I have a QNAP TS-109 II Network Attached Storage (NAS) device which I use for data storage, download station, torrent client etc. This NAS is a Linux Box so I thought about using it for another application in addition to the other mentioned above: as an SSH tunneling box for encrypting traffic when I’m outside of the home (on an unsecured wi-fi hot spot for example). Since the NAS is already running an SSH deamon, you can enable it to work as an SSH tunneling server. Basically you can use PuTTY (SSH client) to create an SSH tunnel with the NAS using local port forwarding. PuTTY creates a local port on your PC (e.g 9999) which listens for connections and sends all traffic that is destined to this local port over to the remote NAS SSH server. This traffic is sent over the encrypted SSH tunnel between your PC and the remote NAS. At the NAS end, the traffic exits the NAS towards the Internet (TCP Forwarding must be enabled on the NAS). With that setup you essentially create a secure encrypted tunnel that can be used to access the internet securely when you are connected on a public wi-fi hot spot or even in a hotel room.

First, we need to make some changes on the sshd configuration of the NAS station. Open a CLI connection with the NAS (using telnet or ssh) and edit (using vi) the sshd_config file located under /etc/ssh/ path. You need to change the following settings in sshd_config:

• Uncomment the #AllowTcpForwarding no parameter (remove the # ) and change it to yes.
  AllowTcpForwarding yes
• Uncomment the #PermitTunnel no parameter (remove the # ) and change it to yes.
  PermitTunnel yes

However, the changes above will not be permanent since the QNAP NAS device will change all configuration to default settings when rebooted. Therefore we need to somehow make the changes permanent. What we can do is the following:

• Copy the modified sshd_config file into a shared location on the NAS.
• Use the “autorun.sh” script to copy the modified sshd_config file from the shared location and overwrite the original sshd_config file located under /etc/ssh/
• Then restart the sshd deamon to take the new modified settings.

I have copied the modified sshd_config file under /share/HDA_DATA/
Now, in order to create the autorun.sh file, do the following:
# mount -t ext2 /dev/mtdblock5 /tmp/config
# vi /tmp/config/autorun.sh

Get into vi editor and enter the following lines:
cp /share/HDA_DATA/sshd_config /etc/ssh/
killall sshd

Save the file and make it executable.

# chmod +x /tmp/config/autorun.sh
# umount /tmp/config

That’s it for the NAS.

Now in order to create the ssh tunnel, we will use PuTTy as shown below:

Open up PuTTY and go to Tunnels. At Source Port enter a desired local port that will be listening on your local PC (e.g 8888). Select Dynamic and press Add.

As you can see above, port 8888 is created. This port will start listening on your local PC after you connect with SSH to the NAS.

Now go up to “Session” and put the IP address of your NAS ssh server. The picture above shows a private IP address (192.168.10.111) but in real situations this should be the domain name or the public IP address of your NAS server. Click “Open” to log in to the NAS with your SSH username and password. When you log in, a secure SSH tunnel will be created between your PC and the remote NAS server.

If you need to encrypt all of your internet browsing traffic, you have to configure a SOCKS proxy on your browser with IP address 127.0.0.1 and port 8888.

Kaspersky Lab announced recently the estimations of their security analysts about the activity of cyber criminals for 2010.

In 2008, the company’s analysts predicted an increase in system infections by viruses. Unfortunately, these estimates proved accurate. In 2009 we saw the emergence of sophisticated malware with functionality based on rootkits, the significant use of worm Kido (also known as Conficker), but also we observed numerous Internet attacks, the proliferation of botnets, fraud using mobile SMS and attacks on social networking websites.

Estimates for 2010

According to the experts at Kaspersky Lab, there will be a change in the types of attacks. More specifically, there should be a change from the attacks waged through websites and applications to attacks via file-sharing and peer-to-peer networks.

Already in 2009 there was series of massive attacks based on malware that spread via torrents. This method was used for the deployment of web threats such as viruses like TDSS and Virut, and the invasion of computers running Mac OS X. In 2010, we should expect a significant increase in this type of attacks on P2P networks.

The cyber criminals will continue to compete unleashing viruses. Currently, cyber criminals try more and more to be legalized and there are many ways to profit using the spread of malicious viruses through botnet networks. Today, botnets are used mainly for “black market services”. However, future services are expected to become more “gray” color.

The so called “cooperation programs” will give botnet administrators/owners the ability to profit from activities such as sending spam, DoS attacks or via sending malicious software applications that are not clearly a form of criminal activity.

The decline observed in the use of Trojan viruses that banged users of online gaming in 2009, is likely to occur in the use of fake antivirus programs in 2010. This category of threat first appeared in 2007 and in 2009 it reached its zenith. The worm Kido, for example, went to install rogue antivirus programs on infected computers.

However, the “market” of fake antivirus programs is now saturated and profits for cyber criminals have fallen. Furthermore, these activities are closely monitored by the legitimate security companies. In this context, an increasing degree of difficulty for the development and distribution of rogue antivirus programs is introduced.

With regards to attacks on web services, Google Wave is expected to monopolize the interest in 2010. There is no doubt that attacks in this new Google service will follow the usual model. First comes the sending of spam messages, then phishing attacks, then the exploitation of vulnerabilities of systems and the end comes with the spread of malware. The availability of Chrome OS operating system by Google, which is based on Internet technology, is a notable development, but experts of Kaspersky Lab expect that cyber criminals will not show great interest around this software platform.

However, it is expected that 2010 will be a difficult year for iPhone users and for phones with Android operating system. The first malicious programs for these platforms appeared in 2009, which is a clear indication that there is increased interest from cyber criminals. As for the users of iPhone, only those who have cracked appliances will be at risk, but the same does not apply to users of devices with Android software, as all of them can fall victims to attacks. For example, the growing popularity of mobile phones with Android software in China, combined with the lack of effective controls for the security of applications offered from third parties, is expected to contribute to the rise in the number of attacks by malicious programs.

The identification of new vulnerabilities in the systems will be the main cause of mass infection by viruses. These vulnerabilities will be mainly related to software developed by third parties (such as Adobe, Apple, etc.), but also Windows 7, whose marketing has recently started. If a large number of such software vulnerabilities is not found in 2010, it may well be one of the “quieter” years long.

Everyone has heard of the latest scandal regarding the “whatever.com” site being hacked and vital information for over one million people being stolen. Now what would a hacker want with the information some would wonder? The thought behind a hackers motives in most cases, is to just be able to hack the site that says it is “hack proof”. In other cases involving fraud, it is to obtain your personal information and either uses it for spamming or to sell it to scam artists. In any case, a site that is hacked has legal responsibilities one would think.

The latest big websites attacks is more than likely just the theft of work history and name along with references. Now if the information also included Social Security information or annual salary requirements as well as cell phone numbers and credit card or bank information, people are going to have major problems. This type of activity happens all the time, but we only hear about the big news companies in the spotlight. Now if a pet product site that is just starting out and is not a well-known name, they are not going to divulge that information and if they do, it will not make the news headlines.

Everyone uses the Internet for one reason or another and if you are like most people, you may shop, look for work, play games or just browse. In any cases, you need to be careful how you supply your information. A secure site to display your information needs to contain encryption to protect your information if it is for buying and gaming as well. Anytime you give out personal information about yourself, you want to know your information is protected. With the latest scare with hacked websites, people have to wonder, what will they do with that information?

As hackers become more devious in their endeavor to hack into websites and steal the information, more IT technicians will work harder to make the sites and products to secure the sites even better. All the scares that we encounter with our Internet experiences are just another form of criminal activity, unfortunately, it can cause problems for the entire world. Protecting yourself and your computer from a hack attack is top priority and every day, businesses are upgrading their systems and infrastructures to protect vital information.

The best way to protect yourself some had said is, never give out personal information. Unfortunately, this is not always possible. If you want to shop, look for work, do some gaming or sign up for important newsletters and promotions, you have to supply the pertinent information. Therefore, using a little caution as to what sites you use is great, but as it was proved with Monster, even the best of sites can endure problems. This however, is no reason to stop using the Internet.

You just need to be aware of the threat and use good judgment when you visit a website. Some day we will see a system to track and stop hackers from stealing vital information. Companies who make the software and other software for security measures work hard every day to find new ways to stop a hacker. As the hacker gains more strength, software developers gain more security knowledge to stop them in their tracks.

EDIT: There is a final version of BackTrack4 released, both an ISO image and a VMWare image. Also, backtrack is now distributed from www.backtrack-linux.org instead of remote-exploit.org. I suggest you to download and install the final VMware version.

I have been using BackTrack3 so far for my ethical penetration testing tasks with great success. I decided recently to give BackTrack4 a try, even if it’s still in Pre-Release stage. The guys at remote-exploit state that even if it is pre-final stage, this release is the sturdiest from all previous BackTrack versions so I decided to try it now rather than waiting for the final release. A notable change with BackTrack4 is that it uses Ubuntu now as the underlying operating system which is a very good move in my opinion.

First download the BackTrack 4 pre-final file (bt4-pre-final.iso) from its original location from http://www.remote-exploit.org/backtrack_download.html. The file comes in dvd ISO format. Save the iso file locally on your hard disk.

• Start the VMWare Workstation and go to File>New>Virtual Machine
• Select Typical Install
• Select option to use Installer Disc image file (iso)
• Click the Browse button to find the ISO image that you downloaded above.
• Click Next, select Linux and for version select Ubuntu.
• Click Next and select the location where the Virtual Machine will be installed.
• Leave the defaults (maximum disk size 8GB and Store Virtual disk as a single file).
• Click Next and Finish.
• Go to “Edit virtual machine settings” and change the network adapter to “Bridged”.
• Power on the virtual machine.
• This will boot up the Live CD from the ISO image and give you several boot options. Select the first option (BackTrack Framebuffer 1024×768).
• After it boots, it will get you into command line prompt as root@bt:#
• Type startx
• This will take you into the graphical interface of BackTrack. However you are still under Live CD. Any changes you make will be lost with next reboot. Therefore you need to install it on the VMWare virtual disk.
• Double click the “install.sh” script that you see on the desktop. This will start the installation procedure. Follow all steps. This will finally install BackTrack on the VMWare disk.
• Press “Restart” button to reboot. After rebooting, it will now boot from the VMware disk and not from the Live CD. At the login prompt, enter the username and password that you configured during the graphical installation above.
• You need to configure a root password here. Type “sudo passwd root”. It will ask you for your own user password to execute the command above. Then it will ask you to enter new password for root (twice). After that, the password for root will be changed.
• Login as root and get into graphical interface with startx.
• You are ready to Rock Baby!!!

I advice you to visit the offensive security blog (http://www.offensive-security.com/blog/) to read some very useful posts about BackTrack4. Especially useful is the post about upgrading the Kernel which is required because of a security hole in the default Kernel of bt4.

Information security is not a technology problem. It is an economic problem and in order to improve information security we will have to correct the economic problem first. Let’s do this and all others will follow.

The lack of security in computer software products costs us billions. We pay tons of money in information theft, financial theft etc. We pay lots of money when productivity is lost, when networks stop working and when dozens of other major or minor problems of security arise in our work and home environments. We have also major financial losses when we are forced to pay and buy security products and services to reduce all those information security issues. We pay for the security year after year.

The problem is that all the money we spend does not solve the problem. We pay, but still end up with security holes. The problem is BAD and INSECURE SOFTWARE. Due to bad software coding practices, poor software embedded features, inadequate software testing and security weaknesses in software programming cause all the problems with information security. The money we spend on security are intended to address the consequences of unsafe software.

That is the actual problem. We don’t pay to actually improve the security of the underlying software. We pay to temporarily cope with the problem and not to correct it. The only way to correct the problem of security is to convince the vendors to correct their software by incorporating proper secure software coding techniques. The only way to convince the software vendors to develop secure software is to force them to take up the costs and responsibility of security breaches and holes in their product.

There are many parties involved in a typical software attack. There is the company that originally sold the software with the security weakness, the person who created the tool of attack, the attacker himself that used the tool to break into the network, the network operator, who had been assigned to protect the network etc. 100 percent of the responsibility of an attack should not be borne by the vendor of the software, but it should be shared among all the parties including the attacker or the network operator. But these days, 100% of the cost goes solely to the owner of the network and this should stop happening.

Liability changes everything. At present, there is no reason for a software company not to offer one feature after another after another. Liability in security however will force software companies to better reflect a change of a software characteristic or feature. Liability forces companies to protect the data on which they are responsible. Liability means that those who are able to correct the problem, are also responsible for the problem. Software vendors should therefore have liability on the security of their software product.

The information security is not a technological problem. It is an economic problem and to improve information technology we will have to correct the economic problem first. Let’s do this and all others will follow.