-
Telnet Basics Guides & Tutorials
A tutorial on telnet for beginners. Explains what telnet is and how to use it.
here are sites that will allow you to play with telnet and try the things you have learned:
http://www.chem.ox.ac.uk/it/telnet.html
http://www.westwords.com/guffey/nettel.html
First of all what is telnet?Telnet is a protocol which is part of the TCP/IP suite. It is quite similar to the UNIX rlogin program. Telnet allows you to control a remote computer from your own one. It is terminal emulation software. In the old days harddrives were humonguous and expensive (i am talking waY back here) and there were no personal computers. To make use of existing computers you had to lease hardrive space and use terminals to operate the system. For developers this was great because computing became lots cheaper. You needed a server and many connections could be made. With telnet u can emulate this type of distributed computing and for example operate a supercomputer from a distance.
TCP/IP works with ports and telnet has one also. It's nr 23. It's has several rfc's. Nr 854 dates back to 1983 and is named telnet protocol specification.
With telnet you can do various things like send mail, log in to irc or proxy and even (though hardly anymore) view and modify websites. There are telnet services available allowing you to search through large databases using telnet. With this you use the remote computer's power so it won't presure your precious resources. Usually help or remotehelp are the commands to use to find out what you can and cannot do. If you can't see what you type in then set echo. Once you made a connection you can use the computer as if it was your own. You use command lines for this.
Telnet knows different emulation types. VT-100 is most used. This emulation was used on the video terminals of DEC. There are still VT-100 servers running out there. Scientists use these.
To use telnet you need a client. Windows has telnet built in by default (as does UNIX but that's a different story), but there are third party clients available on the net. You start a telnet session by typing in the command 'telnet server.net 23' where the port number is optional. Since Telnet was based on UNIX (as it is part of TCP/IP which also was based on UNIX) it uses UNIX commands. Basic knowledge would help you here. The port number specifies what services you will use. 23 is the default one. You can log into various services. 80 is the HTTP server for that.
So say you wanted to modify your site from a distance on a leased line. You don't have your fav progs and hardly any time.
/* telnet server.net 80 (leave the /*)
/* GET http://www.server.net/YOURSITE.HTM HTTP/1.1
You can use this method to get the output of a cgi-script as well. The simple request doesn't use the HTTP/1.1 (this is the HTTP version running on the server). If you perform a bad request you usually get some info on the server. Use this to find a the correct versions of services running.
To put files to the server u use the PUT command. Telnet is pretty simillar to FTP which is also part of TCP/IP. There are other commands available like POST, which is used to put larger data files to the server, HEAD to get the sites header and DELETE. This one is obvious isn't it.
You can also use telnet to send raw imails. The port to login to is 25.
First you have to identify your self. This geos like this:
/* telnet mail.server.net 25
/* HELO www.you.net
When you typed this command you'll get some feedback telling you who and what you logged on to. When you login u may get also some feedback telling you things. :`;
After this you tell the server where the mail is from like this:
/* MAIL FROM:you@youradress.net
The server will give you feedback again telling you
/* ...Sender OK
You are accepted. Now for the receipant
/* RCPT TO:yourroommate@hisadress.net
again feedback
/* ...Receptient OK
The server stil does it's duty.....
/* DATA
After typing this command you'll get the instructions on the proper way to send the mail. Type your mail using the instructions. After you're done sending your mail close the connection using
/* QUIT (or END, EXIT, LOGOFF LOGOUT)
You can use this to receive your mail as well (if your provider allows you). The POP port is 110. Telnet to the server on this port. Once there use the following commands.
/* USER you@THE_SERVER_GOES_HERE.net
/* PASS ;type in your password (simple huh.).
Once you are accepted as a valid user use the following to list your mail.
/* LIST
Ports can be configured so they may be different on some systems. Many admins use the default ones though.
Two things come in handy when completly understanding telnet and how it works. They are a basic understanding of TCP/IP and a basic understanding of UNIX commands.
You could use telnet to connect to a proxy and from there on continue your quest. Find a good proxy (use a search engine to locate one) and create an account. Now telnet to the server on the port specified on the website and hang loose. Using a proxy to use the web keeps your identity better hidden. Proxies often use port 8080 or 3128. If you use IE or Netscape you configure them to use a proxy. If you have computer friends maybe they could help you locate one nearby. To learn more about proxies read a tutorial about them. Telnet is part of TCP/IP and with this comes specific built in connection security. This basicly comes down to the three-way-handshake which i will not furtherly discuss in this tut. Terminal emulation was embraced by developers because it is a quick and secure way for remote computing.
Bcause telnet is developed to be quick and reliable you could use it to connect yourself to an irc-server and chat with your buddies without a resource consuming GUI. You may even want to use a proxy to keep the (f)lamers from finding out your ip. To do this you have to know that the irc protocol has it's ports dedicated to 6666:6669. Ports can be configured so you have to know to what port you should connect. The identd runs on port 113. Better use a shell account to connect to IRC servers or a GUI client. Once you are there u can use the usual irc commands. If you have got a good shell (command.com) you can use scripts to automate procedures. To learn more about irc: Request for Comments: 1459 Internet Relay Chat Protocol. mIrc is a pretty good irc-client for nowadays high resource conputers if you want to learn this to. Since linux was built on UNIX and linux is free, you should have by now installed this operating system. OK
U can also post to newsgroups if the server allows this. Newsgroups use nntp (rfc 977) over port 119. Use your skills. If you want to get information on a particular system you can use a technique known as port scanning. There are pretty fancy port scanners on the net but to become a guru you will have to know how hits take place. So use port surfing instead. Telnet to the server on various ports to get info on services. This is much more rewarding then using someone else's portscanner. If you want to become a good hacker learn a programming language and write your own. Because TCP/IP is not designed for a specific platform it works much the same on any. TCP/IP uses ports that have certain services.
There are severel interresting ports for trying telnet like 7:echo. This one replies whatever you type in.
13 daytime
15 netstat
37 time time
39 rlp
53 domain
119 nntp
443 https
Use your commands to get the requested info. By connecting to different services you get a clear look at the system in use. If you want to exploit a system use the info and go to exploiters.net. If you come across a system you don't know read the ALT.2600.FAQ.
There are also a lot of trojans circulating (like back orifice or netbus). If you know how to use these you can do some rad things but mostly the use if trojans is considered lame. Learn the commands and setup your private backdoor. When you want to attack a system prepare yourself for this. There has been some discussion on the legality of port-scanning/surfing. Many servers log every attempt to connect to it. Be warned.
The expansion of free software towards the windows market gives great tools to set up your own hackerlab. For this you use your computer and one other. Set up a simple network with a server.
Configure the server and start hacking.
If you have a root account on a telnet server you can use this to remotely administer the server. There are many wats to get a root account. Remember that if an administrator finds a new root account on his system he will know it has been tampered with. Covering your tracks is fatal if you want to stay uncaught. Telnetting from a PDA is a pretty fancy way to read your mail or post to newsgroups from a distance. Because GSM phones can only transmit upto 9600 bps you might not want to load up the web.
U can use telnet to create a shell account. This allows you to use a good shell even though u use Microsoft OS. Shell accounts vary in the services they have available. To find a good shell account search the net or try freeshell.org. Look for a shell that offers the progs you'dd like to use.
more
-
Developing for the Windows 7 Taskbar – Application ID
I assume that by now you are familiar with the basic functionality that Windows 7 Taskbar offers and the reasons behind the change we made from previous taskbar versions. If you are not familiar with and haven’t seen any demonstrations of the Windows 7 Taskbar, please watch the Windows 7 Taskbar Overview webcast on Channel 9. There are also great posts on the E7 blog like The Windows 7 Taskbar about some of the reasons we introduced the new Taskbar and desktop experience in Windows 7. I do encourage you to read these posts and watch the video so that you have some context for the technical material we are going to cover here.
The new Taskbar is probably the most noticeable change to Windows 7 when you first log on. The Windows 7 Taskbar is an application-launching and window-switching mechanism that consolidates the functions of previous Windows Desktop mechanisms, such as Quick Launch, Recent Documents, Notification Area icons, desktop shortcuts, and running application windows. Windows 7 Taskbar offers features like Jump Lists, Preview Handler, and Overlay Icons. But before we start diving into the various Windows 7 Taskbar features, let’s lay the basic foundation to our discussion and define some Windows 7 taskbar terminology.
for example, the Media Player button has no frame or border, but simply sits directly on the Taskbar. This indicates that Media Player is not running. But it is pinned to the Taskbar, and will stay on the Taskbar unless we unpin it. A transparent frame that lets most of the color of the underlying Taskbar through the Windows Explorer button. This indicates that the app is running but is not the active application. The Visual Studio icon has a more opaque rectangular frame underlying its icon indicating that the user is actively using this app. You will also notice that Word has a “stack” of icons representing that multiple instances of Word or multiple Windows are grouped under the same Taskbar button. It is very important to understand the logic that underlies the creation, assignment, and grouping of Taskbar buttons.
A very large number of applications that run on Windows 7 (for example, Office Word 2007 and Visual Studio 2008), were not designed to work with the Windows 7 Taskbar, so how is it that they can play ball with the Taskbar, group multiple instances, and even take advantage of Word Jump Lists? Basically, a behind-the-scenes Application ID (AppID) is automatically computed and assigned to an application once you launch it. Every running application has an AppID assigned to it, either automatically computed for the app by Windows, or set by the app itself. Guess what? It is not a GUID; it is just a string (with a maximum of 128 characters), that either you provide or is being computed by the OS. All windows and applications, including Jump Lists, which have the same AppID are grouped under the same Taskbar button. Therefore, it is important to understand that every component (process, shortcut, window, Taskbar button, and document type – that is, registered file type handler) of your application has the AppID associated with it.
You may ask, "Where do AppIDs come from?" As mentioned before, the OS generates Application IDs for your application using a very simple, yet important to understand heuristic. Since in Windows 7 you can assign AppIDs to individual windows, the OS tries to extrapolate the AppID from a window. Applications usually display at least one window that the OS can query for its AppID. However, most existing apps do not have an AppID attached to each window (or, for that matter, any AppID at all), and therefore the OS falls back to the process to which the window belongs for the AppID. Each process has several properties that the OS can check, like the executable of the process. But even then, the process may not provide a granular enough separation. Different shortcuts may provide different start up command line parameters to the same executable and launch different applications (imagine a “launcher” application) that will be grouped under the same Taskbar button. In such cases, the OS has the ability to look into the specific shortcut that launched the application, to find the executable, the command line parameters, and so on. Note that if you have a register file, this registration points to an application that gets launched once you double click that file. Again, this is another way to calculate the AppID. The following image illustrates this automatic computation process.
While the OS can compute AppIDs for you, you may want to have greater control over the AppID for a given application or even an individual window in your application. Assume that you have an application that hosts (runs) another application (like what happens when you debug an application using Visual Studio). Or you have several different applications or processes that you wish to group under the same Taskbar button. The Taskbar API offers you ways to control the Application ID per application or per window. IN ANY CASE, if you are writing a new application that targets Windows 7, we highly recommend that you provide your own application ID, as we will describe below.
OK, let’s examine the API that allows you to control the AppID associations of your application.
If you want to have a separate Taskbar button for each process (including all windows owned by that process), you can set an explicit AppID for the entire process that affects all windows within the process that do not have their own explicit AppID. Setting the explicit process AppID is very easy. All it takes is a single call to the SetCurrentProcessExplicitAppUserModelID function as shown in the following code snippet:
SetCurrentProcessExplicitAppUserModelID(c_rgszAppID[0]);
Where c_rgszAppID[0] is a pointer to a string. You should note that according to the SDK documentation, “This method must be called during an application's initial startup routine before the application presents any user interface (UI) or makes any manipulation of its Jump Lists.”
In managed code, from the latest Windows API Code Pack Library, you can use the AppID property that is part of the Taskbar object, which you can find in the Microsoft.WindowsAPICodePack.Shell.Taskbar namespace. Using that property you can set and get the application ID of a given application.
Setting the AppID for a window is a bit more complicated (but only a bit). It requires calling the SHGetPropertyStoreForWindow function and then manipulating the resulting IPropertyStore object to retrieve the requested property as shown in the following code snippet:
void SetAppID(HWND hWnd, int iAppID)
{
IPropertyStore *pps;
HRESULT hr = SHGetPropertyStoreForWindow(hWnd, IID_PPV_ARGS(&pps));
if (SUCCEEDED(hr))
{
PROPVARIANT pv;
if (iAppID >= 0)
{
hr = InitPropVariantFromString(c_rgszAppID[iAppID], &pv);
}
else
{
PropVariantInit(&pv);
}
if (SUCCEEDED(hr))
{
hr = pps->SetValue(PKEY_AppUserModel_ID, pv);
PropVariantClear(&pv);
}
pps->Release();
}
}
Here you can see how we extract the current windows property store by calling SHGetPropertyStoreForWindow, passing hWnd as refrence to the window. Next we initiate, InitPropVariantFromString(c_rgszAppID[iAppID], &pv), a property variant with a string that represents the AppID for that window. Finally, we set the value of the new property store to the window.
Unfortunately, the current Windows API Code pack doesn’t support setting specific application IDs per window, although all you need to do is add the following function to the Taskbar.cs file:
private static void SetWindowAppId(string appId)
{
Microsoft.WindowsAPICodePack.Shell.ShellNativeMethods.SetWindowAppId
(OwnerHandle, "name here");
}
Since the Windows API Code Pack provides the source code, you can actually check the specific implementation of SetWindowAppId function and see for yourself that it is very similar to the SetAppID example above. Note you don’t have to use the full qualified assembly name “Microsoft.WindowsAPICodePack.Shell’, but I did to help you navigate the Windows API Code Pack hierarchy.
By the way, the window AppID is dynamic, so it’s entirely possible for a window to show up as part of one Taskbar button and then change its AppID so that it appears on an entirely different Taskbar button. This has interesting effects. For example, the Jump List is attached to a Taskbar button (with a specific AppID), so the same window might show a different Jump List when it is reattached to an entirely different Taskbar button. This potentially can confuse users, so the recommended practice is to set the window AppID and stick to it, using the same process for determining the AppID every time the window displays.
more
-
Data Encryption Standard or DES
Since its introduction, Base64 encoding has extremely quickly gained popularity. Besides being the default Encoding standard being used for encoding files to be sent as attachments by Multipurpose Internet Mail Extensions or MIME, it has also started being used in a number of other places.
Please note that almost all email clients use MIME to send files as attachments, this in turn means that a majority of email clients are using Base64 to encode files, before being sent across networks.
Another popular usage of Base64 encoding is in the case of Web Servers implementing HTTP Based Basic Authentication. When the server wants to restrict or control the access to certain folders, then, it can password protect them by using HTTP Based Basic Authentication. Basic Authentication uses the Base64 Encoding standard to encode the Username and Password and store them.
So, basically what my point is that Base64 Encoding has a number of practical usages and due to the fact that it is very easy to implement, it is being put to use for a number of purposes at a number of places by a number of parties. Get my point?
However, it continues to remain by far the lamest encoding standard or the poorest means of security. You see instead of the text being passed through a powerful, difficult to break algorithm and being encrypted, it is only being encoded by a relatively simple to reverse encoding standard.
Base64 uses a 65-character subset of US-ASCII, allowing 6 bits for each character. For Example, take the character ‘m’ for instance. The character ‘m’ has a Base64 value of 38. How did we get this value? Well, there is a Base64 Alphabet chart included at the end of this tutorial, which contains all the alphabets and their corresponding Base64 value. So, each time you want to get the Base64 value of an ASCII character, you need to refer to this Base64 Value chart. Anyway, getting back to our example, the character ‘m’ has a Base64 value of 38, which when represented in binary form, is 100110.
Now, let us take yet another example to see how a text is encoded by Base64 Encoding. Say, that the text to be encoded is: ‘mne’. The text is firstly converted into its decimal value.
The character "m" has the decimal value of 109
The character "n" has the decimal value of 110
The character "e" has the decimal value of 101
This implies that "mne" ( three 8-bit-byte text string) is 109 110 101 in decimal form. When converted to binary the string looks like this:
01101101 01101110 01100101
These three 8-bit-bytes are concatenated (linked together) to make a 24-bit stream:
011011010110111001100101
This 24-bit stream is then split up into four 6-bit sections:
011011 010110 111001 100101
We now have 4 values. These binary values, when converted into decimal form look like this:
27 22 57 37
Now each character of the Base64 character set has a decimal value. We now change these decimal values into the Base64 equivalent:
27 = b
22 = w
57 = 5
37 = l
So "mne" when encoded as Base64 reads as "bw5l". Below is a table of the Base64 character set with their decimal values:
Table 1: The Base64 Alphabet
Value Encoding
Value Encoding
Value Encoding
Value Encoding
0 A
17 R
34 i
51 z
1 B
18 S
35 j
52 0
2 C
19 T
36 k
53 1
3 D
20 U
37 l
54 2
4 E
21 V
38 m
55 3
5 F
22 W
39 n
56 4
6 G
23 X
40 o
57 5
7 H
24 Y
41 p
58 6
8 I
25 Z
42 q
59 7
9 J
26 a
43 r
60 8
10 K
27 b
44 s
61 9
11 L
28 c
45 t
62 +
12 M
29 d
46 u
63 /
13 N
30 e
47 v
(pad) =
14 O
31 f
48 w
15 P
32 g
49 x
16 Q
33 h
50 y
When decoding a Base64 string just do the reverse:
1) Convert the character to its Base64 decimal value.
2) Convert this decimal value into binary.
3) Squash the 6 bits of each character into one big string of binary digits.
4) Split this string up into groups of 8 bits (starting from right to left).
5) Convert each 8-bit binary value into a decimal number.
6) Convert this decimal value into its US-ASCII equivalent.
For those of you who do not want to use the manual method of decoding a Base64 encoded value, I have the following Perl script, which will do it for you:
use MIME::Base64;
print decode_base64("Insert Text to be decoded here.");
Here's the C source code for the Base 64 encoder/decoder.
/*
Dave Winer, dwiner@well.com, UserLand Software, 4/7/97
*/
#include
#include
#include "base64.h"
static char encodingTable [64] = {
'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P',
'Q','R','S','T','U','V','W','X','Y','Z','a','b','c','d','e','f',
'g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v',
'w','x','y','z','0','1','2','3','4','5','6','7','8','9','+','/'
};
static unsigned long gethandlesize (Handle h) {
return (GetHandleSize (h));
} /*gethandlesize*/
static boolean sethandlesize (Handle h, unsigned long newsize) {
SetHandleSize (h, newsize);
return (MemError () == noErr);
} /*sethandlesize*/
static unsigned char gethandlechar (Handle h, unsigned long ix) {
return ((*h) [ix]);
} /*gethandlechar*/
static void sethandlechar (Handle h, unsigned long ix, unsigned char ch) {
(*h) [ix] = ch;
} /*sethandlechar*/
static boolean encodeHandle (Handle htext, Handle h64, short linelength) {
/*
encode the handle. some funny stuff about linelength -- it only makes
sense to make it a multiple of 4. if it's not a multiple of 4, we make it
so (by only checking it every 4 characters.
further, if it's 0, we don't add any line breaks at all.
*/
unsigned long ixtext;
unsigned long lentext;
unsigned long origsize;
long ctremaining;
unsigned char ch;
unsigned char inbuf [3], outbuf [4];
short i;
short charsonline = 0, ctcopy;
ixtext = 0;
lentext = gethandlesize (htext);
while (true) {
ctremaining = lentext - ixtext;
if (ctremaining <= 0)
break;
for (i = 0; i < 3; i++) {
unsigned long ix = ixtext + i;
if (ix < lentext)
inbuf [i] = gethandlechar (htext, ix);
else
inbuf [i] = 0;
} /*for*/
outbuf [0] = (inbuf [0] & 0xFC) >> 2;
outbuf [1] = ((inbuf [0] & 0x03) << 4) | ((inbuf [1] & 0xF0) >> 4);
outbuf [2] = ((inbuf [1] & 0x0F) << 2) | ((inbuf [2] & 0xC0) >> 6);
outbuf [3] = inbuf [2] & 0x3F;
origsize = gethandlesize (h64);
if (!sethandlesize (h64, origsize + 4))
return (false);
ctcopy = 4;
switch (ctremaining) {
case 1:
ctcopy = 2;
break;
case 2:
ctcopy = 3;
break;
} /*switch*/
for (i = 0; i < ctcopy; i++)
sethandlechar (h64, origsize + i, encodingTable [outbuf [i]]);
for (i = ctcopy; i < 4; i++)
sethandlechar (h64, origsize + i, '=');
ixtext += 3;
charsonline += 4;
if (linelength > 0) { /*DW 4/8/97 -- 0 means no line breaks*/
if (charsonline >= linelength) {
charsonline = 0;
origsize = gethandlesize (h64);
if (!sethandlesize (h64, origsize + 1))
return (false);
sethandlechar (h64, origsize, '\n');
}
}
} /*while*/
return (true);
} /*encodeHandle*/
static boolean decodeHandle (Handle h64, Handle htext) {
unsigned long ixtext;
unsigned long lentext;
unsigned long origsize;
unsigned long ctremaining;
unsigned char ch;
unsigned char inbuf [3], outbuf [4];
short i, ixinbuf;
boolean flignore;
boolean flendtext = false;
ixtext = 0;
lentext = gethandlesize (h64);
ixinbuf = 0;
while (true) {
if (ixtext >= lentext)
break;
ch = gethandlechar (h64, ixtext++);
flignore = false;
if ((ch >= 'A') && (ch <= 'Z'))
ch = ch - 'A';
else if ((ch >= 'a') && (ch <= 'z'))
ch = ch - 'a' + 26;
else if ((ch >= '0') && (ch <= '9'))
ch = ch - '0' + 52;
else if (ch == '+')
ch = 62;
else if (ch == '=') /*no op -- can't ignore this one*/
flendtext = true;
else if (ch == '/')
ch = 63;
else
flignore = true;
if (!flignore) {
short ctcharsinbuf = 3;
boolean flbreak = false;
if (flendtext) {
if (ixinbuf == 0)
break;
if ((ixinbuf == 1) || (ixinbuf == 2))
ctcharsinbuf = 1;
else
ctcharsinbuf = 2;
ixinbuf = 3;
flbreak = true;
}
inbuf [ixinbuf++] = ch;
if (ixinbuf == 4) {
ixinbuf = 0;
outbuf [0] = (inbuf [0] << 2) | ((inbuf [1] & 0x30) >> 4);
outbuf [1] = ((inbuf [1] & 0x0F) << 4) | ((inbuf [2] & 0x3C) >> 2);
outbuf [2] = ((inbuf [2] & 0x03) << 6) | (inbuf [3] & 0x3F);
origsize = gethandlesize (htext);
if (!sethandlesize (htext, origsize + ctcharsinbuf))
return (false);
for (i = 0; i < ctcharsinbuf; i++)
sethandlechar (htext, origsize + i, outbuf [i]);
}
if (flbreak)
break;
}
} /*while*/
exit:
return (true);
} /*decodeHandle*/
void base64encodeVerb (void) {
Handle h64, htext;
short linelength;
if (!IACgettextparam ((OSType) keyDirectObject, &htext))
return;
if (!IACgetshortparam ((OSType) 'line', &linelength))
return;
h64 = NewHandle (0);
if (!encodeHandle (htext, h64, linelength))
goto error;
DisposHandle (htext);
IACreturntext (h64);
return;
error:
IACreturnerror (1, "\perror encoding the Base 64 text");
} /*base64encodeVerb*/
void base64decodeVerb (void) {
Handle h64, htext;
if (!IACgettextparam ((OSType) keyDirectObject, &h64))
return;
htext = NewHandle (0);
if (!decodeHandle (h64, htext))
goto error;
DisposHandle (h64);
IACreturntext (htext);
return;
error:
IACreturnerror (1, "\perror decoding the Base 64 text");
} /*base64decodeVerb*/
------------------------------------------
Well, that is all for now. Hope you liked the manual. Bye.
more
-
Secure Sockets Layer or SSL
Secure Sockets Layer or SSL is a secure protocol, which is the reason why secure E-Commerce and E-Banking is possible. It has become the de facto standard for secure and safe only transactions. When Netscape first developed SSL, the main aim or motive behind it was to ensure that the client and host can communicate or transfer data and information securely.
What SSL does in short would be, encrypt data at the sender’s end and decrypt data at the receiver’s end. This encrypted data cannot be picked up or hijacked in between and any tampering would not only be very difficult, it would easily be detected. Not only that, SSL also provides for two-way authentication i.e. verification of the client’s and the server’s identity.
The various functions or features of SSL can be divided into three main categories-:
1. SSL Encrypted Connection-: Provides for secure and safe transaction of encrypted data between the client and the host.
2. SSL Client Authentication: is an optional feature, which allows for verification of the client’s identity.
3. SSL server Authentication: provides for verification of the server’s Certificate Authority (CA) which is nothing but a trusted safe host certificate given to the server by companies like Verisign, Cybertrust, Thawte and more.
The main SSL protocol is made up of two smaller sub-protocols-:
1. The Secure Sockets Layer Record Protocol or The SSL Record Protocol.
2. The Secure Sockets Layer Handshake Protocol or The SSL Handshake Protocol.
The SSL Record Protocol looks after the transmission and the transmission format of the encrypted data. Also it is this sub-protocol of SSL, which ensures data integrity in the transfer process. On the other hand the SSL Handshake protocol basically helps to determine the session key. To understand both these protocols better, read on.
****************
Hacking truth: A session key is a secret symmetrical key, which is used to encrypt data, after a SSL connection has been established between the client and the host.
****************
Secure Sockets Layer: The Working
Now as soon as you enter a secure site, SSL comes into play. But how do you know whether the connection is secure or not? Well, there are several things, which reveal the fact that whether your connection is unsafe or safe.
The most common way to check whether your connection is secure or not is to look at the status bar of your browser. If you see a closed padlock, then the connection is secure, else if you see a open padlock, then the connection is not secure. Another area to watch out for is the browser URL box. Now on an unsecured connection you will see only a http:// before the other part of the URL of the site you are visiting. On the other hand, if the connection is secure then you will see a https:// instead.
Another technique to ensure that you are on a secure connection is to have a look at the Certificate Authority or CA or the server. How do I do that? Well, simply right click on the page that you suspect to be on a unsecured connection, and select Properties. A properties box pops up. Now look for the Connection field. A typical Connection field would be as follows-:
SSL 3.0, DES with 40 bit Encryption [Low]; RSA with 128 bit exchange.
This means that SSL 3.0 is running, DES is the crypto system being used and it has 40-bit encryption level. And RSA is the public key encryption algorithm being used and in this case it used 128 bits.
Anyway, let me start from what happens, once you are already on a secure connection. Now as soon as the browser knows that a secure connection is present, The SSL Handshake Protocol jumps into action. It sends the browser’s SSL version number, Encryption settings and other crypto information to the remote host. Once the remote server receives this, it in turn sends back to the client, its SSL number and cipher settings.
Also, if the server wants to, then this is the time when it verifies the client’s certificate. [This is done only if
an optional SSL feature, The SSL Client Authentication feature is present.]
NOTE: Client Authentication can also be done at a later stage. It basically varies from Server to server, as to when this authentication is done, or whether it is done at all.
Then, the client verifies the server’s Certificate Authority. This is done to ensure that the public key received by the client is that of the correct authentic server. If the server does not have a CA certificate or if the certificate has expired, then a dialog box pops up informing the user. [Warning the user]
Once the server’s identity has been authenticated, then the client creates a ‘Premaster Secret’ which is unique for each new SSL session. This ‘Premaster Secret’ is then encrypted using the server’s Public Key and this encrypted Premaster secret is then sent to the server. The important thing to note here is that the Server’s Public Key is extracted from the server’s Digital Certificate, which is nothing but a digitally signed certificate containing the owner’s public key.
Now, when the server receives the encrypted premaster secret, it verifies the client’s identity. [This is optional and varies from server to server] Anyway, Once the client’s identity has been authenticated, the server uses its private key to decrypt the premaster secret, to obtain the master secret. This master secret is used to determine the session key.
Note: The transfer of the premaster and master is also done for compatibility reasons.
Now, everything till now is handled by The SSL Handshake Protocol. Once all this is done, The SSL Record Protocol comes into the picture. Now, once the server has determined, the symmetrical session key, it sends it to the client and further communication is done using this session key. As the key is symmetrical, it can be used for both decrypting and encrypting purposes. The SSL Record Protocol handles all data transfer
A typical SSL transaction involves various encryption algorithms like RSA and DSS. Other popular ones are DES and RC4. Data integrity is ensured by using ciphers like MD5, SHA etc, which are called Message Authentication Codes or MAC. A MAC is nothing but a checksum authentication thingy which converts the data into digits. The checksum value at the receiver’s end is compared to that at the sender’s end. If any tampering If any tampering is done or in other words, if the checksums do not match, then that particular session is considered void and the entire above process if repeated i.e. data is transmitted again.
However, SSL is not as secure as it seems to be. The problem lies in the fact that the encryption algorithms used along with SLL are quite lame and can easily be cracked. All versions below 3.0 have been cracked, however SSL 3.0 with 128 bits would take a very very long time to crack, if it could be cracked. So it is quite same to a certain extend.
So how do you ensure that your SSL transaction is secure? Well, the best thing to do is to use 128-Bit encryption instead of 40-Bit. The former has 3 * 1026 more keys than the latter. Also install the latest version of your browsers, to ensure that you have the latest encryption standards and security patches.
NOTE: 168-Bit encryption is present too, however, encryption levels over 40 bits are not allowed outside the US.
more
-
PGP Encryption for Beginners
Contents
========
Why Encrypt?
What is PGP?
Introduction to Cryptography.
Main Types of Cryptography.
How Does Cryptography Work?
Conventional Cryptography
Public Key Cryptography
How Does PGP Work?
A Few Words About The Keys...
..And About Digital Signatures
The Message Digest
Digital Certificates
Certificate Formats
Validity and Trust
Passwords and Passphrases
Why Encrypt?
============
Why the hell would you want to encrypt your data anyway? Well, for several reasons:
(1) Suppose someone breaks into your computer. Instead of being able to quickly grab all of your credit card numbers, passwords etc', if you've encrypted your data he will only get encrypted garbage, which will mean nothing to him, and will be excruciatingly hard to decipher.
(2) Suppose you're not the only one using your computer. Would you risk putting your private information wide-open to strangers and maybe even malicious users? I wouldn't.
I hope you get my drift. Now, let's move on.
What is PGP?
============
PGP (Pretty Good Privacy) - is an encrypting technology which combines features of both conventional and public key cryptography (the keys we will discuss later in this topic) and is sometimes called a hybrid cryptosystem.
Introduction to Cryptography
============================
At first, I would like to introduce you to some new words, which will be widely used in this tutorial:
1. "Plain text" or "clear text" is unencrypted data, which can be read and easily understood and has not been encrypted. This tutorial is written in clear text, for example.
2. Encryption - the process of changing plain text into ciphertext.
3. Ciphertext - is the result of encryption - meaningless garbage at first sight. (One of the meanings is "an obsolete name for zero).
4. Decryption - it is a method to convert readable data from Ciphertext.
5. Cryptography - the science of encryption.
6. Cryptanalysis - a branch of mathematics that involves breaking encrypted data mathematically or statistically.
7. Attackers - anybody who tries to get cleartext from ciphertext without authorisation.
8. Cryptology - synonym for cryptography
9. Cipher - an algorithm or mathematical function that converts plaintext to ciphertext.
10. Cryptosystem - a cipher and all the tools/algorithms associated with it
Here is logical chain of all this process:
PLAINTEXT --> ENCRYPTION --> CIPHERTEXT --> DECRYPTION --> PLAINTEXT
\
-> SUCCESSFUL ATTACK --> PLAINTEXT
Cryptography actually is a mathematical science. It uses mathematics to encrypt / decrypt data in order to store it or to transfer it securely across an insecure network (the internet for example, but it could be any other type of network, not even the electronic type) to ensure that information is only available to authorized people.
Main types of Cryptography
==========================
A cryptosystem can be weak (easy to break), or it can be strong (hard to break). The strength of a cryptosystem is measured in the time and resources you need to get make a successful attack. Modern strong cryptosystems can withstand a brute force attack using all the computers in the world - or rather, it would take an inordinately long time (currently about 10^9 times the age of the universe). But you never know - tomorrow may bring a mathematical technique to attack these cryptosystems by a method other than brute force.
How does Cryptography work?
===========================
A cipher uses a key (a piece of data) coupled with an encryption algorithm to encrypt data (plain text). Different keys produce different ciphertext, of course. So the strength of encrypted data relies on two factors - the strength of cipher and the safety of the key. Therefore it is very advisable to choose the key very carefully and to keep it secure (best solution is to put it into a brain-cell, if possible:)). All those components mentioned above build a cipher. A cryptosystem (like PGP) uses a combination of various different ciphers .
Conventional Cryptography
=========================
This type of encryption uses the same key to encrypt and decrypt data (plaintext). An example of a conventional cryptosystem is DES (The Data Encryption Standard) which is recommended by the Federal Government for commercial applications (despite the fact that it can be broken very easily). Conventional Cryptography has both pluses and minuses. It is very fast and suitable for data which won't be used by anyone except by the person who encrypted it. Unfortunately the secure key distribution is very difficult task to accomplish: you need to agree with a key beforehand, which is very impractical nowadays, because you cannot trust phone companies, couriers, e-mail and internet services. Here arises a question: how do you get the key to the recipient without someone intercepting it? The best way would be to have different keys for the sender and recipient.
Public Key Cryptography
=======================
Which solves the secure key distribution problem. Whitefield Diffie and Martin Helman introduced the concept of Public Key Cryptography in 1975. However, there are some rumours that British Secret Intelligence Service invented it few years before, but kept in secret and did nothing with it.
Public key cryptography is an asymmetric system and uses two keys (a pair): a public key, used for encryption and a private key, used for decryption. The public key is published worldwide and the personal is kept in secret. Anyone and everyone can encrypt data with your public key, but only you (or to be more exact the person who has your private key) can decrypt the ciphertext.
How Does PGP Work?
==================
As mentioned above, PGP is mixed cryptosystem - that is, it combines both conventional and public key cryptography. PGP operates in this way:
A) Encryption:
1) First, PGP compresses plaintext. It is useful for several reasons: you need less space on hard disk. smaller message means saving time (and money), when sending it via internet, and increases the strength of encryption, because in compressed data there are fewer patterns than in uncompressed and pattern recognition is widely used by cryptanalists to break a cipher.
2) PGP then generates a single-use encryption key, known as a session key. It is random number, generated from random data such as the contents of your PC's RAM, mouse movements, positions of windows on the desktop - uou get the idea. PGP uses a very fast and secure conventional cipher (CAST) and this session key to encrypt the data to produce ciphertext.
3) After encrypting of the data, the session key is then encrypted to the recipient's public key and both the public key-encrypted session key and the ciphertext are transmitted.
B) Decryption:
1) PGP uses the recipient's private key to recover the session key.
2) The session key is used to decrypt the conventionally encrypted ciphertext.
3) The compressed data is decompressed.
The combinations of conventional and public keys provide cryptography with very fast and secure encryption system. This is achieved by the speed of conventional algorithms and safety of public key.
A Few Words About The Keys...
=============================
A key is a piece of data which is used by cryptographic algorithm to produce cyphertext. In fact, keys are huge prime numbers. The size of the key is measured in bits - the bigger the key, the more secure the encryption. The comparison of conventional and public key sizes is rather puzzling - conventional 128-bit key is the same strength as 3072-bit public key. The thing is, that you can't compare those types of the key, because of the specific algorithms used for each type of cryptography. (you can't compare trains and brains, can you?).
To gain as much security as you can, always pick the biggest-size keys. This is because (given enough time and processing power) any public key can eventually be found. However, 2048-bit keys are in fact so difficult to break that it would take AT LEAST 2,000,000,000 years to break it using all the processing power to be found on the planet at the moment.
Keys are stored in encrypted form. Typically you use two keyrings (files on hard disk) - one for public keys and other for private. Don't lose private key ring, because all information which was encrypted to keys on that ring will never be accessible (if you won't compromise the cipher, of course).
..And About Digital Signatures
==============================
Just like written signatures, digital signatures provide authentication of the information's origin. Usually this feature of cryptography is much more widely used than encryption. The digital signature is 'impossible' to fake. In short - when you are dealing with this type of signature - you can mostly always be sure you are dealing with the right person (in the sense of authentication, of course).
The digital signature works this way:
1) The plaintext gets encrypted with your private key.
2) If the information can be decrypted with the public key of the yours, then that information comes from you.
The digital signatures are the main way to verify the validation of the public key.
The Message Digest
==================
How do you make sure that no-one is able to just copy and paste your signature from your e-mail to his and claim it came from you? Well, you use a message digest.
The message digest is the output of a hash function. This function takes message of any length and produces a fixed-length, 64-bit output (that's right - it's the same as the message digest hash mentioned earlier). The mathematical side of this function ensures that even if the data differs very slightly, you get entirely different output (known as a message digest). The private key and the digest are used to generate the signature, which is then transmitted along with plaintext. The hash function ensures that no one can take your signature and use it as his own because in such a case verification fails.
Digital Certificates
====================
Of course, when you use public key crytposystem you want to be sure you are encrypting to the right person's key. This is the problem of the trust. Let's say someone posts a fake key with a name of the person who you are writing to. When you encrypt the data and send it to the "recipient", the data goes to the wrong person. In a public key environment, it is very important that you are sure you are using the public key of the intended recipient. One way out is to encrypt only to keys that the owner of has handed to you personally (on a floppy disk, for example). But this is very inconvenient - first, sometimes you don't even know the recipient and the second, what would you do if you need to send some data to a person who is not available physically - in a plane or anywhere else wher you can't meet them physically? Send a pigeon with a note?
Digital certificates simplify this task of checking that you have the correct key. A digital certificate is a piece of data that you can use like a normal physical certificate. This information is included with a person's public key to provide help to verifying the validity of the key. Certificates are used to prevent people substituting one person's key for another.
A digital certificate consists of:
1) a public key
2) certificate information (some information about the user: name, ID and so on)
3) one or more digital signatures
The digital signature on a certificate shows that some person approves the certificate information. The digital signature does not attest to the authenticity of the certificate as a whole; it vouches only that the signed identity goes along with the public key. In short - a certificate is a public key with several forms of ID attached, and approval from some other trusted individual(s). You get most of the benefits of digital certification when it is necessary to exchange public keys with someone else and it is impossible to do manually. Manual public key distribution has its advantages, but is useful only to a certain point. Sometimes it is necessary to put everything in one place - central storage, for instance, with exchange of public keys for anyone who need them. Systems that store such data are called Certificate Servers and systems that provide some additional key management features are called Public Key Infrastructures.
Certificate Servers (aka cert. server / key server) are nothing more than databases that allow users to submit and retrieve digital certificates. Such a server can and usually does provide some administrative features. These features enable a company to maintain its security policies and so on.
A Public Key Infrastructure contains the same the certificate storage facilities of a certificate server, but also provides certificate management facilities - the ability to issue, revoke, store, retrieve and trust certificates. PKI introduces the Certification Authority (CA), which is a person who has authorisation to issue certificates for some company's computer users. A CA creates certificates and digitally signs them, using the CA's private key. If you trust the CA, you can almost always trust the holder of their certificate.
Certificate Formats
===================
A digital certificate is a collection of some identifying information imbedded together with a public key and the signatures of people who trust it's authenticity. PGP recognises two different certificate formats:
1) PGP certificates;
2) X.509 certificates.
A PGP certificate consists of:
1) the PGP version number, which identifies the version of PGP program which was used to create the associated key.
2) The certificate holder's public key together with the algorithm of the key, which can be RSA or DH/DSS (recommended).
3) The certificate validity period which indicates when the certificate will expire;
4) The symmetric encryption algorithm for the key. This information indicates the encryption algorithm to which the certificate owner prefers to have information encrypted. These algorithms are CAST (recommended), IDEA or Triple-DES.
Validity and trust
==================
Validity is confidence that something (a public key or certificate, for example) belongs to its real owner. Validity is very important in public key systems where you must know if the certificate is authentic or not.
When you are sure that some certificate belongs to someone, you can sign the copy on your key ring to attest to the fact that you've checked the certificate and that it is an authentic one. If you export the signature to a certificate server others will know that you approved it. To believe someone who has signed approval of any certificate, you need to trust them.
You can check validity by meeting the intended recipient and taking the key from him physically. The other way is to use fingerprints. A PGP fingerprint is a hash of the certificate (similar to a message digest). All fingerprints are unique. It can appear as hexadecimal number or a series of biometric words, which are phonetically distinct. When you have fingerprints and know the voice of the owner, you can just call him and ask him to read his. But sometimes, you don't know the voice - in such cases you need to trust some third party, like a CA.
But don't forget that unless the owner of the key hands it to you personally you must trust some third party to tell you that this key is valid.
Passwords and passphrases
=========================
Almost everyday, when you are using computers you need to enter a secret combination of characters (a password) to access some information. So you should be familiar with the concept. If not, you have been reading the wrong tutorial.
A passphrase is a longer version of a password and is supposed to be more secure. A passphrase helps you to be more secure against dictionary attacks (compromising PGP will be covered in Part II - Compromising PGP). The best passphrases are relatively long and complex, containing non-alphabetic characters. PGP uses a passphrase to encrypt your private key on your disk using a hash of your passphrase as the secret key. You use the passphrase to decrypt and use your private key. A
passphrase should be hard for you to forget and difficult for others to guess. It should be something already firmly embedded in your long-term memory, rather than something you make up from scratch, because without your passphrase your private key is totally useless and nothing can be done about it. At all.
more
Subscribe to:
Posts (Atom)