IT-Sicherheit - Seite 2 - Frank Berger, IT-Dienstleistungen

26.12.200617.01.2013

23C3 - The Arrival

23C3 Berlin Central Station

Ich bin gerade mit dem Zug in Berlin angekommen um - wie jedes Jahr ;-) - am Kongress des CCC teilzunehmen. Ein ganz besonderer Gruß geht an dieser Stelle an meine Freundin Kerstin, die leider aus beruflichen Gründen nicht mit nach Berlin kommen konnte.

Hier schon mal mein "Vortrags-Stack" für den ersten Tag:

10:30 Saal 1 - Who can you trust? Opening Ceremony and Keynote
11:30 Saal 1 - Das neue gesetzliche Verbot des Hackings
14:00 Saal 2 - Project Sputnik - Realtime in-building location tracking at the 23C3
16:00 Saal 4 - Fudging with Firmware - Firmware reverse-engineering tactics
17:15 Saal 4 - Java wird Groovy - Eine Einführung in die neue, dynamische Sprache für das Java-Ã–kosystem
21:45 Saal 4 - Building an Open Source PKI using OpenXPKI

23.11.200517.01.2013

22C3 is coming up

Wow, the end of 2005 is coming, so - same procedure as every year :-D
In my case that will be the 22nd Chaos Communication Congress. Just finished booking the train ticket and hotel.

The line-up of interesting talks is quite overwhelming this year. There are a lot of talks about buffer overflows and related topics - I am very curious about new approaches and developments concerning that craftwork...

The degree of collateral damage for this years congress will also be very amusing :-D. Last year we got a mass defacement for over 18.000 websites. Well nothing spectacular, but it hit the news and makes up the reputation...

If you are interested in digital life and/or computer security you may want to check out the 22C3 webblog or the schedule.

You also attend the 22C3? If you like get in touch with me... I am always happy to meet new and interesting people.

18.05.200517.01.2013

Having Fun with Bugs

Ups :-)
It is a little bit embarrassing, but software bugs can also happen to me. Bugs in web applications can lead to something like that showing up in search engine results:

error message in search engine

That error message was caused by an flaw on how I handled the
input from the HTTP Accept-Language line, if it was missing my code run into the above error.

So, that example proves one thing - it is very hard to review and audit your own code for flaws and security holes.

16.05.200517.01.2013

21C3 Video Recordings

Wow, it finally happend - the video recordings from the 21th Chaos Communication Congress are in the Torrent! Just have an look at the offical BitTorrent tracker.

Well I have my own list of favorite talks:

013 The Art of Fingerprinting
019 Verdeckte Netzwerkanalyse
057 SUN Bloody Daft Solaris Mechanisms
070 Fnord-Jahresrueckblick
074 Hacker-Jeopardy
097 Das Literarische Code-Quartett
105 Honeypot Forensics
109 Anti-Honeypot Technology
123 Gentoo Hardened
146 Mehr Sicherheit fuer HostAP-WLANs
176 Passive covert channels in the Linux kernel
308 MD5 To Be Considered Harmful Someday

To play the videos I had to make some small adjustments to mplayer. The AVI-Files use H.264 as videocodec and AAC (MPEG4) ID 0x706D as audiocodec. To get the audio I had to register libfaad2 for the ID 0x706D to hear the audio within mplayer. But that was all I had to do.

13.05.200517.01.2013

Software Releases of the Week

Ok, here are some new Software Releases I stumbled into this week:

WordPress 1.5.1
It is mainly a maintenance release with a lot of bugs fixed. To get the feeds working (RSS2 etc.) I needed to patch wp-blog-headers.php (see ID1323: Feeds return 304 when no new posts have been made Description Bug).
I am using an paranoid setup with to different websites (wp-admin on localhost and only public stuff on the internet) I had to patch wp-includes/functions.php to reflect some changes for the get_settings('home'||'siteurl') function to get correct absolute URLs throughout the links.
Bugzilla 2.18.1
No big deal in updating that, checksetup.pl a few times and guess what - after starting mysqld - bugzilla just worked fine :-D.
Gaim 1.3.0
Hehe, the usual security issues CAN-2005-1261 and CAN-2005-1262 .
GNU ddrescue 1.0-pre1
That tool saved my life several times during recovery from a bad harddisc. So make sure that you always have a copy of it on your rescue cdrom. It is much much faster than normal dd when it comes down to bad blocks.
Metasploit Framework 2.4
If you have some time and some vulerable test systems you have to try that one out by yourself!
Rootkit Hunter 1.2.6
*little bit ashamed* that tool was new to me, I used chkrootkit and AntiExploit before.
Clover 1.3.7 and Spike PHPCoverage 0.6
Wow, two releases of test coverage software in one week, so if you have to perform some coverage analysis during for your tests you may want to check them out.
John the Ripper 1.6.38
In case you lost/forgot your password John may help you to "remember" it.
Grand 0.7.1
Got lost with your target dependencies in Ant? Grand uses Graphviz to produce some nice pictures for you.