BTA Blog Rotating Header Image

Macintosh

Issues with Apple Macintosh operating systems and hardware.

Simple Intrusion Detection

Dec 14th, 2011
by Dirk.
No comments yet

Sometimes I want to have a simple way to determine if a file has been changed or has been compromised without the configuration required of a full feature IDS such as AIDE or Tripwire.  This technique uses CFV, a free and open-source program written in Python and “has been verified to work on linux, freebsd, openbsd, netbsd, solaris, macosx, and windows.”  This program can generate a variety of checksum formats including the SHA1 used in this example.

To create the signature file for a directory’s and sub-directories’ files use the following commands in a Linux or Mac OS X command window:

cd /usr/local/bin
cfv -C -rr -f bin.sha1 -t sha1
gpg -sab bin.sha1

To verify the file signatures use the following commands:

cd /usr/local/bin
gpg --verify bin.sha1.asc
cfv -M -f bin.sha1

The gpg command verifies the integrity of the signature file (bin.sha1).  The cfv command then verifies all the files originally tested when creating the signature file.

Keeping track of passwords

Mar 26th, 2010
by Dirk.
No comments yet

If you have run out of pets’ or children’s names to use for passwords.  Or you have ever misplaced that scrap of paper with your bank PINs and passwords.  Or if you have trouble remembering the contrived “passwords” that banks are now asking like “What was your first girl friend’s name?”, then maybe you are ready for a password safe program.  These programs usually keep track of your user names, web addresses, and passwords in a file format the is encrypted that only allows access using a particular software program and a single password.  This keeps your passwords safe if you laptop gets stolen or someone copies the files on your computer or backup disks.

I wrote a program for MS Windows for this purpose years ago, but since I mostly work on Linux and Macintosh computers today, it quickly became obsolete.  Today I use a program called KeePassX (www.keepassx.org) to keep track of my passwords.  I use it to keep track of hundreds of passwords that I have accumulated over the years.  Another great benefit is since I do not need to rely on my memory or have to write or type the passwords, because I can copy and paste them into the password prompts.   I can create long random character/number combination passwords that are very secure compared to your wife’s birthday or your dog’s name.  Even better, KeePassX will generate new passwords for me!

I can copy the encrypted file to a USB thumb drive and access it from my Linux, Macintosh, and even MS Windows computers.  You can even put the software on the thumb drive and access your passwords on systems that do not have the software installed.

KeePassX was originally a Linux clone of a similar software program called KeePass Password Safe (keepass.info).  KeePass Password Safe is for MS Windows only, but KeePassX currently uses the KeePass version 1.x (Classic) password database format as the native format.  So as long as you stay with KeePass v1.x then your encrypted password file can be opened with KeePassX on other platforms (Linux and Macintosh).

Both programs (KeePassX and KeePass) use either the AES (alias Rijndael) or Twofish encryption algorithm using a 256 bit key.  The AES encryption algorithm is currently used by the U.S. government for protecting it’s top secrets.

No password safe software program will protect you from every threat to someone getting your passwords, but they eliminate the greatest threats of weak easily guessed passwords and passwords written on paper that is easily obtained.