forums.wsusoffline.net

[oiaohm]

WSUSUpdateAdmin sorry to say I am not a person to give the excuss I cannot afford a digital signature so I cannot do anything against Man in the Middle.

You can be your own CA(Certificate Authority). You can add Certificate of Authorities to windows by group policy for applications. There are otherways as well.
http://technet.microsoft.com/en-us/libr ... 10%29.aspx
Scary enough self signed is acceptable to be a Trusted publisher. Just you have to insert the certificate twice instead of once. This could be done to prevent man in middle on the likes of mkisofs.exe.

WSUSUpdateAdmin so cost to sign is in fact zero in dollars. Only advantage is paying is that the CA the signing certificate you are using already exists. There is few days in setup time to create your own CA.

You can even use www.cacert.org as secondary validation to your keys. cacert.org is also zero cost to join in dollars. There is cost in time to do the validation process again a once of cost of a few days. There is also zero on going with cacert.org .

Basically signitures are free. Cost is installing them if you don't get them from a already registered CA(that is quite min) Own CA or being a member of cacert.org allows revoke lists. Of course we could choose to go self signed with manual revoking.

T. Wittrock you are not alone thinking you have to hand over cash for application signing.

Currently WSUSUpdateAdmin will not work on windows systems set signed applications only. Even with a self signed at least WSUSUpdateAdmin would be able to work on systems set signed applications only after the self signed is added to the systems. Yes this can be pushed out by group policy and other mean.

[WSUSUpdateAdmin]

I'm providing and maintaining this software for free, but I'm happy to hear you're willing to donate a digital signature to this project's files.

Please deliver.

If you otherwise like to have your "MITM safe", "Enterprise" or whatever branch - go ahead!

RTW

[oiaohm]

WSUSUpdateAdmin Please note I did not say donate. Give is not something you can do with signing keys. Tell you how to generate them yes. Generate them for you not really a option. If I have to generate only valid way is I run that branch.

With work and custom applications I use self signed.
certmgr.exe -add MyCert.cer -s -r localMachine trustedpublisher
certmgr.exe -add MyCert.cer -s -r localMachine root
Is the command line todo it.
http://technet.microsoft.com/en-us/libr ... 10%29.aspx

This here is the instructions for self signing without a revoke list.
http://stackoverflow.com/questions/8484 ... on-windows Good enough as long as you don't lose the private key.
WSUSUpdateAdmin basically its fairly straight forwards. A self signing CA without a revoke list is very simple and quick to setup. No on going costs either.
If the issue is you cannot afford a digital signature that is false. They are free as long as you are willing to have users install the CA cer manually or add to their group polcies. Yes doing it this way a new maintainer would create their own new CA. As you don't transfer private keys.

A CA certificate installed manually still stops man in middle replacements. Basically heres our program and here is the cer file to match up for all future versions. So it don't have to be updated for the next 100 years.

http://download.wsusoffline.net/mkisofs.exe is coming from your own server. WSUSUpdateAdmin the signtool has to be run every new version.
Please note signed does not only prevent MITM. Signed also prevents people without the private key if they breach the site from replacing the file without being noticed. Everyone operating signed would notice very quickly also able to confirm it was not you.

WSUSUpdateAdmin like you provide hashes of the prinary download as well. But that is not signed either. PGP signing. Public and Private key is the base to the complete system. As long as you are the only one with the private key us with the public key can validate the update came from you.

Self signed certificates are not the max of max of secuirty. But it is a level above what you are doing now. cacert.org is indepentant validation group. cacert.org validation has the requirement that you a phsysically at one of their events or that the cacert person has physical meet you. WSUSUpdateAdmin I cannot do this for you as I am not in the same country as you. If you were in the same country I would come visit and get this sorted out.

For what I do I cannot justify 80 dollar a year in signing certificates either. Sorry to say I am very limtied with how much I can do for you in this case WSUSUpdateAdmin. All I can do is set you up with the information and contacts to get the best signing you can on a zero budget.

Sorry to say no excuse other than don't have the time todo it basically. Money is not the issue to sign applications. This is also one of those things I cannot do for you completely. All I can do is advise how.

Valdiating the cmd and vbs files those are trickier.

[oiaohm]

WSUSUpdateAdmin there is another thing to be aware of. Infrarecorder before they got a company to pay for signing certificate to have one users did not have to modify system to use they were using self signing. Its just the simple reality if you cannot run a self signing system there is no point investing in a commerical certificate. If you lose the private key off a commerical certificate it gets invalidated and you have to pay again.

This is why I am so annoyed with you with the point of view of wait until someone pays for a certificate. No one in there right mind will pay for a digital signature for a project until project shows it can manage digital signature securely.

http://sourceforge.net/projects/osslsigncode/ I forgot to mention the signing when setup does not require a windows computer.

WSUSUpdateAdmin the other problem here. I will only sign files I have built myself and audited myself. This is the problem. If you wish for me to sign I will have to find the time to take over maintainership of the project or made a complete sub branch. This seams like over kill when a little education and getting processes in place to sign new files and create validation solutions can solve the problem.

Becides there are a nice list issues that have to be addressed before I could even consider signing wsusupdate.

You cannot directly sign cmd or vbs scripts those require using catlogs or something to reduce particular areas into a exe. http://bat2exe.net/ and http://sourceforge.net/projects/htwoo/ might work but I don't have a windows machine to see if the likes of the client directory still works when turned into a single exe file. This is also a question for end users. Do they want a wrapper program that validates the vbs,cmd,txt..... or do they want compacted to exe.
Required stages.
1) Getting maintainer of project able to manage signing keys at least self signed. Even if it possible means changing maintainer.
2) Patches to trully make the system validate and be secure. Validating does not only prevent man in middle. You make a iso a few sectors die you also want the system to stop not do random commands. This is altering the client/update.cmd to update.exe and other alterations to au3 to validate items. These patches really cannot be done without certificates to validate against.
3) Final stage ask for money to use a simpler for end user with a commerical certificate. Because by this point the project can demostrate its secure and will put the certificate to good use.

Preventing tampering and damage takes time and careful planning. WSUSUpdateAdmin currently anyone can alter your archive to be hostile without leaving behind clear evidence. Of course I am not wishing to prevent users from customising and building own versions. Supporting self signed I put so high because just like you a lot of people will not be able to afford commerical certificates who wish to modify.

Unsigned is what I have the big issue with. Self signed should be min standard these days. If at some point a person wanted todo .deb or rpm packages for Linux they would be required to maintain signing certificates anyhow. Windows developers producing binaries have got off light.

wsusoffline is not some program that will run in a limtied user account that cannot do major system damage. Its the exact other way over. wsusoffline damaged could really do some serous harm to a system. wsusoffline lacks validation on its own files so is more able to malfunction. MITM issue is only the tip of a iceberg basically, The MITM only exists because validation solutions are not in place. Vaildation solutions prevent a more broad range of issues.

Yes it one thing to say you are not responsable for the damage. Is another thing to show the due care to make odds of damage as low as possible.

[friday123]

These are the files I've disabled so far:

Code: Select all

echo.> static\StaticDownloadFiles-modified.txt
echo.> static\StaticDownloadLink-mkisofs.txt
echo.> static\StaticDownloadLink-recent.txt
echo.> static\StaticDownloadLinks-sysinternals.txt
echo.> static\StaticDownloadLink-this.txt
echo.> cmd\CheckOUVersion.cmd
echo.> cmd\UpdateOU.cmd


Again it would be great if there could be some MITM protection for this program. Thanks

[WSUSUpdateAdmin]

These are the files I've disabled so far:

If you "disabled" parts of the software, you should not be surprised about unpredictable results (e.g. viewtopic.php?f=2&t=3922, viewtopic.php?f=4&t=4185, viewtopic.php?f=6&t=4175 and others).

Code: Select all

echo.> static\StaticDownloadFiles-modified.txt
echo.> static\StaticDownloadLink-mkisofs.txt
echo.> static\StaticDownloadLink-recent.txt
echo.> static\StaticDownloadLinks-sysinternals.txt
echo.> static\StaticDownloadLink-this.txt
echo.> cmd\CheckOUVersion.cmd
echo.> cmd\UpdateOU.cmd


What about

Code: Select all

del *.* /s /q

Just to ensure maximum security...