I’m a huge fan of IPCop. It’s a great firewall distro that makes administration a snap using a slick web interface. My goal was to use IPCop and an easy-to-use VPN client to allow access to my LAN while away from home.

I ended up going with the ZERINA OpenVPN addon for IPCop and the OpenVPN GUI for Windows.

If you’ve ever wanted full, secure, encrypted access to your LAN from any remote location, here is your guide.

Just follow these ten easy steps…

(more…)

Now this is interesting. Apparently in Python versions up to 2.3, a module was included called rotor that could be used to perform Enigma machine style encryption.

Quoth the Python 2.2.3 documentation:

This module implements a rotor-based encryption algorithm, contributed by Lance Ellinghouse . The design is derived from the Enigma device, a machine used during World War II to encipher messages. A rotor is simply a permutation. For example, if the character `A’ is the origin of the rotor, then a given rotor might map `A’ to `L’, `B’ to `Z’, `C’ to `G’, and so on.

This of course has been deprecated and removed from Python 2.4 and later, but I still have no idea why such a thing was included as part of the standard distribution in the past. Of all of the encryption routines to include, I can’t say I would choose one that was broken in 1944.

That said, if you are looking for real encryption tools to plug into your code, check out the Python Cryptography Toolkit. It includes hash, block, stream, and public key encryption algorithms that should cover just about anything you would need on a routine basis.

After two years since the last major update, Insecure.org has released Nmap 4.00. It includes quite a few significant changes, so you might want to check out the changelog.

Update: Josiah pointed out the most important new feature in Nmap 4… “Nmap now wishes itself a happy birthday when run on September 1 in verbose mode! The first public release was on that date in 1997.” Heh!

DenyHosts is a Python script that is “intended to be run by Linux system administrators to help thwart ssh server attacks.” Basically it takes a look at your logs, scanning for hosts that have attempted to connect to your ssh daemon. It then automatically adds any hosts that appear to be attempting to hack into your system to /etc/hosts.deny, permanantly blocking them.

It is made to be run from cron or as a daemon, so it continually checks for offending hosts and automatically adds them to the blacklist. Just let it run in the background and it does the work. It’s really a pretty slick idea.

So I loaded it on my Gentoo box to try it out…

(more…)