security – eBlog

shadowsocks auto deploy

Emre — Fri, 06 Apr 2018 16:37:58 +0000

I wrote a cloud-init script to automate the deployment of a shadowsocks server. I shared it in a gist here.

Features:

Creates a non-privileged user
- Uploads your ssh public key to the user
- Adds this user to the sudoers group
Disables ssh login for the root user
Downloads and installs libraries required for chacha20
Creates a “random” password and writes it in the config.json file
config.json file is in the /root directory. (You will need the password in this config file to be able to connect to your shadowsocks server.)
Starts the shadowsocks server.

You have to fill out the _YOURUSERNAMEHERE_, _YOURSSHPUBLICKEYHERE_ and _YOURFULLNAMEHERE_ with your data.

You can use this script in DigitalOcean easily following this document.

Some basic statistics on leaked Sony usernames and passwords data.

Emre — Thu, 09 Jun 2011 04:26:26 +0000

I spent some time on analyzing password usage using the data that leaked from couple of Sony hacks few days ago. The results are pretty scary.

The data size: 38698 users on 2 sites.

Top ten most used passwords are:

seinfeld
password
winner
123456
purple
sweeps
contest
princess
maggie
peanut

So if you have a password that is listed above, you better change it pretty soon.

I also compared how many people were using the same password on two different hacked Sony sites. There were 2421 users who used the same email to register and out of those only 168 users were using different passwords (about 6.5%).

And who wins the email war? Based on the same data, most of the users were using emails from the following providers:

# of users	Provider
11281	yahoo.com
7250	other email providers
5077	hotmail.com
4876	aol.com
4837	gmail.com
1600	comcast.net
1263	msn.com
920	sbcglobal.net
676	verizon.net
478	bellsouth.net
440	cox.net

RawCap: A new network sniffer for Windows without winpcap dependencies

Emre — Wed, 13 Apr 2011 04:17:31 +0000

Netresec released a new Windows network sniffer tool that looks promising: RawCap. It has no winpcap dependencies and with its small 17kB foot print it does not require installing. (Having said that you still need .NET Framework libraries and DLLs.)

Here are the properties of RawCap from their webpage:

Can sniff any interface that has got an IP address, including 127.0.0.1 (localhost/loopback)
RawCap.exe is just 17 kB
No external libraries or DLL’s needed other than .NET Framework 2.0
No installation required, just download RawCap.exe and sniff
Can sniff most interface types, including WiFi and PPP interfaces
Minimal memory and CPU load
Reliable and simple to use

For downloading and some screenshots and more information click here.

WOW OTP Goodness

Emre — Tue, 29 Dec 2009 03:16:16 +0000

OK, the title means: World of Warcraft One Time Password Goodness.

I just got my OTP generator from Blizzard. It has a nice horde colors touch. The activation was very simple. I was expecting that it would replace my static password, but it didn’t. Instead it asks your password first (what you know) then it asks the code generated by the token in a second window (what you have).

It’s very nice to see from a computer game vendor to use two factor authentication. And here is a picture

nmap 5 released!

Emre — Thu, 16 Jul 2009 19:33:55 +0000

nmap version 5 is released today. According to insecure.org it’s the most important release since 1997.

Here is the changelog,

Here are the release notes,

And here is the download link.

I want to mention one more time how much I appreciate all work done on this exceptional product.