Saturday, October 15, 2011

Moving on..

new beginnings are here again.

my latest trick with my ironkey is wriitng my password on it.
this makes to really easy for anyone open my ironkey and get at all my project files.
i left a key like this behind after leaving the building yesterday (for the last time) and i got quite a giggle out of it. :D

Tuesday, May 18, 2010

Preparing for the Loss of an IronKey

First, read this.

1. Do an Online Backup of the Identity Manager.
2. Make a Secure Backup of the current IronKey.
3. Find a phrase that you like, a lyric for a song maybe, or a passage from a favorite book, and make a complex passphrase you can remember. practice it in a volatile medium that defies snooping or recording.
4. Encrypt the entire Secure Backup with strong encryption software, like openssl or some 3rd party vendor you trust.

Then:
- If you have the money, buy a second IronKey (SLC) and restore the Secure Backup onto it.
- Burn the encrypted backup twice to DVD
- Label & store the second IronKey and your DVD in a highly secure, yet separate locations.
- Never write your passphrase down or store it in any file. If you must, put it into some kind of password management tool like Password Safe or KeePass.

Wednesday, January 13, 2010

firefox args

I've been using browser profiles to create different browser configurations and here's how I did it on my IronKey.

Install FireFoxPortable
Create a file called sf.bat and put it in the root of the secure volume.
In that file put the following line:

./[path to portable firefox]/firefox.exe --no-remote -P

Then create a shortcut in the Ironkey Control Panel for sf.bat

Now you can launch portable firefox with the options you want from the IKCP, and choose which profile you want to create/use.

You can have separate profiles custom configured for:
- research
- a specific proxy
- secure sessions
- public tor
- online banking
- etc...

For the really paranoid:
- Add the ProfilePassword add-on and you can password protect your profiles.
- Add the FEBE add-on to back up your extensions.
- Back up (zip/bz2/7z) your Profiles directory.

Thursday, December 3, 2009

how to import your passwords into Identity Manager from Password Safe

I'm a big fan of Password Safe. Mainly because I can access the same password database on my IronKey on multiple different operating systems, but also because it utilizes very strong encryption and it does what it was designed to do very well.

Currently, the IronKey Identity Manager doesn't support importing directly from Password Safe, but it does support importing from KeePass xml files. KeePass is fine, but I have used Password Safe for a long time and I dont see a reason to change any time soon. However, I want a bunch of my passwords in Identity Manager on my IronKey because ID Manager works great and integrates directly with my browser! Even better, the ID Manager database is stored in an area on flash of the IronKey that is not addressable by a driveletter, which is way more secure because it takes a firmware call to access it and decrypt it.

So, here's how to import your creds from Password Safe into Identity Manager. I'll assume you are using the latest and greatest version of the Password Safe app, and that your database format is v3.


Open Password Safe v3 database.
Save as v2 database.
Open v2 database.
Export v2 database to txt file.
Close Password Safe.
Go get KeePass portable.
Launch and create a new database.
In KeePass, got File | Import From | PSafe v2 TXT File
Save KeepPass DB.
In KeePass, goto File | Export To | XML File
Goto IronKey Identity Manager
Click Add | Import Passwords
Click Load Passwords on KeePass line
Select passwords to import.
Close.
Backup | Online Backup

Dont forget to:
Erase Password Safe v2 database.
Erase KeePass XML file.
Erase Password Safe v2 TXT file.

Use a program like Eraser to get the job done properly.

Tuesday, November 3, 2009

Addons for the on-board FireFox on the IronKey

NoScript
Web Developer Toolbar
Live HTTP Headers
Foxy Proxy
Duplicate Tab

List of Tools I Carry on my IronKey

I do a fair amount of work on Windows systems. Most of the corporate apps I use are Microsoft apps (Sharepoint, Exchange), which are decent apps but I have no choice but to use them, so I have a Windows workstation at work. But primarily I work in *nix, OpenBSD, various security monitoring platforms, system management platforms, and storage/network devices. My IronKey contains a blend of apps to stage for and accomplish tasks in those environments:

Windows Tools
7-ZipPortable
CDex
ClamWinPortable
CPU-Z
dhcpsrv1.7
DiaPortable
Eraser
FileZillaPortable
Foxit Reader
MDCrack-183
NirSoft Launcher (includes entire indispensable tool suite)
NotepadPlusPlusPortable
Oracle VirtualBox

PasswordSafe
PidginPortable,
Pidgin-Encryption_Portable
SecureCRT
SetupImgBurn
Stellarium
SysInternals Suite
Tor Bundle
Sequoia View
TrueCrypt
VLCPortable
WinSCPPortable
WiresharkPortable
VNC Viewer


Linux Tools
ettercap
nmap
ncat
p0f
SSLStrip
slowloris

Black Ubuntu ISO

??? ;)

Other
A copy of the /Java/ directory from some windows system where Java was installed.
Portable perl (see here)