Well someone has been putting up this attack on my game-server ports. For those of you who don't know what type of attack this is, so its an attack which is actually masked to us because the attacker uses his machine to send packets to a machine called source which reflects the packets to destination. Based on this, the UDP port under Flood at the destination starts making outgoing connections to that IP and gets rejected which uses up more than 5mb/second bandwidth instantly.
I've worked out on some security for this and now need a tool to test this against my machine. I've used PentBox but that's not really powerful to do anything. As I search Google, I find something called Trinoo but can't download or test it.
my computer froze solid, and it would not react to anything. X didn't react to Ctrl+Alt+Backspace, not Ctrl+Alt+Del, so I had to turn it off using the power button.
This is the first time my computer freezes like this, the log files did not reveal any HW errors. Is it possible that someone in the channel did not like my level of Java skill, and flooded me to disconnect?
By the way; Im using slackware 13.1 with the default kernel (2.6.33.4) and irssi as IRC client.
I know that if you eg. ICMP-flood someone, the traffic will be denied and, but can it provoke other behavior from the computer?
So my question is; can a IRC flood/DDoS attack cause a computer to freeze sub zero?
recently my Apache server crashes very often; by watching the error log,I've notice several signs of intrusion.So, I think the problem can be a denial of service attack against my machine.My distribution is Debian Lenny.
I have a server and i think that my server is under Ddos attack. i see that server is not having much load and only few process runs but my site opens very slow. i executed the following command on my ssh:
I am trying to search a tool for testing multicast. Currently, 'yum search multicast' yields nothing. I saw mcsender and mctest in google but they seem not to be supported in CentOS. Do you know any tool that can test multicast?
Any tool where I can test a web site with slow connectivity? E.g.: A web server running at Location A and from Location B want to test the web site hosted at location A with various speeds How is the loading of the web site from location B at 256kbps, 512mbps etc..
I've been looking for a good data integrity test tool for linux, but I'm having trouble finding one. Basically I'm looking for an application that will generate a heavy I/O load to a raw device and then perform some kind of data verification on the device. I my case the raw device will be md raid5 array.
As part of my testing, I need to find a tool that will write/read IO to a volume. I need it to fill the volume and then read and verify that the write was successful. hroughput stats would be a plus, but right now, IO verification is a must.I need the volume to write, read, verify, then repeat until the volume is full.Can anyone point me to a free tool that can manage this?
I want to know how can I test my server security with hping3 tool I want to make a virtual DoS or DDoS or SYNK attack in my LAN to test my server security and ability against these attack .Is hping3 a good solution for this or not if yes how can I do this which option of this can make such these attacks?
And restarted Firefox (even rebooted), but it doesn't seem to be working. When I open Firefox I am able to perform a "Save Page As" in locations I shouldn't be able to, like my Desktop or Pictures folder.
The following command says the Firefox process is in enforce mode:
Code:
Of the following lines, the only directory which is "rw" is /Downloads, why am I still able to write to other places?
Code:
OS: Ubuntu 10.10
Can someone with an active Firefox profile do this simple test for me? Click File -> Save As and try to save somewhere the Apparmor profile shouldn't let you, and let me know the results.
i have fedora distribution running in my virtual machine. I installed sectool- .9.5-1.fc13.i686.rpm & sectool-gui-0.9.5-1.fc13.i686.rpm (the gui of the tool)
Then i modified the file /etc/selinux/conf to change the selinux from enforce to disabled (so the test can be run) the prob now, each time i try to lunch the package to get a test result... it takes so long time without result even if i choose 1 test only as u can see in the attached file. I've been waiting for more than 1 hour with no result
I ran a test where I login a test user several times using the wrong password to see that he gets locked out after several attempts. Now that I got the test user locked out, how do I unlock the test user? I tried passwd -u <test user>, but it says passwd: Error (password not set?).
I recently came upon an ubuntu variant called blackbuntu. Its in early release stages at this point, but its being marketed as a pen test distro. Exactly like Back Track, but in Ubuntu form. Was just wondering if anyone has had a chance to use this yet? All software that the distro uses is readily avilable in the ubuntu repositories already.
We are running squid as a proxy server having almost 170 users.The clients are using windows and after observing more than once there are some users that are sniffing on the network using maybe some sort of sniffing tool. Now can any body recommend some anti sniffing tool that can help us in detecting that culprit. Any software linux or windows based will I have tried wireshark if someone recommends that then please give some detailed tutorial on wireshark.
I know very little about MySQL, but I've got some users that need it for testing on a Linux server.So I had set it up a while back, but now I'm running into some small problems.Right now, each user has his own database that I created and can do whatever with it. Each user only sees their own database.I didn't want them to be able to create new databases at all, but they can and when they do anyone can see them.
EDIT(Apparently they can only create databases beginning with the word "test" in the name)
I need to either:
1) Stop them from creating new databases (without affecting their ability to interact with the existing database)
OR
2) Make it so that when they create a database, only they have privileges on it and only they can see it (except mysql root of course).
Anybody know the statement to set these kinds privileges up?
EDIT: pfft... I've a read a bit more and realize that this is an intended part of the installation.
EDIT2
I'd still like to remove the ability to make test databases.
EDIT3:Ok, for reference this is how you prevent users from making and using test databases:
shell> mysql -u root -p Enter password: (enter root password here) mysql> DELETE FROM mysql.db WHERE Db LIKE 'test%'; mysql> FLUSH PRIVILEGES;
I'm looking for a tool, command line or GUI, for Linux that generates memorable passwords An equivalent of what I am looking for would be passwords that the Mac Os X keychain can generate, something like apples12$/fourteen. Something strong, but easily memorized by a user.
I need to do a pentest on a Microsoft IIS webserver to test the efficiency of the HIPS i have installed on. methods to simulate attacks so that i can check if the HIPS will detect them?
I am trying to find a best tool to track configuration files changes. I did find some information about osec and mactime, but, it seems, that they are not included in fedora/rpmfusion package databases. is there any tool that can be installed as a package?
I have about 5 machines that are under Ddos daily and I use rate-limit for Iptables to protect that and it works good.My UDP ports 20100 to 20400 are actually under Ddos so these are the commands I use:
Code: A INPUT -p udp -m udp --dport 20100:20500 -m state --state NEW -m recent --set --name DEFAULT --rsource
I have linux firewall configured. I want to check the stress tecting on this firewall. is there any way to launch attack of DDOS or other attack which try to make the firewall busy ?
I am trying to install mysql 5.1.44..so i downloaded the binary package, i extracted it and then followed the instructions that were in the manual but i keep getting this error when running this command
Installing MySQL system tables... 100315 20:07:27 [Warning] Can't create test file /var/lib/mysql/mosty.lower-test 100315 20:07:27 [Warning] Can't create test file /var/lib/mysql/mosty.lower-test
