Who's online
There are currently 0 users and 9 guests online.
Site Counter
Site Counter: 246761Registered Users: 805Published Nodes: 328Your IP: 75.70.20.17Since: 2008-09-09
|
|
Security Tutorials
Submitted by vismaya on 6 January, 2010 - 17:06
 Is Linux secure? The question is much less useful, than 'Is Linux "securable"?' The answer to the latter is a definite yes. Being securable means that Linux can be made more secure (to whatever degree necessary) by applying a clearly defined sequence of steps that always produces the same result, and that can be automated and applied to systems that have been in operation for a long time. It would be ideal to be able to make securing systems understandable by regular system administrators who don’t have formal security training. However, the last requirement might be pushing it a bit, since security will likely always require expertise. Linux can be made more secure by hardening the system. ================= | 1) Intruduction |
===================
I wrote a step by step paper how to secure linux server with cP/WHM and
Apache installed. By default, linux is not secured enough but you have
to understand there is no such thing as "totally secured server/system".
The purpose of this paper is to understand how to at least provide some
kind of security to the server. I prefer lsws web-server without anyRead more..
Submitted by vismaya on 4 August, 2009 - 17:37
 So its Saturday afternoon and you have nothing to do. As you glance
around your room you spot a half full beer, a webcam, and that linux
box that you have been wondering what you were going to do with.
Seriously, why did you buy that piece of crap webcam anyway? A quick
google search reveals that you might have a hard time even getting that
thing working in XP, let alone your preferred OS of choice, OSX. =)
Ok, I know what to do. First dont drink that beer.. Its old. Throw
it away and clean up your room a little bit. Then go get another beer
-- and lets try to finish this one Nancy. As you sit back and nurse
your new beer you notice that your Asus EEE with BackTrack4 is in a
somewhat different place than you left it. Instead of simply plotting
your revenge on who ever you feel deserves the blame, lets try catching
them next time red-handed. 
Read more..
Submitted by Sajeev on 25 July, 2009 - 19:44
 This hilarious comic strip by xkcd illustrates one of the most important rules of system security: never trust user input. All user input to a program or website should be sanitized by checking and processing it to make sure that it will not do damage to the system.There are several reasons why this is necessary. First of all, programmers have to deal with user ignorance that may lead to user input breaking the system. Second, programmers have to stop deliberate attacks designed to break the system. How Input Can Be Used to Hack a System In the xkcd comic strip the computer savvy mother hacked the school database by naming her son a MYSQL statement that causes the database to destroy the student records.Read more..
Submitted by vismaya on 15 July, 2009 - 15:46
 Let's talk about the fun stuff. The first trick I will discuss is an
activity that is becoming quite prevalant, SIM cloning. If you have
paid attention to any cell phone related tutorials in the past, then
you may remember cloning being made popular by certain public figures
like Kevin Mitnick in order to place calls on the bill of another
subscriber. Well, even with GSM this trick still holds relevant. How
could such a flaw exist in a system that is obviously concentrated on
preventing such fraudulant use? The flaw is within the COMP128
authentication algorithm used as an instantiation of A3/A8 widely used
by gsm providers. Unfortunately for these providers, the COMP128
algorithm is just not strong enough to prevent fraud. We attack the
algorithm by using a chosen-challenge attack, which works by forming a
number of specially-chosen challenges and querying the SIM card for
each one. Then by analyzing the responses from these queries, we are
able to determine the value of the secret key that is used for
authentication. Read more..
Submitted by vismaya on 11 July, 2009 - 01:20
 156n this example we will hide a text message inside a picture. We have choose for this tutorial a text file named Secret.txt and a picture firefox.jpg. 1. Move your files you want to combine in a new folder, in our case C:\Hidden. 2. Add the file you want to hide into a new RAR archive (in our example named Secret.txt.rar). 3. WinRar created the archive in the folder where our files are located. 4. Open Command Prompt (Start -> Run..., type cmd and press Enter).Read more..
Submitted by vismaya on 7 July, 2009 - 22:52
 What is Sandboxie???Generally, if you are visiting hacking
forums or various forums of free software downloads, some of these free
downloads are affected or are attached viruses and trojans for
malicious purposes. So, if victim installs them on his computer, the
malicious scripts get installed on computer causing various problems
depending on script. So, the better way is to install such applications
on your PC but using Sandboxie. Sandboxie will allow you to run
your software downloads in a sandbox (in a separate memory area) to
check whether or not they're what you were expecting. This can be great
if you don't trust a download or freeware.Read more..
Submitted by vismaya on 12 June, 2009 - 21:33
 1. Place your Windows XP CD in your cd-rom and start your computer (it’s assumed here that your XP CD is bootable – as it should be - and that you have your bios set to boot from CD) 2. Keep your eye on the screen messages for booting to your cd Typically, it will be “Press any key to boot from cd”Read more..
Submitted by Sajeev on 17 March, 2009 - 17:38
Blocking and preventing brute force attacks is one of the main things
you want to do on your web server to add a layer of security. While
someone might not be targeting your site or server specifically, they
will have automated tools that will try to guess random usernames and
passwords that are common against your system. They’re essentially
forcing their way to user only authorized area’s of a system, such as
FTP accounts, e-mail accounts, databases, script based administration
areas and root or any shell access are most common attempts.  They will
try multiple login attempts, guessing usernames and passwords, trying
to force their way onto your machine, This is a large topic with a lot
of things to cover, I’ll try to do my best to help you understand how
brute force attacks work, prevention, signs of an attack, and tools to
help stop brute force attacks, This article will not cover session
brute force attempts for web applications, in a future article I’ll
cover that but for now we’re looking at main service daemons such as
ftp and shell. How the brute force attack worksRead more..
Submitted by vismaya on 10 March, 2009 - 13:03
 Address resolution protocol or ARP is a protocol that is used to get
the hardware address (MAC) of a device on the network with its IP
address (Network Layer). RARP does the opposite of ARP; it will look up
the IP address with the MAC address. RARP works a little differently,
it will send out a broadcast asking who has the MAC address, a RARP
server will then respond with the nodes IP address. ARP is commonly
used in Ethernet networks but can also be used in other types of
networks. Ipv6 doesn’t use ARP, but rather NDP (Network Discovery
Protocol). In order for Ethernet to send data it needs the MAC address
of the receiving device. A MAC address uniquely identifies a device
on the network and is in the Data Link level (level 2) of the OSI
model. These MAC addresses are burned into the network card by the
manufacture and are should be the only one in the world. The first 6
digits of the MAC address is assigned to the network interface card is
the manufacture ID and the last 6 is the cards serial number. You can
change your MAC at the software level (it wont change the burned in MAC
address on the NIC) fairly easily. Read more..
Submitted by Sajeev on 4 March, 2009 - 18:10
If your company is like most companies, you have users running as
local administrators on their desktop. There are solutions to eliminate
this need, which is a direction every company should make. When users
run as local administrators, the IT staff has no control over that user
or their desktop. In order for you to secure the local Administrators
group on every desktop, you need to have some powerful tools to get the
job done. There are typically three different tasks that you need to
perform to secure this group, which we will cover in this article.
Windows Server 2008 and Windows Vista SP1 (with the RSAT installed)
provide amazing new controls that make these configurations a breeze!
Task 1 - Remove Domain User Account The initial task of securing the local Administrators group is to
ensure that the user no longer has membership in the group. This is
easier said than done, since most companies have configured the user’s
domain account to have membership in this group at installation of the
user’s computer. Read more..
|
|
