Reconfiguring shared memory
Load your favorite text editor, open the file "/etc/fstab" and add the following line of code:
· tmpfs /dev/shm tmpfs defaults,ro 0 0
Disabling SSH root login
Load your favorite text editor, open the file "/etc/ssh/sshd_config" and add change the following line of code:
· PermitRootLogin yes to PermitRootLogin no
Limiting access to the "su" program (this is done by default in Ubuntu)
*****MAKE SURE YOU ARE PART OF THE ADMIN GROUP****
Open the terminal by clicking "Applications" selecting "Accessories" and choosing "Terminal." From there enter the commands:
· sudo chown root:admin /bin/su sudo
· chmod 04750 /bin/su
System/Server Hardening Checklist
Here is the larger recommended list (although most are not necessary unless your looking at a server or lab environments).
1. Disk Partitions and Mounting
1. Separate /home, /tmp, /var/tmp from /root partitions (If only if the machine has frequent access from general user except administrator).
2. Change mount options in /etc/fstab to limit user access on appropriate filesystems.
· Using noexec instead prevents execution of binaries on a file system
This is not good if you have programs to be executed Data partitions are good for this. Its used often for partitions serving Apache.
· Using nosuid will prevent the setuid bit from having effect.
SUID stands for Set User ID. This means that if the SUID bit is set for any application then your user ID would be set as that of the owner of application/file rather than the current user, while running that application. That means in case I have an application whose owner is ' root ' and it has its SUID bit set, then when I run this application as a normal user, that application would still run as root. Since the SUID bit tells Linux that the the User ID root is set for this application and whenever this application executes it must execute as if root was executing it (since root owns this file). Disabling this for a drive prevents this operation.
· The nodev option prevents use of device files on the filesystem.
This option would be recommended for CDs and NTFS file systems generally speaking. But it can have options to lock down a system preventing breaching by simply creating hda1 or sda1 devices that are writable by all.
2. Physical Security
Typically used in lab environments or where a server in not in a completely secured location.
1. Configure BIOS.
· Disable booting from CDs/DVDs, floppies, and external devices.
· Set BIOS password to protect the settings.
2. Set a password for the GRUB bootloader.
· Generate a password hash using the command / /usr/sbin/grub-md5-crypt. Add the hash to the first line of /boot/grub/menu.lst as follows:
password --md5 passwordhash
· Remove rescue-mode boot section from /boot/grub/menu.lst
3. Keep Software Up to Date
Upgrade through the Ubuntu Repository Network to apply upgrade automatically. Security updates should be applied as soon as possible.
Create the file apt.cron, make it executable, place it in /etc/cron.daily or /etc/cron.weekly, and ensure that it reads as follows:
#!/bin/sh
/usr/bin/apt-get update
This can have a side effect of breaking some dependencies.
4. Detecting listening network ports & Closing open ports and services
Detecting listening network ports
For a list of network ports that are open you can use the following commands:
# netstat -tulp or lsof -i -n | egrep 'COMMAND|LISTEN|UDP' or just a port scanner (nmap) 9
Closing open ports and services
To get a list of running services you can execute the following command: sysv-rc-conf --list | grep on
To disable a running service you can execute the command: sysv-rc-conf service name off
and then you should stop this service from running by executing: /etc/init.d/service stop.
5. Disable SUID and SGID Binaries
To find SUID and SGID files on the system, use the following command:
# find / \( -perm -4000 -o -perm -2000 \) –print
SUID or SGID bits safely disabled (using chmod -s filename) unless required for other program.
6. Configure and Use TCP Wrapper
Configure the TCP Wrapper library to protect network daemons that support its use by adding appropriate rules to /etc/hosts.allow and /etc/hosts.deny.
NOTE: tcp wrappers only works for services that inetd starts. Sendmail, apache, and named do not use inetd, and so they are not protected via tcp wrappers.
7. Configure and Use AppArmor
AppArmor is installed and loaded by default in Hardy. Some packages will install their own enforcing profiles. Active profiles for LAM Server:
· usr.sbin.mysqld
· usr.sbin.apache2
All activity will be logged by auditd and saved to /var/log/audit/audit.log
Some excellent advice on this is available in the stickies threads here.
8. Rdate or NTP (To keep your server date up to date)
Create the file /etc/cron.d/rdate with the following line:
15 * * * * root /usr/sbin/rdate -s content
for NTP
Create the file /etc/cron.d/ntp with the following line:
15 * * * * root /usr/sbin/ntpdate server
9. Configure or Disable SSH
- Disable it when not required.
- If SSH is required, ensure the SSH configuration includes the following lines:
· PermitRootLogin no
· Protocol 2
- If possible, limit SSH access to a subset of users. Create a group called sshusers and only add the users that need remote access. Then, add the following line to /etc/ssh/sshd_config:
· AllowGroups sshusers
Edit /etc/group find sshusers and add allowed users.
10. Disable IPv6
- Disable it when not required.
Edit the following line from /etc/modprobe.d/aliases:
· Find the line: alias net-pf-10 ipv6
· Edit this to: alias net-pf-10 off ipv6
· Save the file and reboot
11. Disable Compile ·
Add compiler group: /usr/sbin/groupadd compiler
· Move to correct directory: cd /usr/bin
· Make most common compilers part of the compiler group
chgrp compiler *cc*
chgrp compiler *++*
chgrp compiler ld
chgrp compiler as
· Set access on mysqlaccess
chgrp root mysqlaccess
· Set permissions
chmod 750 *cc*
chmod 750 *++*
chmod 750 ld
chmod 750 as
chmod 755 mysqlaccess
· To add users to the group, modify /etc/group and change compiler:123: to compiler:123:username1,username2 ('123' will be different on your installation)
12. Root Notification
Edit .bashrc under /root to get notified by email when someone logs in as root and add the following:
echo 'ALERT - Root Shell Access (Server Name) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d"(" -f2 | cut -d")" -f1`" admin@myhost.com
13. Securing History
chattr +a .bash_history (append)
chattr +I .bash_history
Get your users know that their history is being locked and they will have to agree before they use your services.
14. Using Welcome Message
Edit /etc/motd and put the following banner to be displayed:
WARNING !!!
This computer system including all related equipment, network devices (specifically including Internet access), are provided only for authorized use.
Unauthorized use may subject you to criminal prosecution. By accessing this system, you have agreed to the term and condition of use and your actions will be monitored and recorded. □
15. Chmod dangerous files
chmod 700 /bin/ping
chmod 700 /usr/bin/who
chmod 700 /usr/bin/w
chmod 700 /usr/bin/locate
chmod 700 /usr/bin/whereis
chmod 700 /sbin/ifconfig
chmod 700 /bin/nano
chmod 700 /usr/bin/vi
chmod 700 /usr/bin/which
chmod 700 /usr/bin/gcc
chmod 700 /usr/bin/make
chmod 700 /usr/bin/apt-get
chmod 700 /usr/bin/aptitude
16. Specify TTY Devices Root is allowed
vi /etc/securetty
Leave only two connections:
tty1
tty2
17. Choose a secure password
This is generally a good tip, this fix however applies to people using pam to authenticate to LDAP or AD.
vi /etc/pam.d/common-password
change the detail from this:
password requisite pam_unix.so nullok obscure md5
to
password requisite pam_unix.so nullok obscure md5 min=8
Change min=8 with your company password policy length.
18. Checking for Rootkits
Install it from Ubuntu Repository:
# apt-get install chkrootkit
You can run it with the following command: ./chkrootkit
Now we are going to add it to contrab to schedule daily automatic scans in the system:
vi /etc/cron.daily/chkrootkit.sh and type
#!/bin/bash
# Enter the directory where the rootkit is installed
cd /root/chkrootkit/
# Enter your email address where you want to receive the report
./chkrootkit | mail -s "Daily chkrootkit from Server Name" admin@myhost.com
Now change the file permissions so we can run it: chmod 755 /etc/cron.daily/chkrootkit.sh
To give it a try you can run the chkrootkit.sh file manually from /etc/cron.daily directory and you should receive a report to the email account you provided.
19. Hardening your Kernel (sysctl.conf)
Instead of doing this manually use a pre hardened kernel like selinux.
20. Disable unnecessary PHP variables
Edit /etc/php5/apache2/php.ini and /etc/php5/cli/php.ini
Turn off these variables:
allow_call_time_pass_reference = Off
magic_quotes_gpc = Off
register_long_arrays = Off
register_argc_argv = Off
allow_url_fopen = Off
expose_php = Off
disable_functions = symlink,shell_exec,proc_close,
proc_open,dl,passthru,
escapeshellarg,escapeshellcmd,openlog, apache_child_terminate,
apache_get_modules,apache_get_version,
apache_getenv,apache_note,apache_setenv,virtual, phpinfo
21. Apache Hardening
- Edit /etc/apache2/apache.conf
- Turn off these variables:
TraceEnable off
- (Disable apache root access)
[directory\]
Order deny,allow
Deny from all
[/directory]
- Enable Module ( /etc/apache2/mods-enable/ ):
alias, auth_basic, authn_file, authz_default, authz_groupfile, authz_host, authz_user, autoindex, dir, env, mime, mod-security2, negotiation, php5, rewrite, setenvif, ssl, unique_id
- Edit /etc/php.ini
Find disable functions and edit as below:
disable_functions = exec, passthru, shell_exec, system, proc_open, popen, curl_exec, curl_multi_exec, parse_ini_file, show_source
Hardened Kernel Variables ( /etc/sysctl.conf )
# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0
# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1
#Prevent SYN attack
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 2048
net.ipv4.tcp_synack_retries = 2
# Disables IP source routing
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.eth0.rp_filter = 1
# Disable ICMP Redirect Acceptance
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
# Enable Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.lo.log_martians = 1
net.ipv4.conf.eth0.log_martians = 1
# Disables IP source routing
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.eth0.rp_filter = 1
# Disable ICMP Redirect Acceptance
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
# Modify system limits for Ensim WEBppliance
fs.file-max = 65000
# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 15
# Decrease the time default value for tcp_keepalive_time connection
net.ipv4.tcp_keepalive_time = 1800
# Turn off the tcp_window_scaling
net.ipv4.tcp_window_scaling = 0
# Turn off the tcp_sack ( Need to turn on for traffic to internet)
#net.ipv4.tcp_sack = 0
# Turn off the tcp_timestamps
net.ipv4.tcp_timestamps = 0
# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1
# Set maximum amount of memory allocated to shm to 256MB
kernel.shmmax = 268435456
# Increase the maximum total TCP buffer-space allocatable
net.ipv4.tcp_mem = 57344 57344 65536
# Increase the maximum TCP write-buffer-space allocatable
net.ipv4.tcp_wmem = 32768 65536 524288
# Increase the maximum TCP read-buffer space allocatable
net.ipv4.tcp_rmem = 98304 196608 1572864
# Increase the maximum and default receive socket buffer size
net.core.rmem_max = 524280
net.core.rmem_default = 524280
# Increase the maximum and default send socket buffer size
net.core.wmem_max = 524280
net.core.wmem_default = 524280
# Increase the tcp-time-wait buckets pool size
net.ipv4.tcp_max_tw_buckets = 1440000
# Allowed local port range
net.ipv4.ip_local_port_range = 16384 65536
# Increase the maximum memory used to reassemble IP fragments
net.ipv4.ipfrag_high_thresh = 512000
net.ipv4.ipfrag_low_thresh = 446464
# Increase the maximum amount of option memory buffers
net.core.optmem_max = 57344
::resource:: http://ubuntuforums.org/showthread.php?t=1002167 -
Showing posts with label hacking CLI. Show all posts
Showing posts with label hacking CLI. Show all posts
Tuesday, March 22, 2011
Monday, March 10, 2008
HITBSecConf 2008
HITBSecConf 2008 Dubai
Even security conference aku sik pat pegi.. sekda sponser mok spon.. bila cita pasal tok semua takut, macam threatening ajak.. anyway this information bagus pakei sidak semua understand apa kejadah benda tok..
Registration dah close dah...
14th – 15th April 2008 event
Date:
Item: 5-Tracks Hands-On Technical Training Sessions
Time: 9am to 5pm
16th – 17th April 2008
Date:
Item: Security Conference and Exhibition
Time: 9am to 5pm
16th – 17th April 2008
Date:
Item: Capture The Flag and Zone-H Hacking Challenge
Time: 9am to 5pm
Venue: Sheraton Dubai Creek
Dubai,
U.A.E.
Sepa patut hadir : Anyone who is responsible for the security and privacy of information should attend including: CEO, CIOs, CTOs, VPs of Technology and Network Systems, Directors of IT, Directors of Technology, Systems Architects, Network Administrators, Network Security Officers, ISOs, Financial Managers, System Developers, Network Security Specialists, Security Consultants, Risk Managers, and System Administrators.
p/s tambahan.. dan orang yang minat wakakaka... ops.. sory no wakaka agik la.. :-)
Speakers nok datang molah speak or lecture or bla bla or merapu...
1. Adrian ‘pagvac’ Pastor (Senior Security Researcher)
2. Alessio ‘mayhem’ Pennasillico (Security Evangelist, Alba S.T. s.r.l.)
3. Alexander Kornbrust (Founder, Red Database Security GmbH)
4. Anthony Zboralski (Founder, HERT & PT. Bellua Asia Pacific)
5. Cesar Cerrudo (Founder, ArgenISS)
6. David Houlton (Independent Network Security Researcher)
7. Dino Covotsos (Managing Director, Telspace Systems)
8. Domingo Montanaro (Manager of Research & Development, Scanit Middle East)
9. Ero Carrera (Reverse Engineering Automation Researcher, zynamics GmbH)
10. Fetri Miftach (Principal Consultant, PT. Bellua Asia Pacific)
11. Jamie Butler (Coauthor of Rootkits: Subverting the Windows Kernel)
12. Marc Weber Tobias (Investigative Attorney and Security Specialist)
13. Michael Thumann (Chief Security Officer, ERNW GmbH)
14. Petko D. Petkov [pdp] (The Architect)
15. Raoul Chiesa (Board of Directors Member @Mediaservice.net, ISECOM Group & TSTF)
16. Rodrigo Rubira Branco (Lead Security Researcher, Scanit Middle East)
17. Shreeraj Shah (Director, BlueInfy)
18. Skyper (ex-Phrack Magazine Editor in Chief / Member, THC)
TECHNICAL TRAINING TRACK 1:
ADVANCE WEB APPLICATION & SERVICES HACKING
Trainer: Shreeraj Shah, Director, BlueInfy
TECHNICAL TRAINING TRACK 2:
WIRELESS & BLUETOOTH SECURITY
Trainer: Dino Covotsos, Director, Telspace Systems
Introduction to Wireless Hacking
Wireless Protocols and Architecture
Network Mapping and Wardriving
Methodology for securing wireless networks
Wireless hacking tools and attacks
Defending against wireless hacking
Introduction to Bluetooth
Bluetooth vulnerabilities overview
Bluetooth hacking tools and techniques
Defending against Bluetooth attacks
Aku rasa module training tok maybe banyak dapat sambutan.. banyak dah orang effort laptop ngan smart phone or pda phone. :-) 3.5G pun sik lamak agik implement maybe dalam bulan 10 2008 tok.. WLan and wiwi bila agik? mesia kan ada full coverate satellite, bagilah orang local pakei, iboh disewa deh... mok buat revenue ajak... lelah jak undi sari ya T_T;
TECHNICAL TRAINING TRACK 3:
STRUCTURED NETWORK THREAT ANALYSIS AND FORENSICS
Trainers: MelingMudin (spoonfork) & Lee Chin Sheng (geek00l)
mm memang rasanya OnDemand juaklah digital forensic kinek tok, macam ada attention jak kat mesia sejak dua menjak tok, maybe banyak kes kot.. sebelum tok pun banyak kes, sebab banyak orang sik merepot ajak.. apa sidak madah tek... sik kuasa bah... so far okey lah. maybe datang in handy untuk incoming kerajaan pun projek dalam bidang bioinformatic... dengar - dengar dah ada peruntukan buat R&D kat universiti.. well maybe info aku optimistic ngan sik betul, someone check it out la..
TECHNICAL TRAINING TRACK 4:
TELECOMMUNICATIONS FRAUD
Topics Covered:
1. aku terimak sms dari petronas madah dapat hadiah berupa $$$ best nya.. sangsi juak aku... macam ne nya tauk nombor telefon aku, last thing aku buat pasal petronas, aku ada register ajak lah... now macam leak ajak information ya.. mmmmm muskil - muskil. sik patut kebetulan... nevermindlah.. buat lah apa sidak suka.. bukan senang dunia akhirat pun... bukan petronas, tapi kepada orang nok molah fraud ya lah., nok terimak rasuah, nok sik amanah. kat petronas.com ada announce ada pasal sms fraud tok juaklah FYI....
2. ahhh email aku kenak spam.. mala jak kenak invite mok molah connect back lah ya...mok curi cookie, mok curri session, mok redirect ke phising site.. mmmm rajin juak kerja sidaknya.. ada ka patut aku nok sekda sen, cuba lah molah kat orang nok ada sen ya ada lah pedahnya...
so far seingat aku lah 2 benda tok dalam 2008 lah.. ya pun dalam tempoh 3 bulan.
TECHNICAL TRAINING TRACK 5:
HACKING & HARDENING ORACLE
Trainer: Alexander Kornbrust, Founder, Red Database GmbH
reference :
http://conference.hitb.org/hitbsecconf2008dubai/confkit.pdf
Aik dah abis ka? blum.. ada agik, incoming base kat malaysia agik, jeng jeng jeng....
HITBSecConf 2008 Malaysia - Student CtF
Incoming kat Malaysia... yeee.. maybe dapat pergi lah waktu tok.. lagikpun dekat... mok kolek duit form team pasya try register dapat shortlisted ka sik join comp tok...
Event Date: October 2008 * maybe lar.. macam dah comfirmed ajak tarikh tok..ada kata julai ada kata september .. tengoklah.. bila ada info agik, check url nya
kamekorang mok form headhunter team eh for this hitb challenge this October 2008... sik kan orang sawak tanam pokok ajak, mok juak ada celik technology yo juak!!
Well rata - rata apa jak related dalam pembelajaran untuk conference 2008 tok, boleh lah dikompilasikan macam ya.. rasanya kat KL kelak pun lebih kurang sama module mok dipresent para speaker. Sepa jak speaker datang kat mesia kelak? wait for next blog lah bila dah nak dekat2 hari ya kelak...
Anyone nok ada experinces dalam ngekot comp tok, sila - sila lah share info ngan knowledge by leaving something kat comment k, thx
Even security conference aku sik pat pegi.. sekda sponser mok spon.. bila cita pasal tok semua takut, macam threatening ajak.. anyway this information bagus pakei sidak semua understand apa kejadah benda tok..
Registration dah close dah...
14th – 15th April 2008 event
Date:
Item: 5-Tracks Hands-On Technical Training Sessions
Time: 9am to 5pm
16th – 17th April 2008
Date:
Item: Security Conference and Exhibition
Time: 9am to 5pm
16th – 17th April 2008
Date:
Item: Capture The Flag and Zone-H Hacking Challenge
Time: 9am to 5pm
Venue: Sheraton Dubai Creek
Dubai,
U.A.E.
Sepa patut hadir : Anyone who is responsible for the security and privacy of information should attend including: CEO, CIOs, CTOs, VPs of Technology and Network Systems, Directors of IT, Directors of Technology, Systems Architects, Network Administrators, Network Security Officers, ISOs, Financial Managers, System Developers, Network Security Specialists, Security Consultants, Risk Managers, and System Administrators.
p/s tambahan.. dan orang yang minat wakakaka... ops.. sory no wakaka agik la.. :-)
Speakers nok datang molah speak or lecture or bla bla or merapu...
1. Adrian ‘pagvac’ Pastor (Senior Security Researcher)
2. Alessio ‘mayhem’ Pennasillico (Security Evangelist, Alba S.T. s.r.l.)
3. Alexander Kornbrust (Founder, Red Database Security GmbH)
4. Anthony Zboralski (Founder, HERT & PT. Bellua Asia Pacific)
5. Cesar Cerrudo (Founder, ArgenISS)
6. David Houlton (Independent Network Security Researcher)
7. Dino Covotsos (Managing Director, Telspace Systems)
8. Domingo Montanaro (Manager of Research & Development, Scanit Middle East)
9. Ero Carrera (Reverse Engineering Automation Researcher, zynamics GmbH)
10. Fetri Miftach (Principal Consultant, PT. Bellua Asia Pacific)
11. Jamie Butler (Coauthor of Rootkits: Subverting the Windows Kernel)
12. Marc Weber Tobias (Investigative Attorney and Security Specialist)
13. Michael Thumann (Chief Security Officer, ERNW GmbH)
14. Petko D. Petkov [pdp] (The Architect)
15. Raoul Chiesa (Board of Directors Member @Mediaservice.net, ISECOM Group & TSTF)
16. Rodrigo Rubira Branco (Lead Security Researcher, Scanit Middle East)
17. Shreeraj Shah (Director, BlueInfy)
18. Skyper (ex-Phrack Magazine Editor in Chief / Member, THC)
TECHNICAL TRAINING TRACK 1:
ADVANCE WEB APPLICATION & SERVICES HACKING
Trainer: Shreeraj Shah, Director, BlueInfy
TECHNICAL TRAINING TRACK 2:
WIRELESS & BLUETOOTH SECURITY
Trainer: Dino Covotsos, Director, Telspace Systems
Introduction to Wireless Hacking
Wireless Protocols and Architecture
Network Mapping and Wardriving
Methodology for securing wireless networks
Wireless hacking tools and attacks
Defending against wireless hacking
Introduction to Bluetooth
Bluetooth vulnerabilities overview
Bluetooth hacking tools and techniques
Defending against Bluetooth attacks
Aku rasa module training tok maybe banyak dapat sambutan.. banyak dah orang effort laptop ngan smart phone or pda phone. :-) 3.5G pun sik lamak agik implement maybe dalam bulan 10 2008 tok.. WLan and wiwi bila agik? mesia kan ada full coverate satellite, bagilah orang local pakei, iboh disewa deh... mok buat revenue ajak... lelah jak undi sari ya T_T;
TECHNICAL TRAINING TRACK 3:
STRUCTURED NETWORK THREAT ANALYSIS AND FORENSICS
Trainers: MelingMudin (spoonfork) & Lee Chin Sheng (geek00l)
mm memang rasanya OnDemand juaklah digital forensic kinek tok, macam ada attention jak kat mesia sejak dua menjak tok, maybe banyak kes kot.. sebelum tok pun banyak kes, sebab banyak orang sik merepot ajak.. apa sidak madah tek... sik kuasa bah... so far okey lah. maybe datang in handy untuk incoming kerajaan pun projek dalam bidang bioinformatic... dengar - dengar dah ada peruntukan buat R&D kat universiti.. well maybe info aku optimistic ngan sik betul, someone check it out la..
TECHNICAL TRAINING TRACK 4:
TELECOMMUNICATIONS FRAUD
Topics Covered:
- Introduction to fraud
- Fixed Network Fraud
- Mobile Network Fraud
- Subscription Fraud
- Partnership fraud
- Content & Added value services fraud
- Fraud detection & prevention
1. aku terimak sms dari petronas madah dapat hadiah berupa $$$ best nya.. sangsi juak aku... macam ne nya tauk nombor telefon aku, last thing aku buat pasal petronas, aku ada register ajak lah... now macam leak ajak information ya.. mmmmm muskil - muskil. sik patut kebetulan... nevermindlah.. buat lah apa sidak suka.. bukan senang dunia akhirat pun... bukan petronas, tapi kepada orang nok molah fraud ya lah., nok terimak rasuah, nok sik amanah. kat petronas.com ada announce ada pasal sms fraud tok juaklah FYI....
2. ahhh email aku kenak spam.. mala jak kenak invite mok molah connect back lah ya...mok curi cookie, mok curri session, mok redirect ke phising site.. mmmm rajin juak kerja sidaknya.. ada ka patut aku nok sekda sen, cuba lah molah kat orang nok ada sen ya ada lah pedahnya...
so far seingat aku lah 2 benda tok dalam 2008 lah.. ya pun dalam tempoh 3 bulan.
TECHNICAL TRAINING TRACK 5:
HACKING & HARDENING ORACLE
Trainer: Alexander Kornbrust, Founder, Red Database GmbH
- Introduction
- Oracle Basics (Oracle Architecture, Oracle Products, Oracle Features) -> Exercise: connect to the database, use sqlplus, sqldeveloper
- Passwords -> Exercise: Find passwords, crack Oracle database passwords
- SQL-Injection (Web, Database, C/S) -> Exercise: Privilege Escalation via SQL Injection, Information Retrieval via SQL Injection
- Hacking mod_plsql -> Exercise: Hack mod_plsql Apps
- Google Hacking for Oracle -> Exercise: Find vulnerable websites with Google
- Hardening Oracle 10g R2
- PL/SQL Programming Basics (Execute programs, read/write files) -> Exercise: Create files, read files, execute programs, ...
- PL/SQL-Source-Code Analysis -> Exercise: Find Security bugs in PL/SQL code
- Oracle Client attacks -> Exercise: modifying startup files, finding passwords, ...
- IDS Evasion -> Exercise: Bypass Snort and other Oracle IDS
- Oracle Rootkits& Backdoors -> Install and detect RK
- Oracle Forensics ->Excercise: Analysis Logfiles, Audit-log
- Oracle Capture-The-Flag
reference :
http://conference.hitb.org/hitbsecconf2008dubai/confkit.pdf
Aik dah abis ka? blum.. ada agik, incoming base kat malaysia agik, jeng jeng jeng....
HITBSecConf 2008 Malaysia - Student CtF
Incoming kat Malaysia... yeee.. maybe dapat pergi lah waktu tok.. lagikpun dekat... mok kolek duit form team pasya try register dapat shortlisted ka sik join comp tok...
Event Date: October 2008 * maybe lar.. macam dah comfirmed ajak tarikh tok..ada kata julai ada kata september .. tengoklah.. bila ada info agik, check url nya
Venue: Westin Hotel, KL
URL: http://conference.hitb.org/
Student Capture the Flag Details: 0_o?, kenak mok CTF, kenak sik CT$$$ :-)
Objective:
- To provide a secure environment for students that have interests in network/computer security to test their skills againsts each other.
- Cost per team: Fee Structure: MYR1000 / team of 3 students. Universities / Colleges that takes up a booth (MYR 10,000) are entitled to send in 1 team FOC. Maximum of 2 teams per University / Colleges.
- Prizes: 3 months Internship with some of the world's leading Fortune 500 IT companies - Listing to be announced by June / July
kamekorang mok form headhunter team eh for this hitb challenge this October 2008... sik kan orang sawak tanam pokok ajak, mok juak ada celik technology yo juak!!
Well rata - rata apa jak related dalam pembelajaran untuk conference 2008 tok, boleh lah dikompilasikan macam ya.. rasanya kat KL kelak pun lebih kurang sama module mok dipresent para speaker. Sepa jak speaker datang kat mesia kelak? wait for next blog lah bila dah nak dekat2 hari ya kelak...
Anyone nok ada experinces dalam ngekot comp tok, sila - sila lah share info ngan knowledge by leaving something kat comment k, thx
Thursday, November 13, 2003
lxf45 october 2003 review
"Bismillahirahmanirahim"Dalam tok zine tok highlight pasal macam ne mok speed up linux. Kira tweaking lah.
Nok lain di highlight apa
- agik pasal mozilla
- cita pasal zend studio 3
- webserver ne satu nok best
- Pasal server school, macam ne mok buat projek kat sekolah makei linux
selain ya ada juak review pasal
- News
- Mailserver
- Armari Opteron server 64 bit
- Yellow Dog 3.0 review - linux on Apple mac
- SNAP Graphics 2.0
- Revolution 2.0
- Scribus 1.0
- Infomap Navigator
- OpenGroupware.org
- Book review on FreeBSD, Cryptography, - Java & ada macam - macam agiklah.
- HotPicks software lxf
- What on earth BSD?
- Red Hat Package management
- Compiler writing - makei flex ngan Bison
- Blender tutorial
- Gimp tutorial
- PHP tutorial
- Answer kat previous questions.
Aku beli nok CD bukan DVD.
kat dalam cd ya ada FreeBSD 4.8 Unix-alike distro, stabil juak nya pun OS, mostly basic utilities dalam ya.
Okey aku just buat review nok best ajak, nok dihighlight.
native savage released
pasal real time strategy game pakei linuxers gamers. Okey juaklah, ada juak orang mok molah game makei linux, mun makei wine susah lak, masih buggy agik. nevermind lar, maybe masa datang lak ada software makei emulate nya macam ps emulator ya.
Armari RM-064-1AE 1U Opteron Server
Slim na server tok eh.. best mun ada kat rumah tok.. hehehe.. benchmark nya
hd 3.63
ab 7.33
mysql 0.70
compile 2.14
oggenc 4.81
Overal 3.72
Verdict
Features 9/10
Performance 9/10
Ease of use 9/10
lxf zine rating 9/10
aku pun rating macam best juak eh.. aku sikda hardware tok aku sik tauk mok rating macamne..
nya ada semua connectivity peripheral - keyboard, mouse, VGA, 2 USB sockets ngan 2 egik Ethernet ports, owh ngan dua Broadcom gigabit LAN cards nestling kat dalam.
Yellow Dog 3.0
wah Linux leh jalan kat PPC / PowerPC / APple deh.. mesti laju agik, sik sangup aku tengok apple ya.. biarlah aku makei pc ajak untuk FC tok. Distro linux lain boleh dipakei kat PPC macam Debian, Mandrake ngan Gentoo.
Scribus 1.0
Mun kitakorang orang office mpun, scribus tok macam publisher juak. Mun kerajaan ngecheck licence publisher kitakorang, kitakorang leh install scribus 1.0 tok, nice juaklah walaupun agik baru versi 1. Deh.. jangan expect nya perfect, but useable lah.
InfoMap Navigator Europe
Ada juak dipolah benda tok, ala - ala map online, mun sik silap terhad kat Europe map ajak.
Zend Studio 3.0
Tok php editor, muh kitakorang suka php and yes mostly php banyak pakei kat CMS opensource. Editor tok simply bagi environment programming nok kemas agik daripada kita makei VI, gedit ataupun Notepad kat windows. Every syntax nya colourfull :-) walaupun linux kurang darisegi Guinya tapi bila dah okey nya cantik
juak bah. Owh nya support PHP5 juak. best thing nya ada code analysis pakei kitakorang pentest or check ada bogus ka sik.
Roundup Server apa nok best ngan practically used.
http://www.apache.org
Apache tok dah biasa dipakei kebanyakan orang, even koperate ngan kompeni besar makei apache. cara settingnya senang ajak. sik banyak karenah.
Mostly distro linux support apache, mun sik silap ada juak distro dah installed ngan apache services. Ngekot juak apa package kitakorang pilih masa install nix.
http://www.boa.org
mun kitakorang makei embed systems, termasuk routers ngan portabale devices, makei boa sebab nya makei sikit ajak memory.
http://www.Caudium.net
mmm sik tauk aku pasal tok, tapi masalanya ngan community support sidaknya. Nya pun support ada kurang. Sebab sidaknya ada project baruk kalik. Anyway, it's good to testdrive this one also.
http://www.roxen.com
Roxen tok lebih kepada graphic. Semua setting nya point and click :-) tok bagus mun kitakoran sik suka CLI / command line interface. Mun kitakrorang serve server kitakorang makei machine lamak or pc dah outdated, iboh install tok, nya consume performance kitakorang. teruk ajak kitakorang loads kelak.
http://www.acme.com/software/thttpd
thttpd tok tiny/turbo/throttling http server. Mun kitakraong server server makei usb thumbdrive aku rasa tok bersesuaianlah dengan server kitakorang ya.
http://www.kernel.org
Tux/kHTTPd
aku lum ada ngetest tok. It's totally hacking the kernel. nya pun setting kita kenak hack kernel linux kitakorang.. Best experiment juak, tapi aku sik advice kitakorang untuk messing productive server kitakorang.. biar buat kat lab okey, atau makei qemu untuk virtualization.
http://www.zeus.com
Zeus Web Server
mmm tok berbayar. Mun berbayar ya mesti lah ada advantagenya. lam kes tok nya top performance. Tok makei sidak enterprise boleh tok. untuk orang macam kita tok iboh jak, but mun nya free, why not?.. bagus ya. Contoh client sidaknya ebay.com ngan Red Nose.
mun diikut ikut kan server nok popular, dari segi costnya, dari segi supportnya, dari segi extendingnya dari segi scalibilitynya aku milih apachelah. nurut zine tok apache is best selection. untuk graft analysis on server kitakorang leh check n e t c r a f t d o t c o m
Hotpicks of this issue are
AbiWord 2.0 http://www.abisource.com
XFce 4.0 RC 2 http://www.xfce.org - tok GUI alternative nix.
IlohaMail 0.0.8 http://ilohamail.org - php kind of webmail i thinklar
KScope 0.2 http://kscope.sourceforge.net - programming editor
NaturalDocs 1.0 http://www.naturaldocs.org - makei buat doc untuk open source.
IBMonitor 1.01 http://ibmonitor.sourceforge.net/ - monitor kitakorang pun bandwith stats
Stoned 1.1.4 http://stoned.cute-ninjas.com/ - game pakei linux deh. tapi tok 3D, nice lor nix starting game area... next maybe huge, or mabe keep the WINE project.
FooBillard 2.8 http://foobillard.sunsite.dk/ - 3d pool game, pakei orang nok suka main pool kat pub.
Okey dah ready mok start tips nix kitakorang, righteous
Speed UP LInux!
1. Swap Space
check memory kitakorang
$ cat /proc/meminfo
kitakoran leh check nya pun setting kat
$ vi /etc/fstab
2. Kernel
Modules vs monolithic
kitakorang kenak pergi hack kernel kitakorang
contohnya mun kitakorang sik makei ISDN atau PCMCIA, iboh compilenya atau thick kat linux kernel configuration.
3. CPU
upgrade proccesr kitkorang contoh kat sitok disarankan kitakorang makei AMD Opteron. It's time we move to 64 bit cpu tech.
4.Hard Drives
ada duak kategori,
i. - SCSI
ii. - IDE
cara tweaknya
$ hdparm -tT /dev/hda
take note, mun hardware lamak, ada imcompatibility issue. please make buat kat test lab kitakorang :-) tercalar ajak hard disk kitakorang lak
selain daripada ya, kitakorang kenak pilih filesystem nok sesuai ngan hard disk ya lah. Ext2 laju tapi tapi kinek tok exploref2 dah boleh view ext2 filesystem, so feeling window can look into filesystem ext2, mun kitakorang pilih ext3 masalah ngan kernel, so baca bait - bait kernel upgrade kikakraong sama ada nya comapible ngan filesystem.
Raid also reduce performance. Tambah laju agik mun sik makei raid, tapi masalah nya backup kitakorang mun kitakorang makei server kitakorang untuk productivity deh... Ingat BACKUP is ESSENSIAL.
What on Earth is BSD?
wakakaka.. adik beradik nix tok.. mun dolok linux gauk juak kinek tok dah sikit - sikit bait, ada agik scene baru tok, BSD, mbiak gauk baru.. nya macam unix juak, gui lebihkurang sama, syntax lebih kurang sama, make CLI juak. mmm not yet user friendly, i think more 5-10 years agik maybe full of WINDOW$ box lah. bye - bye CLI.
Info
http://www.freebsd.org/
http://www.bsd.org/
http://en.wikipedia.org/wiki/FreeBSD
http://www.openbsd.org/
Red Hat Alternative Package Management
contoh macamne manage package atau RPM
Finding an rsync Server
rsync fully.qualified.domainandhostname::
aku sik faham pasal rsync tok tapi anyway, mun mok lebih lanjut check out
http://en.wikipedia.org/wiki/Rsync
$ curl \ ftp://ftp.mirror.ac.uk/sites/ftp.redhat.com/pub/redhat/linux \/9/en/iso/i386/shrike-i386-disc[1-3].iso
wget
$ wget \ ftp:/ftp.mirror.ac.uk/sites/ftp.redhat.com/pub/redhat/linux \ /9/en/iso/i386/shrike-i386-disc1.iso
p/s wget is very popular download command. aku dengar nya ada dicompile dalam window juak.
$ ftpcopy ftp.mirror.ac.uk \ /sites/ftp.redhat.com/pub/redhat/linux/updates/9/en/os/i386 \ /var/ftp/pub/apt/9/en/os/i386/RPMS.updates/
memang banyak.. tapi kita leh makei script, ada auto script macam AutoRPM scrip kat www2.autorpm.org:81
$ yum command package
tok makei yellow dow updater. Nice package improvement, walaupun masih ada masalah depedencies, tapi in future, lebih improve agik, maybe auto downloadnyapun dependencies.
zine tok juak ada Basic tutorial pasal
Flex/bison Compiler writing,
macam ne mok makei Blender. Teknik macam
Bezier Cruves, Thickening shap out, spins, steps, and turns. Semua tok basik pengenalan kat Blender, nice indeedlor, dapat juak buat rendering kat nix.
Tutorial Gimp
Basic or beginer level makei gimp. Gimp very popular among opensource, scripnyapun free. contohnya macam ne mok buat jedi light saber :-). dalam tutorial nok zine tok nya ngajar kita skinning. nice untuk buat futuristic logos, or whatever lah.
Tutorial PHP
Practical PHP Programming
lam tutorial tok macam ne mok optimise php ngan mysql kita, well mun kita cakap sorang ajak sik perlu mok tweak or rewrite program, tapi mun dah banyak n kita nak maintain server, mesti mok rewrite or recode php kita well, tok basic tutorial how we look into it. :-)
Usergroup www linux support.
site - contact
http://hants.lug.org.uk/cgi-bin/wiki.pl - Hugo Mills
www.bristol.lug.org.uk
www.scottish.lug.org.uk
www.oxford.lug.org.uk - Alasdari G Kergon
www.kent.lug.org.uk - kevin grouves
www.brighton.lug.org.uk - johnathan swan
www.worcs.lug.org.uk
www.northants.lug.org.uk - kevin taylor
www.anglian.lug.org.uk - martyn drake
www.lug.org.uk - denny de la haye
www.scundog.org - shaun holt - sahun@scundog.org
www.moray.lug.org.uk - steward watson
www.westwales.lug.org.uk - dan field
www.wolves.lug.org.uk - jono bacon
www.edinburgh.lug.org.uk - alistari murray
www.tyneside.lug.org.uk - brian ronald
www.leicester.lug.org.uk - clive jones
www.surrey.lug.org.uk - jay bennie
www.cam-lug.org.uk
www.dclug.org.uk - simon Waters
www.manlug.mcc.ac.uk - john Heaton, Owen Le Blanc
www.herts.lug.org.uk - Nicolas Pike
www.wylug.lug.org.uk - jim Jackson
http://www.extraknowledge.org/xoops/
http://members.tripod.com/penanglug/990624/index.html
http://kuchinglug.blogspot.com/
http://www.iosn.net/asean-3/countries/malaysia/organizations/
http://www.linuxapps.org/?action=kategorie&k1=Linux+User+Groups&k2=&k3=&k4=&k5=&start=230&anzahl=10
http://wikiwikiweb.de/LugsList
last kalik mestilah blog tok hahaha
http://linuxdigger.blogspot.com
mun kitakorang windows user
http://windowsdigger.blogspot.com
for macosX user
http://macosxdigger.blogspot.com