Cover V09, I05



I've been fascinated by the subject of crytanalysis from early childhood -- my favorite books were detective/mystery books, such as Encylopedia Brown Finds the Clues, the “real” Nancy Drew series (not that new “notebook” series that my daughter enjoys), and Emil and the Detectives. Anything with a secret note that needed to be deciphered caught my imagination. I spent hours encrypting and sending messages with my homemade scytale device (not to be confused with the Windows front-end for PGP). This process involved wrapping strips of paper around a cylinder (a length of broomstick worked great) and writing the message down the length of the cylinder. When the paper was unwrapped and sent, only someone with a cylinder of the same size could re-wrap the strips and read the note. Perhaps not the most secure method of encryption, but my friends and I thought it was cool.

Later, my taste turned to sci-fi, and I devoured the Dune series (by Frank Herbert) and Asimov's Foundation series, then Gibson's Neuromancer, and more recently Neal Stephenson's Snow Crash and The Diamond Age. So, imagine how thrilled I was last year to find Stephenson's Cryptonomicon. If you haven't read it, Nathan Bruinooge's excellent review, which is still archived on Slashdot (, provides a great description without giving anything away. Stephenson includes such gems as: a mini-discourse on Athena as the goddess of technology, a business plan for a data haven, conversations with Alan Turing, a bit of voyeuristic phreaking, and a Perl program written by Bruce Schneier in this far-reaching book about World War II code breaking and modern-day treasure hunting. If that's not enough to capture your attention, note that one of the main characters in the book just happens to be a UNIX systems administrator with a highly developed appreciation for Cap'n Crunch. I strongly recommend this book, and the paperback version should be out soon if you're looking to cut the cost.

In this issue of Sys Admin, cryptography is the topic of an article by Kurt Seifried (Crypto 101). Seifried provides a brief introduction to cryptography, public and private key encryption, and addresses some concerns surrounding remote administration. He also discusses the Open Source cryptographic software options. Some available programs include: Open SSH, stunnel, the GNU Privacy Guard, and various crypto packages for Red Hat, SuSE, and Debian. Also, Didier Racheneur discusses some security tips to be aware of when implementing SUIDed programs; Eric Davis explains the features of SNMPv3; and Matej Sustic describes how to use access and separation routers along with your firewall for additional security. As always, enjoy the magazine!

Sincerely yours,
Amber Ankerholz