Sunday, 24 September 2006

Netstat, Built in SuperTool !

Netstat is a command line utility that is built into pretty much all the currently popular Operating Systems, Windows, OSX, Linux, Unix etc. Netstat literally shows you your NETwork STATus, including information such as what ports and programs are doing what and to whom ! In this post I intend to give a brief description of Netstat as it applies to Windows XP and Mac OSX.

As a command line program on XP you need to run Netstat within the MSDOS Prompt (Command Prompt) and on the Macintosh you need to open the Terminal program. To run the basic Netstat program on XP you need to type ‘netstat’ at the command prompt and on the Mac ‘netstat -f inet’. This difference is because on the Mac being Unix based you see a lot of additional (and in most cases unnecessary) information relating to Unix sockets unless you restrict the Mac to just the Internet related information.

The key information displayed by Netstat is as follows:
Protocol (TCP / UDP)
Socket (Local Address and/or Port)
Remote Address

Its worth nothing that under OSX you can use the ‘man netstat’ command to see detailed information relating to the Netstat program and under XP ‘netstat /?’.

Under XP if you would like to see information regarding what process or program is using a given connection, you can do this by using the ‘-b’ parameter. When looking at the output from Netstat the IP address or the word localhost both mean your local machine, if is shown, this relates to any IP address.

By default Netstat shows only current connections and connections that were recently closed. To see ports that are LISTENING, ie: Open Ports then start Netstat with the ‘-a’ parameter. This parameter works on both XP and OSX, on OSX the open ports are shows with a state of LISTEN and on XP as LISTENING. Note that these are open ports on your own machine and because the majority of people are behind a NAT router this does not necessarily mean that these ports are exposed to the internet. For information about what ports are exposed to the internet by your router then point your browser at and select the shields up option.

Netstat is a very powerful and useful program. Look at the help and play with the options, take control of your machine and understand what’s going off in the background.

"When you get to the end of your rope, tie a knot and hang on." - Franklin D Roosevelt

Saturday, 23 September 2006

Splitting a Key for Security

You may wish at some point to issue a key, maybe the passkey that unlocks some encrypted information, in such a way that it is only by two individuals coming together and agreeing to exchange their unique information that the key can be determined, and the information unlocked.

The obvious solution is, in the case of a 128 bit key, to split the key in half and give each individual 64 bits. This solution is of course not good as then each half of the key is now only half the strength of the original key and 64 bits is no longer strong enough. You are effectively halving the strength of your encryption.

A useful solution is to envisage a graph, the key is a point on that graph. The information that is given to each of the ‘key holders’ is a coordinate on that graph. Only when in possession of both coordinates can a line be drawn between the two. Continuing that straight line through the Y axis reveals the full key.

Simple and ingenious. Credit to Steve Gibson at for discussing this issue.

Marge: Homer! There’s someone here who can help you…
Homer: Is it Batman?
Marge: No, he’s a scientist.
Homer: Batman’s a scientist!
Marge: It’s not Batman!

Thursday, 14 September 2006

Wiretapping, No Warrant Needed !

Only In America. Surely. I Hope.

The Senate Judiciary Committee approved a bill that not only authorizes, but extends, US warrentless wiretapping. No accountability. No oversight. No definition of 'terrorist.'

See the full story here.

My opinion? The beginning of a very slippery slope ...

Barney: Hello, my name is Barney Gumble, and I’m an alcoholic.
Lisa: Mr Gumble, this is a girl scouts meeting.
Barney: Is it, or is it you girls can’t admit that you have a problem?

Thursday, 7 September 2006

Bump Keys

It seems that the public in the US and the UK are now becoming aware of ‘Bump Keys’. This information has been public knowledge in countries such as Germany for quite a while, I personally was first exposed to then a few months ago during a security training course. Basically a Bump Key is a key that is cut shorter and with the cuts deeper than normal. The key can then be inserted in a lock, tapped with a hammer and the door opens.

There are two major issues here: Firstly the fact that these Bump keys can open almost any lock, and secondly the fact that there is no evidence of them being used. This could mean that your insurance company believes that the original key was used to open the lock and then refuses to pay out.

Here is a link to the video that shows how Bump Keys work. It’s the one that I saw myself a while ago, I believe it is German in origin but it is subtitled in English.

Apparently locks made by Medeco and Abloy are resistant to the Bump Keys. I am not sure if these are available in the UK however. I guess it just goes to show that the criminals are always one step ahead and all we can do is play catch up as best we can ...

I believe the first time this technique was published was in the Chaos Computer Club magazine in 2005. Certainly this is the earliest reference I can find. The best article I can find on this subject is by Security Expert Mark Weber Tobias and is available on this link.

"Books are the quietest and most constant of friends; they are the most accessible and wisest of counsellors, and the most patient of teachers." - Charles W Eliot

Monday, 4 September 2006

Incredible Guitar Playing

Have a look at this. Awesome. This is the same song played by the guy who composed the arrangement. Even more Awesome !

“You know, the courts may not be working any more, but as long as everyone is videotaping everyone else, justice will be done.” - Marge Simpson