Last time I showed you how to exchange and verify public PGP keys with an individual. After you've verified a user's key (KeyID, bits, type, fingerprint, and user's actual identity) you should sign their key.
Verification is part of any security system. SSH, FTP, POP, and IMAP servers ask for your password before it lets you log into the machine, get your files, or snag your email. NTP can be configured to require keys before it'll let you mess with it's clock. CIFS requires a password or kerberos tickets before granting you access to shares.
GnuPG and other PGP implementations allow you to encrypt (scramble the data so only intended recipients can read it) and/or sign (provide proof that the data has been unaltered in transit). As you should remember, PGP keys are made up of two parts, a public key and a private key. The public key can (and in most cases should) be available to anyone - there's no harm in allowing it out to the entire world. The private key should be kept somewhere secure, protected with a strong passphrase.
Last time[1] we'd created our PGP key. Let's jump in with some encryption and decryption examples.
Jumping right in, let's create our PGP public/private key pair. I'll use GnuPG, the Gnu Privacy Guard, available at http://www.gnupg.org, and which is very likely already available with your Linux distribution. If you want to use older free or commercial PGP versions, the commands are very similar. Any GUI front end will also have the same functionality.
File and mail security is easy to achieve with the right tools. PGP has proven itself the leader, and GnuPG is the tool of choice in the Linux world.
Last time we set up a Perl script that would use the Net::Pcap module to sniff the network and print information about DNS requests to standard output. The output looks like this
sourceipaddr -> destipaddr: dnshostname
Most people have heard of Nmap, the ubiquitous portscanner and more, available at http://www.insecure.org/nmap/. Recently, a new version of Nmap was released with a new and frequently requested feature - version scanning.
Most Linux distributions use the RPM[1] format for their software packages. RPMs are managed by the rpm program, which typically lives at /usr/bin/rpm.[2]
This week, we'll take a look at a successful and somewhat puzzling machine compromise. The machine in question was a production machine that had been up and running for about a year - one of those machines that had so much on it that you're afraid to ever reboot it, lest something not come back up.
iEntry 10th Anniversary
RSS
Newsletter
Advertising
