Konboot

July 22, 2009 1 comment

I am playing around with konboot after first hearing about it on the Hak5 podcast.  If you haven’t heard about it, it is a boot disk you can create on a floppy, CD or USB drive (see Irongeek’s site for USB instructions). The disk changes the windows or Linux kernel on the fly while booting to allow you to bypass the login password.  In windows you just use any valid user name and a blank or garbage password, you will then be logged in as that user and can access all their files.  So naturally you will probably want to try the local administrator user which will allow you to access all files on the computer.  In Linux you will use the user name kon-usr and no password.  This will give you full root access on the Linux machine.

I have found it works well if the system is not muti-boot.   On my systems which are all multi-boot it would only work on one system and only on one OS which happen to be EEEbuntu.  My other laptop gave me error about the cylinder number being too high like the old school days of LILO where the boot image had to be below cylinder 1024. I am assuming this is the same issue as the days of old.  Also a caveat don’t use Konboot to login to a domain account on a computer that is connected to the network.  This will disable the account on the domain and won’t allow you to login.  In most environments user credentials are cached in case the network goes down.  So air gap the computer before using a domain account.

Remediation steps are fairly simple.  Lock the bios with a password and only allow the system to boot from the hard drive.  This should already be in the check list of task to perform when deploying a new PC. Since this type of threat isn’t new kon-boot just make it a little simpler to access the PC than loading up a live linux distro like knopix.  If there is any sensitive information on the hard drive encryption should be used of course since if someone steals the computer or hard drive its game over.  With the breach notification laws in most states that is not a fun proposition.

Advertisements
Categories: Geeky stuff, Security

Getting ride of volumen group that doesn't exsist in linux

July 17, 2009 Leave a comment

I was setting up a test VM with 4 one TB SAN LUNS.  After successfully creating and testing the VMware image I blew it away without touching the LVM. After greating the production image I tried to add the LUNS back to the LVM and I of course got errors when adding the LUNS to the LVM.  The meta data for the old volume group was still there and the OS refused to add the LUNS to the existing volume group.  I then tried to remove the volume group with the vgremove but since the devices with the UUIDs themselfs were long gone I could not do it.

I finally found a very simple solution just DD the damn things with zeros.  That will blow out all the metadata. So for each lun I ran

if=/dev/zero of=/dev/XXX bs=512 count=5

Probably only needed a count=1 but what the hell I don’t care I didn’t have anydata on the LUNS anyways.  After that  running lvscan came back clean with no orphaned UUID’s and I was able to initialize the LUNS again and add them to the new volume group.

Categories: Geeky stuff

Tilt Shift time lapse

October 12, 2008 Leave a comment

This series by Keith Loutit really make me want a shift tilt lens.  I have seen plans online to make one since I will never be able to afford one.

Bathtub II from Keith Loutit on Vimeo.

Categories: misc

Not to self

September 12, 2008 Leave a comment

Note to self use IE History View to view index.dat files for IE7.  Index.dat spy no longer works.

On second thought just use encase.

Categories: Security

No viruses and no spyware does not mean its more secure.

September 9, 2008 2 comments

I hear this argument all the time that Mac OS X is better than windows becuase it is more secure.  The proof alot of people stat is there are very few virus and spyware on OS X.  Yes that is true there are also very few on OS/2 warp, minux, BeOS, windows 3.11, NT 3.51, Irix, linux, solaris, BSD, and pretty much every other operating system know to man compared to windows.  That doesn’t make them more secure.  That makes them a small target compared to windows, it doesn’t make OS X more secure.  There is a reason why tons of bugs were found in safari when Apple ported it to windows.  Was the code so different from the OS X code base?  I doupt it, there are many more automated security tools build for use on windows which also makes it that much easier to find the flaws in XP and Vista than in OS X.  Any one who thinks apple cares that much about security let me remind you it took apple three weeks to patch the DNS vulnurability!!  Weeks after there were working exploits.  The larger the market share grows for Apple the more virus and malware you will see released targeting OS X.

Apple fan boys please don’t bug me.  I personally use a mac as my main lap top now.  I personally like OS X better than Vista and XP because I am a unix fan boy.   But that is a personal choice.  Also Linux fan boys I love linux and am a RHCE but I need an OS for my day to day work where I don’t have to wory about breaking everything because I upgraded lib c compat, or installed a new kernel.  I run Cent OS on all my servers when I can and I also have another Ubuntu laptop that I use for certain security tools.  Windows fan boys, securing mainly windows boxs is my bread and butter.  Windows with AD in an enterprise is the way to go.

Categories: misc

Best Fark.com comment ever

August 29, 2008 Leave a comment

Best damn fark comment ever.

“I like to eat a bowl of Kraft Dinner (a.k.a. “KD”) while watching some opera or ballet. There’s nothing better than a little arts & Kraft.”

In response to winy poor Canadians not wanting to eat free kraft mac and cheese.

Categories: misc

Open Source Asset Tracking software

July 17, 2008 Leave a comment

The University of Washington has released a free and open source system for tracking computers called Adeona.  I have installed it on my work laptop and it gets the job done.  This is a great solution for home users as it works on Linux, Mac, and PC and doesn’t require anything else from the user as far as a server or service fee to use it.  There are some defiant short comings though.

  • First as with all non BIOS tracking software this won’t work if a thief wipes the drive without booting up.
  • Second it sends the location data pseudo randomly every half hour, so if a thief boots a laptop and sees a login screen and shuts it down, it probably won’t be recorded.
  • Third would be a nightmare to mass deploy.  I have thousands of computers I would want to install this on.  To do this I would have to manually install it on everyone since it asks questions during the install and you have to copy a file to a central server that you have to have to check on the location data.
  • Fourth it uses OpenDHT to store the location information.  I don’t trust the stability of an open source distributed storage system that anyone can use for distributed storage.  Its only a matter of time before this starts to be used to distribute illegal material or the popularity of it cripples it.  I am all for open access to things but time and time again a few people always ruin it.

For my purposes I think it would be better just to write a program that posts the computer name and IP address to web server that stores the information in a MySQL database.

Categories: Security