Poor man’s view of the world

Way back in 2002, I had proposed an Internet Draft “Biometric based Digital Signature scheme”. It did not make it to the status of an RFC, but I hope someone somewhere can build on the concept.

Abstract:

Digital Signatures are fast emerging as a viable information security
solution, satiating the objectives of data integrity, entity
authentication, privacy, non-repudiation and certification.

The technique, as it stands today, faces the problem of the
maintenance of the secrecy of the private key. This document provides
a conceptual framework for the establishment of a biometric-based key
generation scheme.

In this scheme, the private key is generated each
time a document or record requires to be signed. Such generation is
based upon a combination of biometric traits.

View the complete document

In today’s hi-tech world, where every T, D and H owns a laptop and more, a fully equipped pen drive still makes a lot of sense.

Top 5 scenarios where a pen drive loaded with the rights apps makes great sense are:

1. You regularly work on a set of files on different computers (one at the office, one at home, one on the go blah blah blah…).

2. The “friendly” neighborhood sysadmin has forbidden installation of software on the office machines.

3. You are going on a well deserved vacation (and you obviously don’t want to lug the laptop around) …. but you need to carry important files in case there is an emergency and you need to work from a cyber cafe.

4. You need to backup files (pen drives are smaller than CDs and DVDs).

5. You want to carry some great videos / movies around.

Ever since Nimda blew my data to bits (…literally), I have been very very worried about computer viruses (and worms and Trojans etc etc). I use AVG on my personal machine but sometimes there are files I am doubly suspicious about. Even if AVG gives the clear signal that the file is virus free, I need a “second opinion”.

virustotal.com is a great place to get not just a “second opinion” but 32 opinions on a suspected file !!

VirusTotal analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. Its features are:

• Its free!!
• It uses multiple antivirus engines (32 as of today!!)
• It features real-time automatic updates of virus signatures
• Gives you detailed results from each antivirus engine

Before you get the wrong idea, I am referring to my USB stick (or “pen drive” in common parlance Its quite convenient to carry your data on a portable drive (pen drive / portable hard disk). Its even better when you can carry your apps with you.

This is a list of apps that I carry on my USB stick:

1. Firefox browser with the following extensions -

• NetcraftToolBar for blocking phishing sites
• ShowIP for whois
• PhProxy
• Shazou for one click geo-location of websites
• Temporary Inbox for creating random email IDs for online registration
• X-Ray for analyzing web page source code
• Gspace to use Gmail space for online storage
• FireFTP for accessing FTP servers

2. Mozilla Thunderbird email client

3. Open Office for viewing / editing / creating docs, ppts, xls files etc

4. Foxit PDF Reader

5. PeaZip archive manager

6. CurrPorts process viewer

7. PC Inspector File Recovery software

8. Faronics System Profiler

The above are free to download and use. There are also some excellent “paid” apps that I have on my stick. These are X-ways Forensics, X-ways Trace and Elcomsoft office and archive password recovery software.

My 18 month daughter can port an app to u3 (just kidding but it’s actually very simple). Just follow these simple steps:

1. Install U3 Package Prototyper onto your U3 portable drive. (You can get it from www.u3.com)

2. Using the U3 Package Prototyper that you have installed on your portable drive, create a u3p file based upon your application. (You need to select the source directory, destination directory and the main executable for your application).

3. Open your u3p file with WinZip and extract the manifest.u3i file. [Do not rename the u3p file to .zip]. Edit the manifest.u3i file. (Usually you only need to change the application name and description). After editing, add this file back to the u3i file.

4. That’s it! Now just use the “Add Programs” tab of your u3 launchpad and add the modified u3i file. You can use the “Manage U3 Programs” to set the program to “start on insertion”.

Enjoy

This small and simple guide lists the best FREE solutions to secure your network.

Smoothwall Express
SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system.It includes a hardened subset of the GNU/Linux operating system and is configured via a web-based GUI. Best of all….it requires absolutely no knowledge of Linux to install or use.

AVG Anti-Virus Free Edition
AVG Free is an excellent free anti-virus solution. Its very easy to use, needs low system resources, features automatic update functionality and real-time protection.

Snort
Snort is an open source network intrusion prevention and detection system.  It is an exceptional product that uses a rule-driven language.

Nmap
Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. Nmap can determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

Nessus
Nessus is an extremely powerful vulnerability scanner.

Alternate Data Stream as a method of steganography has the following pros:

1. Its FREE!

2. Its very easy to use. Check this out.

3. You do not need ant third party tools / software.

It has the following cons:

1. No support for passwords (unless you embed password protected files)

2. Runs only on NTFS (and Microsoft says that ” Alternate data streams are strictly a feature of the NTFS file system and may not be supported in future file systems. However, NTFS will be supported in future versions of Windows NT. “)

3. Hidden data will be lost if you email the parent file or for that matter transfer it to a non NTFS partition / device.

While on the issue of Steganography, also check out steganography, the easy way… No steganography software required

Alternate data streams (ADS) are a very interesting feature of of the NTFS file system .

In this post I am giving a simple code to hide an exe in a text file and subsequrntly run the exe using a batch file. I presume you are familiar with the basics of ADS. If not click here before you proceed.

Sample code:

In this example we will hide an exe named “sanya.exe” in a text file named “tanya.txt”. Both these files are in the g drive

Step 1: Go to WinXP command prompt and type :
type g:\sanya.exe>g:\tanya.txt:sanya.exe

Step 2: To run the exe, go to WinXP command prompt and type :
start g:\tanya.txt:sanya.exe

Thats it!

For a batch file you can use start %cd%tanya.txt:sanya.exe

Note:

1. If you want to run this from a pen drive, first convert the pen drive to NTFS using convert g: /fs:ntfs