Saturday, October 24, 2009

Password Generation for security


Security and safe passwords are very important in today's online world.  I used to have unique passwords for "levels" of security.  Realizing that if some service from low level was compromised that access to the next level would be easy.  I realized that the best way would be a strong secure password for each online service was the best way to go.  This way there is no way to "escalate" privilege level from one online service to another.

Since I already have a method for recording my passwords, which I'll get into during another post, I though I'd share the command that I use to create new passwords.  I use the package "pwgen".  The output of this command as quoted by Bessy produces quite a few unique passwords which satisfy most secure password definitions.  Most are produced with a portion of it that can be pronounced as a word, which make them in the realm of possibility to actually remember.

Output looks like:
cafeninja@vegeta:~$ pwgen --alt-phonics --capitalize 9 10
joo0kai2Y loh6Chi6y Chei4pei8 AiNoch2ua eeXeeF8Ee veeh3Eer4 Vah2fee8v ve4uegh7E Oa6chahmo Ish2voc2c

Using this tool I can make secure passwords for any account online.  I recently used this command repeatedly as I converted my multitude of online passwords from levels (5 different passwords) to a single password for each.

--
CafeNinja
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

Thursday, October 22, 2009

New assistant Bessy



I just wanted to introduce you all to my new partner, Bessy.  Bessy is my daily reminder that text and the terminal is where it all began.

If you are a Unix fan, Windows geek who remembers DOS, Linux hacker who recalls the days when X11 just didn't work it doesn't matter.  All of the computer love that we all have was once born of a terminal window.

Bessy normally offers me a daily smile by giving a nugget of wisdom in this text display that is a harkening of the computer future that was to come.  I hope you all can take just a moment to reflect and recall that since the time we were stepping on the move all the way to first-person-shooters like Doom III has been a short and hurried history.

You may see more of Bessy from time to time as she helps me promote the ease and friendliness of the command line to all.  The major difference is the ability to use a real terminal with all of it's power, simplicity and grace.

--
CafeNinja
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

Sunday, October 11, 2009

Karmic testing - Easier PPA additional and install

So I read on the Ubuntu Geek blog, that in Ubuntu 9.10 Karmic there is a new command for adding a ppa repo that will update the sources.list and import the gpg key.  So, clever me, thought of a way to make a few nice aliases and run this all together.  Let me demonstrate

1.) add the repo.  
sudo add-apt-repository
2.) update the repos
sudo apt-get -qq update
3.) install the application
sudo apt-get install

So I made aliases for those three.
alias repo='sudo apt-get-repository'
alias update='sudo apt-get -qq update'
alias ins='sudo apt-get install'

And using a different example from Ubuntu Geek, the command I give looks like:
"repo ppa:jonabeck && update && ins ifuse"

This single, short command will update the sources.list, update the repos and install the ifuse package with only the normal prompts if they apply.  Please see the manpage for each of these commands as well as alias in the case that you want to learn more about each.

 --
CafeNinja
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

Saturday, October 10, 2009

Karmic testing - Bluetooth Proximity (bluesproximity)

During my Ubuntu 9.10 testing, one of the things that I regularly do is crawl through my modified Apt sources list to see what if anything has graduated from PPA into the official repos.  The other benefit is to see what applications have been added to the repos that are similar to the ones I use already.   Change is sometimes good.

Today, I was going using the new "Ubuntu Software Center" to see what I might find that I had been missing as well as to check out the interface.  What I discovered, installed and used (all in under 5 min) was the Bluetooth Proximity application.  This does exactly as advertised.  Any previously paired device can be used, distance for screen locking and unlocking are adjustable.


I have to say it "just works" and locks the screen as soon as I am more than 6 meters away from the computer and doesn't unlock it until I'm closer than 4 meters.  No more forgetting to lock my screen when I step away, and no more typing my pass when I return.  The default screen saver settings remain and the proximity meter can be turned off and on.

I had heard of a way to do this in previous versions that was a bit of a hack and required a collection of scripts.  Now, in one easy to use gui front end, the entire package can be set up.  If you frequently step away from your computer for just a few minutes, I would highly recommend the is application.

--
CafeNinja
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

Wednesday, October 7, 2009

Barcodes Invented - Google Doodle



 Of very interesting note was the new Google logo.  Clearly in celebration of the creation of bar codes.  I used an online barcode generator to confirm that the one on the Google home page spells "Google".  I thought it would be interesting to both link to the generator as well as create one for the blog.



This is very cool stuff, and if I had a barcode scanner I would probably go crazy making labels and writing scripts to inventory my belongings as well as itemize grocery lists.


--
CafeNinja
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

Tuesday, October 6, 2009

Ubuntu Karmic 9.10 - countdown

It's that time again for Ubuntu 9.10 coming soon.  I'm already playing with the beta on a non production machine and am making this post from it now.  It is about the time that I should recommend that non-linux users look into Unetbootin to use a usb key to run the live CD version of linux without using a cd.  This will give a much closer to real performance feel than an actually CD which reads very slow.
I've got the countdown timer here and you can add yours to your blog by going to Ubuntu countdown timer page and choose the one for you.
I'll post again after I've "stretched my legs" with the Karmic Koala, but so far so good.  More of the same with more spit and polish. 

--
CafeNinja
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

Thursday, October 1, 2009

Backtrack 4 - Wowzers


Hackers, probably yes.  More ominous than a university student using a "Green text on black window" as evidence of a hacker, is Backtrack 4.

I have played with the pre-release version of this security based Linux distribution.  With huge core changes like the distribution base changing to Ubuntu make this the first security distro that is actually useful as a day-to-day system for me.

I used this distro for only an hour before I was completely floored by the supreme set of security audit tools that come included.  Impressed even more by the way these apps are launched and just work.  With Ubuntu being my day-to-day distro this means that the system is not only useful for the moment that I need to test security, but could quite simply be one of the best all around distributions for me to use.

Backtrack 4 was a real eye-opener for me and if only it could be based on the most current version of Ubuntu it would be dreamy for me.  For sure I'll be keeping a usb key and a virtual machine around of Backtrack 4.  If you are just learning security (like artv61) or just curious or maybe need to prove a point to a window's user, this is an amazing tool.  Two thumbs up from the CafeNinja Cave.  Please go to www.remote-exploit.org and read more.  At the very least grab a 2Gb USB key and install Backtrack 4 on it.  They have a fabulous video tutorial on how to make a persistent USB install that works, I can attest to that.

--
CafeNinja
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.