:: blog.profoundparables.org ::

The server that everybody gets to talk about but never gets to see…HAHA
(Pictures up soon)

SPECS:

LIAN LI PC-60APlus Silver Aluminum ATX Mid Tower Computer Case - Retail
Antec SmartPower 2.0 SP-500 ATX12V 500W Power Supply - Retail

ASUS A8N32-SLI Deluxe Socket 939 NVIDIA nForce SPP 100 ATX AMD Motherboard - Retail
AMD Athlon 64 3700+ San Diego 2.2GHz Socket 939 Processor Model ADA3700BNBOX - Retail

OCZ S.O.E 2GB (2 x 1GB) 184-Pin DDR SDRAM DDR 400 (PC 3200) Dual Channel Kit System Memory Model OCZSOE4002GK - Retail
CORSAIR ValueSelect 1GB (2 x 512MB) 184-Pin DDR SDRAM DDR 400 (PC 3200) Dual Channel Kit System Memory Model VS1GBKIT400 -

ATI 100-714600 Radeon X1300 256MB PCI Express x16 All-In-Wonder 2006 Edition Video Card - Retail

Pioneer 16X DVD±R DVD Burner With 5X DVD-RAM Read Black ATAPI Model DVR-111D - OEM
MITSUMI Black 1.44MB 3.5″ Internal USB 2.0 digital card reader with Floppy Drive - OEM

Western Digital Caviar SE16 WD2500KS 250GB 7200 RPM SATA 3.0Gb/s Hard Drive - OEM
Maxtor MaXLine III 7L250S0 250GB 7200 RPM Serial ATA150 Hard Drive - OEM
(RAID 5)

http://store.apple.com/1-800-MY-APPLE/WebObjects/AppleStore.woa/wo/0.RSLID?mco=15559A3&nclm=XserveRAID

RAID 0: Striping.
Lays down data in stripes across an array of drives for exceptional I/O performance, but with no data protection.

RAID 1: Mirroring.
Writes identical copies of data on a pair of disks for total redundancy, but with limited performance and inefficient use of drives.

RAID 3: Striping with parity.
Stripes data across two or more drives and stores parity data on a dedicated drive, providing data redundancy and performance that’s faster than that of a single drive.

RAID 5: Striping with distributed parity.
Distributes data and parity information across an array for high throughput, good redundancy, and efficient use of drives.

RAID 0+1: Striping over mirroring.
Stripes data across pairs of mirrored drives for a mix of performance and redundancy.

RAID 10, 30, and 50: Striping over RAID 1, 3, and 5.
Uses hardware RAID to create two or more sets in RAID level 1, 3, or 5, and software RAID to stripe across the sets. This creates a single data volume with the best balance of performance and data protection.

The Rainbow Table is the time used to take a cracking computation and storing those results in files. This is the technique Philippe Oechslin developed in order to implement a faster time-memory trade-off. Ophcrack is an example of a time-memory trade-off using rainbow tables in order to crack Windows passwords.

Some business oriented hackers decided that they start a RainbowCrack service by allowing anyone to pay a subscription fee and provide password hashes to crack.
http://www.rainbowcrack-online.com/

“Because of the problems, the U.S. government is requiring that banks move towards two-factor authentication, where the typical password security is augmented by a biometric or a physical security device. Some security researchers maintain that even adding a second type of security check is not enough.”
“Rainbow tables side step the difficulty in cracking a single password by instead creating a large data set of hashes from nearly every possible password. To break a password, the attacker merely looks up the hash to find the password that produces that code.”
http://www.securityfocus.com/news/11355

More on Rainbow Tables can be found at : http://en.wikipedia.org/wiki/Rainbow_table

Any one-way hash that includes a salt is ineffective to a rainbow table and can be a
defense. In cryptography, a key derivative function is a hash function derived from one or
more secret keys from secret values/information. Salts consists of random bits used as one
of the key derivative function inputs.

“MS-Windows is one of the rare operating systems, with few routers, firewalls and databases, that uses salt-less hashes, making the attack possible. Both hashes found in Windows, the LanManager hash and the NT hash have no salt.”
“If you don’t want your password to be cracked, you should definitely stay away from the LanManager hash (you can disable it in Windows 2000, XP and 2003).”
https://www.isc2.org/cgi-bin/content.cgi?page=738

Jim Moore, an Information Security Officer from the Rochester Institute of Technology states:
“A couple of weeks ago I was at the New York State Cyber-Security Conference. It was there that a presenter with good knowledge of the black hat community said that 16 character rainbow tables would be done by the end of 2006.”
http://listserv.educause.edu/cgi-bin/wa.exe?A2=ind0607&L=security&T=0&H=1&P=2422

It will soon be normal to have larger than atleast 16 characters as a password. Get ready for a security break-through. This is the future of technology.
An advice for everybody involved or using technology in anyway, change your passwords regularly (make them longer as well) and backup ALL IMPORTANT data.