Tag Archives: security

shadowsocks auto deploy

I wrote a cloud-init script to automate the deployment of a shadowsocks server. I shared it in a gist here.

Features:

  • Creates a non-privileged user
    • Uploads your ssh public key to the user
    • Adds this user to the sudoers group
  • Disables ssh login for the root user
  • Downloads and installs libraries required for chacha20
  • Creates a “random” password and writes it in the config.json file
  • config.json file is in the /root directory. (You will need the password in this config file to be able to connect to your shadowsocks server.)
  • Starts the shadowsocks server.

You have to fill out the _YOURUSERNAMEHERE_, _YOURSSHPUBLICKEYHERE_ and _YOURFULLNAMEHERE_ with your data.

You can use this script in DigitalOcean easily following this document.

Some basic statistics on leaked Sony usernames and passwords data.

I spent some time on analyzing password usage using the data that leaked from couple of Sony hacks few days ago. The results are pretty scary.

The data size: 38698 users on 2 sites.

Top ten most used passwords are:

  1. seinfeld
  2. password
  3. winner
  4. 123456
  5. purple
  6. sweeps
  7. contest
  8. princess
  9. maggie
  10. peanut

So if you have a password that is listed above, you better change it pretty soon.

I also compared how many people were using the same password on two different hacked Sony sites. There were 2421 users who used the same email to register and out of those only 168 users were using different passwords (about 6.5%).

And who wins the email war? Based on the same data, most of the users were using emails from the following providers:

# of users Provider
11281 yahoo.com
7250 other email providers
5077 hotmail.com
4876 aol.com
4837 gmail.com
1600 comcast.net
1263 msn.com
920 sbcglobal.net
676 verizon.net
478 bellsouth.net
440 cox.net

RawCap: A new network sniffer for Windows without winpcap dependencies

Netresec released a new Windows network sniffer tool that looks promising: RawCap. It has no winpcap dependencies and with its small 17kB foot print it does not require installing. (Having said that you still need .NET Framework libraries and DLLs.)

Here are the properties of RawCap from their webpage:

  • Can sniff any interface that has got an IP address, including 127.0.0.1 (localhost/loopback)
  • RawCap.exe is just 17 kB
  • No external libraries or DLL’s needed other than .NET Framework 2.0
  • No installation required, just download RawCap.exe and sniff
  • Can sniff most interface types, including WiFi and PPP interfaces
  • Minimal memory and CPU load
  • Reliable and simple to use

For downloading and some screenshots and more information click here.

WOW OTP Goodness

OK, the title means: World of Warcraft One Time Password Goodness. 🙂

I just got my OTP generator from Blizzard. It has a nice horde colors touch. The activation was very simple. I was expecting that it would replace my static password, but it didn’t. Instead it asks your password first (what you know) then it asks the code generated by the token in a second window (what you have).

It’s very nice to see from a computer game vendor to use two factor authentication. And here is a picture 😉