I officially agree -- both with the fact that I wrote it marketroid style (I was petrified of "l33t new hax0r tools, he's gonna destroy the web!"; the concept that people would think I didn't do anything at all never occurred to me) and that I'm no god...just someone who plays with TCP/IP:-)
There's a fire, you no longer have a building, but you do have corpses.
There's a hack, you still have your building, you still have your servers, you have no corpses.
This, at the end of the day, is why computer security isn't big on insurance company lists.
Credit card numbers are not lives! And the moment the theft of them becomes a real problem -- and believe me, despite the numbers I've seen, they apparently pale vs. legitimate use -- we'll see digital credit cards secure against replay attacks (i.e. they'll output a signature value tied to the merchant, the date of the transaction, the price of the transaction, and a nonce).
Bruce Schneier was giving this talk where he said two things: A) Infosec needs a risk management approach, and B) Business needs to take computer security seriously. I had to point out to him -- the two are contradictory, if risk management deems the benefit of insecurity greater than the amortized risk of insecurity.
It's...a bit of a tribute. Some of the best code I've ever seen -- brilliant, mind-bogglingly cool stuff -- comes out of Japan.
OK, so maybe it's a bit of an ego trip to lump myself in with these guys...but it's Open Source, BSD stuff; if I was getting paid to write it I'd probably have to name it something like "NetXPress Pro Enterprise Edition". Since it's free, I get to call it whatever I like:-)
What code impresses me? Off the top of my head:
Gogo, world's fastest MP3 encoder. PVNation. You really want to hear the output of Shapee.
Once while giving a talk to a bunch of students, I accidentally said something along the lines of Bob going into the hole Alice opened up, and Alice going into the hole Bob opened up...
PK 2.0 will do some really, really cool things with video streaming. The idea is to take multicast -- which doesn't work over the internet -- and confine it to a single subnet. So there's a unicast IP that shows up and handles traffic everyone wants, with replies coming back to that IP. But guess what the MAC address of that IP is...
No sarcasm. I truly sounded all talk, no code. My original post was hardcore tech and I was afraid of all these responses AIIIIIGH HE'S GOING TO DESTROY THE EENTERNET.
I honestly never expected "I can't see him say he did anything except a port scanner, so I assume he did nothing but nmap".
You happen to be right -- the writeup sucked. Life in here got *much* better once I did the English writeup, though.
College was entertaining. Damn near got kicked out translating Windows print requests to the local Novell printers, so people could avoid installing Client32.
Anyway, I used Proxy ARP to get around college LAN restrictions. I couldn't have done Minewt way back when. Minewt is an extension of Doxroute, which was written to allow routing rules based on anything I damn well felt like.
I was actually fearing getting labelled the creator of some new toolkit for destroying networks. Instead, I got myself labelled as someone all talk, no code.
I don't get it:-) It's the least impressive work I've done, but it's what everyone talks about, and then everyone says it's not so technically impressive... well duh:-)
If it didn't support stateless tracerouting w/ passive hopcount detection and split mode operation, I'd almost be too embarassed to release it.
For quite a while, I thought IP Options just didn't work in the Core...wasn't till recently that I discovered the two PIXes I live behind block them uncontrollably.
Scanrand's traceroute mode will eventually support some remote mesh discovery using LSRR. Thanks for the link! This will help immensely.
Well, it's a bit more complex than that. Scanrand was branched to form Paratrace. Linkcat's -f/-F flags output integers suitable for graphing by Phentropy. Minewt gets its ass kicked by scanrand, and will eventually support the ethernet crypto of linkcat.
a) Testing was completed on FreeBSD and Linux. We're trying to get Solaris up; I just got a patch for OpenBSD. Win32 is...hmmm. Theoretically possible.
b) Docs were added at last minute; I've yet to write a true manual.
c) The code's tiny and mostly self contained, but I understand your worries. Contact me privately and I'll give you a bit of my history.
SCANRAND ======== Really, really fast port scanner, that can also trace network paths. Port scanning is simply the act of asking a machine if you can start up a conversation with a certain port of its, and marking down "yes" or "no" depending on the response. Normally, there's lots of overhead as you keep track of who you sent requests to and thus who you're expected responses from. Overhead, or "state", makes things slow. So scanrand is stateless -- right when you start up, it splits in two. One half asks everyone, "Heh! What are you hosting!" The other half picks up responses, "Hmmm, some guy just said he has a web server."
Now, there's a problem: If someone knows I'm not keeping track of who I'm scanning, they can just throw fake responses back at me. But TCP lets me embed a little signature with every connection request -- the "Sequence Number". This number will be returned to me when I get a valid response from a host that I scanned. So I take the IP and the port of the machine I scan, encrypt it into the sequence, and send off the request. When I get the response back, I look at the ACKnowledgement, compare it to the IP and port of the machine that's talking to me, and immediately know whether I ever scanned this guy in the first place.
So, that's why I get to scan really fast. Mind you, it's the least impressive part of Paketto in raw technical terms -- but it's definitely useful as hell.
MINEWT ====== What if you could just run a program, and a router showed up on your network? I don't mean physically, but I also don't mean "having anything visibly related to the computer hosting it". It'd be virtual, with its own separate IP addresses and it's own MAC addresses too. It'd be portable to any machine on the LAN, maybe it'd be fast, but it'd definitely be amazingly flexible -- no chips to make, no wires to crimp. Run this software, and there's something new on your net.
That's what minewt is -- a new router that just shows up and works. Now, it happens to do some funky things -- Guerilla Multicast involves taking what your local network sees as a broadcast or multicast address and attaches it to what the outside world sees as just another IP of a single host. So the single host communication goes out, but once the packet returns, it's flooded to a host of happy listeners. (Such is the theory.) MAC Address Translation is also slightly cool -- NAT is all about using a Layer 4 TCP/UDP port to figure out which Layer 3 IP address (the 10.*'s an 192.168.*'s all us Linksys folk live behind) an incoming packet from the internet is really supposed to be going to.
It ain't your gateway that downloaded all those MP3's, even if that's the IP address on that flow of music.
Well, there's also this tech called ARP -- the Address Resolution Protocol. Your local network doesn't have a clue about IP addresses -- it just has these unique factory assigned bitstrings that uniquely identify everyone. ARP is used to translate the Layer 3 IP -- 10.* or whatever -- to the MAC address the factory assigned.
NAT goes from L4(Port) to L3(IP). ARP goes from L3(IP) to L2(MAC).
MAT -- MAC Address Translation -- just combines the two. L4(Port) leads to the combination L3(IP)/L2(MAC).
End result? Multiple hosts can share the same IP address. Cool.
LC [LINKCAT] ============ I've got a wire. I want to talk on it -- but I can't, I've got all these sockets and programs and limitations in the way. Or at least, I had them.
1) Execute lc -m00 and start typing hex. Whatever hex bytes I type show up on the ether. 3) Profit.
Or,
1) Execute lc -l00 and start watching everything on the network go by in hex. ANything I like, I can copy, then run lc -m00 and paste back onto the wire once again. 3) Profit.
lc has a really interesting mode that's based on the fact that you can actually put data in a frame *after* IP is done with it -- it's called an ethernet trailer, and happens all the time when you try to send a packet smaller than the minimum legal length for ethernet. Well, as long as we can throw data after our packet, lets put crypto in it -- lets sign our frame! Basic support for SHA-1 HMAC's is provided.
PARATRACE ========= Alright, this is kinda neat. You've got a connection to some host, right? You want to know how your packets are getting there. But if you use normal traceroute, you're gonna start up a whole new connection. Paratrace gets around that -- you see, TCP lets you repeat packets; actually, by repeat, it's more like "The network can break and accidentally cause packets that were assumed to have been dropped to mysteriously come back to life; we handle this screwup just fine." So instead of spawning a whole new connection for our traces, we run our traceroute -- which is entirely a Layer 3 IP hack -- using a legitimate Layer 4 TCP packet. When the data eventually gets there, it's mostly ignored -- oh, the network screwed up again.
If there's a stateful firewall in the way, well, it's looking at Layer 4 data, which is 100% valid.
PHENTROPY ========= See a cloud? Might be random. See a bunch of triangles? That ain't random. See the Borg Cube? Yeah, that's the FreeBSD kernel. This is an extension of Michel Zalewski's excellent Phase Space Analysis of TCP/IP Sequence Numbers, done with an incredibly interesting tool called OpenQVIS. Those images render *fast*, folks. 15-45fps fast.
Terribly sorry I didn't do a writeup like this to begin with; hopefully the Keiretsu makes a bit more sense now.
Fair critiques -- I was under impression the the plastic strip had a readable magnetic signature to it; I'm very happy to hear that they scrubbed that (probably for the reasons I described).
You are incorrect that it's difficult to remove the strip -- try it, it takes only a little bit of effort. It requires intent, though -- the thing ain't accidentally falling off.
I did know it glowed -- I think all thin plastics glow under UV; it's a raver-kid thing. I did NOT know it glowed different colors...hopefully nothing actually uses this property to differentiate bills, or else a bit of UV dye could go a long way...
As for large currency -- Five Dollar Bills just got redesigned:-) So by large, I did mean 20's, 50's, and 100's. One gets the impression that the use of cash is very, very slowly being phased out (and being replaced with me handing over my entire wallet and believing that the other guy will only take out as much as I've authorized them to.).
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
You need to get a bit more cynical, Mr. Pony. Ever actually *deployed* a security system?
Broken policies create noncompliance. Only two ways to define a broken policy -- a) the trusted refuse to participate, or b) the untrusted don't need to. You have to understand, it's not the job of your authorized users to spend all their time dealing with your security system. Since that's not their job, don't be surprised if they're not particularly willing to go along with arbitrary rules.
All security creates a cost for the legitimate user; the goal is to keep the cost heavily asymmetrical. In other words, those you trust are hurt a little, whereas those you distrust are utterly wiped out. A locked door still requires the legitimate user to wait while he pulls out a key, after all. Lock or not, that guy should be able to walk on in.
Turns out the best way to get people to use a security system is to install a new door -- some new functionality they've never seen -- but, oh yeah, it has this security limitation, but look! New door! New functionality!
I enjoyed your comment about security having reasons you don't grasp -- you don't seem to grasp how quantifiable noncompliance really is with various degrees of onerousness. Don't believe the hype:-)
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
As the rule goes, "Bad security is worse than no security, because with bad security, you think you're secure -- with no security, you know you're not."
It's not entirely true, of course, since there is no perfect security and thus everything posesses some degree of badness. But in the barcode case, people have responded to the triviality of shoplifting by attacking hard-to-remove ink and radio attachments to devices before sale. RFID systems are being sold as a replacement for this; everything will have a tag -- even after you buy it -- so the door will be able to sense you walking out of it with anything you might try to shoplift.
And yes, you yourself will have an RFID tag on your "Safeway Club Card" or whatnot; they'll cross reference who you are vs. what you purchased and alert if there's something expensive extra. Turns out it doesn't even need to be the club card from that store -- any ol' one will do, as they can silently interrogate your wallet while you're standing in line. (This is yet another reason for the squeeze tech.)
What's funny is that there's a decent cost to throwing on these security measures that'll be removed anyway, better to just make the authenticators ship with the goods and disposable. But you see, once it's convenient to keep after purchase, look what suddenly gets much more powerful...
Your statement about cryptography is quite accurate. But barcodes do have some major security to them, compared to radio systes -- line of sight.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Slashdot Mirror
Maybe I shouldn't have released that code after all...
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
nmap's much more mature and reliable -- but perhaps it's reliability starts too early...
I officially agree -- both with the fact that I wrote it marketroid style (I was petrified of "l33t new hax0r tools, he's gonna destroy the web!"; the concept that people would think I didn't do anything at all never occurred to me) and that I'm no god...just someone who plays with TCP/IP :-)
--Dan
Inoshiro--
There's a fire, you no longer have a building, but you do have corpses.
There's a hack, you still have your building, you still have your servers, you have no corpses.
This, at the end of the day, is why computer security isn't big on insurance company lists.
Credit card numbers are not lives! And the moment the theft of them becomes a real problem -- and believe me, despite the numbers I've seen, they apparently pale vs. legitimate use -- we'll see digital credit cards secure against replay attacks (i.e. they'll output a signature value tied to the merchant, the date of the transaction, the price of the transaction, and a nonce).
Bruce Schneier was giving this talk where he said two things: A) Infosec needs a risk management approach, and B) Business needs to take computer security seriously. I had to point out to him -- the two are contradictory, if risk management deems the benefit of insecurity greater than the amortized risk of insecurity.
--Dan
It's...a bit of a tribute. Some of the best code I've ever seen -- brilliant, mind-bogglingly cool stuff -- comes out of Japan.
:-)
OK, so maybe it's a bit of an ego trip to lump myself in with these guys...but it's Open Source, BSD stuff; if I was getting paid to write it I'd probably have to name it something like "NetXPress Pro Enterprise Edition". Since it's free, I get to call it whatever I like
What code impresses me? Off the top of my head:
Gogo, world's fastest MP3 encoder.
PVNation. You really want to hear the output of Shapee.
So, that's the story.
--Dan
Once while giving a talk to a bunch of students, I accidentally said something along the lines of Bob going into the hole Alice opened up, and Alice going into the hole Bob opened up...
The room was silent for a few very long seconds.
--Dan
PK 2.0 will do some really, really cool things with video streaming. The idea is to take multicast -- which doesn't work over the internet -- and confine it to a single subnet. So there's a unicast IP that shows up and handles traffic everyone wants, with replies coming back to that IP. But guess what the MAC address of that IP is...
FF:FF:FF:FF:FF:FF
--Dan
Heh, I have capped Karma :-)
But then, I don't post unless I've got something to say, and I've been capped since they had a cap.
--Dan
No sarcasm. I truly sounded all talk, no code. My original post was hardcore tech and I was afraid of all these responses AIIIIIGH HE'S GOING TO DESTROY THE EENTERNET.
I honestly never expected "I can't see him say he did anything except a port scanner, so I assume he did nothing but nmap".
You happen to be right -- the writeup sucked. Life in here got *much* better once I did the English writeup, though.
--Dan
I'm quite trustable, but like you said, I released source very much because I have no problems proving that.
Email me privately if you'd like a bit of history about where I'm coming from.
--Dan
College was entertaining. Damn near got kicked out translating Windows print requests to the local Novell printers, so people could avoid installing Client32.
Anyway, I used Proxy ARP to get around college LAN restrictions. I couldn't have done Minewt way back when. Minewt is an extension of Doxroute, which was written to allow routing rules based on anything I damn well felt like.
--Dan
You are, of course, right.
I was actually fearing getting labelled the creator of some new toolkit for destroying networks. Instead, I got myself labelled as someone all talk, no code.
Oops.
--Dan
I don't get it :-) It's the least impressive work I've done, but it's what everyone talks about, and then everyone says it's not so technically impressive... well duh :-)
If it didn't support stateless tracerouting w/ passive hopcount detection and split mode operation, I'd almost be too embarassed to release it.
--Dan
Michael--
Funny story, actually.
For quite a while, I thought IP Options just didn't work in the Core...wasn't till recently that I discovered the two PIXes I live behind block them uncontrollably.
Scanrand's traceroute mode will eventually support some remote mesh discovery using LSRR. Thanks for the link! This will help immensely.
--Dan
Well, it's a bit more complex than that. Scanrand was branched to form Paratrace. Linkcat's -f/-F flags output integers suitable for graphing by Phentropy. Minewt gets its ass kicked by scanrand, and will eventually support the ethernet crypto of linkcat.
--Dan
Who said anything about Black Hats?
Breaking into networks, crashing people's systems...unnecessary and boring, in that order.
You don't need to be a Black Hat to play with protocols. Not in the slightest.
--Dan
a) Testing was completed on FreeBSD and Linux. We're trying to get Solaris up; I just got a patch for OpenBSD. Win32 is...hmmm. Theoretically possible.
b) Docs were added at last minute; I've yet to write a true manual.
c) The code's tiny and mostly self contained, but I understand your worries. Contact me privately and I'll give you a bit of my history.
--Dan
Scan requires one socket.
Kernel has no idea what's going on, it RSTs anything it gets (which is fine by me).
--Dan
Yeah, that'll be fixed when Google picks the link up off my home page. Anyway, it's the next story after Paketto.
--Dan
Cut and Paste. Linkcat lets you do that with packets :-)
--Dan
SCANRAND
========
Really, really fast port scanner, that can also trace network paths. Port scanning is simply the act of asking a machine if you can start up a conversation with a certain port of its, and marking down "yes" or "no" depending on the response. Normally, there's lots of overhead as you keep track of who you sent requests to and thus who you're expected responses from. Overhead, or "state", makes things slow. So scanrand is stateless -- right when you start up, it splits in two. One half asks everyone, "Heh! What are you hosting!" The other half picks up responses, "Hmmm, some guy just said he has a web server."
Now, there's a problem: If someone knows I'm not keeping track of who I'm scanning, they can just throw fake responses back at me. But TCP lets me embed a little signature with every connection request -- the "Sequence Number". This number will be returned to me when I get a valid response from a host that I scanned. So I take the IP and the port of the machine I scan, encrypt it into the sequence, and send off the request. When I get the response back, I look at the ACKnowledgement, compare it to the IP and port of the machine that's talking to me, and immediately know whether I ever scanned this guy in the first place.
So, that's why I get to scan really fast. Mind you, it's the least impressive part of Paketto in raw technical terms -- but it's definitely useful as hell.
MINEWT
======
What if you could just run a program, and a router showed up on your network? I don't mean physically, but I also don't mean "having anything visibly related to the computer hosting it". It'd be virtual, with its own separate IP addresses and it's own MAC addresses too. It'd be portable to any machine on the LAN, maybe it'd be fast, but it'd definitely be amazingly flexible -- no chips to make, no wires to crimp. Run this software, and there's something new on your net.
That's what minewt is -- a new router that just shows up and works. Now, it happens to do some funky things -- Guerilla Multicast involves taking what your local network sees as a broadcast or multicast address and attaches it to what the outside world sees as just another IP of a single host. So the single host communication goes out, but once the packet returns, it's flooded to a host of happy listeners. (Such is the theory.) MAC Address Translation is also slightly cool -- NAT is all about using a Layer 4 TCP/UDP port to figure out which Layer 3 IP address (the 10.*'s an 192.168.*'s all us Linksys folk live behind) an incoming packet from the internet is really supposed to be going to.
It ain't your gateway that downloaded all those MP3's, even if that's the IP address on that flow of music.
Well, there's also this tech called ARP -- the Address Resolution Protocol. Your local network doesn't have a clue about IP addresses -- it just has these unique factory assigned bitstrings that uniquely identify everyone. ARP is used to translate the Layer 3 IP -- 10.* or whatever -- to the MAC address the factory assigned.
NAT goes from L4(Port) to L3(IP). ARP goes from L3(IP) to L2(MAC).
MAT -- MAC Address Translation -- just combines the two. L4(Port) leads to the combination L3(IP)/L2(MAC).
End result? Multiple hosts can share the same IP address. Cool.
LC [LINKCAT]
============
I've got a wire. I want to talk on it -- but I can't, I've got all these sockets and programs and limitations in the way. Or at least, I had them.
1) Execute lc -m00 and start typing hex. Whatever hex bytes I type show up on the ether.
3) Profit.
Or,
1) Execute lc -l00 and start watching everything on the network go by in hex. ANything I like, I can copy, then run lc -m00 and paste back onto the wire once again.
3) Profit.
lc has a really interesting mode that's based on the fact that you can actually put data in a frame *after* IP is done with it -- it's called an ethernet trailer, and happens all the time when you try to send a packet smaller than the minimum legal length for ethernet. Well, as long as we can throw data after our packet, lets put crypto in it -- lets sign our frame! Basic support for SHA-1 HMAC's is provided.
PARATRACE
=========
Alright, this is kinda neat. You've got a connection to some host, right? You want to know how your packets are getting there. But if you use normal traceroute, you're gonna start up a whole new connection. Paratrace gets around that -- you see, TCP lets you repeat packets; actually, by repeat, it's more like "The network can break and accidentally cause packets that were assumed to have been dropped to mysteriously come back to life; we handle this screwup just fine." So instead of spawning a whole new connection for our traces, we run our traceroute -- which is entirely a Layer 3 IP hack -- using a legitimate Layer 4 TCP packet. When the data eventually gets there, it's mostly ignored -- oh, the network screwed up again.
If there's a stateful firewall in the way, well, it's looking at Layer 4 data, which is 100% valid.
PHENTROPY
=========
See a cloud? Might be random. See a bunch of triangles? That ain't random. See the Borg Cube? Yeah, that's the FreeBSD kernel. This is an extension of Michel Zalewski's excellent Phase Space Analysis of TCP/IP Sequence Numbers, done with an incredibly interesting tool called OpenQVIS. Those images render *fast*, folks. 15-45fps fast.
Terribly sorry I didn't do a writeup like this to begin with; hopefully the Keiretsu makes a bit more sense now.
Fair critiques -- I was under impression the the plastic strip had a readable magnetic signature to it; I'm very happy to hear that they scrubbed that (probably for the reasons I described).
:-) So by large, I did mean 20's, 50's, and 100's. One gets the impression that the use of cash is very, very slowly being phased out (and being replaced with me handing over my entire wallet and believing that the other guy will only take out as much as I've authorized them to.).
You are incorrect that it's difficult to remove the strip -- try it, it takes only a little bit of effort. It requires intent, though -- the thing ain't accidentally falling off.
I did know it glowed -- I think all thin plastics glow under UV; it's a raver-kid thing. I did NOT know it glowed different colors...hopefully nothing actually uses this property to differentiate bills, or else a bit of UV dye could go a long way...
As for large currency -- Five Dollar Bills just got redesigned
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
RAM -- able to Read and Write -- as opposed to ROM (Read Only Memory).
--Dan
You need to get a bit more cynical, Mr. Pony. Ever actually *deployed* a security system?
:-)
Broken policies create noncompliance. Only two ways to define a broken policy -- a) the trusted refuse to participate, or b) the untrusted don't need to. You have to understand, it's not the job of your authorized users to spend all their time dealing with your security system. Since that's not their job, don't be surprised if they're not particularly willing to go along with arbitrary rules.
All security creates a cost for the legitimate user; the goal is to keep the cost heavily asymmetrical. In other words, those you trust are hurt a little, whereas those you distrust are utterly wiped out. A locked door still requires the legitimate user to wait while he pulls out a key, after all. Lock or not, that guy should be able to walk on in.
Turns out the best way to get people to use a security system is to install a new door -- some new functionality they've never seen -- but, oh yeah, it has this security limitation, but look! New door! New functionality!
I enjoyed your comment about security having reasons you don't grasp -- you don't seem to grasp how quantifiable noncompliance really is with various degrees of onerousness. Don't believe the hype
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Hast--
As the rule goes, "Bad security is worse than no security, because with bad security, you think you're secure -- with no security, you know you're not."
It's not entirely true, of course, since there is no perfect security and thus everything posesses some degree of badness. But in the barcode case, people have responded to the triviality of shoplifting by attacking hard-to-remove ink and radio attachments to devices before sale. RFID systems are being sold as a replacement for this; everything will have a tag -- even after you buy it -- so the door will be able to sense you walking out of it with anything you might try to shoplift.
And yes, you yourself will have an RFID tag on your "Safeway Club Card" or whatnot; they'll cross reference who you are vs. what you purchased and alert if there's something expensive extra. Turns out it doesn't even need to be the club card from that store -- any ol' one will do, as they can silently interrogate your wallet while you're standing in line. (This is yet another reason for the squeeze tech.)
What's funny is that there's a decent cost to throwing on these security measures that'll be removed anyway, better to just make the authenticators ship with the goods and disposable. But you see, once it's convenient to keep after purchase, look what suddenly gets much more powerful...
Your statement about cryptography is quite accurate. But barcodes do have some major security to them, compared to radio systes -- line of sight.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com