Hackepedia - User contributions [en]

Main Page

2006-03-10T22:18:40Z

Mouring:

__NOTOC__

<table width="100%" cellspacing="3" cellpadding="4">
<tr><td rowspan="2" width="56%" valign="top" bgcolor="#d7e7fa" style="border:1px solid #CEDEF4; padding:1em;padding-top:0.2em; color: black;">
The rough idea for this site was to create and provide answers to commonly asked questions and those that aren't currently answered online. It is written by hackers. If you do not understand a term, look it up at [http://www.wikipedia.org Wikipedia]. If you've come here to find answers or examples, hopefully you will find them. If you have an answer or example, we hope that you will leave those as well.

You may have also been sent here because you're new to the [[internet]], or would like to learn the etiquette.

Some other random pages to get you started:

[[Cider|How to make Cider]]

[[LILO|Fixing a broken LILO]]

[[Debugging]]

[[$HOME]]

[[Privilege_escalation|Privilege Escalation]]

[[DefenseInDepth|Defense in Depth]]

[[Disk_breakdown|The breakdown of a disk]]

</td><td width="24%" valign="top" bgcolor="#e7f7e7" style="border:1px solid #BAD0EF; padding: 1em; padding-top: 0.5em; color: black;">
'''Major Categories'''
{{MajorCategories}}
[http://www.yashy.com/help/index.php/Special:Wantedpages Pages To Be Written]

</td></tr>
</table>

You will need to email yashy at mail.yashy.com. for an account on this site in order to edit pages.
Please see [http://meta.wikipedia.org/wiki/MediaWiki_i18n documentation on customizing the interface]
and the [http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide User's Guide] for usage and configuration help.

All Content on this website is [[Help:Copyrights|protected by copyright]].

Hauppauge 350 MythTV

2006-02-15T05:28:36Z

Mouring:

The following is an intial pass as a quick install guide for 350 card with TV out. I'll be cleaning up this entry once I have time to get back to my PVR box. Until then I hope this helps others from spending two days working on a confguration like I did.

=== Intial Install ===

Grab a copy of KnoppixMyth.

NOTE: You need at LEAST a 10 gig drive and any part of the drive that isn't used for the initial setup will be shoved into /myth partition.

* Select 2 (Auto Install)
* Set your Timezone (I use SysV style since I'm use to that style of naming)
* Set your time
* Set your user account full name
* Set your user login name
* Set your password
* Verify your password
* Set Root's Password
* Verify Root's Password
* Set Machine Name
* Accept the params if you typed them right.
* Accept the Warning about using the default partitioning
'''Wait while it mucks around with the drives and installs stuff'''

It will tell you that it is done and you should hit "OK"
Pull the CD out and hit return

=== First Reboot: ===

* It will boot into X and will prompt you for root's password. Enter it.
* Hit Ok
* Prompts for Time Zone again (stupid program)
* Prompts for DHCP (I use it, if you don't.. Can't help you =-)
* Select i586 or i686 respectively.. Some respects it doesn't matter you'll be redoing it anyways.
* Asks if you want to clear current configuration, say no (doesn't matter)
* Asks if you want to clear TV channel configuration, say no (doesn't matter)
* Go to "2. Capture Card"
* Select "New Capture Card"
* Arrow up to "Card Type" select "MPEG-2 Encoder card (PVR-250, PVR-350)
* If you don't see "Composite 0" show up.. the system didn't detect your card. Move it to another slot.
* Leave the rest and go back down to "Finish" and hit enter
* Hit escape
* Go to "3. Video Sources"
* Select "New Video Source"
* Configure this how you like.. Remember that "Data Direct" is also "Zap2It Labs" (Note: Point to Zap2It registration page)
* When done hit "Finish" then hit "escape"
* Select "4. Input Connections"
* Select "tuner 0"
* Populate the "Video Source" with the source you just defined.
* Go to "Finish" then hit escape.
* It will start downloading your channel information.. Wait.
* It will bring you to the main mythTV screen. Select "Watch TV" to ensure you are getting signal. If not redo the above steps.

=== Making remote work: ===

* SSH into the box as root
* Type "install-i686-l" or "install-i586-l" This will setup some of the stuff needed for your remote.
* Type: update-rc.d lirc defaults (why I need this, who knows they just don't start it by default)
* Type reboot and next boot you should have your remote. (If not look at: http://www.knoppmythwiki.org/index.php?page=Hauppauge250Remote)

=== Making work with TV-out ===

Follow the following instructions: http://www.knoppmythwiki.org/index.php?page=HauppaugeThreeFiftyInstallation
The only change I'd make it when it says "lspci | grep MPEG" save yourself a few brain cells and type "lspci -X" so you don't have to convert hex.
Frankly I hate normal diff.. This is a diff -u of the output:

--- /etc/X11/XF86Config-4.pvr350-tvout.sample 2005-02-20 15:52:48.000000000 -0600
+++ /etc/X11/XF86Config-4.pvr350 2005-10-03 18:05:22.000000000 -0500
@@ -107,14 +107,15 @@

Section "Device"
Identifier "Hauppauge PVR 350 iTVC15 Framebuffer"
- Driver "fbdev"
+ Driver "ivtvdev"

### change fb1 to whatever number you got in the previous section
Option "fbdev" "/dev/fb1"
+ Option "ivtvdev" "/dev/fb1"

### change the busid to whatever is reported by lspci. Note that
### output of lspci is hex, so add a preceding "0x" to the BusID
- BusID "0:0x08:0"
+ BusID "PCI:0:13:0"
EndSection

* Section "Screen"
* As well as in the Enable Hardware Playback step use "Bob (2x Framerate)"

=== Other things that can go wrong: ===

If it jerky I suggest looking at what IRQ you have it on and mucking around until you can get it to a better IRQ.

%% Original from http://eviladmin.org/projects/MythTV.html and reposted with permission

Timing attack

2006-02-15T04:50:01Z

Mouring:

Timing attacks are attacks where you attempt to gleam information from a stream of communications (audio, digital, visual, etc) that wouldn't be normally avaliable.

== Audio ==

Studies have shown that recording the time between hitting keys on the keyboard can shorten the number of letters you need to try in order to less the amount of letters needed to guess the password. These attacks have also been discussed in terms of ATM machines and other places where single factor password authentication is required.

== Digital ==

These attacks are done on streaming data within a network environment.

=== Not Sending Critical Data ===

Some SSH implementations had an issue when data was not being echoed back to the user that you'd see packets sent from the user to the server, but you'd not see the equal packets pass back to the user. These normally occurred when using 'su' or any program that turned off shell echo. These type of attack alert the attacker that the data being sent could be critical (password, SSH passphrase, etc).

=== Timing in Critical Periods ===

These are in theory the same as the audio problem. The time it takes for a response could leak critical information. Consider the [[password]] database if you login as any user that doesn't exist in the system the natural execution of code is to look up that user in the database and then compare the [[password]] crypts of that user, or not if the user doesn't exist. OpenSSH protects against someone trying to determine what users are on a system or not by still comparing a user to a dummy hash so that it looks like there is an actual crypt comparison happening. The code is in function [[fakepw]]() in auth.c of OpenSSH. Hindnote, this is a good thought but the fakepw() in openssh doesn't work when BSD_AUTH is defined, which it is by default.

== Visual ==

Systems that show a character for each character could leak the length of passwords or passphrases. There was a study that flashing modem lights could leak such information.

Ssh

2006-02-15T04:20:01Z

Mouring:

SSH stands for "Secure Shell" and was first written by a Finnish computer scientist named Tatu Ylonen. Mr. Ylonen went on to found [http://www.ssh.com SSH Communications] which continues developing the ssh program. The program uses both symmetric and assymetric [[cryptography]] in order to keep the [[OSI]] session layer secure from session [[hijacking]] and [[sniffing]].

=== Public Key Differences ===

There are three versions used in SSH. One for v1 protocol, and two for v2.

* RSA1 is referred to as the original RSA key used for v1 protocols. These keys were used to encrypt the communications.

* RSA is referred to as the v2 protocol. This is used for signing the channel only since the underlying protocol is now handled by a different means.

* DSA was added to v2 protocol after [http://www.rsasecurity.com/ RSA Security] assured patent rights, and the IETF included DSA to allow for patent free implementation. '''Note: Due to how DSA works it requires a lot more good enthropy to be secure compared to RSA.'''

Which is the right one for you? Since the RSA patent has expired it is recommended by most of the OpenSSH team to stay with RSA keys since they have been around longer and are more known in terms of their strengths and weakness.

=== The OpenSSH Fork ===

[http://www.openssh.com OpenSSH] was forked from a free version of SSH 1.2.12 and shipped with the [[OpenBSD]] 2.6 system. It has gained popularity among many vendors and is shipped with their products as well. [http://ssh.com/ Tatu Ylonen's company] took OpenSSH to court but lost.

=== Cool SSH Tricks ===

Modern SSH clients and servers allow you to do some pretty nifty tricks. The most common is [http://en.tldp.org/HOWTO/XDMCP-HOWTO/ssh.html X11 Port Forwarding]. You can also [http://www.coder.com/daniel/kwlug/ssh-tricks/slide010.html forward arbitrary ports], and [http://www.coder.com/daniel/kwlug/ssh-tricks/slide006.html compress] files when transfering them over the network (all in addition to encrypting the data). One really nifty trick is to [[FlexLMForwarding| forward FlexLM]] connections. Another popular trick is [[ssh-keygen|passphraseless key exchange]].

Ssh

2006-02-15T04:16:50Z

Mouring:

SSH stands for "Secure Shell" and was first written by a Finnish computer scientist named Tatu Ylonen. Mr. Ylonen went on to found [http://www.ssh.com SSH Communications] which continues developing the ssh program. The program uses both symmetric and assymetric [[cryptography]] in order to keep the [[OSI]] session layer secure from session [[hijacking]] and [[sniffing]].

=== Public Key Differences ===

There are three versions used in SSH. One for v1 protocol, and two for v2.

* RSA1 is referred to as the original RSA key used for v1 protocols. These keys were used to encrypt the communications.

* RSA is referred to as the v2 protocol. This is used for signing the channel only since the underlying protocol is now handled by a different means.

* DSA was added to v2 protocol after [http://www.rsasecurity.com/ RSA Security] assured patent rights, and the IETF included DSA to allow for patent free implementation. '''Note: Due to how DSA works it requires a lot more good enthropy to be secure compared to RSA.'''

Which is the right one for you? Since the RSA patent has expired it is recommended by most of the OpenSSH team to stay with RSA keys since they have been around longer and are more known in terms of their strengths and weakness.

=== The OpenSSH Fork ===

[http://www.openssh.com OpenSSH] was forked from a free version of SSH 1.2.12 and shipped with the [[OpenBSD]] 2.6 system. It has gained popularity among many vendors and is shipped with their products as well. [http://ssh.com/ Tatu Ylonen's company] took OpenSSH to court but lost.

=== Using Public Key and Problems Assocated with it ===

... discuss ...

=== Cool SSH Tricks ===

Modern SSH clients and servers allow you to do some pretty nifty tricks. The most common is [http://en.tldp.org/HOWTO/XDMCP-HOWTO/ssh.html X11 Port Forwarding]. You can also [http://www.coder.com/daniel/kwlug/ssh-tricks/slide010.html forward arbitrary ports], and [http://www.coder.com/daniel/kwlug/ssh-tricks/slide006.html compress] files when transfering them over the network (all in addition to encrypting the data). One really nifty trick is to [[FlexLMForwarding| forward FlexLM]] connections. Another popular trick is [[ssh-keygen|passphraseless key exchange]].

SSH

2006-02-15T03:57:54Z

Mouring:

== Quick SSH History ==
SSH simply is a point to point encrypted connection that acts much like rsh or telnet. It was originally written by Tatu Ylönen (who later started "SSH Communication Security"). This version is referred to as SSH v1 protocol. A later modification to the protocol to improve security is referred to as v1.5. Later Tatu turned over the next version of the protocol to the IETF which is referred to as v2 protocol. A more complete history can be found at [http://en.wikipedia.org/wiki/SSH Wikipedia SSH Page]. Here we will discuss more of the pratical aspects of SSH.

== SSH Key Differences ==
There are three versions of SSH keys. Two of which are SSH v2 only.
+ RSA1 -
+ RSA -
+ DSA -

[.. Discuss v1, v1.5 and v2 differences in how SSH keys are used ..]

[.. Discuss the difference between RSA1, RSA and DSA keys ..]

[.. Discuss how to use user public keys for v1.x and v2.x ..]

[.. List different SSH versions ..]