I'm a big fan of Password Safe. Mainly because I can access the same password database on my IronKey on multiple different operating systems, but also because it utilizes very strong encryption and it does what it was designed to do very well.
Currently, the IronKey Identity Manager doesn't support importing directly from Password Safe, but it does support importing from KeePass xml files. KeePass is fine, but I have used Password Safe for a long time and I dont see a reason to change any time soon. However, I want a bunch of my passwords in Identity Manager on my IronKey because ID Manager works great and integrates directly with my browser! Even better, the ID Manager database is stored in an area on flash of the IronKey that is not addressable by a driveletter, which is way more secure because it takes a firmware call to access it and decrypt it.
So, here's how to import your creds from Password Safe into Identity Manager. I'll assume you are using the latest and greatest version of the Password Safe app, and that your database format is v3.
Open Password Safe v3 database.
Save as v2 database.
Open v2 database.
Export v2 database to txt file.
Close Password Safe.
Go get KeePass portable.
Launch and create a new database.
In KeePass, got File | Import From | PSafe v2 TXT File
Save KeepPass DB.
In KeePass, goto File | Export To | XML File
Goto IronKey Identity Manager
Click Add | Import Passwords
Click Load Passwords on KeePass line
Select passwords to import.
Close.
Backup | Online Backup
Dont forget to:
Erase Password Safe v2 database.
Erase KeePass XML file.
Erase Password Safe v2 TXT file.
Use a program like Eraser to get the job done properly.
Thursday, December 3, 2009
Tuesday, November 3, 2009
Addons for the on-board FireFox on the IronKey
NoScript
Web Developer Toolbar
Live HTTP Headers
Foxy Proxy
Duplicate Tab
Web Developer Toolbar
Live HTTP Headers
Foxy Proxy
Duplicate Tab
List of Tools I Carry on my IronKey
I do a fair amount of work on Windows systems. Most of the corporate apps I use are Microsoft apps (Sharepoint, Exchange), which are decent apps but I have no choice but to use them, so I have a Windows workstation at work. But primarily I work in *nix, OpenBSD, various security monitoring platforms, system management platforms, and storage/network devices. My IronKey contains a blend of apps to stage for and accomplish tasks in those environments:
Windows Tools
7-ZipPortable
CDex
ClamWinPortable
CPU-Z
dhcpsrv1.7
DiaPortable
Eraser
FileZillaPortable
Foxit Reader
MDCrack-183
NirSoft Launcher (includes entire indispensable tool suite)
NotepadPlusPlusPortable
Oracle VirtualBox
PasswordSafe
PidginPortable, Pidgin-Encryption_Portable
SecureCRT
SetupImgBurn
Stellarium
SysInternals Suite
Tor Bundle
Sequoia View
TrueCrypt
VLCPortable
WinSCPPortable
WiresharkPortable
VNC Viewer
Linux Tools
ettercap
nmap
ncat
p0f
SSLStrip
slowloris
Black Ubuntu ISO
??? ;)
Other
A copy of the /Java/ directory from some windows system where Java was installed.
Portable perl (see here)
Windows Tools
7-ZipPortable
CDex
ClamWinPortable
CPU-Z
dhcpsrv1.7
DiaPortable
Eraser
FileZillaPortable
Foxit Reader
MDCrack-183
NirSoft Launcher (includes entire indispensable tool suite)
NotepadPlusPlusPortable
Oracle VirtualBox
PasswordSafe
PidginPortable, Pidgin-Encryption_Portable
SecureCRT
SetupImgBurn
Stellarium
SysInternals Suite
Tor Bundle
Sequoia View
TrueCrypt
VLCPortable
WinSCPPortable
WiresharkPortable
VNC Viewer
Linux Tools
ettercap
nmap
ncat
p0f
SSLStrip
slowloris
Black Ubuntu ISO
??? ;)
Other
A copy of the /Java/ directory from some windows system where Java was installed.
Portable perl (see here)
Monday, June 15, 2009
Hash My Files
I have a whole bunch of tools that I store on my ironkey and use on Windows and Linux. This one I used very frequently.
http://www.nirsoft.net/utils/hash_my_files.html
http://www.nirsoft.net/utils/hash_my_files.html
Responsibly using SecureSessions
There are a few tools that make Tor (SecureSessions) more effective.
Because Tor has no clue what data is flowing through its circuits, using Tor without Privoxy is nearly pointless in terms of improving security while browsing online resources. Privoxy is very good at filtering out many of outbound privacy leaks that allow tracking of your identity, online activity & interests. Why should you have to explain to anyone your fascination with underwater acoustic detonators? Privoxy is highly configurable, but unfortunately, unless you have a scripting background, its a little daunting to customize. However the No-Script add-on is an important tool in that it allows you halt the execution of all javascript, then pick and choose which scripts you'd like to allow to run. It also allows you to review the list of domains where the scripts are being served from, allowing you to avoid javascript injection attacks and other web surfing dangers.
Using insecure protocols through Tor is another consideration that one must make. For instance, browsing websites is a risk that users will have to decide. Using insecure authentication or messaging protocols through Tor is just plain stupid. Regardless of where you are in the world, if anyone is capturing traffic between the exit relay and your destination, they will get your creds if you authenticate through an insecure protocol. If someone cracks into the server on which you insecurely authenticate, they will have your creds. If someone is running an exit relay and capturing traffic that goes in and out of that relay, and say you access an account via an insecure authentication protocol, they will have your creds.
Is the message clear now? ha ha, just kidding.
Do not use unencrypted protocols through Tor.
Use NoScript
Never use Tor without Privoxy, Period.
Never, ever, ever (EVER) use Internet Explorer for public web surfing.
Always use the latest version of FireFox or Opera.
Use a separate FireFox profile when using Tor.
Set that profile to clean out everything when your session ends and begins, by checking the "Always clear my private data when I close Firefox" checkbox. Disable all cookies.
Force dns requests into Tor, in FireFox about:config, set network.proxy.socks_remote_dns to "True".
Read this posting.
Use a webproxy, like Privoxy.
Use NoScript.
Use Flashblock.
Be Security-Minded.
If you're not sure, DONT CLICK ON IT!
Because Tor has no clue what data is flowing through its circuits, using Tor without Privoxy is nearly pointless in terms of improving security while browsing online resources. Privoxy is very good at filtering out many of outbound privacy leaks that allow tracking of your identity, online activity & interests. Why should you have to explain to anyone your fascination with underwater acoustic detonators? Privoxy is highly configurable, but unfortunately, unless you have a scripting background, its a little daunting to customize. However the No-Script add-on is an important tool in that it allows you halt the execution of all javascript, then pick and choose which scripts you'd like to allow to run. It also allows you to review the list of domains where the scripts are being served from, allowing you to avoid javascript injection attacks and other web surfing dangers.
Using insecure protocols through Tor is another consideration that one must make. For instance, browsing websites is a risk that users will have to decide. Using insecure authentication or messaging protocols through Tor is just plain stupid. Regardless of where you are in the world, if anyone is capturing traffic between the exit relay and your destination, they will get your creds if you authenticate through an insecure protocol. If someone cracks into the server on which you insecurely authenticate, they will have your creds. If someone is running an exit relay and capturing traffic that goes in and out of that relay, and say you access an account via an insecure authentication protocol, they will have your creds.
Is the message clear now? ha ha, just kidding.
Do not use unencrypted protocols through Tor.
Use NoScript
Never use Tor without Privoxy, Period.
Never, ever, ever (EVER) use Internet Explorer for public web surfing.
Always use the latest version of FireFox or Opera.
Use a separate FireFox profile when using Tor.
Set that profile to clean out everything when your session ends and begins, by checking the "Always clear my private data when I close Firefox" checkbox. Disable all cookies.
Force dns requests into Tor, in FireFox about:config, set network.proxy.socks_remote_dns to "True".
Read this posting.
Use a webproxy, like Privoxy.
Use NoScript.
Use Flashblock.
Be Security-Minded.
If you're not sure, DONT CLICK ON IT!
Monday, June 8, 2009
HowTo Freshen Tor/SecureSessions
I use Tor a lot. When I get 404's or 503's there are a number of things I check.
Does the browser/network connection work without Tor?
Is the site I'm trying to get to available without Tor?
Is Privoxy Running?
Are the tcp ports 9050 & 9051 bound on 127.0.0.1? (netstat -an or tcpview)
To start fresh and pull everything down again:
1. Delete the Nodes file.
\IronKey-System-Files\SecureSessions\SecureSessionsFiles\Nodes
This file contains a list of Authoritative Directory servers. This is where your Onion Proxy, otherwise known as the Tor Client, gets its info on all the other Onion Routers out there (essentially, the cached-routers file). This is usually the essential first and only step to get a fresh start with IronKey Tor in most cases. However, you may still experience issues, so take the following extra steps.
2. Delete all Network Descriptors.
\IronKey-System-Files\SecureSessions\SecureSessionsFiles\cached-status\*
Network descriptors are more detailed descriptions of the Onion Routers. Its basically the same info that's in the cached-routers file. Its very possible that if the Engineers at IronKey have made changes to their Tor network, some of the network descriptors may have become outdated and invalid. Collection of network descriptors is not subtractive...therefore, wiping these out and starting fresh is an excellent idea. Be sure to check the forum.ironkey.com website for Maintenance Notices and other network related info.
3. Delete the cached-routers file.
\IronKey-System-Files\SecureSessions\SecureSessionsFiles\cached-routers
Yes, I know...this file gets regenerated when the Nodes file is missing, but I have seen it not get updated...or worse, it gets created as a zero-byte file. Just delete it or move it, and shut up.
Finally, if you are still having problems, pull up the Network Map. To do this, right-click on the IronKey Icon in the Windows systray | Secure Sessions | Network Map. Watch the lower-middle content area. This view shows Vidalia's view of your current Identity. In case you aren't aware, your Identity is the collection of 3 Tor nodes that make up your "Virtual Circuit". Your identity changes every few minutes. The last node in the circuit is your actual identity, meaning....when you go to a web site, its the IP address of this server (the Exit node) that gets logged in the web server logs.
Have a secure day!
Does the browser/network connection work without Tor?
Is the site I'm trying to get to available without Tor?
Is Privoxy Running?
Are the tcp ports 9050 & 9051 bound on 127.0.0.1? (netstat -an or tcpview)
To start fresh and pull everything down again:
1. Delete the Nodes file.
\IronKey-System-Files\SecureSessions\SecureSessionsFiles\Nodes
This file contains a list of Authoritative Directory servers. This is where your Onion Proxy, otherwise known as the Tor Client, gets its info on all the other Onion Routers out there (essentially, the cached-routers file). This is usually the essential first and only step to get a fresh start with IronKey Tor in most cases. However, you may still experience issues, so take the following extra steps.
2. Delete all Network Descriptors.
\IronKey-System-Files\SecureSessions\SecureSessionsFiles\cached-status\*
Network descriptors are more detailed descriptions of the Onion Routers. Its basically the same info that's in the cached-routers file. Its very possible that if the Engineers at IronKey have made changes to their Tor network, some of the network descriptors may have become outdated and invalid. Collection of network descriptors is not subtractive...therefore, wiping these out and starting fresh is an excellent idea. Be sure to check the forum.ironkey.com website for Maintenance Notices and other network related info.
3. Delete the cached-routers file.
\IronKey-System-Files\SecureSessions\SecureSessionsFiles\cached-routers
Yes, I know...this file gets regenerated when the Nodes file is missing, but I have seen it not get updated...or worse, it gets created as a zero-byte file. Just delete it or move it, and shut up.
Finally, if you are still having problems, pull up the Network Map. To do this, right-click on the IronKey Icon in the Windows systray | Secure Sessions | Network Map. Watch the lower-middle content area. This view shows Vidalia's view of your current Identity. In case you aren't aware, your Identity is the collection of 3 Tor nodes that make up your "Virtual Circuit". Your identity changes every few minutes. The last node in the circuit is your actual identity, meaning....when you go to a web site, its the IP address of this server (the Exit node) that gets logged in the web server logs.
Have a secure day!
Friday, May 29, 2009
My IronKey
Today, I thought I would start a blog to share the many ways in which I use my IronKey. Enjoy!
Subscribe to:
Posts (Atom)
