Prevent RL Injection attacks

RL Injection attacks typically mean the server for which the IP address of the attacker is bound is a compromised server.

What can we do?
Check the server for suspicious files in /tmp, /var/tmp, /dev/shm, /var/spool/samba, /var/spool/vbox, /var/spool/squid, and /var/spool/cron
You should use "ls -lab" for checking directories as sometimes compromised servers will have hidden files that a regular "ls" will not show.

Use:
# ps -efl or # ps -auwx
to find suspicious processes. Verify Apache processes.

Clam Anti-virus can also be used to find commonly used PHP and Perl-based hacks, including various php shells, on a server using the “--infected” and “--recursive” options.
Use clamscan command
Also check root kit detection tools:
http://www.chkrootkit.org/
http://www.rootkit.nl/
http:// http://www.ossec.net/en/rootcheck.html

Read our security articles.

Exploits for March of 2008 download.

You can find at this post all Exploits of March / 2008 are now available. Keep your server protected against exploits :)

All 203 exploits added to Packet Storm in March of 2008 are available here:

Download March 2008 Exploits

Source: PacketStorm

Top Open Source Encryption Tools

This is a List of Top Open Source Encryption Tools you can use.

1. AxCrypt
AxCrypt Description:
- Simply right-click on a file in Windows Explorer and you can encrypt it, and a double-click decrypts the data. It supports self-decrypting files .You can protect files in transit while still allowing e-mail recipients to view the information easily. You can use it on Windows.
How to use AxCrypt
How to Install AxCrypt
Download AxCrypt

2. Mac GNU Privacy Guard
Mac GNU Privacy Guard Description:
- Mac GnuPG ports GnuPG so that it can be used on a Mac and provides better privacy than PGP. Mac GnuPG supports multiple encryption standards and languages. You can use it on Mac OS X.
Download Mac GNU Privacy Guard

3.WinPT
WinPT Description:
- WinPT collects a number of different encryption tools into a single application. It's compatible with PGP and based on GnuPG. It can be used on Windows.
Download WinPT


PeaZip
PeaZip Description:
PeaZip creates, opens, and encrypts zip files and dozens of other compression formats. Additional features include split/join files (file span), wipe files (secure deletion), compare, checksum and hash files, system benchmark, and more. It is available for Windows and Linux
Download Peazip

MCrypt
MCrypt Description:
MCrypt lets developers add a wide range of encryption functions to their code without needing to be expert cryptographers. This is a developer tool not an encryption app for end-users. It can be used on: Windows, Linux, Unix.
Download MCrypt

Keyring for PalmOS
Keyring description:
With Keyring for PalmOS you can store secret data securely on your Palm-based handheld. Keyring provides secure triple-DES encryption and is available in a number of different languages. Keyring for PalmOS can be used only on PalmOS.
Keyring Download
Keyring Guide

Configure Samba Server and save money

You can utilize a GNU/Linux server s a Domain Controller for Windows Clients.
Is a good way ideea to save money on your network.

This article will help you to configure a Samba Server
Read full article

It contains the next topics:
- Introduction and Samba Configuration
- Samba Server Roles and Backends
- Users Groups and Computer Accounts
- Samba Shares
- Sharing Printers through Samba
- Additional Domain Controller Functions
- Relevant Samba Parameter Reference

What is tkbellexe?

At windows startup programs you can find tkbellexe..

tkbellexe is a process from RealOne Player that works as a Scheduler for RealOne Player. This is a non-essential process. You can disable it for more performance.

It should not be and virus / Trojan.

Setup netboot on RHEL

Setup netboot on RHEL5.1

Note: system-config-netboot is not included in RHEL 5
A possible solution is download the Fedora rpm or other and use that.

The Fedora rpm is easily available and can be installed.

Download Ubuntu Linux 8.04 ISO Image

Canonical Ltd, anunnouced Ubuntu 8.04 LTS Desktop Edition download for free.
Release of Ubuntu 8.04 LTS server ediction was also announced.

Download Ubunti Linux 8.04 CD / ISO Images:

- Direct download for i386 32 bit:
Mirror1
Mirror2
Mirror3
Mirror4
Mirror5

- 64 bit server and desktop edicitions:
Check here

Installing Ubuntu 8.04 Within Windows video tutorial:


Ubuntu Linux 8.04 video:

Upgrade Kernel without Reboot using Ksplice

After kernel security patching or upgrade, Linux should be rebooted.

Ksplice is a GPL 2 Linux patch that provides Linux kernel security update and upgrades without reboot.

Tested on: kernel from 2.6.8 to actual version 2.6.25 and on Debain, Ubuntu, RHEl, Gentoo and other Linux distros.

Ksplice Download, Usage Examples and Documentation

Fix Webalizer on cPanel

Inf you are running cPanel and Webalizer stoped tou can use a cPanel script to fix it.

# cd /scripts
# ./fixwebalizer

This command will help you ti repair a Webalizer that has stopped updating.
Please note that old data will be deleted.

RTOS - Real time operating System

Linux can be used as a real time operating system ( RTOS ) for the most situations like:
- mobile telephones
- household appliance controllers
- industrial robots
- spacecraft
- industrial control and scientific research equipment
- etc.

You can find on Linux real time in the standard off-the-shelf 2.6 kernel. Reading this you will know some of the Linux architectures that support real-time characteristics and what it really means to be a real-time architecture.

Configure compiz fusion on Mandriva 2008

This videos shows how to start and configure compiz fusion with all effects on mandriva 2008:
- cube
- windows
- transparency

Configure compiz fusion on Mandriva 2008 video:

Update urpmi on Mandriva

This Video Tutorial shows how to add and update all the required urpmi packages on your mandriva 2008 .

Mandriva 2008 - urpmi update video:

How to backup Mandriva 2008 server

This video is a very good Tutorial of how to backup users and system configuration on Linux Mandriva 2008.

Mandirva 2008 How to
backup users and system configuration video:

Read more about Mandriva on Wikipedia

Howto Setup Firewall on Mandriva 2008

This video shows you how to setup your firewall on Mandriva 2008
Mandriva 2008 - Firewall Setup Video

Oracle VM installation

This video shows Oracle VM installation

Howto install Oracle on Linux

This video shows how to install Oracle on Linux.



Read more about Oracle on Wikipedia

Create Link in Oracle

This video shows how to create a Link in Oracle.

Read more about Oracle in Wikipedia

Howto Install DenyHosts 2.0

DenyHosts Description:
DenyHosts is asecurity tool to prevent brute force attacks on SSH monitoring invalid login attempts in the authentication log and blocking the originating IP addresses.

How to Install DenyHosts 2.0 on CENTOS video:


Read more about DenyHosts in Wikipedia

Create a VMWare Virtual Machine for CentOS Linux

How to Create a VMWare Virtual Machine for CentOS Linux

This video shows the preparation of a Virtual machine in VMWare to install CentOS Linux, this Tprocedure is similar for other Operanting Systems.

Read more abou WMWare on Wikipedia

Secure your Router / NetWork video

This is a Step by Step video showing you how to to Secure your wireless router (small / home routers) or network.

Lenovo U8 MID Presentation Video

Lenovo U8 - Ideapad MID

- Intel's Atom chip inside
- Mobile Internet Device have an optical mouse
- supports 3G / EDGE
- Includes GPS
- annoying ambient bongo player

This is the Lenovo U8 - Ideapad MID video presentation:

HP 2133 Mini-Note Review and Startup Test

In this video you can take a look at the new HP 2133 Mini-Note


This video compares the startup boot time time on Asus Eee PC and HP 2133 running Windows XP.

Configure port forwarding on a PIX Firewall video

This video shows how to configure port forwarding on a PIX Firewall that is running NAT.

Show the video:

Graphics Card Upgrade on Dell XPS M1730

This video shows the updating of graphics card from the Dual SLI 8700mGT to the Dual SLI 8800mGTX on Dell XPS M1730.

Watch the video (part1):

Watch the video (part2):

RAID Setup and Hard Disk Upgrade and on Dell XPS M1730

This video shows a Hard Disk upgrade to 2x200GB Seagate Momentus 7200rpm drives qith by RAID 0 setup.

Watch the video:


Learn more about RAID on wiki

How to configure MRTG - The Multi Router Traffic Grapher

MRTG or The Multi Router Traffic Grapher can be used to monitor SNMP network devices and displays the traffic that has passed through each interface.

Log in to your server as root.

First you should create a folder to store mrtg graphs/html pages
# mkdir -p /var/www/html/mymrtg/

Use cfgmaker command to create mrtg configuration file
# cfgmaker --global 'WorkDir: /var/www/html/mymrtg' --output /etc/mrtg/mymrtg.cfg public@localhost

Now you should create default index page for your MRTG configuration
# indexmaker --output=/var/www/html/mymrtg/index.html /etc/mrtg/mymrtg.cfg

Copy all tiny png files to your mrtg path
# cp -av /var/www/html/mrtg/*.png /var/www/html/mymrtg/

Now test if MRTG is running fine:

(a) Run mrtg command from command line with your configuration file:

Run this command
# mrtg /etc/mrtg/mymrtg.cfg

You may get few warning message for first time, thats ok, ignore them.

Check the next url:

http://www.yourhost.com/mymrtg/
or
http://serverip/mymrtg/

Visit MRTG web site.

Run GNU Utilities Under Windows

Cygwin inclued tools:
bc, bison, bzip, diffutils, fileutils, findutils, flex, gawk, grep, gsar, gzip, indent, jwhois, less, m, make, patch, recode, rman, sed, shellutils, tar, textutils, unrar, wget, which

Cygwin makes possible to port software running on POSIX systems such as Linux, BSD, and other Unix systems to Windows.

Sometime if you want to run wget for example under Windows without going through Cygwin.

Download Cygwin

Visit Cygwin Project page

Ramback - Use a Terabyte of RAM

Ramback is a new kernel patch. An experimental new design for linux virtual memory system turn a large amount of system RAM into a fast RAM disk with automatic sync to magnetic media.

Read more

Wackamolem - Cluster Highly Available

Wackamole is a good software that helps you to make a cluster highly available.

Wackamole runs a service using multiple DNS RR records without the worry of one of the machines crashing.

Wackamole Description:
If the machine crashes, the virtual IP addresses it was responsible for will be managed by the remaining machines in the cluster. Wackamole works in a completely peer-to-peer mode within the cluster.

Download Wackamole

Wackamolem Website

Wikipedia's Sysadmin Definition

I find it curious, Wikipedia's Sysadmin Definition

Big definition of sysadmin job :)

Pass The Hash Toolkit

Pass-The-Hash Toolkit Description:
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in through Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows).

Font

Direct download links:

Download Pass-The-Hash Toolkit source code

Download Pass-The-Hash Toolkit Binaries

SQID sql injection digger

SQL injection digger is a command line program that looks for SQL injections and common errors in web sites.
Current version can perform the following operations:

- Look for SQL injections and common errors in web site URLs found by performing a google search.
- Look for SQL injections and common errors in a given URL or a file with URLs.
- Look for SQL injections and common errors in links from a web page.
-Crawl a web site/web page and do the above.

Also supports

- Load multiple triggers from file.
- Load multiple signature databases from files.
- HTTPS support.
- HTTP proxy support with authentication.
- Basic authentication.
- Specify user agent.
- Specify referer.
- HTTP Cookies loading from command line or a file.

Font

Download SQID

Remove ORDB from MS-Exchange Server Spam Filter

If you are in trouble with ordb.org and need to remove it from MS-Exchange Server Spam Filter

Search the feature for blacklist support within the global settings of your organization.

1. MS-Exchange System Manager
2. Global Settings
3. Message Delivery Properties
4. Connection Filtering tab
5. Remove relays.ordb.org

How to remove ORDB Postfix Mail Server Spam Filter

If you are in trouble with ORDB.ORG and need to remove it from Postfix Mail Server

- Open the postfix configuration
- Remove the following line:
reject_rbl_client relays.ordb.org,

Restart postfix:
# service postfix restart

What is msmpeng.exe - msmpeng Process

"msmpeng.exe is a process belonging to Microsoft Windows Defender Antispyware which protects your computer against Internet-bound threats such as spyware and trojans which can be distributed through e-mail or attack directly to the computer allowing unauthorized access to your computer. This program is important for the stable and secure running of your computer and should not be terminated."

Font