Jan 122013
 

Today i return to the topic of encryption and security and in particular I’ll show how to simply encrypt a file with GnuPG, this can be really usefull to encrypt a single file where you have your passwords or some personal information that you want to keep safer.

GNU Privacy Guard (GnuPG or GPG) is a GPL Licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification of OpenPGP. Current versions of PGP (and Veridis’ Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant systems.

This software is frequently integrated with mail client so it can sign, crypt or do both actions on the mail you send and receive, and now we’ll see how to use it on the command line to encrypt a file.

Continue reading »

flattr this!

Aug 182012
 

In the past I’ve published articles on how to do a benchmark with namebench to see what’s the fastest DNS server for you and how to crypt your DNS traffic if you use Opendns but I’ve never done a comprehensive guide of the command dig, probably the best command you can have on the command line to query a DNS server, so today I want to show you the basic usage of this command and some trick, using examples that you can re-use for your goals.

But as first thing, probably every reader know what’s a DNS server, but anyway it’s better to take the good definition from Wikipedia:

The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. A Domain Name Service resolves queries for these names into IP addresses for the purpose of locating computer services and devices worldwide.

So let’s see how we can query a DNS server o get all the info we need.

Continue reading »

flattr this!

Apr 052012
 

While reading an interesting Blog I discovered a new treasure: TRESOR, in short TRESOR is a secure implementation of AES which is resistant against cold boot attacks and other attacks on main memory.

If like me you wonder what a cold boot attack is, Princeton University can help us :

Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. This phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials. We experimentally characterize the extent and predictability of memory remanence and report that remanence times can be increased dramatically with simple techniques.

Continue reading »

flattr this!