Network Mapping 2

Network Mapping

jvoss@altsci.com
jvoss@myuw.net
Nov 11-13, 2005

NetMap2 0.2.2 Source [sig]
NetMap1 0.2.1 Source [sig]

DESCRIPTION

Netmap1 Neg9 Talk
Netmap2 Neg9 Talk
Netmap2 Neg9 Project
BitTorrent Attack

The Network Mapping project (also known as Neg9 UW Network Project) plans to develop tools to report on the usage of public networks through active scanning of ports. The first two tools are known as netmap1. It uses Nmap to discover available hosts and discover open ports on the hosts. Netmap1 involves two tools that can be run as part of a script. parse_ping1.py and parse_port1.py are run by the script scan_full1.sh. The output of the script are a set of xml files and records in a MySQL database.

Read more »

Basic Image and Text Steganography and Steganalysis


Oct 5, 2006

Text steganography 1 version 0.1.1 [sig]
Rubber Spoon 1 version 0.1 [sig]
libsteg version 0.4.4 [sig]

INTRODUCTION

Steganography is the science of hiding information in plain sight. It does not require cryptography, but in modern computation, it is obvious that cryptography is quite likely to be involved. There are a handful of methods of steganography that are well-known but most of them involve taking the least significant bits (lsb) of a large set of data and flipping it to a pattern. Keying the flipping of bits makes for a larger attack surface, but can still be brute forced if the key lacks enough entropy.

It is important that the input picture used for steganography not be available to an attacker because this will allow the attacker to see ~90% of which bits are flipped giving away the secret and plausible deniability. Image generation that is impossible to reverse is a topic that can be discussed in the future. An easy way that would give away intent would be to flip all non-steg least significant bits randomly. A better way would be to design the algorithm around the randomness already present in images.

Read more »

UDP Session Development

UDP Session Development

jvoss@altsci.com
jvoss@myuw.net
Jan 20, 2006

UDP Session 0.4.0d Source [sig]
UDP Session 0.3.3c Source [sig]
UDP Session 0.3.2b Source [sig]

DESCRIPTION

This program connects two computers without having either be a server. It uses "Evasive UDP Session Establishment" originally conceived by Winston Williams and other concurrent developers. The initial idea of the system was to poke holes in a firewall by using UDP's design as a stateless protocol. That way, both computers could consider themselves clients to a remote server. Upon further development, I found that other developers had designed similar systems with different mechanics.

ENCRYPTION

Version 0.3 is encrypted with Blowfish-cbc. This 128-bit encryption is easily considered strong if used with strong passwords. Version 0.3 is statically or dynamically linked to libssl and libcrypt, so their licences apply. I will include the proper licensing agreements in future versions. Since the current version is such a fast release, it makes sense to release it sooner than later. To implement Blowfish-cbc, I created a library which wraps the OpenSSL calls in a way that is easily usable. That library is called SSL Blowfish Wrapper for the time being.

Read more »

Making of Javantea's Fate 369

Here is a lesson that I have learned over the past 4 years: _TOOLS_. Humanity has reason and it can use tools. It is what separates us from the animal kingdom: the ability to do something better the second time, the third time, and so on. In fact, I can create a tool that has no purpose today, but saves a dozen hours tomorrow. I can build a tool that builds a tool that builds a tool. The Nth tool may be totally useless in the hunter-gatherer sense of the word, but the Mth tool may cause something wonderful to happen.

Read more »

« previous next »