†è¢h båbblè

My daily dose of rant & whine !

Computer Forensics:Links & Resources

Tuesday, June 28, 2005
Here are a couple of links & reference material I found while wandering about on the internet.

Digital Forensics

Honeynet Challenges: This is truly a amazing source of resource for forensic wannabes with forensic challenges & solutions,presentations.This one helluva link to bookmark.

Incident Response & Computers Forensics Live CD : Currently downloading this so no comments till I have a hands on experience with it.

Security Focus Resource :This is one of the best resources that you will find,written by people of quality.Some of the articles situated there present you a hands on experience like the Web Browser Forensics article.

(IN)Secure Digital Security Magazine




I yesterday stubled upon (IN)SECURE Magazine,a free digital security agazine.The issues published till now have quite interesting articles.

You can download the latest issue here :

ISSUE 1.2 (June 2005)

RSS is here !!

Monday, June 27, 2005
Now you peeps can keep track of the happenings by subscribing to †è¢h båbblè RSS

Ipod Slurping !

Sunday, June 26, 2005
Here is a quite interesting read on the use of Ipod's & other similar portable devices which function as storage devices in certain cases too in workplaces.

Ipod Slurping

Interview with Marcus Ranum

Tuesday, June 21, 2005
Here is a two page Interview with Marcus Ranum.For anyone who doesnt know who he is,he is the Chief Security Officer of Tenable Network Security, Inc., the producers of the Nessus vulnerability scanner and a suite of security vulnerability management tools.

An excerpt from the interview:
Could you introduce yourself?
I am Marcus Ranum, Chief Security Officer of Tenable Network Security, Inc., the producers of the Nessus vulnerability scanner and a suite of security vulnerability management tools. I've been working in the computer security arena for about 20 years, now, and was the designer and implementor of a variety of security solutions in the past, including firewalls, VPNs, and intrusion detection systems. I like to think I've been around long enough and done a wide enough variety of things that I've achieved a pretty good perspective on the trade-offs inherent in security technology.

I was the designer and implementor of the first commercial firewall product, the DEC SEAL, in 1990, and was the "inventor" of the proxy firewall concept. In 1992 I wrote the TIS Firewall Toolkit and Gauntlet firewall, and set up and managed The President's email server (whitehouse.gov) during its first year of operation. I was founder and CEO of Network Flight Recorder, an early innovator in the IDS market, as well.

You can read that entire interview Security Focus

Monday, June 20, 2005
Well I for one was in need of making the most of what I had apart from the main rig which I use for all purposes.

With a couple of old machine lying around I couldnt store them there lying dust can I?
Mission: I wanted one machine to act as a firewall
The machine specs are a Pentium 120Mhz,cd writer,10Gb hard drive,48MB SD RAM.After a bit of research to what I wanted from them I landed up with three solutions & oh did I tell you they are OpenSource

1.
Quote:
SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Linux is the ideal choice for security systems; it is well proven, secure, highly configurable and freely††† available as open source code. SmoothWall includes a hardened subset of the GNU/Linux operating system, so there is no separate OS to install. Designed for ease of use, SmoothWall is configured via a web-based GUI, and requires absolutely no knowledge of Linux to install or use.


Smoothwall is the best option out there.Also recommended by MVP's.Btw notice the text in bold,with myself still being on the linux learning curve this is just the option I wanted right now.It contains enough documentation & manuals to get you started already.

Info & Download



2.
Quote:
ClarkConnect is a powerful yet easy-to-use software package that transforms off-the-shelf server hardware into a dedicated Internet firewall, gateway or server. The software is a great solution for schools, businesses, organizations, and home offices.


Info & Download

3.
Quote:
IPCop Firewall is a Linux firewall distribution geared towards home and SOHO (Small Office/Home Office) users. The IPCop interface is very user-friendly and task-based. IPCop offers the critical functionality of an expensive network appliance using stock, or even obsolete, hardware and OpenSource Software.


OLD PC + IPCOP = Secure Internet Appliance

IPCop lets you take an old PC and convert it into an appliance that will.

1. Secure your home network from the internet.
2. Improve the performance of web browsers (by keeping frequently used information)

All this functionality can be managed from a simple to use web interface, even updates and patches can be installed using a web browser.
Remember IPCop works with most home networks and small office networks, dial up modems, cable modems, ADSL, Leased lines and ISDN. It also lets several PCs share connections to the internet. If you have an always on connection to can even use IPCop to protect your web and email servers. IPCop also has remote management meaning you can securely update and reconfigure your IPCop firewall from anywhere with an internet connection!


Info & Download

Though I've yet to try the above two they surely look promising

Building a Server

Saturday, June 11, 2005
The time has just arrived with my order of Antec 3000B Chassis reaching home today evening.After all the research & effort that went into buying a perfect chassis which I could afford,I fell for the Antec 3000B primarily because of the offer the Bangalore distributor offered me.
The 3000B is without the power supply,but since I was in need of one,he offered me 350W SMPS Smart Power for a cool price.Other options were the Kunhar ZB01 Server chassis which was available to me for 4k including shipping & without the power supply.

Hardware Part:

ASUS A7N8X-VM/400
Athlon XP 1700+ running at stock 1.46Ghz
256 DRR @400Mhz
Seagate PATA 80 GB & a seagate 40GB PATA :My backup disks
Two 20GB Seagate PATA's in RAID 0
Promise RAID Controller Card 2 port
DLINK 8 port Switch
Intex 8 port Hub
Lotsa network adapters lying around

Apart from this,planning to get a chip of RAM 512MB with RAM prices falling down & a couple of Gigabit Ethernet cards.

Software Part:

I've yet to decide on the NOS[Network Operating system] but most likely than not its gonna be Windows 2003 Server [Standard Edition].This is going to be a domain environment.
The rest of the systems on my network are pretty old so i might have to stick with a Linux option which I hope will provide me knowledge regarding the same.I'm thinking of playing around with various distros.

Productivity:

The most important part.There is no fun in doing anything without a reason.Otherwise its just a waste of time & money.
Also no rants please as to why I'm doing this.I'm no joe who carves for frequent hardware upgrades or someone who is a zealot when it comes to collecting the latest gadgets in the market.Not that I dont want to be one :) but all that costs money you see which I will have one day, loads of cashto spend lavishly.
But right now the need of the hour being my certifications for which I've to study I may as well spend them on such small things which I hope they will land me certifications CCNA,RHCE & CISSP ....

The time is just right for me to build my first server !!

Books !!

Friday, June 10, 2005
Offlate I've been pretty busy with books[no I'm not a bookworm & I hardly read my engineering books :)] Books related to Netwokring & Security.Here is a list of what I've been upto for the last couple of days.

1.
New Riders - Hackers Beware Defend Your Network
2.Addison Wesley-FileSystem Forensics
3.John Wiley & Sons-The Art of Intrusion by Kevin Mitnick

This has kept me engrossed for sometime now.Definately review these books in my freetime,especially the one by Kevin.Mitnick.

Untill then Adios !





Shopping online in India?

Sunday, June 05, 2005
The title will given away for people who live in India or have interacted with Indian Online Shopping Mals.The situation is pathetic here.I wont stress more on this subject.Have a look at the proceedings then which happened after a technical blunder or purposeful ploy to attract consumers?
Here is a screenshot I took of the offer posted on Indiatimes.
Free Image Hosting at www.ImageShack.us

I had placed an order on behalf of my cousin but was hesitant to make the payment.Thank God I didnt !The fact of the matter is even after the early mistake which can be let go but the issue was further proceeded by the people from indiatimes after I & many others recieving a call to make the payment so that they could process the order.Also a couple of emails insisting the same. I mean WTF !
Though the page was taken down for a couple of hours it was later available but guess what,the error hadnt been rectified.
For a paranoid joe that I'm who didnt make the payment,others who have made the transaction have yet to recieve the money.Dont know how uch time & money has gone by but these guys should be royally screwed.
If this would have happened in some country with proper laws for e-commerce I wonder where Indiatimes would have been now.Perhaps the mela every year would suit Indiatimes!!