KCLUG February 2007

kclug@kclug.org

32 participants
41 discussions

Re: Quick security question
by Jared 22 Feb '07

22 Feb '07

> Wrong. > http://en.wikipedia.org/wiki/Control-Alt-Delete > http://www.techshowflorida.com/details.html > > Invented LONG before phishing. I fail to see how a USB dongle can > determine if a user is local or not. And yes, you can send a > ctl+alt+delete remotely, but it will disconnect your session as the > computer reboots. Also, Linux and Windows can be altered to not respond > to remote ctl+alt+delete. Responding to the four claims above: 1. "Phishing" is a strategy of fooling the user into thinking he is logging into a system when he is actually running an application which harvests passwords. It is at least 18 years old, as I used this technique on a DEC VMS system at UMKC in the late 1980s, as a stunt among close friends, not entirely realizing the ethical boundaries I had crossed. I never actually used passwords thereby harvested, because it was more fun to simply show the program to a friend and say "Ain't that cool?" Many years later, the term "phishing" was coined to describe this technique, by which time Windows NT had changed CTRL-ALT-DEL from the reboot sequence to its anti-phishing Security Sequence. Thus, the phishing technique is well over 30 years old, although the name "phishing" is new. 2. A dongle is a well-known practice for ensuring: a. The expensive-application runs only on a single machine. b. The secure-user is actually at the local machine. It is also annoying and consequently not used often, thank God. 3. TightVNC allows me to send CTRL-ALT-DEL remotely, and it will perform as expected, _not_ immediately rebooting the computer. I think your information on this may be a few years old, from before Microsoft commandeered the CTRL-ALT-DEL sequence from its previous role as reboot sequence. 4. Your final point is correct. On a RedHat system, comment this line in /etc/inittab: ca::ctrlaltdel:/sbin/shutdown -t3 -r now In Windows, there are several ways; even including JavaScript: var wshell=WshShell.CreateObject("WshShell"); wshell.RegEdit("HKCU\Software\Microsoft\Policies\CurrentVersion\ System\DisableTaskMgr",1,"REG_DWORD"); Of course, your security policies will need to allow this. In other words, the initial claim of "Wrong" above may need to be adjusted slightly. Luke did know what he was talking about, and I write to corroborate. -Jared > >-----Original Message----- > >From: Luke -Jr > >Sent: Wednesday, February 21, 2007 11:27 AM > > > >Actually, IIRC, the Ctrl-Alt-Delete login process is meant to > >thwart phishing attacks. When you press Ctrl-Alt-Delete, > >Windows ALWAYS intercepts it. > >Therefore, you know Windows itself is presenting your login > >dialog, not some viral program. You can send Ctrl-Alt-Delete > >remotely since at least Win98 (though in DOS-based Windows, it > >will freeze any network processes). > > > >If you want to determine if a user is local, use a USB dongle > >:)

1 0

Java Help
by Tommy Herrmann 22 Feb '07

22 Feb '07

Hey all! I'm trying to run a private RuneScape server/client on Ubuntu Dapper but I keep getting this: tommy@dad:~/Desktop/Moparscape$ java -noverify -Xmx500m -cp ./MoparScape.jar: Bot 0 Exception in thread "main" java.lang.NoClassDefFoundError: java/lang/StringBuilder at Bot.<clinit>(Bot.java:107) Dad suggested I consult the list and I figure someone knows what I'm doing wrong. The site I got the client from is: http://www.moparscape.org/smf/index.php/topic,6915.msg70691.html Gurus bestow thy knowledge!! Tommy

2 1

old AS/400
by David Nicol 22 Feb '07

22 Feb '07

would anyone like to take over the old AS/400 which I have been using as a desk for the past two years? We (openmethods.com) are moving to new office space and getting standardized furniture. It might actually work -- I've never powered it on. -- "I've never been elected dog-catcher and I've never had an employee." -- Bruce Sterling

2 1

RE: proxim USB wifi and Ubuntu
by Kelsay, Brian - Kansas City, MO 21 Feb '07

21 Feb '07

I was incorrect on the Netgear 111T and madwifi. Madwifi does not currently work with any USB dongles. http://madwifi.org/wiki/MadWifi "USB devices are not yet supported." >-----Original Message----- >From: Oren Beck >Sent: Wednesday, February 21, 2007 12:40 PM > >The issue originating this thread has been solved by swapping >the USB proxim for a hawking dongle style. Which Craig will be >asking questions about. Mainly about how different browsers >seem erratic in working with it. But he has it at the focus of >a DirecTV dish on the campground's site 3- aimed at my house- >maybe 1100 feet thru trees and he has 6 stars signal!

1 0

RE: proxim usb wifi and ubuntu
by Kelsay, Brian - Kansas City, MO 21 Feb '07

21 Feb '07

http://www.woot.com/ has a Netgear 111T and if you hurry you can get one today. They are $17.99 + $5 shipping. This has the Atheros chipset in it that is the same as my 511T. The "T" is the thing to watch out for here. Anyway, my 511T works in Ubuntu, Debian, Knoppix, DSL, Mepis, pretty much everything if they have the "madwifi" driver I believe. I got a 111T recently but haven't had time to try it. Maybe this weekend, but there shouldn't be a problem. >-----Original Message----- >From: Oren Beck >Sent: Thursday, February 15, 2007 4:43 PM > >What's the quickest trick to get a proxim wifi usb adaptor to >work with ubuntu? > >Craig at my campground has tried everything for hours with no luck. >Any suggestions are appreciated. Google etc has been a flat bust. > > >TIA > >Oren

8 9

RE: proxim USB wifi and Ubuntu
by Kelsay, Brian - Kansas City, MO 21 Feb '07

21 Feb '07

The ath_hal module contains the Atheros Hardware Access Layer (HAL). This code manages much of the chip-specific operation of the driver. The HAL is provided in a binary-only form in order to comply with FCC regulations. In particular, a radio transmitter can only be operated at power levels and on frequency channels for which it is approved. The FCC requires that a software-defined radio cannot be configured by the user to operate outside the approved power levels and frequency channels. This makes it difficult to open-source code that enforces limits on the power levels, frequency channels and other parameters of the radio transmitter. See http://ftp.fcc.gov/Bureaus/Engineering_Technology/Orders/2001/fcc01264.p df for the specific FCC regulation. Because the module is provided in a binary-only form it is marked "Proprietary"; this means when you load it you will see messages that your system is now "tainted". A detailed discussion of the pros and cons of this design can be found at http://madwifi.org/wiki/HAL If you wish to use this driver on a platform for which an ath_hal module is not already provided please contact the author. Note that this is only necessary for new _architectures_; the HAL is not tied to any specific version of Linux - in fact the identical HAL binary code is used unchanged with other operating systems. >-----Original Message----- >From: Luke -Jr >Sent: Wednesday, February 21, 2007 11:30 AM >On Wednesday 21 February 2007 11:21, Bradley Hook wrote: >> Luke -Jr wrote: >> > Warning: 'madwifi' is not GPL-compatible; as such, it is >illegal and >> > will taint your kernel. >> >> From the COPYRIGHT file in the madwifi tarball: >> >> * Alternatively, this software may be distributed under >the terms of the >> * GNU General Public License ("GPL") version 2 as >published by the Free >> * Software Foundation. > >Indeed, but that is just a wrapper. This GPL'd wrapper is >*distributed along >with* a binary blob it links to which is *specifically* not GPL. >madwifi-0.9.2.1/hal/COPYRIGHT: > All files contained in this distribution are covered by >the following > copyright unless explicitly identified otherwise. Note >that this > copyright does _NOT_ contain a "or GPL" clause and does >_NOT_ permit > redistribution with changes.

1 0

RE: Quick security question
by Kelsay, Brian - Kansas City, MO 21 Feb '07

21 Feb '07

Wrong. http://en.wikipedia.org/wiki/Control-Alt-Delete http://www.techshowflorida.com/details.html Invented LONG before phishing. I fail to see how a USB dongle can determine if a user is local or not. And yes, you can send a ctl+alt+delete remotely, but it will disconnect your session as the computer reboots. Also, Linux and Windows can be altered to not respond to remote ctl+alt+delete. >-----Original Message----- >From: Luke -Jr >Sent: Wednesday, February 21, 2007 11:27 AM > >Actually, IIRC, the Ctrl-Alt-Delete login process is meant to >thwart phishing attacks. When you press Ctrl-Alt-Delete, >Windows ALWAYS intercepts it. >Therefore, you know Windows itself is presenting your login >dialog, not some viral program. You can send Ctrl-Alt-Delete >remotely since at least Win98 (though in DOS-based Windows, it >will freeze any network processes). > >If you want to determine if a user is local, use a USB dongle >:)

2 1

RE: Security approaches for local Vs remote users- comments needed.
by Kelsay, Brian - Kansas City, MO 21 Feb '07

21 Feb '07

If you memory is good, make up a password you can remember. Barring that, write your password on a card and put it in your wallet or someplace that locks with a key that you carry at all times. This is not rocket science. Companies hopefully have disaster recovery plans that include off-site backups, network diagrams, wiring diagrams, building plans locked server rooms w/ limited access, and documentation (change logs) on each server including the passwords. You lock all this stuff up in a fireproof safe. As a user, you can include as much of this safety as you need. You can get a fireproof safe from Wallyworld for ~$20. >-----Original Message----- >From: Oren Beck >Sent: Wednesday, February 21, 2007 11:28 AM > >I will keep the opening concept model simple. > >There are obvious differences in multi-user systems and a >"single user personal" one. >Many of us are in that "single user" class. And often are >testing distro installs for short times then starting over. I >propose an intentionally less "secure" password recovery mode. > >Some method to replicate the "paperclip soft reset" function. > >Any comments on how one would best do so? > >TIA > >Oren

1 0

Security approaches for local Vs remote users- comments needed.
by Oren Beck 21 Feb '07

21 Feb '07

I will keep the opening concept model simple. There are obvious differences in multiuser systems and a "single user personal" one. Many of us are in that "single user" class. And often are testing distro installs for short times then starting over. I propose an intentionally less "secure" password recovery mode. Some method to replicate the "paperclip soft reset" function. Any comments on how one would best do so? TIA Oren

1 0

Quick security question
by cragos＠gmail.com 21 Feb '07

21 Feb '07

Can someone more familiar than I with the math behind one-way hashes explain how a hashed string is compared with a string in plaintext? I had a typo in the text I fed to passwd, and, when I went back in to fix the typo, I got an error message that read: "BAD PASSWORD: is too similar to the old one" Of course, that was easy enough to override as root, but it raises an interesting question. Anyone game to explain the math behind how it was able to tell? Thanks, Sean

7 8

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

KCLUG February 2007