Plain passwd in Firefox and Chrome

At this moment we all have removed chrome and firefox.
Both browsers displays plain text passwd in there settings wich are passwd unprotected.
So from now on we use Safari
Detailed info:
nakedsecurity


Posted in Posts by with no comments yet.

Install FreeRadius on CentOs 5 and 6, Using Mysql, with NT-Hash passwd’s for Wifi Routers

install freeRadius
# source http://safesrv.net/install-and-setup-freeradius-on-centos-5/

CentOS 5:
 yum install freeradius2 freeradius2-mysql freeradius2-utils mysql-server -y
CentOS 6:
 yum install freeradius freeradius-mysql freeradius-utils mysql-server -y

They should install without any problems. To setup MySQL, start the service by running below:

CentOS:
 service mysqld start

Now run the following to set your password and security settings:

 /usr/bin/mysql_secure_installation
mysql -uroot -p
 CREATE DATABASE radius;
 GRANT ALL PRIVILEGES ON radius.* TO radius@localhost IDENTIFIED BY "radpass";
 flush privileges;
mysql> use radius;
CentOS:
 SOURCE /etc/raddb/sql/mysql/schema.sql
Now open up CentOS: /etc/raddb/sql.conf and enter your mysql database details you just created, Example:  # Connection info: server = "localhost" #port = 3306 login = "radius" password = "radpass"

# Database table configuration for everything except Oracle radius_db = “radius”

In /etc/raddb/radiusd.conf ensure that the line saying:
$INCLUDE sql.conf is uncommented.
Edit /etc/raddb/sites-available/default and uncomment the line containing
 ‘sql’ in the authorize{} section and ‘sql’ in the accounting {} section, also uncomment ‘sql’ under session {}.
Additionally, edit /etc/raddb/sites-available/inner-tunnel and uncomment the line containing
 ‘sql’ under “authorize {}” and under session {}.
Open up /etc/raddb/clients.conf set your secret to something a bit more random, example:
Change:
secret = testing123 To something like: secret = 3c23498n349c3yt290y93b4t3
service radiusd restart
 service radiusd stop
To add clients (External VPN Servers) you would edit CentOS: /etc/raddb/clients.conf Ubuntu: /etc/freeradius/clients.conf and directly under this line:
 
 # coa_server = coa
 } Add a block such as this:
client VPN_SERVER_IP { secret = YOUR SECRET HERE shortname = yourVPN nastype = other }

To allow external servers and software to authenticate off your FreeRADIUS, this has to be done every time you setup an external server to use this FreeRADIUS database.

Everytime you add a client or change a value in the config files you need to restart radius like this:

CentOS:

service radiusd restart

Add a test user to the radius database, first you need to login to your mysql radius database:
mysql -uroot -pyourrootpass

Switch to the radius database:

use radius;

Once there execute the below commands:

# overview of the user table

desc radcheck -> ; +———–+————–+——+—–+——————–+—————-+ | Field | Type | Null | Key | Default | Extra | +———–+————–+——+—–+——————–+—————-+ | id | int(11) | NO | PRI | NULL | auto_increment | | username | varchar(64) | NO | MUL | | | | attribute | varchar(64) | YES | | Cleartext-Password | | | op | char(2) | YES | | := | | | value | varchar(253) | NO | | | | +———–+————–+——+—–+——————–+—————-+ 5 rows in set (0.04 sec)

if you want “plain passwd’s you can use this.

mysql> INSERT INTO `radcheck` (`id`, `username`, `attribute`, `op`, `value`) VALUES (1,'test','Cleartext-Password',':=','test');
radtest test test 127.0.0.1 0 mysecret

If you see “rad_recv: Access-Accept” then your installation is working fine.

If you want to use “NT-Hash passwd” it’s more save then plain-text. (not 100% save)

INSERT INTO `radcheck` (`id`, `username`, `attribute`, `op`, `value`) VALUES (1,’test’,’NT-Password’,':=’,’0CB6948805F797BF2A82807973B89537′);

With the following command you can add users into the mysql table (perl and libraries required)
you need to :

yum install perl-Crypt-SmbHash.noarch perl-Class-DBI-mysql.noarch libdbi-dbd-mysql.x86_64

 ( raduseradd.cgi download here)
 
#!/usr/local/bin/perl

use DBI;
use Crypt::SmbHash;
# script by Marcel Kraan 
$dserver        =       "localhost";
$ddatabase      =       "radius";
$duser          =       "radius";
$dpassword      =       "radpass";
undef $usercheck;
undef $doublecheck;

$dbh = DBI->connect("DBI:mysql:database=$ddatabase;host=$dserver", "$duser", "$dpassword")||die "login/dbase/passwd/host error";

$username = $ARGV[0];
$password = $ARGV[1];
if ( !$password ) {
        print "Not enough arguments\n";
        print "Usage: $0 username password\n";
        exit 1;
}
ntlmgen $password, $lm, $nt;

$query = "SELECT username from radcheck where username = '$username'";
$sth = $dbh->prepare("$query");
die $dbh->errstr unless $sth && $sth->execute;
while(@row = $sth->fetchrow) {
        $usercheck          =       $row[0];
}

if ($usercheck){
        print "user: $username already exist\n";
}else{
        &useradd;
        $query = "SELECT username from radcheck where username = '$username'";
        $sth = $dbh->prepare("$query");
        die $dbh->errstr unless $sth && $sth->execute;
        while(@row = $sth->fetchrow) {
                $doublecheck          =       $row[0];
        }
        if ($doublecheck){
                print "user $username succesfully added to the database\n";
        }
}

sub useradd {
        $query = "INSERT INTO radcheck (username,attribute,value) VALUES ('$username','NT-Password','$nt')";
        $sth = $dbh->prepare("$query");
        die $dbh->errstr unless $sth && $sth->execute;
}

If you have any problems with FreeRADIUS you can run FreeRADIUS in debug mode to help pinpoint any issues, to do that just do the following:
CentOS:

 service radiusd stop
 radiusd -X

Posted in Posts by with no comments yet.

freefall demo


Posted in Posts by with no comments yet.

Cydia Animalsounds

Just installed my own Cydia Repository for iPhone arm applications


Posted in Posts by with no comments yet.