This type of authentication uses something that you have as the authentication tool, usually ID-card or keys. This type of authentication is definitely stronger than the authentication by ‘something you know’ in my opinion because the attacker need to steal the tool used for the authentication before he/she can authenticate himself/herself. And when we keep the thing required for the authentication very securely its almost impossible for the attacker to authenticate himself/herself as ouself. So, the point to make this kind of authentication is save is to save the authentication tools itself. Keep your ID-card and keys save, out of the reach of the unwanted people. Sometimes you have more than one keys, make sure that the other keys is saved securely.
Authentication ~ Something That You Know
The first authentication type is authentication by something you know. This method using something that someone knows to authenticate himself/herself. Usually, or mostly all security system use this type of authentication. This method utilize password, pass phrase, personal identification number (PIN), or even challenge response to authenticate someone. Not much differences in these methods all of them use characters or symbols that the user must provide to authenticate himself/herself. Longer and complexe combination of characters or symbols that must be provided make this method of authentication stronger. To put this straight, PIN is the most weak authentication method in this type of authentication because it is only require 4 numbers to authenticate someone. Unfortunately, this method is the one that used in wide range of Banks around the world. Place where we save our money.
Password and pass phrase come in second. This method is stronger than Continue Reading
Authentication ~ Intro
Ever watched a movie where the villain breach over the security system of a corporation or a secret lab using some sort of tools, like wearing mask or fake fingerprint to bypass the body scanning authentication, using voice changer to bypass the voice authentication, or even just use a notebook to crack the password of a gate? I bet most of you had. There are tons of films like that such as Mission Impossible, Spy Kids, and other Thrilling Spy Action related film. As you can see in the film. The corporation have already implemented a very strong authentication method on their system. Yet the villain always able to breach it easily. Okay, that is just a film. But you know that those things might actually happened in real live. And when that happen, all of us will be in serious trouble. No account will be save, no authentication method that won’t be breached, and worse the internet will be in a great disaster.
With the fast growth of information technology nothing seems to be impossible now. Security is one thing that Continue Reading
Digital Forensic ~ Organizing Your Analysis
Organizing the evidence is very important, you don’t want the evidence to be mixed with other files right? That would be a big problem because the data or the metadata of the evidence will be changed. And, guess what? That will make the evidence become useless because it won’t be considered a valid evidence.
We need to make a special directory to place all evidence of a case.
# mkdir evidence
And then, because forensic analysis is mostly dealing with the image of a disk like this http://www.linuxleo.com/Files/practical.floppy.dd we must create a mount point directory to Continue Reading
Digital Forensic ~ Basic Linux Forensic Tools
Here are some basic linux forensic tools that usually used by digital forensic analyzer to perform an analysis on disk images.
dd – a tool used to clone a file, disk partition, or even an entire disk content. This is a bit-by-bit cloning tools, so the cloned file or device is 100% identical to the original one as long as the cloned file or device is not modified.
sfdisk and fdisk – tools used to see the disk structure in the computer.
grep– used with the other linux command such as ls or more, the output of the command will only display the lines that match with the pattern given by this command.
looping device – allows us to mount an image without having to rewrite the image to a disk.
md5sum and sha1sum – creating a md5 or sha1 hash of Continue Reading