Firesheep Sniffs Out Facebook and Other User Credentials on Wi-Fi Hotspots via lifehacker.com

Firefox: Firesheep sniffs out and steals cookies—and the account and identity of the owner in the process—of popular web sites (like Facebook and Twitter) from the browsing sessions of other users on the Wi-Fi hotspot you're attached to.

Firesheep is a proof-of-concept Firefox extension created by Eric Butler to show how leaky the security many popular web sites (like Facebook, Flickr, Amazon.com, Dropbox, Evernote, and more) employ is. The problem, as Firesheep shockingly demonstrates, is that many web sites only encrypt your login. Once you are logged in they use an unsecured connection with a simple cookie check. Anyone from your IP address (that of the Wi-Fi hotspot) with that cookie can be you. When using Firesheep on a public hot spot any session it can intercept is displayed in the Firesheep pane with the user's name and photograph (when available). Simply click on their name to intercept the session and start browsing the website as though you are them.

What can you do to protect yourself against such a painfully easy attack against your privacy and security? You can set up an SSH SOCKS proxy to encrypt your traffic, effectively sending your site sessions and accompanying cookies through a sniff-proof tunnel. For a less involved alternative, however, you could use something like the previously mentioned HTTPS Everywhere Firefox extension or Force-TLS (highlighted by TechCrunch). Essentially, these extensions will force popular sites to send data via the more secure HTTPS protocol, which encrypts data as it's sent, and while it's slightly slower, it's definitely worth using HTTPS when available.

Firesheep is free, works wherever Firefox does, and requires a wireless card capable of operating in promiscuous mode.

Firesheep [Code Butler via TechCrunch]

via lifehacker.com

Posted via email from ://allthings-bare

Hotspot Shield VPN for iPhone Offers Secure Browsing and Email on the Go via lifehacker.com

via lifehacker.com

iOS: Previously mentioned VPN service Hotspot Shield can already encrypt your browsing and keep you safe when using public Wi-Fi on your computer, but this morning the service announced a new mobile app for private and secure internet use wherever you use your iPhone, iPad, or iPod Touch.

Hotspot Shield for iPhone runs in the background at all times when the app is running, encrypting everything from SMS messages to emails and Twitter updates. The app also forces Safari to load sites as HTTPS when available, and protects all applications that use data, even those also running in the background. That protection comes with a price tag however. Hotspot Shield is free for 7 days, so you can try it and see if it works for you. After that, you'll have to sign up for a $0.99/month or $9.99/year subscription. If you're concerned about threats like Firesheep or you know how easy it is to sniff out passwords and cookies, you may want to give the app a try.

Hotspot Shield VPN | iTunes App Store

You can reach Alan Henry, the author of this post, at alan@lifehacker.com, or better yet, follow him on Twitter or Google+.

via lifehacker.com

Posted via email from ://allthings-bare

Beginner: How to Use LogMeIn Hamachi to Access Your Files Anywhere - How-To Geek

Whether you’re at work and forgot some file on your home computer, want to play some music on a train, or just want to move some files between your computers, accessing your files from anywhere is a life saver.

What we are going to do is download and install Hamachi, setup a network name and password and then join the network from another computer. Still think it’s hard? Here’s a detailed how-to, but first let’s get to know Hamachi.

Hamachi is a VPN client. It creates a Virtual Private Network over a public network like the Internet. When this client runs, it implements a virtual network adapter, and you’re given an additional IP address that identifies you on any virtual network you join. You then create a virtual network by name, assigning it a password. Now anyone running the Hamachi client can join your network by connecting to it by name, and supplying the password.

Note: LogMeIn Hamachi is not a remote control application so you don’t get control of the computers, you just access the network shares files.

We’ll start by downloading LogMeIn Hamachi from the link at the end of the article. Get it installed then fire it up. Once you start it, it will tell you to click the Power On button so press it.

When the dialog pops-up enter a name for this computer then click create.

Now Hamachi is up and running but we need a network to connect all the computers. Click on Create a new network to create one.

When this window pops-up enter the Network ID and a password

After entering the Network ID (name) and the password click create and the network will be created immediately. The network is created but there is only one computer in the network. To get other computers in the same network you’ll have to install Hamachi on them and set it up just like you did on the first computer but instead of creating a new network, click join an existing network and enter the network ID and the password.

Congratulations! You have got your own network and can access all the computers that are connected to it. Just right-click the computer that you want to access and select Browse. You will see the shared files just like you do with computers on you LAN network.Let’s try it, right-click and select Browse

These are the files, folders and printers that are shared on the target computer.

LogMeIn Hamachi has two great features. First, all connection are encrypted so you are safe. Second, it is transparent, meaning all technical stuff are done behind the scenes so no IP address, Gateway Address or DNS is required to be set. Awesome!

________________________________________________________________________

Download LogMeIn Hamachi

via howtogeek.com

Posted via email from ://allthings-bare

How to Setup a VPN Server Using a DD-WRT Router

We have previously covered how to set up a PPTP VPN Server using Debian Linux here on Sysadmin Geek, however if you are already utilizing a DD-WRT firmware based router in your network then you can easily configure your router to act as the PPTP VPN Server.

DD-WRT Configuration

Before setting up the VPN Server, you must first make sure your installed build of DD-WRT includes the PPTP VPN features. The DD-WRT feature list shows this as “PPTP / PPTP Client” on their chart. Check the installed version on your router (which you can see in the upper right corner on the configuration pages) against the chart. If the feature is not included in your build, you will need to flash your router with a DD-WRT version which does include the “PPTP / PPTP Client”.

To turn on the PPTP VPN Server, navigate to the Services tab and then the VPN sub-tab and select the option to enable the PPTP Server.

Once enabled, several previously hidden options will appear. Configure them as follows:

• Server IP: Public IP address of the router
• Client IP(s): List of local IP’s (respective to the VPN network) to use when assigning IP addresses to clients connecting through the VPN. In our example, we are setting aside 5 IP addresses (192.168.16.5, .6, .7, .8, .9) for use by the VPN clients.
• CHAP-Secrets: User name and passwords for VPN authentication. The format is “user * password *” (user[space]*[space]password[space]*), with each entry on its own line. In our example, there is just a single accepted user name (jfaulkner) and password (SecretPassword1).

You can view detailed documentation on all of these options by clicking the “Help more…” link on this page on the right side of the DD-WRT configuration.

Once you are finished, click the Apply Settings button to push the configuration through to your DD-WRT router and you are finished.

Connecting to the PPTP VPN Server

Once you have your DD-WRT router configured, all that is left is to simply connect your client computers to the VPN. For our example, we will be showing how this is done using Windows 7 Professional.

In the Network and Sharing Center of the Control Panel, click the option to set up a new network connection.

Select the option to connect to a workplace VPN.

If you have existing connections, they will be displayed here. For our example, we want to create a new connection.

Select the option to use your Internet connection to connect to the VPN.

Enter the domain or IP address of your VPN Server (the public IP address of the DD-WRT router configured above) and give a title to the VPN connection.

Enter the credentials for your VPN login which was configured in the DD-WRT router settings. Click Connect.

After a few moments, if everything is configured correctly, you should be connected to the PPTP VPN Server on the DD-WRT router.

Running ‘ipconfig’ on the local machine should show you are connected to both the VPN and your existing internet connection.

Once connected, you can now access all the resources on the VPN as though you were connected to the network locally.

 

DD-WRT Build Features Diagram

via sysadmingeek.com

Posted via email from ://allthings-bare

How to Setup a VPN Server Using a DD-WRT Router

We have previously covered how to set up a PPTP VPN Server using Debian Linux here on Sysadmin Geek, however if you are already utilizing a DD-WRT firmware based router in your network then you can easily configure your router to act as the PPTP VPN Server.

DD-WRT Configuration

Before setting up the VPN Server, you must first make sure your installed build of DD-WRT includes the PPTP VPN features. The DD-WRT feature list shows this as “PPTP / PPTP Client” on their chart. Check the installed version on your router (which you can see in the upper right corner on the configuration pages) against the chart. If the feature is not included in your build, you will need to flash your router with a DD-WRT version which does include the “PPTP / PPTP Client”.

To turn on the PPTP VPN Server, navigate to the Services tab and then the VPN sub-tab and select the option to enable the PPTP Server.

Once enabled, several previously hidden options will appear. Configure them as follows:

• Server IP: Public IP address of the router
• Client IP(s): List of local IP’s (respective to the VPN network) to use when assigning IP addresses to clients connecting through the VPN. In our example, we are setting aside 5 IP addresses (192.168.16.5, .6, .7, .8, .9) for use by the VPN clients.
• CHAP-Secrets: User name and passwords for VPN authentication. The format is “user * password *” (user[space]*[space]password[space]*), with each entry on its own line. In our example, there is just a single accepted user name (jfaulkner) and password (SecretPassword1).

You can view detailed documentation on all of these options by clicking the “Help more…” link on this page on the right side of the DD-WRT configuration.

Once you are finished, click the Apply Settings button to push the configuration through to your DD-WRT router and you are finished.

Connecting to the PPTP VPN Server

Once you have your DD-WRT router configured, all that is left is to simply connect your client computers to the VPN. For our example, we will be showing how this is done using Windows 7 Professional.

In the Network and Sharing Center of the Control Panel, click the option to set up a new network connection.

Select the option to connect to a workplace VPN.

If you have existing connections, they will be displayed here. For our example, we want to create a new connection.

Select the option to use your Internet connection to connect to the VPN.

Enter the domain or IP address of your VPN Server (the public IP address of the DD-WRT router configured above) and give a title to the VPN connection.

Enter the credentials for your VPN login which was configured in the DD-WRT router settings. Click Connect.

After a few moments, if everything is configured correctly, you should be connected to the PPTP VPN Server on the DD-WRT router.

Running ‘ipconfig’ on the local machine should show you are connected to both the VPN and your existing internet connection.

Once connected, you can now access all the resources on the VPN as though you were connected to the network locally.

 

DD-WRT Build Features Diagram

via sysadmingeek.com

Posted via email from ://allthings-bare

How to Setup a VPN (PPTP) Server on Debian Linux

VPN-ing into your server will allow you to connect to every possible service running on it, as if you were sitting next to it on the same network, without individually forwarding every port combination for every service you would like to access remotely.

Using a VPN connection also has the upshot of, if desired, granting access to other computers on the network as if you where in it locally from anywhere across the internet.

While not the most secure of the VPN solutions out there, PPTP is by far the simplest to install, configure and connect to from any modern system and from windows specifically as the client is a part of the OS since the XP days and you don’t need to mess with certificates (like with L2TP+IPsec or SSL VPNs) on both sides of the connection.

Did i get you interested? then let’s go

Preface

• You will need to forward port 1723 from the internet to the server to enable the connection (not covered here).
• You will see me use VIM as the editor program, this is just because I’m used to it… you may use any other editor that you’d like.

Server Setup

Install the pptp server package:

sudo aptitude install pptpd

Edit the “/etc/pptpd.conf” configuration file:

sudo vim /etc/pptpd.conf

Add to it:

localip 192.168.1.5

remoteip 192.168.1.234-238,192.168.1.245

Where the “localip” is the address of the server, and the remoteip are the addresses that will be handed out to the clients, it is up to you to adjust these for your network’s requirements.

Edit the “/etc/ppp/pptpd-options” configuration file:

sudo vim /etc/ppp/pptpd-options

Append to the end of the file, the following directives:

ms-dns 192.168.1.1

nobsdcomp

noipx

mtu 1490

mru 1490

Where the IP used for the ms-dns directive is the DNS server for the local network your client will be connecting too and, again, it is your responsibility to adjust this to your network’s configuration.

Edit the chap secrets file:

sudo vim /etc/ppp/chap-secrets

Add to it the authentication credentials for a user’s connection, in the following syntax:

username <TAB> * <TAB> users-password <TAB> *

Restart the connection’s daemon for the settings to take affect:

sudo /etc/init.d/pptpd restart

If you don’t want to grant yourself access to anything beyond the server, then your done on the server side.

Enable Forwarding (optional)

While this step is optional and could be viewed as a security risk for the extremely paranoid, it is my opinion that not doing it defeats the purpose of even having a VPN connection into your network.

By enabling forwarding we make the entire network available to us when we connect and not just the VPN server itself. Doing so allows the connecting client to “jump” through the VPN server, to all other devices on the network.

To achieve this we will be flipping the switch on the “forwarding” parameter of the system.

Edit the “sysctl” file:

sudo vim /etc/sysctl.conf

Find the “net.ipv4.ip_forward” line and change the parameter from 0 (disabled) to 1 (enabled):

net.ipv4.ip_forward=1

You can either restart the system or issue this command for the setting to take affect:

sudo sysctl -p

With forwarding enabled, all the server side settings are prepared.

We recommend using a “Split Tunnel” connection mode for the VPN client.

A more in depth explanation about the recommended “Split Tunnel” mode, as well as instructions for Ubuntu Linux users can be found in the “Setting up a “Split Tunnel” VPN (PPTP) Client on Ubuntu 10.04” guide.

For windows users, follow the guides below to create the VPN client on your system.

PPTP VPN Dialer Setup on XP (split tunnel)

We will create a regular VPN dialer with one note worthy exception, that we will set the system to NOT use it as the “Default Gateway” when connected.

Skipping this step will limit the connecting computer’s surfing speed to the VPN server’s upload speed (usually slow) because all of it’s traffic would be routed through the VPN connection and that’s not what we want.

We need to start the connection wizard, so we will go to control panel.

Go to “Start” and then “Control Panel”.

*If your system is setup with the “Classic Start Menu” you need to just point on the “Control Panel” icon and then select “Network Connections”.

In “Control Panel” double click “Network Connections”.

Double click “New Connection wizard”.

In the “New Connection wizard” welcome screen click “Next”.

Select the “Connect to the network at my workspace” option and then “Next”.

Select the “Virtual Private Network connection” option and then “Next”.

Give a name to the VPN connection.

Type in the name of your VPN servers DNS-name or IP address as seen from the Internet.

Optionally You may choose to “Add a shortcut to the desktop” and “Finish”.

Now comes the tricky part, it is vitally important you do NOT try to connect now and go into the dialer’s “Properties”.

Go to the networking tab and change the “Type of VPN” to “PPTP VPN” as shown in the picture below (this is optional but will shorten the time it takes to connect) then go into “Properties”.

On the next window go into “Advance” without changing anything else.

On the next window, uncheck the “Use default gateway on remote network” option.

Now enter the connection’s credentials as you set them on the server and connect.

That’s it, you should now be able to access all the computers on your network from the XP client… Enjoy.

PPTP VPN Dialer Setup on Win7 (split tunnel)

We will create a regular VPN dialer with one note worthy exception, that we will set the system to NOT use it as the “Default Gateway” when connected.

Skipping this step will limit the connecting computer’s surfing speed to the VPN server’s upload speed (usually slow) because all of it’s traffic would be routed through the VPN connection and that’s not what we want.

We need to start the connection wizard, so we will go to the “Network and Sharing Center”.

Click the network icon in the system tray and then “Open Network and Sharing Center”

In the Network center click on “Set up a new connection or network”.

Select “Connect to a workplace” and then “Next”.

Click on the first option of “Use my Internet connection (VPN)”.

Set the address of your VPN server as seen from the internet either by DNS-name or IP.

Even though it won’t connect now because we stil need to go into the dialer’s properties, Set the username and password and hit connect.

After the connection will fails to connect (that’s normal), click on “Set up the connection anyway”.

Back in the “Network Center”, click on “Change adapter settings”.

Find the dialer we have just created, right click it and select “Properties”.

While its optional, for a faster connecting dialer, set the “type” of VPN to PPTP under “the “Security” tab.

Go to the “Networking” tab, select the IPv4 protocol and go into it’s properties.

In the next window, click “Advance” without changing anything else.

On the next window, uncheck the “Use default gateway on remote network” option.

Now enter the connection’s credentials as you set them on the server and connect.

That’s it, you should now be able to access all the computers on your network from the win7 client.

Note: Be sure and read our guide to setting up a VPN client for Ubuntu Linux.

Enjoy

via sysadmingeek.com

Posted via email from ://allthings-bare