General :: Simulating Blackhole Attack In Ns-29
Apr 21, 2010I want to implement blackhole attack in ns-2 using the aodv protocol. I dont know how implement and i dont have code(c and tcl)
View 1 Replies
ADVERTISEMENT
General :: Simulating Network Installation Of RHEL5?
May 23, 2010I have CentOS installed on my system.I have ubuntu too running in VirtualBox on centOS.I want to simulate network based installation of RHEL/CentOS. Can it be done on a stand alone PC with internet?
View 4 Replies View RelatedGeneral :: Simulating Audio Playback On Headless Server?
Jun 9, 2010We have a headless linux server (Debian 5) we use for running integration tests of our web-page code. Among these tests are ones implemented using Selenium, which practically simulates a user browsing our pages and clicking on things. One of these tests is failing now, because it involves starting a flash-based audio player and checking to see whether the progress bar gets displayed properly. The reason this test fails is that there is no way to play the audio, and no sound card on the machine, which has simple webserver hardware.
So, my question would be: Is there a simple way of giving a program the impression that its audio output is being processed, and playback is taking place? I don't have to record the playback, or redirect it or anything like that, just a dummy soundcard, like the dummy X-server we are using, which actually does not need to display stuff.
I have tried using JACK, but it's too complicated, and the documentation does not even answer this very simple question. I also installed alsa on the server; it 'pretends' to run, but when a program tries to play audio, just spews error and debug information having to do with the non-existence of a soundcard.
General :: Track DoS Attack With Apache?
Jul 21, 2011Last day i have faced an attack on Apache/2.2.14 (Ubuntu).A user shoots 53 hits within 20 seconds from same IP and as a result db connections to MySQL increased.
a.) Is there any way in Apache to block these type of requests
b.) how can we trace when this type of attack happened to Apache.
Also I have noticed an entry in Apache error log during attack period
Error Log
[Wed Jul 20 20:28:49 2011] [debug] proxy_util.c(1806): proxy: grabbed scoreboard slot 0 in child 753 for worker http://localhost:8294/
[Wed Jul 20 20:28:49 2011] [debug] proxy_util.c(1825): proxy: worker http://localhost:8294/ already initialized
[Code].....
General :: Port Scanning Attack Displayed At Interactive Firewall
May 17, 2011Got 3 computers connected by ethernet to a router modem. At this router modem only port 80 is forwarded to a web server (one of the 3 computers). Now I realized several times a port scanning attack displayed at interactive firewall of Webserver ( Apache at Mandriva LINUX ). Actually the message is port scanning attempt of heanet (actually this names are different mostly). I wonder how to figure out is this portscanning attack possible through port 80 or is the modemrouter (Draytek VIGOR) misconfigured, compromised or one of the other 2 machines (Windows) are compromised and attacking the server inside intranet?
View 2 Replies View RelatedSUSE :: Simulating NIC Fail?
Dec 21, 2010I have setup bonded interfaces but I'm not at the machine to pull a cable - is there a way I can simulate a failure - I've had a look at ip/ipconfig without anything obvious.
View 3 Replies View RelatedUbuntu :: Get Brasero To Stop Simulating Before Burning?
Feb 21, 2011Brasero keeps simulting before burning even though I have unchecked the "Simulate before burning." option. How can I stop this?
View 1 Replies View RelatedNetworking :: Simulating Wireless Mesh Network In NS 2?
Aug 30, 2010I am doing my thesis on Wireless mesh Networks and I am new to Ns2 to ....trying to learn how it works at the moment. Has any body worked on wireless mesh Networks in Ns2.
View 1 Replies View RelatedServer :: Simulating A Failover Cluster On Fedora?
Jun 8, 2010We are having a production setup where we are having one SAN storage and two RHEL machines. Now we have created a SAN LUN, say for example trylun. Now we have mounted the same SAN partition on both the machines of RHEL on the same mountpoint path say for example /trylun. After that we have installed RHEL Cluster suite to create a failover cluster.
Now we will be having one Ingres Database service for which data will be stored in SAN storage LUN mounted on both the machine say for example /trylun. When service on one machine will be down then RHEL Cluster Suite failover cluster will takeover and then it will start the same service on another node and handle the failover. Wether Ingres will run from node 1 or node 2 will not make any difference as both are using shared SAN storage i.e /trylun in our example. So same data storage will be used by both the ingres service on both the servers.
Now I have to simulate the same in my office test environment. But the problem is, in office test environment I will not have SAN server as it is additional cost. And I will have fedora operating system.
So I wanted to know is how can we create a shared file system like SAN in fedora (Is NFS a solution). And after creating the shared file system how can we create a failover cluster in fedora if we do not have Red Hat Cluster Suite.
Ubuntu :: Stop Remote Simulating Keyboard Arrow Keys?
Oct 11, 2010I have updated to 10.10 and now my ir remote is simulating keyboard arrow keys which is causing problems in applications like Boxee. The weird thing is if I stop lircd it still simulates the keyboard arrow keys.
Does anyone know how to stop the keyboard arrow keys from triggering when the ir remote up, down, left or right buttons are pressed?
(Here are all the IR config files)
hardware.conf
Code:
# /etc/lirc/hardware.conf
#
#Chosen Remote Control
REMOTE="Streamzap PC Remote"
REMOTE_MODULES="lirc_dev streamzap"
[Code]....
Ubuntu :: Simulating A Mouse Click To Raise Skype From Gnome-panel Tray
Nov 4, 2010Here's a summary of my problem: When using Skype, it's possible to close the gui of the application only. When doing this, the Skype process itself doesn't close; it hides in gnome-panel's notification-area.
Now, when opening the Skype application again (e.g. by clicking on a Skype launcher), Skype starts a whole new process. This is shown to the user as a new Skype tray icon being generated, as well as a new gui window being created.
What I'd like to do is as follows:
I'd like to replace the Skype launcher with a script that would * recognize if there is a Skype process running if yes, bring up that * instance of Skype if not, start Skype normally
Now, I've read some of the source code of gnome-panel to try and see how it's done. From what I've gathered, a button_press_event is bound to some function that probably (am unsure of this) sends a signal of some kind to Skype.
Very similar to this thread, except for Skype and without wmctrl (does not work with Skype): HOWTO: Make a launcher restore an open window (dock-like) [URL]
Software :: Prevent DNS DoS Attack?
May 30, 2010I have configured a DNS server on my RHEL 5.0 machine.
I have just come across a term Denial-of-Service attack (DoS attack) or Distributed Denial-of-service attack (DDoS attack).
how can I prevent my DNS server from DoS attacks.
Ubuntu Networking :: Generate Syn Flood Attack In Pc?
Aug 3, 2011I want to test syn flood attack in my pc
but i dnt know how to generate it, can you tell me
how to generate syn flood attack in pc
Security :: Centos 5.5 Server - How To Protect From Outside Attack
Dec 21, 2010I have just configured Centos 5.5 LocalMailServer with fetchmail and sendmail , Proxy with Squid and FileServer with samba. Now my concern is security.. How can i protect my server with outside attack. Will I need to block some ports or I need special tools or script so no one from outside can attack my machine. My machine is working on intranet with local ip only.. No web server or static ip exists. Machine is connected with ADSL router to access internet.
View 5 Replies View RelatedSecurity :: Track DDoS Attack On A Server?
Jan 25, 2011how can I track a Dos and DDoS attack on a server . Does linux have any goiod known command line utilities and log files to us e in this way?
View 1 Replies View RelatedSecurity :: NSA On Computer Network Attack & Defense
May 3, 2010Quote:
The 605-page PDF document reads like a listing of the pros and cons for a huge array of defensive and counterintelligence approaches and technologies that an entity might adopt in defending its networks. Of particular interest to me was the section on deception technologies, which discusses the use of honeynet technology to learn more about attackers� methods, as well as the potential legal and privacy aspects of using honeynets. Another section delves into the challenges of attributing the true origin(s) of a computer network attack.
Security :: Sample Attack On Honeypot System?
Nov 23, 2010I have implemented two machines one for honeypot(192.168.100.10) and another(192.168.100.20) to remotely log the honeypot log file using syslog. Inside honeypot I emulated another 3 machines with services on virtual IPs of that same block.Now honeypot is working and I can see the logs generating as I did a portscan(nmap) on those virtual IPs from .20 machine.All of the machines are running ubuntu.
But does anyone know any s/w or tools which originally attackers use so that I can get a clear picture of what happens from the logs. Having problems creating these attack scenarios.
Security :: Program To Stop DDOS Attack?
May 30, 2011i have 1 question no more because i got many ddos attack and my load is 95++ what is the best program to stop DDOS Attack ?
View 14 Replies View RelatedDebian Configuration :: Network Malfunction After Possible Ping Attack
Apr 8, 2010I would like to ask something. Today my network Internet access suddenly slowed down, after inspecting the problem the hard way we disconnected one of our servers(ip=190, debian squeeze) from network and the network was alright again. When we plugged it back in, following symptoms were observed: computer 190 pinged gateway app. each 6th time. gateway(debian lenny) pinged computer 190 app each 6th time whole network Internet access was slowed down, local network functioned just fine
While pinging themselves, i ran iptraf on icmp packets on gateway and I saw what i thought was ping attack, lots of echo request coming from external address to computer 190. Blocking that address in iptables didn't help but restarting the gateway did, network Internet conenction is at full speed and gateway and computer 190 ping just fine.
My question is, what steps should I undertake in similar case (it's second time in 2 months) - to debug similar problems. Is it even possible for ping DOS to this kind of damage?
Fedora Security :: Server Seems To Attack The World Hacking?
Apr 10, 2009I went away from home for a few days, ... Now I am back at home and noticed, that my server is going out with 100% available bandwidth. The server is mainly Http / Ftp / Mail server, so I stopped all services, to see which one it is. ervices stopped, still 100Mbps go out like ants in the flood.
I updated the system, made a backup, installed IPtraf. It seems that I have something 'installed' and my server is running something to attack User computers. It seems to try to find something on random IP's random ports. I am a little bit confused now. As long as my sites are running, I'm ~OK~ but sooner or later I would like to have my bandwidth back. How could I try to hunt down which service/app/process got hacked?
It seems that the monetary system of our society got now more enemy's than friends. Capitalism seems to reach it's end. But my server is serving also ART! Sooner or later we will need to pay copyright even for our thoughts. I was reading today, that the French president wants to punish file sharing as his wife made 3 albums, and wants to get some money ..
Fedora Security :: Attack Sneaks Rootkits Into Kernel
May 7, 2009Attack Sneaks Rootkits Into Linux Kernel Quote: A researcher at Black Hat Europe this week will demonstrate a more stealthy way to hack Linux
Apr 14, 2009 | 04:21 PM
By Kelly Jackson Higgins
DarkReading
Kernel rootkits are tough enough to detect, but a researcher this week has demonstrated an even sneakier method of hacking Linux. The attack attack exploits an oft-forgotten function in Linux versions 2.4 and above in order to quietly insert a rootkit into the operating system kernel as a way to hide malware processes, hijack system calls, and open remote backdoors into the machine, for instance. At Black Hat Europe this week in Amsterdam, Anthony Lineberry, senior software engineer for Flexilis, will demonstrate how to hack the Linux kernel by exploiting the driver interface to physically addressable memory in Linux, called /dev/mem.
"One of bonuses of this [approach] is that most kernel module rootkits make a lot noise when they are inserting [the code]. This one is directly manipulating" the memory, so it's less noticeable, he says. The /dev/mem "device" can be opened like a file, and you can read and write to it like a text file, Lineberry says. It's normally used for debugging the kernel, for instance.
Lineberry has developed a proof-of-concept attack that reads and writes to kernel memory as well as stores code inside the kernel, and he plans to release a framework at Black Hat that lets you use /dev/mem to "implement rootkit-like behaviors," he says. The idea of abusing /dev/mem to hack the Linux kernel is not really new, he says. "People have known what you can do with these /dev/mem devices, but I have never seen any rootkits with dev/mem before," he says.
Quote: "The problem with kernel-based rootkits is that the rootkit can mitigate [detection] because it has control," he says. "It's a race in the kernel to see who's going to see who first." [URL]
Fedora Security :: Cold Boot Attack Prevention
May 13, 2009I have full hdd encryption with a rather long key. The thing is the FBI might just show up at my house one day and have a warrant for my PC, and who wants the government looken through there life? I have a few plans on geting my PC shut down before they can get there hands on it. This is all well and good, but if they can sniff my key from the ram It doesn't matter what my key is or weather they find the computer on or off. Anyhow, i was wondering if there was some way I could add a script to the shut-down process that would over-write the ram.
View 11 Replies View RelatedFedora Servers :: Server And Clients (NFS And NIS) Are In Continuous Attack Via Ssh?
Aug 25, 2009My server and clients (NFS and NIS) are in continuous attack via ssh. Somebody is trying to guess password and login, and making port 22 busy.What are different ways to stop this attack?I am thinking to block this ip in iptable but I have no good idea because I have not done this before. Any special consideration do I have to take while doing this thing? How is it done and which file does it modify?
View 14 Replies View RelatedFedora Security :: SE Attack Alerts - Root Out The Source?
Oct 20, 2009I have been receiving attack alerts. And I would like to root out the source of the problem. I'll give you the messages. If you could help me prevent this hacker from even being able to attempt these things please any advice is helpful. There have been memory stack attempts, failed sys_admin conversion attempts, password file write attempts etc.....
[Code]...
Ubuntu Security :: HD Attack Into APT Manager And Folder Permissions
May 24, 2010I may not be a code worrior, yet I have been a Ubuntu convert from Apple for about 3yrs now. Since 1984-2006 now hackers or viruses. And Until now Ubuntu has been clean, well I have been good with repos, etc.
1. Recently I found "Odd" behavior with my Amarok 1.4 player, ffmpeg, winff.
2. During a Synaptic upgrade there were some "unauthorized changes". I have seen this before due to some of my software, so I ignored it. . .
To my bewilderment, "It" erased Amarok 1.4 player, ffmpeg, winff, all image kernels, claimed domain over my system permissions, and external HD. B4 I shutdown, downloaded LUCID 10.4. . . restarted, then copied over all info possible to minimize a complete delete of my system. Upon restart, indeed all kernel images were gone, Only live CD allowed me access to repartition my HD.
NOW. I have Lucid running, and have been denied access to my external HD and partitioned (internal HD). I used Nautilus to copy over files to my internal laptop HD, yet permissions continue to be an issue. The INFECTED FOLDERS are owned by "User 999-user#999. I must micro manage every folder and file to gain "partial permission". The dialog box stutters and never allows me to go down to "Root"
Ubuntu Servers :: Defend Against A Scripted Attack On Apache2?
Jul 28, 2010I have a LAMP server that has been up for a month or so before I get stuff like this:
Code:
60.12.233.54 - - [24/Jul/2010:22:46:07 -0400] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 895 "-" "ZmEu"
[code]...
Ubuntu Security :: MITM Attack - TLS Renegotiation Vulnerability
Sep 28, 2010Using Opera 10.61 and 10.62, I find that any secure website I access, such as a bank, the lock icon in the address bar is replaced by a question mark. Clicking on it brings up a window, stating that the connection is not secure, that the server does not support TLS Renegotiation. Doing some internet searches for "opera tls renegotiation" brought me to a page at the Opera website, where they discuss this issue. The issue is generic, not limited to Opera, affecting the TLS protocol, and it potentially enables a man-in-the-middle to renegotiate a "secure" connection between a server and client, issuing own commands to the server. Opera has addressed the problem on the client end, but now servers need to be upgraded too. None of the HTTPS sites I have tried have upgraded their servers, if the information provided by the Opera browser is correct.
My questions: how feasible is such a MITM attack, what level of resources would such an attack require? What, if anything, would the attacker need to know about the client and/or server to mount the attack? Would I be better off using Firefox, or is Firefox simply oblivious of the problem and not issuing warnings for that reason?
Ubuntu Security :: Broke Into Computer - Verify Attack?
Dec 28, 2010mpg123 suddenly started playing a police siren occationly. I checked the process once I heard it, and root was the process owner. How could this happen? Have someone broke into my computer? If so - how could I verify an attack? I run Ubuntu 9.10.
View 2 Replies View RelatedRed Hat / Fedora :: Check Ddos Attack On A IPtable Firwwall?
Oct 2, 2010I have linux firewall configured. I want to check the stress tecting on this firewall. is there any way to launch attack of DDOS or other attack which try to make the firewall busy ?
View 2 Replies View RelatedSecurity :: How Does Mktemp Prevent Denial Of Service Attack
Apr 22, 2010This is an excerpt from the Linux man page for mktemp command: "mktemp is provided to allow shell scripts to safely use temporary files. Traditionally, many shell scripts take the name of the program with the PID as a suffix and use that as a temporary filename. This kind of naming scheme is predictable and the race condition. It creates is easy for an attacker to win. A safer, though still inferior approach is to make a temporary directory using the same naming scheme. While this does allow one to guarantee that a temporary file will not be subverted, it still allows a simple denial of service attack. For these reasons it is suggested that mktemp be used instead."
- How can a denial-of-service attack be carried out if a directory name is known?
- Why is it important to use mktemp to generate a sufficiently random file/directory name for temporary files?