Prefetch Technologies // Keeping your cache lines cozy

Archive

Posts in Security

Proxying connections through SSH

securityFeb 18, 2005 1 min read

Ever wonder how you can tunnel web and AIM traffic securely from one location to another? This can be accomplished with ssh's "-D" option. This allows traffic to be sent securely over a SSH session, and routed out through a remote endpoint. This looks like: To create a local proxy on TCP port 8000, we can pass the value 8000 to the "-D" option: Once the SSH connection is established, you need to configure your client (e.g., firefox, gaim) to proxy connections to the loopback interface on TCP port 8000…

$ read more →
earlier

Encrypting data with GNU Privacy Guard

securityFeb 9, 2005 2 min

The GNU privacy guard provides a command line tool (gpg) to encrypt data and manage digital signatures. GPG supports the OpenPGP standard, and provides easy access to a variety of key distribution servers. To view the full list of options available to gpg, you can run gpg with the "-h" option: To use the gpg utility to encrypt a text file, we can invoke gpg with the "-c" option: The "-c" option instructs gpg to encrypt the file with a symmetric key algorithm. The "--cipher-algo" option picks the algorithm to use, and the file to encrypt is passed to gpg as an argument…

$ read more →

No md5sum? Use OpenSSL!

securityJan 28, 2005 1 min

I constantly find myself generating checksums, and for some reason each Operating System likes to implement their open message digest command ( if they provide one at all ). If your system is missing a digest command, you can use the openssl utility to generate one-time hashes. OpenSSL supports the SHA1, MD5 and RIPEMD160 algorithms, and accepts one or more files as arguments: The OpenSSL source code can be downloaded from the main OpenSSL website:

$ read more →

Ever wanted to check your POP3 email from the command line?

securityJan 14, 2005 1 min

I have an article titled debugging SSL in the December issue of SysAdmin magazine. The article covers techniques to debug SSL communications, and includes several useful examples. One of the examples shows how openssl can be used to check the operational status of a POP3s server. This is accomplished by feeding POP3 commands to openssl ( or telnet if you want eavesdroppers to learn your username and password ): This allows you to open an SSL connection to your mail server, "list" the messages in your inbox, "retr" message number 1, and "dele" it after you are done reviewing it's contents…

$ read more →

Encrypting data with OpenSSL

securityJan 8, 2005 1 min

I often find myself needing to protect sensitive data, and usually turn to OpenSSL for help. OpenSSL support a plethora of symmetric key encryption algorithms (AES, DES3, Blowfish, RC4), and comes with a variety of Operating Systems. To encrypt a file named private, we can pass one of the available symmetric key algorithms to OpenSSL: To decrypt the file private.aes256, the symmetric key algorithm and decryption option can be passed to OpenSSL: As you can see, private wasn't so private after all :) You can get a full list of available symmetric key ciphers by appending the help flag to openssl. If you are interesting in learning about more practical uses for OpenSSL, check out my article Real World Uses For OpenSSL.

$ read more →