXX

    XXXXXXX must be replace by it's crypt version, use that Url to create a new
    crypted value:

    http://de.selfhtml.org/cgi-bin/cryptform.pl?password=aSI45I56B4KgR34542

    In this example, I want to have aSI45I56B4KgR34542 as password (my real password is even more complex!), the page then display me

    cziW29BR6Y3fM

    Be careful it is changing at each reload of the page since the system add "salt" to the password in order to avoid brute force attack with dictionnary.

    So I create a file .htpasswd which contains:

    Example of .htpasswd
    admin:cziW29BR6Y3fM

    So In order to be able to go in my administrator Mambo panel, I will have to type

     

    user name: admin
    password: cziW29BR6Y3fM

    HTACCESS is containing a lot more keywords and way to protect some data or directories.
    I recommend You to google a little bit to find some exhaustive articles like this one in german:
    optionen">http://de.selfhtml.org/servercgi/server/htaccess.htmoptionen

    If Youre using my component hashcash or any statistics log tools on YOur server, YOu may know the IP of the bad guys which try to break Your site. There is a way to block these attacking zombies at the server level. Just extends the section Limit of the .htaccess file

     <Limit GET POST>
    order allow,deny
    allow from all
    deny from
      XXX.XXX.XXX.XXX
    deny from .microsoft.com 
    </Limit>

    where XXX.XXX.XXX.XXX is the IP or part of the IP (XXX or XXX.XXX or XXX.XXX.XXX), but it can be a DNS. You can add as many lines as You want.

  • After Microsoft Warns of New Security Threat System monitoring programs, called rootkits, may pose a serious danger to your PC. it is time to see what offering is available to protect our PCs...

    A root kit is a set of tools used by an intruder after cracking a computer system. These tools can help the attacker maintain his or her access to the system and use it for malicious purposes. Root kits exist for a variety of operating systems such as Linux, Solaris, and versions of Microsoft Windows
    . [WikiPedia]

    The windows rootkit threat has never been so high as today: Rootkit creators turn professional
    All major antivirus software are now starting to provide solutions with more or less sucess:
    • SymantecHacktool.Rootkit comprises a set of programs and scripts that work together to allow attackers to break into a system. If Hacktool.Rootkit is detected on a system, it is very likely that an attacker has gained complete control of that system. All files that are detected as Hacktool.Rootkit should be deleted. Infected systems may need to be restored from backups or patched to restore security.
    • Sysinternal is a company more known for his hacking or developer tool, but they have been the first to give away a free rootkit revealer and detection program.
    • F-Secure Corp has added rootkit-detection features to its product suite: F-secure Blacklist
    • MicrosoftStrider Ghostbuster is a future tool from the Giant.


    The only problem is that the only solution is to restore your system by using a "non corrupted" os version (the problem is to have enough backup)...

    Also do not forget to visit the biggest community (33 000 users) at www.rootkit.com


  • joomla_cms

    Digital watermarking is the process of possibly irreversibly embedding information into a digital signal. The signal may be audio, pictures or video, for example. If the signal is copied, then the information is also carried in the copy. In visible watermarking, the information is visible in the picture or video. Typically, the information is text or a logo which identifies the owner of the media.[Wikipedia]

     

    I decide to go with an offline watermarking first, but you can let any Joomla!® extension watermark picture on the fly using php and .htaccess (at the cost of additional CPU server resources).

     

    Why Watermarking pictures?

    There is a lot of reasons, among others:

    • To limit images stealing, advanced users will still be able to crop/blur your watermark through!
    • To drive more new users/returning visitors to your site, anybody using your images in a forums may want to visit your site if the watermark can be read (don’t use complex logo, except if you have a well known brand)
    • To advertise your online work,

    Attention

    The first thing to do is to make a backup of your images! applying a watermarking is a non reversible process, usually this mean for Joomla!® to save your /images/stories directory

    You’ll have to decide what size you want your photos to be displayed at and how much space the text or logo will take up. Keep it small enough so as not to ruin the photo.

    Create a watermark using GIMP

    Download the excellent GIMP if not already done.

    Create a new picture with transparent background

    watermark.in.gimp.02 

    Using the text tool, create a black or white title, you can also import/create an original logo.

    watermark.in.gimp

    Save the file using a .png or .gif extension, don’t use .jpg as it don’t handle transparency

    Result:

    watermark 

    Prepare your Linux server

    My script require you to install ImageMagick

    ImageMagick®  is a software suite to create, edit, and compose bitmap images. It can read, convert and write images in a variety of formats (over 100) including DPX, EXR, GIF, JPEG, JPEG-2000, PDF, PhotoCD, PNG, Postscript, SVG, and TIFF. Use ImageMagick to translate, flip, mirror, rotate, scale, shear and transform images, adjust image colors, apply various special effects, or draw text, lines, polygons, ellipses and Bézier curves.

    ImageMagick install in OpenSuse

    As root run

    # zipper in ImageMagick

    ImageMagick install in Debian

    As root run

    # apt-get install ImageMagick

    Features

    Support dir name and filename space

    Support space in path and filename, not so easy as you think. Bash force me to use “” around variables to support space in path and use a while loop instead of a for loop to support space in filename.

    Scan you directories

    Scan your directories recursively for all pictures starting starting from the current directory (.).

    Do not watermark all pictures

    I don’t want to apply a watermark to all my pictures, I have decided to check against the size of the images and apply only if a threshold is reach (here all images bigger in width than 1024 pixels). The command identify allow you to retrieve the characteristics of any pictures

    geometry=$(identify $each)

    return for example

    ./desktop.jpg JPEG 1024x819 1024x819+0+0 DirectClass 8-bit 94.8613kb

    Add a bit of Bash REGEX magic (since 2004 with bash 4.0) to correctly identify picture size

    regex="([0-9]*)x([0-9]*)"

    and voila! I can now use $height and $width in my function.

    Limitations

    Do not run the script twice or more

    Do not run the script twice or more on same directory/sub directories, or the watermark will get darker and darker. The code do not check if any watermark already exist, and apply the same watermark over and over pictures that reach the threshold.

    Installation

    The script must be runnable

    # chmod u+x watermark.sh

    Configuration

    open the file watermark.sh

    # vi watermark.sh

    and change all variables value at the top

    Position of the Text Watermark

    You can position the text using the following Gravity, possible values are: NorthWest, North, NorthEast, West, Center, East, SouthWest, South, SouthEast.

    NorthWest North NorthEast
         
      Center  
         
    SouthWest South SouthEast

    If the -gravity option is present with NorthEast, East, or SouthEast gravity, it gives the distance leftward from the right edge of the image to the right edge of the cropping region. Similarly, if the -gravity option is present with SouthWest, South, or SouthEast gravity, the distance is measured upward between the bottom edges.

    See more details HERE  

    The bash script

    Source Code

     

     

    #!/bin/bash
    echo "*******************************************"
    echo "* Image Watermarking Script               *"
    echo "* By Cedric Walter - www.waltercedric.com *"
    echo "* Licence GNU/GPL v3 or later              *"
    echo "*******************************************"
    echo " "
    
    BASEDIR=.
    
    WATERMARK="/srv/www/vhosts/waltercedric.com/httpdocs/watermark.png"
    
    Below this width no watermark will be apllied
    MIN_PIC_HEIGHT=600
    MIN_PIC_WIDTH=800
    
    # NorthEast, East, or SouthEast gravity, it gives the distance leftward from the
    # right edge of the image to the right edge of the cropping region. # Similarly, if the -gravity option is present with SouthWest, South, or SouthEast
    # gravity, the distance is measured upward between the bottom edges. WATERMARK_POSITION=northeast Transparency percentage TRANSPARENCY_PERCENTAGE=15 normal user dont change below #this use bash regular expression capabilities regex="([0-9]*)x([0-9]*)" function applyWatermarkForExtension { find $BASEDIR -type f -name "$1" | while read each do geometry=$(identify "$each") echo $geometry if [[ ${geometry} =~ ${regex} ]]; then echo "$geometry matches" i=1 n=${BASH_REMATCH[*]} width=${BASH_REMATCH[$i]} let i++ height=${BASH_REMATCH[$i]} echo width=$width height=$height if [ $width -gt $MIN_PIC_WIDTH ];then echo "Working on $each..." composite -gravity $WATERMARK_POSITION -dissolve $TRANSPARENCY_PERCENTAGE $WATERMARK "$each" "$each" 2> /dev/null echo "... Done!" fi fi done } add new pictures extensions here applyWatermarkForExtension "*.jpg" applyWatermarkForExtension "*.gif" applyWatermarkForExtension "*.png" applyWatermarkForExtension "*.jpeg" exit 0

    Download

    Download from my download section.

    references