Comments for Dustin D. Trammell

Comment on Metroid Security Mechanism by SmartPhone Unlock Screens: Moving in the Wrong Direction « Dustin D. Trammell

Tue, 10 Nov 2009 22:28:22 +0000

[...] Needless to say, I tend to wipe my phone’s touch-screen quite frequently. Why hasn’t anyone implemented a lock screen that uses a technique like this one? [...]

Comment on The Internet is a Dirty, Dirty Mistress by Dustin D. Trammell

Dustin D. Trammell — Wed, 04 Nov 2009 23:57:19 +0000

@Prem I’m not sure exactly what you’re asking… iptables is only going to log specific packets that match a rule, you can’t really control how frequently those packets come into the interface.

Comment on The Internet is a Dirty, Dirty Mistress by Ben

Ben — Tue, 20 Oct 2009 23:52:00 +0000

Best writeup ive seen on this. Trying to do it manually on iptables should work also ?

When I try , I get:
iptables v1.3.5: Unknown arg `badconns’

from this rule:
iptables -A INPUT -p tcp –syn –dport 22 -m state –state NEW \
-m recent –name ssh –rcheck –seconds 120 –hitcount 3 \
-m recent –name badconns –set -j DROP

Any help appreciated

Comment on The Internet is a Dirty, Dirty Mistress by Prem

Prem — Tue, 22 Sep 2009 10:50:36 +0000

Hi,
I want to know is it possible to log 5 packets for every 2 minutes for iptables if it is possible may i know the command.
Thanks in advance…

Comment on BlackHat USA 2009 by DEFCON 17 « Dustin D. Trammell

DEFCON 17 « Dustin D. Trammell — Tue, 11 Aug 2009 21:52:03 +0000

[...] Dustin D. Trammell « BlackHat USA 2009 [...]

Comment on Configuring DNSSEC in BIND by Christophe Vandeplas

Christophe Vandeplas — Thu, 25 Jun 2009 18:49:04 +0000

There is a small correction:
the following line has a typo in “trusti-anchor” => “trust-anchor” (without i)
dnssec-lookaside . trusti-anchor dlv.isc.org.;

Thanks for the interesting blogpost and linked pdf

Comment on Four-factor Authentication by Travis H.

Travis H. — Fri, 27 Feb 2009 17:29:40 +0000

I wrote a relatively equivalent piece on this, in my Security Concepts book:

http://www.subspacefield.org/security/security_concepts.pdf

It’s in section 9.8, Authentication Factors.

I also mention “somewhere you can be reached”. Your credit card company uses this method of authentication every time it sends something to your home address, and web sites do it every time they email you something.

Comment on MD5? Really? by Collisions, a secure hash function killer (MD5, SHA1, SHA2) « CryptoBlog - Data Security and Information Theory

Thu, 26 Feb 2009 06:11:38 +0000

[...] NIST has been discouraging people to use MD5 and even SHA 1 since many years ago. A good account of this was posted by Dustin Trammell here. [...]

Comment on Review: The IDA Pro Book by nate

nate — Fri, 13 Feb 2009 14:51:03 +0000

Awesome, I’ve actually been eye balling this book for the past week. It’s next on my list to read. Nice to see it come up on your site.

Comment on Four-factor Authentication by Dustin D. Trammell

Dustin D. Trammell — Thu, 12 Feb 2009 18:53:25 +0000

@joat The concept I was going for was not necessarily “where you are” in regard to specific location information such as GPS, but more like where you are within a managed physical security system. For example, if you have already authenticated to the front door of a building, and then further authenticated to your department floor, “where you are” essentially provides indication of your access level based on your location within that system. Authentication to some information systems on that floor may require only that you be there, on that floor, using your location as proof of your access level or group status, without individually identifying you. This factor can be used for pseudo-anonymous access within a managed group.