Archive for the 'Security' Category

Finding a Computer’s MAC Address on the Network

Sometimes we need to know the MAC address of a specific computer for multiple reasons. For example, I needed to know the MAC address of one of my computers so I could tell the router to assign a specific IP address via DHCP. Another reason you need to know the MAC address is so you can block a specific computer from talking to you. Maybe you need to know the MAC address so you can allow only that computer to communicate with you. There are many reasons for knowing a MAC address of a computer. Some reasons good other times it is used with bad intentions. Like port sniffing packets with a specific MAC address. Read more »

Crack Windows XP and Vista Passwords in Seconds

Back in the day there used to be a program called lophcrack that was fairly good at cracking Windows passwords. Fortunately it wasn’t very effective for cracking strong passwords. Today I ran a newer cracking program on my computer called, ophcrack. As some of you know I tend to have extremely secure passwords contain numbers, letters, and other special characters. Not only did ophcrack find my password it found all but one character in my password in less than 20 seconds. That leads me to believe that it can crack pretty much any length of password in minutes. Read more »

Wiping a Hard Drive with DD

A common assumption is that deleting or formatting a hard drive will be enough but in fact the data is still recoverable. In fact is fairly trivial and the process is quite easy to restore them. For this reason security is a great concern, especially for those who are selling or donating their old computers. I am going to show you a simple technique for erasing the entire drive. This is the same procedure that the US Government DoD uses to secure their own drives. Read more »

SSH - Using Keys Instead of Passwords

SSH is really not that secure by default on must Linux distributions in the default configuration. By default OpenSSH is configured to allow password based authentication (because its easier); however, script kiddies have developed scripts that can try thousands of passwords an hour. If you have a strong secure password this will usually not be an issue but if you or one of your users use a dictionary based or weak password your system can be compromised quite easily. Most of the time you have no control over the strength of your users passwords so I recommend giving them a password that is 1024 bits, also known as a private key. Since this key is stored in a text file on the users machine it is often times a good alternative way of authenticating for users that don’t want to remember passwords but still be very secure. Read more »

The Hosts File

The hosts file is a text file that specifies names of IP addresses. You may recognize this name by the term, URL. Your computer’s operating system by default will always look up the name (url) of a site through your computer first. If your computer doesn’t know the name it then forwards the request to your router or ISP’s router. If that router doesn’t know the address it goes to the next router down the line and so on until one of the routers says, I know where this is at… and points you on your way. Read more »

Picking Strong Passwords that you can Remember

Passwords are needed for just about everything now. How do can you remember them all? Some sites force you to have 8 character password some 6 some even force you to have numbers in it. So how do you come up with a password that is strong yet easy to remember possibly even a different password for each site you visit? Read more »

Wireless Network Security

Most households have some sort of broadband that is hooked up to a wireless router of some sort. These wireless routers are by default insecure. It is argued that wireless in any form is incredibly insecure due to the fact that you can’t physically contain it Read more »

« Previous Page