Security :: Uncovering Covert Command-and-Control Channels?
Nov 5, 2010
Quote:As the line between securely hosted and controlled enterprise applications and cloud-based applications continues to blur, there's more "legitimate" traffic between corporate networks and the Internet than ever before. This opens up new vectors for attack by hackers nd cybercriminals as more traffic types are allowed through corporate firewalls. The result is an increase in diversity of covert command and control channels, which hide inside legitimate traffic in order to bypass perimeter security. These C&C channels, used by malware ranging from simple spambots to more sophisticated rootkits, vary in the maliciousness of their intent from casual hacking all the way to advanced persistent threats (APT) and industrial espionage.
View 1 Replies
ADVERTISEMENT
Jul 20, 2010
Bot herders and the crimeware gangs behind banker Trojans have had a lot of success in the last few years with using bulletproof hosting providers as their main base of operations. But more and more, they're finding that social networks such as Twitter and Facebook are offering even more fertile and convenient grounds for controlling their malicious creations.New research from RSA shows that the gangs behind some of the targeted banker Trojans that are such a huge problem in some countries, especially Brazil and other South American nations, are moving quietly and quickly to using social networks as the command-and-control mechanisms for their malware. The company's anti-fraud researchers recently stumbled upon one such attack in progress and watched as it unfolded.
View 9 Replies
View Related
Jun 24, 2010
I've installed RPMforge and Smart Package Manager.
I had to create my own Centos 5.5 channels to sync yum repos and smart channels.
Here's the Centos 5.5 channel file for Smart:
Just shut Smart PM down, copy this file into /etc/smart/channels, and restart smart.
Smart should then detect the new channels (repos) for Centos 5.5
Update your channels in Smart, and you should then have yum repos and smart channels both in sync, looking at the same set of packages.
Copy this to CentOS-Base.channel, and add it to the /etc/smart/channels directory.
# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
[Code].....
View 2 Replies
View Related
Apr 10, 2011
I can't get respond through normal channels, all I can use is my phone. My keyboard is disabled. My PC is pretty much a paper weight. Both of them. The only way they could be getting in is through the wifi. I don't know if there is anything I can do. My recovery programsare not accessible. Even onstartup. Is it possible to clear the hard drive another way? I've heard fire purifies, I couldn't get another disc to boot up to reinstall ubuntu. Please text me any ideas, but please be specific with command lines, I have trouble with all the () and / [ and where they go.
View 9 Replies
View Related
Dec 17, 2010
SWF to uncompressed AVI
how i can convert SWF file to avi on linux ?
View 2 Replies
View Related
May 4, 2010
I have converted a couple of Video Files into OGM using DVD Encoder ( OGM), is there any available software in Linux/ Ubuntu that will enable me to convert these to be able to play on a Standard DVD Player. ( AVI - Mpeg )
View 2 Replies
View Related
Mar 11, 2011
I have just received my iphone 4 16gb, I had already looked into a work around for the whole itunes inside linux issue and instead opted for gtkpod ipod manager which works a treat for my music however I have no way of converting and putting movies on my phone.
Previously I would have used Handbrake to do my video conversions however the new version download on their site doesnt work with 10.10 for some reason and both handbrake and gtk gui are missing when I look in the ubuntu software updates.
View 6 Replies
View Related
Feb 2, 2011
Is there any Linux tool that will take a SWF file and output some kind of video format? Note that I don't want a tool which will re-encode an embedded FLV or MP4, I want to take a standard Flash movie and render it as a video.I found a reference to dump-gnash in the GNU Manual, but having installed the gnash package on Fedora I don't have that command.
View 1 Replies
View Related
Feb 11, 2010
for providing an earlier solution from which I have modified and butchered the below script.The intended purpose of this script is to take a subnet mask for example 255.255.255.0 and turn it into the corresponding wildcard mask value in this case it would be /24I have got to the point where I have the binary value, the script is
Code:
#!/bin/sh
#takes mask from ifconfig
[code]...
View 4 Replies
View Related
Mar 22, 2010
One of the most common qs i see in forums is >>> How to convert multiple jpg files to one one pdf file by one click . I have got 2 solutions that I consider solve this situation to the best ....
*1.* Install SCRIBUS from synaptic package manager . It can convert jpegs to pdf without any issues . F Spot Photo Manager can also be used .
*2.* This 2nd step I find much better ....
I have been using it myself for some time now ... and its flaw less ...
A) Install WINE using the terminal . For beginers .... Its a software that can run selected windows applications on a linux destro like ubuntu. Installing is very easy >>>> open synaptic manager and in quick search box type Wine. Once the wine files show in the search mark them for installation. For details on easy manual for wine installation check here .. [URL]
B) Now go to the page below .... Its a free software.
[URL]
Down load and save the software from the link given . Open the file using wine ( Right click on the file and choose the option open with wine.) The installer will run and the programme will be installed . And Viola ... Its ready .... Import ur jpg files and merge them all in to 1 pdf file .. Very Useful In Merging Comics together.
View 4 Replies
View Related
Nov 4, 2010
Quick explanation about what this thread is: by way of an article featured on linuxtoday, I learned about what appears to be an actively managed IP blacklist: [URL]
# This is a compiled list of dirty hosts associated with
# bruteforcing attempts, spam, botnets, RBN and the list
# continues to grow. The data is comprised of information
# compiled from Arbor Networks, Project Honeypot, FIRE
# (maliciousnetwork.org), Host Exploit, Shadowserver and
# a variety of other similarly based sites.
Quick explanation about what this thread is not: this is not intended to be a discussion about default deny vs. default allow (i.e. whitelists vs. blacklists), nor is this a call for enumerations of your own sshd hardening strategy. Please try to keep on point. That said, can anyone speak to the quality of the blacklist information noted above? And/or are there any suggestions for a readily available blacklist of "known better" quality? I plan to try including an actively maintained blacklist like this into a multi-layered approach for hardening an sshd bastion host.
View 4 Replies
View Related
May 12, 2011
I've just started using gdb at my new job, and I'm having a small issue debugging C++ with it. After I execute "continue" or "run" through gdb, I'm not able to return control to gdb. Based on the documentation I read, I should be able to use Control-C to interrupt the program, and have control return to gdb.
This does not work on my setup. Not sure if it's related, but I'm debugging on a remote machine. I tried through PuTTY and xterm using Exceed XServer. In both cases, gdb does not respond to Control-C. This is quite annoying because I have to restart my program every time I want to set a breakpoint.
View 2 Replies
View Related
Aug 24, 2010
I have my own dedicated server box running (using it for game servers). I access it via ssh and I have root control of it. It has FEDORA Operating System. I wanna give FTP control of different directories to different users. Right now there are no other FTP users except root. I have installed vsftpd and dont know what should I do next? How do I add users (who can read/write/delete files) and How do I restrict them to their home directory?
Here is what I want:
username:client1
password:12345
home directory: home/server1
username:client2
password:12345
home directory: home/server2
View 1 Replies
View Related
Jun 6, 2010
Reading from this article New Flash Bug Exploited By Hackers : How to avoid it? In particular the article said
Quote:
A new attack on a Flash bug has surfaced that would give attackers control of a victim�s computer after crashing it, reports PC World. Adobe put out a Security Advisory about this on June 4. It is categorized as a critical issue and all operating systems with Flash are vulnerable including Windows, Linux, and Apple and it is also found in the recent versions of Reader and Acrobat.
View 4 Replies
View Related
Jun 20, 2011
A good video converter software for openSUSE to covert videos into multiple formats.it will be easy if it ask me to covert videos for a specific device like i-pod,Nokia,Samsung mobiles.
View 9 Replies
View Related
Jul 23, 2010
I use F13. How can I control the volume of my desktop ssh'ing into it from my laptop?
I use the laptop like a remote control to control my desktop through vnc while watching movies, but changing volume through this setup is a bit too cumbersome and clumsy. I tried alsamixer but it behaves strangely and doesn't change volume.
View 4 Replies
View Related
Jan 3, 2010
Everything is plain and simple. I want to know what's the least painful way to control vlc from local command line while having GUI as well?
I would like to e.g. use something like "vlc --pause" in one of my bash scripts to pause music if something hapens. So rc interface is useless, is it not?
not making a thorough search on this as the irrelevance of results is beneath me... Well actually I have made it but it was a while ago and to no avail since the new vlc shipped with karmic got rid of the old http interface which allowed to do this just by using wget on an url....
View 3 Replies
View Related
Jan 6, 2011
Is there a way to reverse the functionality of the cmd and ctrl buttons? I'm used to the Mac layout and am often hitting cmd instead of ctrl. =
View 2 Replies
View Related
Jul 30, 2011
If you're familiar with macs, you know that they use command keys instead of control..
If I want to select all I press COMMAND + A not CONTROL + A copy is COMMAND + C, paste is COMMAND + V, quitting an application is COMMAND + Q.
I am used to this, and I would like to change the command key to be the control key, and the macs control key to be the "windows" key.
View 1 Replies
View Related
Feb 23, 2010
I have setup my linux fedora server and i want to restrict access to my server.Basically i control using iptables.I'm not sure how to write an iptables rules to control drop all connection to port 8080 and allow only certain ip can access the instance on port 8080 example ip=10.254.14.16,192.168.1.10.
View 3 Replies
View Related
Sep 1, 2010
I want to know what are the ways to monitorize and control/stop flooding on my server, because I am heavily flooded. At this moment I am doing all this manually (when I see that my bandwidth is lowering or some applications are freezing), my main working tool being iptables.But I want something automated .
Another problem : if I am flooded with packets having real ip addresses , with a simple iptables command I cand resolve the problem easily. But, the problem is, in most of the cases, I am flooded with packets with spoofed ip adresses (e.g. 1.2.3.4 ), so the only thing I can do in this situation is to block all incoming packets (which ruins everything).Do you have a solution to this ? The flood monitorizing (and controlling) tool may be with/without interface, only to be effective.
View 1 Replies
View Related
May 17, 2010
Is it possible to control the mouse position from the command line? I want to centre the pointer in the middle of the screen
View 8 Replies
View Related
Mar 20, 2011
I have forgotten how to turn the display on/off via command-line on an imac g3.how this can be done?(Google brings up lots of results which use "xset dpms ..", but this does not really apply to me since I don't usually run X).
View 4 Replies
View Related
May 14, 2011
Is there a way to easily make the command key function as the control key on a macbook pro in these modern times of 2011? I tried one of the command-line based tutorials and couldn't get it to work. Seeing as I have little idea as to what I was doing, I'm going to need a gui. But come Natty, nothing appears to be working. I would think that this is a common question, so I'm sure there is something simple I'm overlooking.
View 9 Replies
View Related
Sep 25, 2010
Two days ago we started to receive the following message:
/etc/cron.daily/chkrootkit:
The following suspicious files and directories were found:
/lib/init/rw/.mdadm /lib/init/rw/.ramfs
/lib/init/rw/.mdadm
INFECTED (PORTS: 4369)
You have 2 process hidden for ps command
chkproc: Warning: Possible LKM Trojan installed
And about at the same time (a day before that) we have set up new rules for the queueing disciplines using 'tc' on our Debian lenny box (these rules are for some of the experiments we are carrying out). I have ran the chkrootkit manually and this message (as above) keeps appearing, while the rkhunter tool does not complain about these items. Could there be a connection between setting up the new qdisc's and the chkrootkit "INFECTED" messages?
View 7 Replies
View Related
Mar 10, 2010
I frequently ssh into machines to do work. In some cases, the machine is headless so there is no option to log in.Under Debian and on older versions of Ubuntu I would pull out the avahi and network-manager packages and manually configure the interfaces file to my liking and be done with it.However, I would now like to learn how to work within avahi/network manager. So, is there a doc somewhere explaining how to work with modern Ubuntu networking at the command-line level? Ie: Setting up a wireless connection, setting static/dynamic IPs, etc?
View 3 Replies
View Related
Dec 2, 2010
When I give the command:
winexe --interactive 0 --user <user>%<password> //<ip_address> 'cmd /C dir'
I receive the message:
ERROR: Cannot open control pipe - NT_STATUS_ACCESS_DENIED
The source machine is a RedHat EL4 server. The target machine is a Windows XP Home SP3 pc. When I give the same command to another pc all works fine. The other pc is a Windows XP Prof SP3.
View 6 Replies
View Related
Apr 17, 2011
if it's possible to use a white or blacklist to control which folders are ecryptfs encrypted when you're using the "encrypted home folder" option.
Of course I can always create an extra folder outside of my ~ and then symlink what I don't want encrypted into it, but I'd rather that it's possible to create like, ~/.ecryptsfs/excludelist with a list of paths that shouldn't be encrypted.
View 2 Replies
View Related
Apr 23, 2011
I am trying to execute command mactime in order to control changes made to the file system, but I am getting an error. I am running the shell as root, and it is the first time I run the command in this system - Debian Squeeze up to date. The I/O is as follows:
# mactime 3/1/2011
cannot exec /bin/date: No such file or directory
cannot exec /bin/hostname: No such file or directory
cannot exec /bin/uname -n: No such file or directory
Cannot open /var/cache/tct/data/Amnesiac/body: No such file or directory
The first three lines of output are the ones that are worrying at the moment; I am not concerned with the last. Although error messages suggest the programs date, hostname and uname do not exist in /bin directory, they are available as shown by
[Code]...
View 3 Replies
View Related
Jan 24, 2011
I want to be able to play a video file on my pda(Tungsten T5) but from memory the only video file i have seen playable on it was the asf file that is used when it starts up/reboots. I tried other file types in the past that were suggested in maybe a manual or forum or something but they never worked/played. I think it is because of the player installed and i tried installing another player but from memory that didn't install properly or just did not play anything. So if anyone knows of a way to convert files maybe using winff or mencoder i would love that info. I have been googling and have found nothing specific to what i am asking. I do not see anything in winff to convert to asf and cannot remember ever using mencoder.
View 9 Replies
View Related
