I’ve uploaded on my server the talks (16kbps) from the last hope conference.

Url: http://www.cryptolife.org/last.hope/

With dnsmap I’ve discovered 9 subdomains that are belonging to the Official Website of the Beijing 2008 Olympic Games. Let’s try to  find some juicy info

#dnsmap beijing2008.cn

dnsmap - DNS Network Mapper by pagvac
(http://ikwt.com, http://foro.elhacker.net)
Searching subhosts on domain beijing2008.cn

files.beijing2008.cn
IP Address #1:58.68.168.159

images.beijing2008.cn
IP Address #1:79.140.81.19
IP Address #2:79.140.81.33

mail.beijing2008.cn
IP Address #1:202.96.53.43

photo.beijing2008.cn
IP Address #1:61.135.189.65

search.beijing2008.cn
IP Address #1:61.135.189.89

smtp.beijing2008.cn
IP Address #1:202.96.53.40

www.beijing2008.cn
IP Address #1:79.140.81.56
IP Address #2:79.140.81.59

www1.beijing2008.cn
IP Address #1:61.135.189.205

www2.beijing2008.cn
IP Address #1:220.181.69.139
IP Address #2:220.181.69.137

9 subhost(s) found

It’s on my desk now

The Best of 2600: A Hacker Odyssey
Product Description
Since 1984, the quarterly magazine 2600 has provided fascinating articles for readers who are curious about technology. Find the best of the magazine’s writing in Best of 2600: A Hacker Odyssey, a collection of the strongest, most interesting, and often most controversial articles covering 24 years of changes in technology, all from a hacker’s perspective. Included are stories about the creation of the infamous tone dialer “red box” that allowed hackers to make free phone calls from payphones, the founding of the Electronic Frontier Foundation, and the insecurity of modern locks.

TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc).

New features:

* Parallelized encryption/decryption on multi-core processors (or multi-processor systems). Increase in encryption/decryption speed is directly proportional to the number of cores and/or processors.

For example, if your computer has a quad-core processor, encryption and decryption will be four times faster than on a single-core processor with equivalent specifications (likewise, it will be twice faster on dual-core processors, etc

* Ability to create and run an encrypted hidden operating system whose existence is impossible to prove (provided that certain guidelines are followed). For more information, see the section Hidden Operating System. (Windows Vista/XP/2008/2003)

* On Linux, TrueCrypt now uses native kernel cryptographic services (by default) for volumes encrypted in XTS mode. This increases read/write speed in most cases. However, the FUSE driver must still be used when the volume is encrypted in a deprecated mode of operation (LRW or CBC), or when mounting an outer volume with hidden-volume protection, or when using an old version of the Linux kernel that does not support XTS mode. (Linux)

website: http://www.truecrypt.org

The security guard looked me a little bit strange, guess why

Today I’m proud to release fastCa 0.9, fastCA is a Fast and easy SSL certification authority builder. Based on the openssl command line and dialog tool. The usage of this software is extremely simple, at the beginning all that is required to edit - is the file vars, where the information regarding the certification authority is stored ( COUNTRY,PROVINCE,CITY,ORG,EMAIL,OU,CN ). After running the script ./FastCa.sh (as root) , a simple step by step process will guide you to create a self certification authority and to export the SSL certificates to encrypt the traffic on your web/mail server.

Hacking this software is encouraged and appreciated .

web page: http://www.cryptolife.org/fastca/

download: http://www.cryptolife.org/fastca/fastCA.zip

screenshot: http://www.cryptolife.org/fastca/fastCA.jpg

On next Tuesday we’ll be traveling to San Francisco (California).After landing we will reach Berkeley, where our friend lives and where we will stay for two weeks . I’m pretty excited to hang around San Francisco, Berkeley University, Mountain View and the silicon valley. I’ll be very happy, if through the blog, someone could give me some advice about the Bay Area events and cool places to visit.

how worth is :
sf2600.org meeting
www.buug.org meeting

Today I’ve tried to install the vmware server on my laptop, where is running ubuntu 8.04 ( hardy heron). Everything went smoothly, except when I tried to run the Vmware server-console, the system returned the following error:

/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4′ not found (required by /usr/lib/libcairo.so.2)

/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0′ not found (required by /usr/lib/libstdc++.so.6)

/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4′ not found (required by /usr/lib/libcairo.so.2)

/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0′ not found (required by /usr/lib/libstdc++.so.6)

/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4′ not found (required by /usr/lib/libcairo.so.2)

/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0′ not found (required by /usr/lib/libstdc++.so.6)

A quick and dirty workaround is to comment out the line 246 on the file /usr/lib/vmware/lib/wrapper-gtk24.sh

Just a simple iptables script for a standalone mail,web,dns server.

Here’s the code in a readable mode:

www.cryptolife.org/code/easyfire/firewall.txt


#!/bin/sh
IPT="/sbin/iptables"
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
echo 0 > /proc/sys/net/ipv4/ip_forward
#modules
$IPT -P INPUT DROP
$IPT -P FORWARD DROP
$IPT -P OUTPUT ACCEPT
# Enable free use of loopback interfaces
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A OUTPUT -o lo -j ACCEPT
# Input policy
$IPT -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED
TCP="22,25,53,80,123,443,993"
UDP="53,123"
$IPT -A INPUT -i eth0 -p tcp -j ACCEPT -m multiport --dports $TCP -m state --state NEW
$IPT -A INPUT -i eth0 -p udp -j ACCEPT -m multiport --dports $UDP -m state --state NEW