After a week this 200 lines c code still working, it seems Ubuntu forget it, what happend?
http://marc.info/?l=full-disclosure&...5358621826&w=2
*solved: I build a new kernel (2.6.32.27)
I think it is very easy to hack passwords in Linux, but I did not try it yet. If you use sudo you get 3 attempts for the correct password. But if you get enough time it should be no problem to hack it by bruteforce. Imagine a script an attacker places on your machine which runs for a few hours or days. I think it is much more effective to delete the user out of the admin (or adm?) group so that user cannot be any danger anymore. You would have to login with root and readd the user then.
You now say: but if you login with root you got almost the same effect as with sudo. Of course it is the same. That is why I would use a system (not sure which yet) to create sub enviroments of your OS, which got the attribute that they can run without root, only got one account that can sudo and once sudo access is denied there is no other way to login as root. You just can repermit sudo access by the parent os layer.
Curruntly using Ubuntu 9.10!I am eager to know where the hacking begins in linux? The stuff like netstat, telnet, or mail-forging or even pinging...ho do we do that in linux?
View 3 Replies View RelatedI went away from home for a few days, ... Now I am back at home and noticed, that my server is going out with 100% available bandwidth. The server is mainly Http / Ftp / Mail server, so I stopped all services, to see which one it is. ervices stopped, still 100Mbps go out like ants in the flood.
I updated the system, made a backup, installed IPtraf. It seems that I have something 'installed' and my server is running something to attack User computers. It seems to try to find something on random IP's random ports. I am a little bit confused now. As long as my sites are running, I'm ~OK~ but sooner or later I would like to have my bandwidth back. How could I try to hunt down which service/app/process got hacked?
It seems that the monetary system of our society got now more enemy's than friends. Capitalism seems to reach it's end. But my server is serving also ART! Sooner or later we will need to pay copyright even for our thoughts. I was reading today, that the French president wants to punish file sharing as his wife made 3 albums, and wants to get some money ..
My server (CentOS 5.4) is being bombarded 24x7 with IP addresses from China trying to exploit phpMyAdmin. For every one I block on the firewall, half a dozen come to the funeral! It's a pity these morons don't have something better to occupy their time. I'm getting page after page of this (see below) every day and it's been going on for weeks. I don't even have phpMyAdmin on the server. I don't use it and I deleted it.
I've read that you can use .htaccess and / or mod_rewrite to redirect / block them based on any query for phpMyAdmin (they try all letters in upper and lower case, leading to page after page). Unfortunately, I have no idea of how to do this. I already have an .htaccess file. Maybe someone can suggest what to add to stop these pests from wasting my bandwidth and suggest somewhere I could redirect them to to cause them maximum problems. I don't want to block the entire country, seems a bit like overkill, not all Chinese are morons. we aren't even in the USA, so why they are doing this is beyond me.
A TINY sample!
[Sun Aug 08 13:29:08 2010] [error] [client 61.191.41.53] File does not exist: /var/www/corp/phpMyAdmin-2.7.2
[code]...
no more open wifi -- fire sheep make hacking open wifi a breexe.starbuck and Micky d's are open to the fire sheep.
View 3 Replies View RelatedI'm trying to clean a hard drive and I'm using secure-delete but it just stands there and takes cpu power but nothing happens, I used -r switch first and nothing, so I tried it on single files, small pictures worked as intended but a simple 50MB MPG file just stands there as well and nothing happens.
I left it running for 24 hours and nothing happened but the cpu was working at 90-100% all the time :/
Any one know what's wrong? I'm using 10.04 UNR
i need to find a way to securely authenticate a decryption mechanism of some sort where the authentication is provided remotely without any user-interaction. Right now i have a number of boxes that all inform a central server when they are online. When they do this an OpenVPN connection is set up between them and the server.
However, i have been given the task to ensure that the scripts involved in this process are encrypted by default. This requires some form of self-decryption, which to my mind kind of goes against the whole idea of encryption/authentication in the first place. I need some way to leave decrypted the bare essentials required to boot a box and securely connect to the central server automatically. Then the server would automatically send a key/passphrase and the rest of the files on the box would then be decrypted on the fly.
I am having a problem with nautilus since today. I was hacking on glib and trying a few things with the way stuff gets mounted, after a while i noticed that nautilus was seriously broken. Network, Computer, and all volumes are not displayed anymore. I wanted to revert to the original state, and tried to reinstall glib, gvfs and nautilus with the packet manager, but it didnt change anything. how i can restore everything to normal. I tried running nautilus as root or reinstall gvfs-backend and other things but it didnt work.
View 6 Replies View Relatedis ssh remote login similar to hacking?
View 2 Replies View RelatedI am new to all this so I don't understand much of the language used in linux or backtrack, but I founded in a forum how to hack wep and I did this steps: I have a IWL 4965 AGN I tried to hack a wireless but I get errors, this is what I did:
1)airmon-ng
wlan0 intel 4965 a/b/g/n iwl 4965 - [phy0]
2)airmon-ng stop wlan0
wlan0 intel 4965 a/b/g/n iwl 4965 - [phy0]
(monitor mode disabled)
3)ifconfig wlan0 down
4)macchanger --mac 00:11:22:33:44:55 wlan0
Current mac: 00:1d:e0:4f:99:4b (unknown)
faked mac: 00:11:22:33:44:55 (cimsys inc)
5)airmon-ng start wlan0
wlan0 intel 4965 a/b/g/n iwl 4965 - [phy0]
ERROR: Neither the sysfs interface links nor the iw command is available.
Please download and install iw from dl.aircrack-ng.org/iw.tar.bz2
So I downloaded this from the Page and tried to install it.
6)cd '/root/iw'
iw# make
CC iw.o
iw.c:11:31: error: netlink/genl/genl.h: No such file or directory
iw.c:12:33: error: netlink/genl/family.h: No such file or directory
iw.c:13:33: error: netlink/genl/ctrl.h: No such file or directory
iw.c:14:25: error: netlink/msg.h: No such file or directory
iw.c:15:26: error: netlink/attr.h: No such file or directory
iw.c: In function 'nl80211_init':
iw.c:25: error: implicit declaration of function 'nl_handle_alloc'
iw.c:25: warning: assignment makes pointer from integer without a cast
iw.c:31: error: implicit declaration of function 'genl_connect'
iw.c:37: error: implicit declaration of function 'genl_ctrl_alloc_cache'
iw.c:37: warning: assignment makes pointer from integer without a cast
iw.c:44: error: implicit declaration of function 'genl_ctrl_search_by_name'
iw.c:44: warning: assignment makes pointer from integer without a cast
iw.c:54: error: implicit declaration of function 'nl_cache_free'
iw.c:56: error: implicit declaration of function 'nl_handle_destroy'
iw.c: In function 'nl80211_cleanup':
iw.c:62: error: implicit declaration of function 'genl_family_put'
make: *** [iw.o] Error 1
Not for illegal purposes of course, it's just my computing teacher bet me that I couldn't obtain the schools wireless key without actually asking someone for it. Now I am an idiot and can't get anything like airsnort etc to work. So I was wondering if there is a nice simple"click here then click here then done" GUI I could use. O btw the encoding is WEP.
View 4 Replies View RelatedI am looking for resources to learn how to put linux on usb devices. I have a Zune 30G that I'm itch'n to try and break into but I have no idea where to start. I also have a Sandisk clip 2Gb that I can practice on,before tackling something that no one has been able to so far.
View 5 Replies View RelatedI realized that Scrabble on Facebook is blocked to users outside of the US and Canada. Can someone help me hack this so I can play outside of the US.
View 1 Replies View Relatedrecommend a good book to start learning iphone/pad development. I want to use the offical development SDK, rather than hacking the phone.
View 1 Replies View RelatedI've just had a log email sent from the server box and it seems Somebody's trying to gain access to the server via ssh
sshd:
Authentication Failures:
root (210.38.xxx.xx): 16 Time(s)
unknown (210.38.xxx.xx): 7 Time(s)
Invalid Users:
Unknown Account: 7 Time(s)
& it seems that it's somebody who's at Zhanjiang Ocean University in china I've got the firewall enabled, but how do u set up rules to stealth the server's IP address to make it invisible & disable ssh so only I can log into the server to fix any problems (eithernet cable) not over the net
[Code]...
So, there are these source packages i downloaded, which i want to build with slightly different configure options due to a bug in debian: hfd5-serial and hdf5-openmpi cannot coexist, yet some packages require the serial version of the lib , others require the openmpi.
I downloaded the sources, in order to build them, without the hdf5 thing...
I have already built this from source in Scientific Linux, and i know this can be done without hdf5.
Where do i hack into the debian source tree of a package to remove a configure option...?
./configure ... ... --without-hdf5 ...
From this thread I've decided to try add a feature of removing local port forwardings in ssh.Here are some very ugly and not-yet working hacks what I made so far:
* Patch for channels.c
* Patch for channels.h
* Patch for clientloop.c
I was clearly expecting this to work without any troubles-everything seem to be logically correct, but I made a programming mistake somewhere: don't know where, maybe you will point me to this?Many sites say there is a WAY AROUND with -D param(starting socks proxy as a tunnel-generator), added since 5.2, but I don't need that way around. I need a way through. I use exact ports for exact services and if I want to change it runtime I'd like to have ability to do so.If you have other ideas or points instead of coding this, please share them here & here(original question).
What options should I use when I'm using the sort command to sort the top 5 CPU processes (ps -eo user,pid,ppid,%cpu,%mem,fname | sort ??? | head -5) showing max to min usage?
View 2 Replies View RelatedWe switched from unix to linux and we have an old report that extracted data from a database, output to an ascii file and then sorted the results in the file based on different arguments. The report now blows up when it runs,and I can only guess it is because the options for sort on linux differ slightly from unix.For example, here is one of the commands issued from within the report app that ran on the old unix box:
if sort-sequence = "descending" then
'sort -t~" -f +3.0f -4.0 +5.0r -6.0 -f '
else
'sort -t~" +3.0f -4.0 +1.0f -2.0 -f'
I will eventually rewrite the report to store the data in a local table, but I can simply adjust the options to suit the requirments of linux. Basically, I need to know if this can be a quick fix for the short term.
ubuntu 9.10 login panel is worse with respect to ubuntu 8 since now all the users with names are shown without a way to hide them!Why don't keep the old way at least as an option?
View 5 Replies View RelatedTo avoid having to input a password for the keyring each time I connect to the net via wireless, I enabled the 'Available to all users' option in Network Manager. Now, my question is this. Are the 'users' it refers to just those created on this machine? Would a drive-by be able to use my network without entering the password?
View 3 Replies View Related1. I understand you can protect your files or directories in your website by setting file/directory permissions. The meaning of r w x is clear to me, but I'm not sure how to proceed... Starting with the index.html file, if I wanted to make it so that anyone in the world can read it but can't modify it, do I set its permissions to rwxr-xr-x? If I set it to rwxr--r--, would that mean the file couldn't be served? I mean, what does the x setting do on a .html file, how can a .html file be executable?
2. If file permissions work on the lines of owner-group-others, in the context of a website, who is 'group'? As far as I can tell, there's only the owner, which is me, and others, which is the world accessing the site. Am I correct in thinking that by default, say when creating a website on a shared hosting server, there is no group unless I specifically set one up?
3. My ISP allows the DynDNS.org service, meaning that I could serve a website from my home. It's too early to go that route just yet, but for future reference, I would like to ask about the server software called Hiawatha. It is said to be secure, but having read some evaluations of it, it doesn't seem to offer anything that couldn't be accomplished with Apache or Cherokee, it's just that its security settings are simpler and easier to configure. Am I right about this? Or does Hiawatha truly offer something that the other major server packages don't?
i updated both browsers i have and lost my secure log-in pages (no padlocks showing ) concerning different Web mail accounts.Just before i did these updates i checked an unrelated thing on-line regarding my sound card of which i kept a copy of and got this message below :
!!ALSA/HDA dmesg
!!------------------
[ 12.762633] cfg80211: Calling CRDA for country: AM
[code]....
Conky can be used to display a variety of information on the users desktop. I wanted to use Conky instead to display the current status of security as reported by:
SANS Internet Storm Center
IBM Internet Security Systems
Symantec Threatcon
McAfee Threat Center
I therefore created 4 small scripts which download the current status from these sites, and set the colour of those status's depending on the current value.The conky configuration allows for a semi-transparent background - though this is optional.Attached is an example image showing the 4 different colours.Also attached is an archive with the 4.sh files, .conkyrc and draw_bg.lua (from here http:[url].....
I just installed Ubuntu on a desktop. Can anyone give me some guidance on installing basic security software? In particular, I'm looking for a firewall, antivirus, and anti-spyware/malware utilities.
View 2 Replies View RelatedI already posted a topic similar to this concerning the Desktop OS version, but this deals with the Netbook because unlike the Desktop, the Netbook is less cooperative. Allow me to elaborate: Today (or rather yesterday since it's not after midnight where I am), I changed my password because I was hopelessly confounded about how to get my Wireless Network card up and running after it had been installed and I was allowing my dad to use it. This issue has since been resolved, however...
When I chose my password during the original installation, there was no mention of it being "too simple." This is where the Desktop OS and the Netbook OS differ. The desktop will let me change it in the terminal without any errors. The Netbook will not. When I've attempted to revert it back to the original, it will not let me do so in the User Profile or in the Terminal. The Passwords and Encryption Keys application also does not appear to help.
So now even after I've changed it to a different "complicated" password I am still prompted to insert two different passwords since I changed my user password but I am unable to change the password I input during the installation. A bit screwy methinks. This is extremely important. I'd like to know how to change the original installation password.
If I can't change the main password on my laptop then this is a serious potential security breach just waiting to happen (especially since it's on a laptop and I will be hauling it around with me) and I will most likely install a different OS if this isn't resolved --- It would be very unfortunate since I spent the whole day fixing it and I really enjoy the interface. Luckily I can live with this on my Desktop since I'm not going to be hauling it around with me everywhere when the school year starts.
As it stands I have a small home network operating behind my modem/router. Some of the ports on this are forwarded to my PS3 for gaming but I was looking at forward some for my file server.
At the moment I've forwarded port xxx22 to port 22 on my server for SSH for instance. ANd similarly 21 for FTP (although it doesnt seem to want to connect for any more than a few seconds using that). What I was thinking of doing was placing a small website for a handful of ppl to use on the server too and port forward again - xxx80 to 80. It works just fine but I'm a little concerned on the security front.
As I've moved the port to something different from the outside world I'm presuming I will have already cut the potential for malicious folks to wander in but is there anything else I should be doing? At the moment there's no firewall operating on the server, usually as its hidden behind the modem/router. But if I open this thign up more permanently what should I be doing? I've read a few articles on it but I'm always left with the overwhelming thought of "Thats if theres no firewall in my router" as they just seem to do the same.
When posting results from ifconfig, it shows the hardware address of etho, etc. Would you consider that to be a security risk ?
View 9 Replies View RelatedI'm concerned about security of having a LAMP server on my laptop as having any server makes the system less secure. However, if I were to create a new partition and install a lamp server on that and only use it when offline, would the security of my main partition be affected at all?
View 3 Replies View Related