crypted - Page 2 - Developer IT

The best way to hide data Encryption,Connection,Hardware

- by Tico Raaphorst

So to say, if i have a VPS which i own now, and i wanted to make the most secure and stable system that i can make. How would i do that? Just to try: I installed debian 7 with LVM Encryption via installation: You get the 2 partitions a /boot and a encrypted partition. When booting you will be prompted to fill in the password to unlock the encryption of the encrypted partition, Which then will have more partitions like /home /usr and swapspace which will automatically mount. Now, i do need to fill in the password over a VNC-SSL connection via the control panel website of the VPS hoster, so they can see my disk encryption password if they wanted to, they have the option if they wanted to look at what i have as data right? Data encryption on VPS , Is it possible to have a 100% secure virtual private server? So lets say i have my server and it is sitting well locked next to me, with the following examples covered bios (you have to replace bios) raid (you have to unlock raid-config) disk (you have to unlock disk encryption) filelike-zip-tar (files are stored in encrypted archives) which are in some other crypted file mounted as partition (archives mounted as partitions) all on the same system So it will be slow but it would be extremely difficult to crack the encryption. So to say if you stole the server. Then i only need to make the connection like ssh safer with single use passwords, block all incoming and outgoing connections but give one "exception" for myself. And maybe one for if i somehow lose my identity for the "exeption" What other overkill but realistic security options are available, i have heard about SElinux?

Read the article

Python byte per byte XOR decryption

- by neurino

I have an XOR encypted file by a VB.net program using this function to scramble: Public Class Crypter ... 'This Will convert String to bytes, then call the other function. Public Function Crypt(ByVal Data As String) As String Return Encoding.Default.GetString(Crypt(Encoding.Default.GetBytes(Data))) End Function 'This calls XorCrypt giving Key converted to bytes Public Function Crypt(ByVal Data() As Byte) As Byte() Return XorCrypt(Data, Encoding.Default.GetBytes(Me.Key)) End Function 'Xor Encryption. Private Function XorCrypt(ByVal Data() As Byte, ByVal Key() As Byte) As Byte() Dim i As Integer If Key.Length <> 0 Then For i = 0 To Data.Length - 1 Data(i) = Data(i) Xor Key(i Mod Key.Length) Next End If Return Data End Function End Class and saved this way: Dim Crypter As New Cryptic(Key) 'open destination file Dim objWriter As New StreamWriter(fileName) 'write crypted content objWriter.Write(Crypter.Crypt(data)) Now I have to reopen the file with Python but I have troubles getting single bytes, this is the XOR function in python: def crypto(self, data): 'crypto(self, data) -> str' return ''.join(chr((ord(x) ^ ord(y)) % 256) \ for (x, y) in izip(data.decode('utf-8'), cycle(self.key)) I had to add the % 256 since sometimes x is 256 i.e. not a single byte. This thing of two bytes being passed does not break the decryption because the key keeps "paired" with the following data. The problem is some decrypted character in the conversion is wrong. These chars are all accented letters like à, è, ì but just a few of the overall accented letters. The others are all correctly restored. I guess it could be due to the 256 mod but without it I of course get a chr exception... Thanks for your support

Read the article

warning: assignment makes pointer from integer without a cast

- by FILIaS

Im new in programming c with arrays and files. Im just trying to run the following code but i get warnings like that: warning: assignment makes pointer from integer without a cast Any help? It might be silly... but I cant find what's wrong. FILE *fp; FILE *cw; char filename_game[40],filename_words[40]; int main() { while(1) { /* Input filenames. */ printf("\n Enter the name of the file with the cryptwords array: \n"); gets(filename_game); printf("\n Give the name of the file with crypted words:\n"); gets(filename_words); /* Try to open the file with the game */ if (fp=fopen("crypt.txt","r")!=NULL) { printf("\n Successful opening %s \n",filename_game); fclose(fp); puts("\n Enter x to exit,any other to continue! \n "); if ( (getc(stdin))=='x') break; else continue; } else { fprintf(stderr,"ERROR!%s \n",filename_game); puts("\n Enter x to exit,any other to continue! \n"); if (getc(stdin)=='x') break; else continue; } /* Try to open the file with the names. */ if (cw=fopen("words.txt","r")!=NULL) { printf("\n Successful opening %s \n",filename_words); fclose(cw); puts("\n Enter x to exit,any other to continue \n "); if ( (getc(stdin))=='x') break; else continue; } else { fprintf(stderr,"ERROR!%s \n",filename_words); puts("\n Enter x to exit,any other to continue! \n"); if (getc(stdin)=='x') break; else continue; } } return 0; }

Read the article

23warning: assignment makes pointer from integer without a cast

- by FILIaS

Im new in programming c with arrays and files. Im just trying to run the following code but i get warnings like that: 23 44 warning: assignment makes pointer from integer without a cast Any help? It might be silly... but I cant find what's wrong. #include<stdio.h> FILE *fp; FILE *cw; char filename_game[40],filename_words[40]; int main() { while(1) { /* Input filenames. */ printf("\n Enter the name of the file with the cryptwords array: \n"); gets(filename_game); printf("\n Give the name of the file with crypted words:\n"); gets(filename_words); /* Try to open the file with the game */ if (fp=fopen("crypt.txt","r")!=NULL) //line23 { printf("\n Successful opening %s \n",filename_game); fclose(fp); puts("\n Enter x to exit,any other to continue! \n "); if ( (getc(stdin))=='x') break; else continue; } else { fprintf(stderr,"ERROR!%s \n",filename_game); puts("\n Enter x to exit,any other to continue! \n"); if (getc(stdin)=='x') break; else continue; } /* Try to open the file with the names. */ if (cw=fopen("words.txt","r")!=NULL) //line 44 { printf("\n Successful opening %s \n",filename_words); fclose(cw); puts("\n Enter x to exit,any other to continue \n "); if ( (getc(stdin))=='x') break; else continue; } else { fprintf(stderr,"ERROR!%s \n",filename_words); puts("\n Enter x to exit,any other to continue! \n"); if (getc(stdin)=='x') break; else continue; } } return 0; }

Read the article

PHP, MySQL - My own version of SALT (I call salty) - Login Issue

- by Fabio Anselmo

Ok I wrote my own version of SALT I call it salty lol don't make fun of me.. Anyway the registration part of my script as follows is working 100% correctly. //generate SALTY my own version of SALT and I likes me salt.. lol function rand_string( $length ) { $chars = "ABCDEFGHIJKLMNOPQRSTUWXYZabcdefghijklmnopqrstuwxyz1234567890"; $size = strlen( $chars ); for( $i = 0; $i < $length; $i++ ) { $str .= $chars[ rand( 0, $size - 1 ) ]; } return $str; } $salty = rand_string( 256 ); //generate my extra salty pw $password = crypt('password'); $hash = $password . $salty; $newpass = $hash; //insert the data in the database include ('../../scripts/dbconnect.php'); //Update db record with my salty pw ;) // TESTED WITH AND WITHOUT SALTY //HENCE $password and $newpass mysql_query("UPDATE `Register` SET `Password` = '$password' WHERE `emailinput` = '$email'"); mysql_close($connect); However my LOGIN script is failing. I have it setup to TEST and echo if its login or not. It always returns FAILED. I entered the DB and changed the crypted salty pw to "TEST" and I got a SUCCESS. So my problem is somewhere in this LOGIN script I assume. Now I am not sure how to implement my $Salty in this. But also be advised that even without SALTY (just using crypt to store my pass) - I was still unable to perform a login successfully. And if you're gonna suggest i use blowfish - note that my webhost doesn't have it supported and i don't know how to install it. here's my login script: if (isset($_POST['formsubmitted'])) { include ('../../scripts/dbconnect.php'); $username = mysql_real_escape_string($_POST['username']); $password = crypt(mysql_real_escape_string($_POST['password'])); $qry = "SELECT ID FROM Register WHERE emailinput='$username' AND Password='$password'"; $result = mysql_query($qry); if(mysql_num_rows($result) > 0) { echo 'SUCCESS'; //START SESSION } else { echo 'FAILED'; //YOU ARE NOT LOGGED IN } } So what's wrong with this login? Why isn't it working just using the crypt/storing only crypt? How can i make it work storing both the crypt and randomly generated SALTY :) ? Ty advance

Read the article

Authlogic: passwords saved in the DB are not working as expected.

- by user570459

Hello everyone, Im having trouble with authlogic on my production server. Im able to update passwords in the database but when i try to validate a user using the new password, the validation fails. Please check the below console output. Notice how the salt and crypted_password fields get update before and after the new password is saved. The issue is only on my production server (running passenger). Everything works fine on my development machine. => #<User id: 3, login: "saravk", email: "[email protected]", crypted_password: "9bc86247105e940bb748ab680c0e77d9c44a82ea", salt: "WdVpQIdwl68k8lJWOU"> irb(main):003:0> u.password = "kettik123" => "kettik123" irb(main):004:0> u.password_confirmation = "kettik123" => "kettik123" irb(main):005:0> u.save! => true irb(main):006:0> u.valid_password?("kettik123") => true irb(main):007:0> u.reload => #<User id: 3, login: "saravk", email: "[email protected]", crypted_password: "f059007c56f498a12c63209c849c1e65bb151174", salt: "lVmmczhyGE0gxsbV421A"> irb(main):008:0> u.valid_password?("kettik123") => false The authlogic configuration in my User model.. class User < ActiveRecord::Base acts_as_authentic do |c| c.login_field :email c.validate_login_field false c.validate_email_field false c.perishable_token_valid_for = 1.day c.disable_perishable_token_maintenance = true end I use the email field as the main key for the user. Also the email field is allowed to be blank in some cases (eg a facebook user) Also i belive that my schema is proper (in terms of the length of the salt & crypted password fields) create_table "users", :force => true do |t| t.string "login" t.string "email" t.string "crypted_password", :limit => 128, :default => "" t.string "salt", Any help on this would be highly appreciated. Thanks.

Developer IT