One way of detecting malware (virus, rootkits, etc) is by knowing what ports are open and what services and application are associated with those ports. A while back some of this malware would install on your computer with the intention of opening a backdoor for the attacker to connect leaving your PC to the mercy of an attacker, now with the use of NAT (Network Address Translation), this type of attack is less common, but as technology evolves, so are the new threats, now the malicious software will install on your PC and initiate a connection back to the attackers PC, which is listening for the connection. With that in mind you should turn off any services you don’t actually need so they will not become avenues of attacks for security threats. There’s no way to provide a comprehensive guide, of course different systems will have different services running by default, and new services are been invented from time to time, expanding the number of services that may possibly be running on a given computer. Read the rest of this entry »
In this article we’ll go over the process of exporting your PGP (Pretty Good Privacy) keys from one computer to another, in this case we’ll be exporting the key from an Ubuntu machine to a windows machine there are several programs you’ll need, or I assume you already have, like: Gnupg for Linux and Windows, also in my case I use Enigmail which is a Thunderbird addon, and uses the OpenPGP standard for encryption and authentication, and yes you should already have created your original key. See the links at the end of this articles for important sites where you can get this applications. Read the rest of this entry »
After having to reset my Ubuntu box password, I decided to come up with this tutorial on how to reset linux password, in this case we will be taking two different methods…
An SSH tunnel (sometimes referred to as a VPN) is an encrypted network tunnel created through an SSH connection. SSH is frequently used to tunnel insecure traffic over the Internet in a secure way. For example, if you were to check your webmail over the internet your username and password would be send in clear text format, meaning that anyone with a sniffer and using ARP poisoning techniques could intercept your credentials. To browse the internet securely, one can establish an SSH tunnel that routes all HTTP traffic to the ssh server inside an SSH-encrypted connection. Even though the HTTP traffic itself is insecure, because it travels within an encrypted connection it becomes secure.
In order to create an SSH tunnel, the SSH client is configured to forward a specified remote port and IP address (that is accessible on the SSH server) to a port on the local machine. Once the SSH connection has been established, the user can connect to the specified local port to access the network services that would otherwise be available only at the remote IP address and port. For this tutorial I would be setting up SSH server in Ubuntu, and the client pc a windows xp using Internet Explorer as the browser, I know… not the best OS and browser, but I think that’s what most people use.
In this tutorual will go over the most useful netcat commands. Netcat is a tool that every IT professional should have in their tool box, if you’re responsible for network or systems security, it is essential that you understand the capabilities of netcat. The original version of netcat is a UNIX program. Its author is known as Hobbit. He released version 1.1 in March of 1996. Netcat is available for Unix and Windows OS.
Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol. It is designed to be a reliable “back-end” tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities, including: port scanner, backdoor, port redirector, port listener, and lots of other things….Let’s see what we can do with netcat.
In this second part of IPCop firewall tutorial, we’ll go over IDS(snort) and Iptraf addon. I consider Ipcop a robust firewall, and one of its main feature is the ability to detect attacks as they happen on the network (Snort), also another good feature of IPCop is the addons, through addons you can easy install lots of application, that do not come included in the IPCop installation, like Iptraf, Dansguardian, Openvpn, Asterisk among others.
In this tutorial we’ll cover some of the features and addons of IPCop:
1- Setting up IPCop’s IDS(snort).
2- Installing Iptraf addon. Read the rest of this entry »
If you want to protect your network from the internet, one of the things you need is a firewall, in this tutorial I will show you how to install ipcop firewall, for this all you need is an old pc and the free ipcop installation software. IPCop doesn’t require a lot of hardware to run, it will run on 64M of memory although I recommend at least 128M, it all depends on how many services you’re planning to run, also it doesn’t require a lot of hard drive, unless you’re planning to do a lot of logging, and web cache, and finally processor speed it’s not really that important Read the rest of this entry »
Subscribe
Designed By :
