Domain: iamsam.com
Stories and comments across the archive that link to iamsam.com.
Comments · 8
-
Pretty neat...I like turning the images upside down.
I had someone come up on my access point, and also wrote it up.
My approach was a little different.
For anyone who is interested, my article info follows :
Tracking Wireless Neighbors
(Original Title: Wireless Neighbors Are Fun!)
http://iamsam.com/papers/Tracking_Wireless_Neighbo rs.htm
Anyway, it's a neat script he did for flipping the web pages... -
Re:Wi-Fi Honeypots?
My experiences (and links to a few of my papers)... I realized that (while reconfiguring and dropping my crypto) that a neighbor came onto my wireless network. The obvious thing to do would have been to shup him out, and secure the network. Since I maintain data on a seperate drive (with its own power supply), I cut the drive out, and decided that I had a great opportunity to practice with my security tools. I did a paper on what I found (was published in 2600: The Hacker Quarterly): http://iamsam.com/papers/Tracking_Wireless_Neighb
o rs.htm What's interesting is that if someone connects to your wireless access point, they can also put themselves at risk. Their network shares or shared drives can be exposed, their VPN or other simultaneous network connections may potentially be traversed by you, etc... So, this isn't truly a one-way-street I also did an earlier article on what I saw with my wireless PDA walking through Times Square. http://iamsam.com/papers/Warwalking_in_Times_Squar e.htm My other papers (http: // www . i am sam . com) (Remove Spaces) Sam Sam Nitzberg sam @ i am sam . com (remove spaces to e-mail) -
Re:Wi-Fi Honeypots?
My experiences (and links to a few of my papers)... I realized that (while reconfiguring and dropping my crypto) that a neighbor came onto my wireless network. The obvious thing to do would have been to shup him out, and secure the network. Since I maintain data on a seperate drive (with its own power supply), I cut the drive out, and decided that I had a great opportunity to practice with my security tools. I did a paper on what I found (was published in 2600: The Hacker Quarterly): http://iamsam.com/papers/Tracking_Wireless_Neighb
o rs.htm What's interesting is that if someone connects to your wireless access point, they can also put themselves at risk. Their network shares or shared drives can be exposed, their VPN or other simultaneous network connections may potentially be traversed by you, etc... So, this isn't truly a one-way-street I also did an earlier article on what I saw with my wireless PDA walking through Times Square. http://iamsam.com/papers/Warwalking_in_Times_Squar e.htm My other papers (http: // www . i am sam . com) (Remove Spaces) Sam Sam Nitzberg sam @ i am sam . com (remove spaces to e-mail) -
Re:NSA guidelines
In 1996, I did a related ACM (Association for Computing Machinery) publication:
Emerging Security Issues Involving the Presence of Microphones and Video Cameras in the Computing Environment
It is located here:
http://iamsam.com/papers/sigsac/sigsac.htm
It cites the actual CERT (Carnegie Mellon University Computer Emergency Response Team) Microphone Advisory:
CERT CERT ADVISORY CA-93:15
There is also a revised version from 2000 here :
http://iamsam.com/papers/emergent_security_issues_ 2000/emergent_security_issues_involving_microphone s_and_cameras_2000.html
For anyone interested, my other papers are available here: http://www./ iamsam . com
Regards-
Sam -
Re:NSA guidelines
In 1996, I did a related ACM (Association for Computing Machinery) publication:
Emerging Security Issues Involving the Presence of Microphones and Video Cameras in the Computing Environment
It is located here:
http://iamsam.com/papers/sigsac/sigsac.htm
It cites the actual CERT (Carnegie Mellon University Computer Emergency Response Team) Microphone Advisory:
CERT CERT ADVISORY CA-93:15
There is also a revised version from 2000 here :
http://iamsam.com/papers/emergent_security_issues_ 2000/emergent_security_issues_involving_microphone s_and_cameras_2000.html
For anyone interested, my other papers are available here: http://www./ iamsam . com
Regards-
Sam -
My little PDA Security Article...
I did a little PDA Security article a while back that was published in BlackListed 411! magazine.
It briefly surveys a number of key issues, and has some good links/ references at the end.
For anyone interested, you can read it here:
http://iamsam.com/papers/PDA_Security.htm
Later-
Sam
Sam Nitzberg
sam @ iamsam . com
http:/// www. iamsam. com -
Re:Verisign
"I wouldn't classify it as a failure on the part of the security industry. Hackers are just getting a little smarter."
Actually, if your software undergoes proper requirements analysis, software specification and analysis (along w/ ambiguity analysis), proper analytical development methods, etc... your code -should- generally work. Do it right, and you can define your software behaviors. You don't leave it to the cleverness of the hackers.
-Most- successful attacks against software are not totally innovative. They usually rely on known methods and avenues of attack.
http://www.iamsam.com/ -
Reminiscient of the old "Blitzkrieg Server"article
This reminds me of the old 'Blitzkrieg Server' article in Signal magazine some years ago...
(Links follow for a brief description):
http://www.findarticles.com/p/articles/mi_m0CGN/is _n114/ai_20783335
http://attrition.org/errata/www/pd.001.html
But, I think that there may actually be room for active-response systems. Also, properly employed, they would be perfectly legal.
There is no reason that such tools be deployed in public networks. Some organizations have networks (including large and complex networks) that are completely and totally privately owned, and totally segregated from public networks. Such organizations may (subject to appropriate risk - reviews) make judicious use of passive and even active response systems.
There are other ways to communicate than IPv4. There are indications in messages that active-response systems can't work becaus of spoofing. Suitable integrity and encryption methods can be used to validate source and ip address data.
There may be more modest active-response methods that may be more generally useful. For example, if traffic is located from a hostile system, the source of the traffic may be back-tracked, and shut off near its source. Not easy - and not necessarily today - but there could be places where such approaches may be deployed.
Sam Nitzberg
dontspamthis_______sam@iamsam.com
http://www.iamsam.com/
http://www.nitzbergsecurityassociates.com/