The Black Hat 2008 briefings in Las Vegas, Nevada, held at the Ceasar's Palace, was great as usual.
Imagine 5.000 or more IT security techies on the same 5.000 square meters for a week or more.
Hehe, well, it is our week a year. You'll see all kinds of profiles attending the briefings. The black t-shirt
with a-cool-binary-image wearing techie, to latex wearing sales and promotion babes. It is sometimes a bit surreal
but very inspirational to visit these kind of convents/conferences, but I and my coworkers really enjoy every minute of it.
The latest greatest discussed vulnerability was of course attack caching nameservers.
Very scary vulnerability indeed. More information and a link to hole article can be found here.
September 21, 2008
The Black Hat 2008 briefings in Las Vegas, Nevada, held at the Ceasar's Palace, was great as usual.
I will be posting a lot more frequent starting today. Been to busy doing other things lately, but
now the inspiration is back. I have played a great deal with 10.4 and 10.5 of Mac OS X to find
out some basic tips and tricks that I can post here.
Mac OS X is as many of you Unix guru's already know, Unix-based, and from the BSD family of the greatest
operating system ever, Unix.
at 11:19 AM
March 24, 2008
Since I started monitoring malicious code, there has been one very obvious trend.
at 9:27 AM
Archos is a fine piece of mediaplayer, which runs on a customized linux kernel.
at 9:09 AM
December 10, 2007
The longed for Christmas break is seeing the horizon. If you would have asked me 7 years ago, I would have told you, I would work even harder during the holiday. Now, as a proud family member, I see what it is all about again. The childrens expectations, cooking, cleaning, socializing, seeing friends and of course, eating loads of home cooked food. All-in G-man!! :-)
On the software side, I guess, quite a few new good ideas is brewed during this holiday. Digesting the food, laying in "bob-sledge" position on the sofa, dreaming about new cool tools to write.
at 1:48 PM
No need to install, and usually, the kernel supports a wide range of hardware by default.
The only downside as I see it, is that it can take a few minutes to boot up. But compared to what it takes to install, those minutes are very neglictable. I remember downloading and using Knoppix Linux live CD ( http://www.knoppix.net ) as early as 2003, but I guess the first one where sometime around 2001.
Today, there is almost no Linux distrbution that you can not get as a "Live" version on either CD or DVD.
As the price on USB memories are closing in to the price of CD-R's and DVD-R's, I expect to see Linux Magazines and other Linux media bundle Linux distros and software on USB memory sticks, attached to the magazines. Especially since most of the new bios:es supports booting from USB media.
I can imagine to my pile of CD's and DVD's getting replaced by USB memory s ticks and flash drives in the very near future.
at 12:47 PM
October 9, 2007
Just wanted recommend you guys that have access to 3g technology, to try out the 3g card from Huawei.
I have used it for a few months now, and it really is uber nice. Always connected, and no worries the cost, as it is flat rate!!! The few tests I have performed with the Huawei 3G/HSDPA/EDGE-modem have been regarding it's possibilities to stay connected, while in a car, or lets say a high speed train. To my big surprise, I actually managed to stay online to surf and play poker on a flawless connection for three long hours, averaging a speed of about 60-70 miles/hour. No more WiFi hot spot hunting or "loaning bandwidth" from an open WiFi net. So If you have access to a 3g net in your area, I would really consider trying it out if I were you. The speed is all very dependant on your signal strength, but the maximum speed is now in theory at 7.2 Mbit. I have managed to get about 3.3 Mbit, downloading from a University FTP site. Well, anyway, check it out.
at 11:30 AM
August 15, 2007
Came back from a sunny and hot as .... Las Vegas. We spent 10 days in the desert this year too.
Black Hat was great this year, as last year, as the year before that etc..
Before the briefings this year, my friends and I agreed upon listening to briefings on topics that
we rarely come in touch with. One of our choices fell on presentation about navigations systems. Two guys from Italy gave a cool and entertaining presentation about "freaking out satellites" by injecting RDS-TMC traffic information signals.
Another interesting speech was Bruce Schneier's "The psychology of Security". Bruce really proved to have good understanding of the human mind.
As almost every year, Black Hat briefings 2007 was worth every penny.
at 9:04 PM
June 28, 2007
Ah, less than a month left to Black Hat briefings in Las Vegas ( Hotel Caesar's Palace, they've got a nice swimming pool too, hehe ) . This years schedule looks really nice, as usual. Loads of interesting key note speakers. Check out the list of speakers at Black Hat's site.
Besides a cool briefing about next generation of RE ( reverse engineering ), this year, there is two database forensic briefings that look really promising. In my field of work, security auditing databases is one of my favorites. Ah, and I am for sure going to check out Iron Chef Black Hat. :-)
Besides Black Hat, Defcon 15 at Hotel Riviera is on the agenda. Last year I missed the lock picking competition. Hopefully they will have another one this year, and hopefully I get to buy one of the uber lock pick tools set this year.
Don't forget to check out Hacker's on a plane!
at 11:24 AM
June 20, 2007
According to www.apple.com, the release date for their new upgraded Mac OS X is set to October.
It sure looks promising, featuring over +300 new innovations. I wonder how we will be able to intergrate the iPhone to this smash looking new desktop. Go and check out the features for yourself. There is quit a few demo's available, and I like Apples new little slogan. Hello Tomorrow.
I will try and have the Leopard as soon as possible, so I can try out this new eye opener, and post some of the interesting stuff here. It will have to wait until October though.
In case you wonder, Mac OS X is based on the Mach kernel, which in turn is derived from BSD's implementation Unix.
at 10:20 AM
June 14, 2007
Or, should I say, where you can use your favorite OS Linux or Mac OS without having to run a vmware installation of Windows.
Take a break from your heavy duties tonight. Sit back, brew yourself a fresh cup of coffee or tea, and join a multi table tournament, with awesome poker action, and now, from your Linux desktop. Yihaa!
You should be able to run PokerStars with a wine installation, ( version 0.9.36 ) under Fedora Core 6 without any problems. Just install the pokerstars.exe file issuing the command:
Download the PokerStars Poker Client from here:
$ wine PokerStarsInstall.exe
Follow the regular Windows like installation instructions, and you should be set.
To install wine on Fedora just run:
# yum install wine
Check under applications, and you will find a a PokerStars icon ( shortcut ) to start the PokerStars client.
PokerStars runs excellent on a Fedora 6 installation, so no more need for virtualization to make use of poker clients. So finally, the best of two worlds, Linux and Poker!, and Yes, well all need a nice break to play some adreanline poker after reading hundreds and thousands of man pages. NOHUP poker!
I will get back on how to install wine and other poker clients on a few different Linux distributions, but for now I will only cover Fedora.
One thing worth to mention. The bonus on PokerStars is in my meaning very easy to collect. Just a few hours of play usually.
at 4:10 PM
On the Ongame ( Pokerooom, Hollywood Poker, Bet24 etc ) network, you can use your firefox browser and the java ( the client is run as an java applet ).
Installing the required java plugin is needed for this to work, and you will of course need to enable java script on the pokerroom website.
Download the Java Runtime Environment from Sun.
Java(TM) SE Runtime Environment 6
The current file is called jre-6-linux-i586.bin
Then run the bourne shell script
$ sh jre-6-linux-i586.bin
To make Firefox use the libjavaplugin you can create a symlink from the extracted jre directory to your Firefox plugin directory.
$ cd .mozilla/plugins
$ ln -s jre1.6.0_01/plugin/i386/ns7/libjavaplugin_oji.so libjavaplugin_oji.so
You will need to restart Firefox to start using the libjavaplugin.
Now you should be set to play at all the Ongame poker sites.
at 4:05 PM
April 25, 2007
Completely off topic, but this could be the discovery of the millennium.
As I am a huge fan of cosmos, I was very excited to hear about a sighting of what could be a big brother/sister planet to our little planet Tellus. In my mind I have already named it Bellus.
B for bigger, and Bellus from Bella, ( beautiful ).
Wow, there could be life just 20 light years away. How would have thought that?
Check out more about this huge discovery.
581 c greetings!!
at 8:36 PM
March 10, 2007
February 4, 2007
In case anyone has missed it, Minix 3 is out. An extremely small OS with a kernel mode code below 4k lines of code. The goal with Minix 3 is to be usable as a serious system on resource-limited and embedded computers and for applications requiring high reliability.
Minix 1 and 2 where mainly intended to be used as teaching tools.
So go the Minix 3 site and download the CD image and have it try, it can be run as a Live CD and it's only 300 Megabytes big in compressed format.
at 3:44 PM
January 17, 2007
Oracle has released a set of critical patches for multiple security vulnerabilities. (January 2007)
The severity of the vulnerabilities ranges from information exposure to system access from remote.
Affected software is:
Oracle Database 10g
Oracle Application Server 10g
Oracle Developer Suite 10g
Oracle E-Business Suite 11i
Oracle Enterprise Manager 10.x
Oracle PeopleSoft Enterprise Tools 8.x
Oracle9i Application Server
Oracle9i Database Enterprise Edition
Oracle9i Database Standard Edition
Oracle9i Developer Suite
Check the Oracle security blog site for more detailed information.
A total of 52 vulnerabilities is addressed in January Critical Patch Update (CPU).
The next four upcoming dates for CPU's are:
- 17 April 2007
- 17 July 2007
- 16 October 2007
- 15 January 2008
at 1:10 PM
January 16, 2007
Even though I am a fan of writing my scripts in Perl (for sys admin tasks etc), I believe I will have to bow and admit that Python is an excellent object-oriented and interactive programming language. The power of the Python language, I believe ( Created and authored by the brilliant mind Guido Van Rossum) is its simplicity and clear syntax. As I am far from a hard core Python coder I will link to a friend of mine who has dedicated his website to this fantastic language.
So if you want to start hacking Python, you might want to check out the code at CVX | code version x. All dedicated to the Python and the fantastic world of Unix. Right now he has a tutorial on creating RPM's in Python.
By the way, besides many Linux distributions, the software engineers at United Space Alliance uses Python for Rapid Application Development.
at 11:18 PM
January 15, 2007
The author behind Denyhosts has written an excellent tool in Python to protect your ssh server from brute force attacks. Annoying ssh attacks that tries to guess a valid username and password to you ssh login. Very common attack vector. If you are running an ssh server that is accessiable from the Internet or actually any location, may it be the LAN or WAN, you should always enforce restrictionsn to your services, and especially login services such as ssh.
It should not matter if you are a linux newbie, the installation of DenyHosts is very smooth.
What is just excellent, is that DenyHosts uses a security featuret that has been around most Unix Linux systems for ages. The tcpwrapper!
(/etc/hosts.deny and /etc/hosts.allow)
After downloading the tarball (DenyHosts-2.6.tar.gz) or rpm.
[salt@localtoast source]$ tar -zxvf DenyHosts-2.6.tar.gz
The output should be similar to this.
[salt@localtoast source]$ cd DenyHosts-2.6
(change directory to the uncompressed python source of DenyHosts)
[salt@localhost DenyHosts-2.6]$ more README.txt
(read the README.txt file for DenyHosts. This should be mandatory for every installation. It will save you so much time!)
Ok, you have read the README.txt, peaked somewhat on the Python code.
Now you will have to switch to the root user aka the super-users.
[salt@localtoast source]$ su -
You will need to cd back to the source directory of DenyHosts as user root.
Edit the files descibed in the README.txt file. If necessary. Red Hat and Fedora users should be able to run the default configuration. Make sure the is moved or copied to /usr/share/denyhosts/
Fire up and test DenyHosts with
[root@localtoast DenyHosts-2.6]# daemon-control start
starting DenyHosts: /usr/bin/env python /usr/bin/denyhosts.py --daemon --config=/usr/share/denyhosts/denyhosts.cfg
# tail /var/log/denyhosts (monitor denyhosts)
To verify that DenyHost is running as process, you can check with your ps commands.
[root@localtoast DenyHosts-2.6]# ps lax | grep deny
1 0 3826 1 16 0 9600 2808 - S ? 0:00 python /usr/bin/denyhosts.py --daemon --config=/usr/share/denyhosts/denyhosts.cfg
The same goes to verify that process is not running.
[root@localhost DenyHosts-2.6]# daemon-control stop
sent DenyHosts SIGTERM
The author has made it simple to have DenyHosts started by the run control scripts.
Read his README.txt for more information.
Use # chkconfig --add denyhosts and it will start at boot.
Verify with # chkonfig denyhosts --list
If your are running a server or system that has the ssh port 22/tcp, 22/udp reachable, start DenyHosts and tail your /etc/hosts.deny file and enjoy the attacks gettings smacked. :-)
# tail -f /etc/hosts.deny
Good work DenyHosts author!
at 12:06 PM
January 12, 2007
Due to patent issues, many of the Linux distributions does not support mp3 files out of the box.
This is old news, but if you want to support for playing mp3 files, you can simply download xmms-mp3 for the xmms player, or use the excellent mplayer (movie player) from http://www3.mplayerhq.hu. The mplayer is movie player but it can use several kinds of codecs, and is usable from the command line for playing mp3 fles etc.
Make sure you download the Windows Codec Binaries and add them to your /usr/lib/codecs or what ever directory that fits your Linux system. You will need to be root user if you choose the /usr directory.
mp3 support to xmms for Fedora or Red Hat.
# yum install xmms-mp3
Command line syntax for playing mp3 files with xmms or mplayer
$ xmms file.mp3
$ mplayer file.mp3
Sometimes, you need to load some sort of support to your Linux kernel. Instead of having to compile every time you want to add or remove some hardware support to the kernel for example, you can use loadable modules instead. Here a three of the most common Linux modules commands. The are pretty straightforward to use. If you run into any problems, consult the man page for the command.
# man lsmod (etc..)
lsmod - program to show the status of modules in the Linux Kernel
rmmod - simple program to remove a module from the Linux Kernel
modprobe - program to add and remove modules from the Linux Kernel
January 11, 2007
I will be posting some more non basic Unix and Linux hacks here soon. This blog was created to give all new to Unix or Linux some help on the way, and give some answers and solutions to common beginner problems, like networking, editing files, starting and stopping services, basic firewall scripts, file permissions and other known pitfalls. This is not a new idea of a blog in anyway, and certainly not the best one out there, but I felt the urge to try and help rookies out. I know to many who got fed up after trying to use a Unix or Linux system for a short while, and never got the chance to experience the true beauty of total control over an operating system.
Often because they never knew how to troubleshoot their system. This is what I try to avoid by posting some hopefully easy to grab solutions here.
So, besides the more basic hacks, there will be posts that requires some more advanced knowledge about Unix or Linux. Hopefully, my posts will be understandable by less experienced users too.
at 9:43 PM
Apple is releasing it's new master piece, the Apple iPhone. iPhone is combining three products to become on revolutionary mobile phone. Desktop-class email, web browsing, maps and searching. A Widescreen iPod that uses touch controls on a large multi-touch display.
According to Apple's website, the iPhone will run the Safari web browser, including a built in Google and Yahoo search. It will also be fully multi-tasking, so you can download files like music from iTunes while writing a message or browsing the web. Besides this, the iPhone will support audiobooks, videos, TV shows, and movies — on a beautiful 3.5-inch widescreen display. It also lets you sync your content from the iTunes library on your PC or Mac.
This is just a great site about Science. If you don't know what to believe, go to Sense About Science and have the correct answers to your question. Sense About Science is promoting good Science and evidence for the public. Thanks for a new good web site to frequent! Get your knowledge confirmed or corrected now.
Sense About Science Web Site
January 9, 2007
The PPC powered Xbox 360 has supposedly been cracked by Anonymous to run Linux as the Operating System of choice. I can not verify that this actually works, but judging by the video this could be possibly be true. Check it out for yourself. The demonstration was showed at the 23rd Chaos Communication Congress by anonymous.
Some Xbox 360 hardware specifications.
Custom IBM PowerPC-based CPU
• Three symmetrical cores running at 3.2 GHz each
• Two hardware threads per core; six hardware threads total
• VMX-128 vector unit per core; three total
• 128 VMX-128 registers per hardware thread
• 1 MB L2 cache
CPU Game Math Performance
• 9 billion dot product operations per second
Custom ATI Graphics Processor
• 500MHz processor
• 10 MB of embedded DRAM
• 48-way parallel floating-point dynamically scheduled shader pipelines
• Unified shader architecture
• 500 million triangles per second
Pixel Fill Rate
• 16 gigasamples per second fill rate using 4x MSAA
• 48 billion shader operations per second
• 512 MB of GDDR3 RAM
• 700 MHz of DDR
• Unified memory architecture
Memory Bandwidth • 22.4 GB/s memory interface bus bandwidth
• 256 GB/s memory bandwidth to EDRAM
• 21.6 GB/s front-side bus
Overall System Floating-Point Performance
• 1 teraflop
• Detachable and upgradeable 20GB hard drive
• 12x dual-layer DVD-ROM
• Memory Unit support starting at 64 MB
January 8, 2007
Nice demonstration of Kubuntu running XGL.
Xgl is an X server architecture designed to take advantage of modern graphics cards via their OpenGL drivers, layered on top of OpenGL via glitz. It supports hardware acceleration of all X, OpenGL and XVideo applications and graphical effects by a compositing window manager such as Compiz or Beryl. There is lots of good howto's for setting up XGL on your Linux box, so I will not try to write my own. Here is a bunch of links to some of the most popular distributions.
Novell (SuSE) http://www.novell.com/coolsolutions/feature/17174.html
Debian Etch http://sonique54.free.fr/xgl/xgl.htm
Check out on of many XGL demo's from Youtube.
All intel graphics chips need the newest packages of Xgl and compiz for running flawlessly.
o i915, i945
Accelerated XVideo is broken on these cards. See Troubleshooting.
o compiz --replace will most likely crash the Xserver due to a long standing DRI bug.
All NVIDIA cards need the proprietary driver for running Xgl. Currently you will need to uninstall and reinstall the xgl rpm after installing the proprietary NVidia driver.
o GeForce 4xxx series
XVideo is not accelerated on these cards.
o GeForce FX 5xxx series, Quadro FX series
Accelerated XVideo is hitting a slow path on these cards, it is under investigation.
o GeForce 6xxx series
o GeForce 7xxx series (GeForce 7600 = not all effects are available but mostly working)
o Mobility Radeon 9700 SE: Xgl running with proprietary fglrx driver 8.23
o Radeon X300: Xgl running with proprietary fglrx driver 8.23
o Firegl 5200 and 5250 (T60p): Xgl running with proprietary fglrx driver 8.32 and Xorg 7.2
Just a recommendation. You guys that long for a descent Divx Xvid player that's worth the money, check out Phillips Divx Certified DVD players. I have had mine for 3 years and it works like a charm. Instead of going thru the hazzle with Media Centers or using a S-video cable from your laptop to your TV, (which is fun btw) you can simply burn your Divx, Xvid files and play them in your DVD player. The player is upgradeable, so you can download the latest firmware from philips.com when ever there is a new release. Just burn down the firmware file as an iso file and boot up your DVD player with the disc inserted. The new firmware will then be flashed into the DVD players memory, and you will be ready in a few minutes.
As most Unix or Unix users know, instant messaging has been around for the Unix and Linux desktops for quite some time. But as this blog is intended to help rookies out, here is a list of known working Instand Messaging software. Most of them are bundled with the big distributions as either rpm files or debian package (dpkg) files. If not, the source is almost always available in tar.gz or bunzip2 format.
Most popular IM's for Unix or Linux users
Gaim http://freshmeat.net/projects/gaim/ (copy paste url)
Supported protocols: AIM, ICQ, MSN, Yahoo, Jabber and more.
Encryption: Yes. Check this page for instructions
Supported protocols: AIM, ICQ, MSN, Yahoo, Jabber and more.
Supported protocols: AIM, ICQ, MSN, Yahoo and more.
Encryption: Yes. Check this page for instructions
Kopete The KDE Instant Messenger http://kopete.kde.org/
Supported protocols: AIM, ICQ, MSN, Yahoo, Jabber, IRC, Gadu-Gadu, Novell GroupWise Messenger, and more.
at 1:19 PM
December 26, 2006
The kids has gotten their Christmas presents, and the trash bins are full of trash.
After New Year, work is going back to normal, and 2007 with all it's daunting
tasks is knocking on the door.
Will Perl release version 6 this year? Is Ruby going to be the hottest language in 2007?
What new attack vectors will be released? Which key note speakers will we see at Black Hat in 2007? Lot's of things to look foward to, that's for sure.
Happy coding in 2007!
Rootkits: Subverting the Windows Kernel (Addison-Wesley Software Security Series)
December 22, 2006
The PlayStation 3, aka PS3 will not only be one heck of a gaming console, it will also support at least
three different operating systems. Besides Windows, Linux and Mac OS X will work on the console.
At the moment only Yellow Dog Linux is officially supported, but I take it this is only for the moment and more distributions will follow for sure. Gentoo has been working on the new cell processor from IBM so I guess they will be supported soon too.
Concerning kernels, Sony has released patches to the 2.6.20 kernel to support the specific memory architecture on the PS3. These patches should also enable SMP (symmetric multiprocessing) and DMA (direct memory access). Fedora, Red Hat, SuSE, Ubuntu, Xandros and other distributions should not have any difficulties to deliver their own PlayStation distribution in the near future.
Besides the Linux, Windows and Mac OS support, PlayStation will provide online services such as, voice and video calls and multi player gaming. Owners of this uber gaming console will be able to buy their games and entertainment by direct online downloads. No more running to the mall fighting be the first in line for new game releases, just download it from your couch or sofa.
I must admit that I am really looking forward to see what the PlayStation can perform running Linux.
December 15, 2006
Considering there is a lot of smart people out there reading blogs, I will post a link to this off topic article. Who knows, maybe you can be the key to save our little planet Earth. The Planetary Society is donating a big sum of US dollars in prize money to the person who designs a system for tagging and tracking this asteroid. So don't ask what Earth can do for you, ask yourself instead what you can do for our beloved Earth. I will start chrunching ideas as of this moment.
Apophis is 300-400m big rock, (read asteroid) that has a slim chance colliding and hitting Earth in 2036, which of course would put us back to the cave era or worse.
Read the article here:
December 13, 2006
I am a headphone freak, and I use my headphones as much as I can, while working, resting, travelling and sleeping. They have to be big and cover your ears, so you can isolate yourself from the rest of the office. :-) Koss and Philips makes my favourite headphones. If I am up to a hole day just doing system administration I might need some fuel in the form of metal music. My choice for Metal is the Koss headphones. If I am in the mood for a security audit, I use my Philips to pump up the base. Anyway, just a quick post to give my fella Unix Linux admins and users an idea of howto stimulate both sides of your brain while at work. And oh, don't forget the active noise reduction if you are buying headphones. Filters out any boss!! :-)
December 12, 2006
Here are some applications and tools that can help you harden and tighten the security on your Linux or Unix box. Examples will follow for each application, tool or module in separate blog posts.These are just a few of the security tools and programs out there, but if you master these, you will most definitely have a more secure system or server.
bastille System hardening. OS lock down program. Configures daemons, system settings and firewalls to be more secure.
tcpwrapper Add some security to your system with tcwrapper. /etc/hosts.allow and /etc/hosts.deny
samhain File integrity checks on the fly!
tripwire File integrity checks and much more.
SELinux Security-Enhanced Linux. Implements mandatory access control using Linux Security Modules in the Linux kernel. NSA started the development, and the project was later released to the open source community for further development.
Apparmor (Novell, SuSE). Discretionary access control (DAC) model by providing mandatory access control. (MAC)
Packet filter for IPv4 and NAT. Packet filter rules in in the kernel.
The iptables command is for administration of the packet filtering rules and NAT. (Network Address Translation).
Monitor your systems in a most excellent way.
Are you like me, interested in Digital Forensics? What tracks are users leaving while surfing, using their mail clients, watching movies etc on their personal computers? I have read two great books about the topic. The first one, Real Digital Forensics, gives the reader all the information about the tools and methods one need to perform forensics on computers, pda's, usb sticks and just about anything that has a filesystem. Unix and Linux Operating systems and Microsoft Windows is covered forensic methods and tools are covered in great detail. The other book I would like to recommend on the topic is Digital Evidence and Computer Crime. This book takes on some real crimes, and how the forensic teams did their digital crime scenes investigations. Lot's of real life crimes stories, where digital evidence helped solving the case.
Both books can be found here.
December 11, 2006
The very best network mapping tool is getting even better. This is the
latest release of nmap changelog.
# Nmap Changelog ($Id: CHANGELOG 4229 2006-12-08 03:02:09Z fyodor $)
o Updated nmap-mac-prefixes to reflect the latest OUI DB from the IEEE
(http://standards.ieee.org/regauth/oui/oui.txt) as of December 7.
o Integrated the latest OS fingerprint submissions. The 2nd
generation DB size has grown to 231 fingerprints. Please keep them
coming! New fingerprints include Mac OS X Server 10.5 pre-release,
NetBSD 4.99.4, Windows NT, and much more.
o Fixed a segmentation fault in the new OS detection system
which was reported by Craig Humphrey and Sebastian Garcia.
o Fixed a TCP sequence prediction difficulty indicator bug. The index
is supposed to go from 0 ("trivial joke") to about 260 (OpenBSD).
But some systems generated ISNs so insecurely that Nmap went
berserk and reported a negative difficulty index. This generally
only affects some printers, crappy cable modems, and Microsoft
Windows (old versions). Thanks to Sebastian Garcia for helping me
track down the problem.
Download nmap 4.20 at the creators site insecure.org.
December 10, 2006
As a kid, some of us had a dream to become astronauts. Some made it there. For Christer Fuglesang, it took 14 years of hard work and patience. He is one of a kind, and most certainly a great astrounaut. Go Christer!!
The Discovery space shuttle and it's crew has set off to space with destination ISS. (International Space Station). This mission to the ISS, is said to be one of the most complex ever.
Discovery's crew is Polansky, Pilot Bill Oefelein and mission specialists Bob Curbeam, Joan Higginbotham, Nicholas Patrick, Williams and Christer Fuglesang, a European Space Agency astronaut.
You guys rock!
Read about the launch here.
December 6, 2006
GnuPG, (gpg) the free and open source version of PGP (Pretty Good Privacy). Used by many
Unix and Linux users. GnuPG encrypts messages using asymmetric keypairs individually generated by GnuPG users.
Security researchers at Gentoo has found a new exploitable bug in GnuPG.
A malformed GPG packet can modify and dereference a function pointer in GnuPG.
The bug is remotely exploitable, and it effects any use of GnuPG.
You can download version GnuPG 1.4.6 from ftp://ftp.gnupg.org/gcrypt/gnupg/
Updated vendor versions of GnuPG is not availbe yet, but should come very soon.
Check for updates regulary.
For more information, read the security researchers announcement.
Troubleshooting or just need a quick refresher on some basic and advanced Unix Linux network related commands?
ifconfig - configure a network interface (setup)
route - show / manipulate the IP routing table
ping, ping6 - send ICMP ECHO_REQUEST to network hosts
netstat - Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships
tcpdump - dump traffic on a network
tcpslice - extract pieces of and/or glue together tcpdump files
traceroute - print the route packets trace to network host
tracepath, tracepath6 - traces path to a network host discovering MTU along this path
iwconfig - configure a wireless network interface
iwlist - Get more detailed wireless information from a wireless interface
wpa_supplicant - Wi-Fi Protected Access client and IEEE 802.1X supplicant
wpa_supplicant.conf [wpa_supplicant] - configuration file for wpa_supplicant
ipcalc - perform simple manipulation of IP addresses
nc - arbitrary TCP and UDP connections and listens
snort - open source network intrusion detection system
ettercap - A multipurpose sniffer/content filter for man in the middle attacks
ethereal - Interactively dump and analyze network traffic
rm - remove files or directories
mv - move (rename) files
mkdir - make directories
cp - copy files and directories
touch - change file timestamps
chmod - change file access permissions
chown - change file owner and group
useradd - Create a new user or update default new user information
usermod - Modify a user account
groupadd - Create a new group
groupmod - modify a group
passwd - update a user's authentication tokens(s)
chage - change user password expiry information
find - find files
locate - find files by name
udpatedb - update a database for mlocate
ps - report a snapshot of the current processes.
pstree - display a tree of processes
yum - RPM installer/updater
clear - clear the terminal screen
vim - Vi IMproved, a programmers text editor
December 5, 2006
Changing your network settings can be performed with either the system-config-network command or by editing the /etc/sysconfig/network-scripts/ifcfg-ethX file.
However, if you are like me, and need to change the ip address sometimes on the fly, you will not want to a simple script to perform the task instead. A simple shell script will do the job nicely. Perl or python will also do the job. I prefer writing small scripts in Perl, so here is a simple network script you can try.
Backup your resolv.conf file before running the script or add this line to your script.
The # represents a line with comments. This line is ignored by Perl when reading the code.
system("cp /etc/resolv.conf /etc/resolv.conf.org");
Let's call the script network_one.pl
The .pl stands for Perl executable.
system("ifconfig eth0 down");
system("ifconfig eth0 192.168.0.88 netmask 255.255.255.0");
system("route add default gw 192.168.0.1");
# Quick and dirty edit of your nameserver settings.
system("cp /etc/resolv.conf /etc/resolv.conf.org");
system("echo "nameserver 192.168.0.2 > /etc/resolv.conf");
# The echo command with the >, will overwrite your resolv.conf file.
# Check that your host can reach the default gateway. Two packets should do.
system("ping -c 2 192.168.0.1");
# Check that the DNS is resolving addresses.
system("dig -x somedomain");
If your dig -x somedomain executes successfully, you should be ready to network.
Next, I just copy this file and name it to network_two.pl, and edit the values for the network.
This way, you can quickly switch between numerous different networks with just calling your scripts with Perl.
# perl network_one.pl
# perl network_two.pl
This is just a very simple script. A lot more sophistication can be added to the scripts of course.
Fedora Core 6 (Zod) was released in october 2006. This release has some great improvements, like support for Intel-based Macs, install-time to third-party package repositories, great performance improvements, ( up to 50%), new GUI for virtualization.
Easier for system administrators to customize their deployments of Fedora with Yum or Kickstart.
The desktop includes a new default font and theme plus the latest release of GNOME and KDE of course. The OpenGL based compositing window manager Compiz is now installed by default.
November 29, 2006
( Remember to use su - , or you might get a display error ) Like this
Xlib: connection to ":0.0" refused by server
Xlib: No protocol specified
Highlight the line where you network card is presented and click on the EDIT button.
Enter the values for you network in the fields as on the picture on the top right.
Choose a ip address that you can use with your router. If the router is configured to controll 192.168.x.x something, you will have to use a 192.168.x.x address, 10.10.100.x a 10.10.100 address and so on.
Don't forget to activate and save!
That's it. Try and reboot your machine.
You can also view the ifcfg-eth0 file that was edited by the system-config-network script.
# cat /etc/sysconfig/network-scripts/ifcfg-eth0
Rebooted your server/workstation, only to notice that your network configuration is gone?
To make permanent network entries in Fedora or Red Hat and many other Linux distributions, you need to edit your ifcfg file. The ifcfg file should be located in /etc/sysconfig/network-scripts and named after your network cards interface name. Usually eth0 or eth1.
Two common ways to change and make permanent tcp/ip configurations.
- As user root ( symbolized with # ) change your directory to /etc/sysconfig/network-scripts
- # cd /etc/sysconfig/network-scripts
# vi /etc/sysconfig/network-scripts/ifcfg-eth0
This is what your ifcfg-eth0 or ifcfg-eth1 could look like after you have edit it.
NETMASK, usually 255.255.255.0 if you have want a usual /24 net.
IPADDR= Normally an 192.168.x.x or 10.10.10.x or 172.x.x.x address. Check your router/access point for details on what net it is configured to service.
GATEWAY= This should be the ip address of your router or access point.
November 27, 2006
I bought the E61 which is a piece of email queen 3 months ago, after drooling over my friends E61 for over 2 months. Nokia has delivered a beast for email and SMS. My expectations were high that day in septmember when I reached the disk at the phone shop. I remember thinking, "don't be sold out, please don't be sold out". The assistant in the shop could see my worried face turn into a huge smile when he laid the precious shiny smartphone on the desk. If you have the habit of always staying online, this is the phone.
- WCDMA provides fast, wide-area connectivity
- WLAN provides fast, local-area connectivity
You can check out the reviews here.
- Support for a choice of email solutions
- Native email client
- Intellisync Wireless Email
- Supports push email solutions that provide immediate notification when a new email is received (Intellisync Wireless Email, BlackBerry Connect, Good Mobile Messaging, Seven Always-On Mail, Visto email technology)1
- Works with security and collaboration solutions (Nokia mVPN, Symantec Firewall and Anti-Virus, Pointsec Data Protection, IBM Tivoli, Nokia configurator)
- Mail for Exchange2
- POP3/IMAP supported in native email client
- Contacts and calendar compatible with Microsoft Outlook and Lotus Notes
If you want to watch your DVD's on a bigger than normal screen. This is the phone.
See smartmovie for Symbian and you'll know.
If you belive in smartphone security, this is a phone with a bunch of security features.
- Internal security: device lock and device wipe
- Additional security solutions separately available, such as Pointsec Data Protection and Symantec Firewall and Anti-virus
November 21, 2006
Some very basic cd burning commands. Non GUI, just command line.
cdrecord - record audio or data Compact Disks or Digital Versatile Disks from a master
Let's say you have a folder with files you want to backup by burning them to a CD or DVD.
First out would be to make an iso file of the files in the folder.
$ mkisofs -r -o filename.iso folder_to_make_iso_of
(filename.iso is the iso file you will burn in the next step)
Output, something similar to this
$ mkisofs -r -o wpa.iso wpa
INFO: UTF-8 character encoding detected by locale settings.
Assuming UTF-8 encoded filenames on source filesystem,
use -input-charset to override.
Using WPA_S000.TGZ;1 for /wpa_supplicant-0.4.9.tar.gz (wpa_supplicant-0.3.11.tar.gz)
Using DRIVE000.C;1 for wpa/wpa_supplicant-0.4.9/driver_bsd.c (driver_broadcom.c)
Using DRIVE001.C;1 for wpa/wpa_supplicant-0.4.9/driver_ndis.c (driver_ndis_.c)
Using DRIVE002.C;1 for wpa/wpa_supplicant-0.4.9/driver_ndis_.c (driver_ndiswrapper.c)
Using L2_PA000.C;1 for wpa/wpa_supplicant-0.4.9/l2_packet_freebsd.c (l2_packet_pcap.c)
Using WPA_S000.H;1 for wpa/wpa_supplicant-0.4.9/wpa_supplicant_i.h (wpa_supplicant.h)
Using DRIVE003.C;1 for wpa/wpa_supplicant-0.4.9/driver_wext.c (driver_wired.c)
Using L2_PA001.C;1 for wpa/wpa_supplicant-0.4.9/l2_packet_pcap.c (l2_packet_linux.c)
Using WPA_S000.SGM;1 for wpa/wpa_supplicant-0.4.9/doc/docbook/wpa_supplicant.conf.sgml (wpa_supplicant.sgml)
Total translation table size: 0
Total rockridge attributes bytes: 17015
Total directory bytes: 30720
Path table size(bytes): 104
Max brk space used 21000
1702 extents written (3 MB)
$ su - (switch to user root)
# cdrecord filename.iso
# cdrecord wpa.iso
cdrecord: No write mode specified.
cdrecord: Asuming -tao mode.
cdrecord: Future versions of cdrecord may have different drive dependent defaults.
cdrecord: Continuing in 5 seconds...
Cdrecord-Clone 2.01.01a03-dvd (i686-pc-linux-gnu) Copyright (C) 1995-2005 JÃ¶rg Schilling
NOTE: This version contains the OSS DVD extensions for cdrtools and thus may
have bugs related to DVD issues that are not present in the original
cdrtools. Please send bug reports or support requests to
http://bugzilla.redhat.com/bugzilla The original cdrtools author should
not be bothered with problems in this version.
scsibus: -2 target: -2 lun: -2
Linux sg driver version: 3.5.27
Using libscg version 'schily-0.8'.
cdrecord: Warning: using inofficial libscg transport code version (schily - Red Hat-scsi-linux-sg.c-1.85-RH '@(#)scsi-linux-sg.c 1.85 05/05/16 Copyright 1997 J. Schilling').
Device type : Removable CD-ROM
Version : 0
Response Format: 2
Vendor_info : 'SONY '
Identifikation : 'DVD+-RW DW-Q58A '
Revision : 'UDS1'
Device seems to be: Generic mmc2 DVD-R/DVD-RW.
Using generic SCSI-3/mmc CD-R/CD-RW driver (mmc_cdr).
Driver flags : MMC-3 SWABAUDIO BURNFREE
Supported modes: TAO PACKET SAO SAO/R96P SAO/R96R RAW/R16 RAW/R96P RAW/R96R
Speed set to 1764 KB/s
Starting to write CD/DVD at speed 10.0 in real TAO mode for single session.
Last chance to quit, starting real write 4 seconds.
Track 01: Total bytes read/written: 3485696/3485696 (1702 sectors).
For troubleshooting, try the --scanbus option and specify the device if you have more than one on your scsibus.
# cdrecord --scanbus (the --scanbus option, scsibus, target, lun)
Cdrecord has many options. See manpage.
$ man cdrecord
If you need to make your iso file bootable, look at the manual for mkisofs. (Several options)
$ man mkisofs
(This should not be needed if you have downloaded a live cd or a Unix Linux distribution. You should only need to burn the iso file, as is.)
November 20, 2006
A few advices about hardening (securing) your Linux or Unix system. In my field of work, I come across a lot of different Unix and Linux systems. The majority of these system is protected by firewalls, local or on the network. This of course standard praxis today. What I don't always see is that these systems has been hardened in anyway. This has a number of reasons. One of the most common for systems running in production, is that this particular system is crucial for the business, and must not be down for any period of time. I can understand that, but some pit stops is going to be necessary to keep the system stable and secure. Patching a Unix or Linux server is usually a easy and quick procedure. One should of course backup the old working data before patching, and make sure there is a way to roll back, but that is almost all to it.
Now days almost every Linux distribution has a command line tool to accomplish a fast and reliable updates.
Besides updating your server or workstation, you should take a look at what services your system is running. The goal should be to close all those unused services and ports that is only a potential way in for an intruder.
On Red Hat and Fedora, there is an excellent tool for managing your services, if you don't want to do it manually by moving run control scripts from every level of run control.
Yupp, this is a graphical front end that should show you all installed services on your system. Even those not running for the moment. This is a great tool. Every service has a short description, which will make it easier for you to decide wetter it should run or not.
Ok, so lets say you have stopped a few services from the system-config-services window.
Oh, do not forget to save your settings!
Some services that is probably not necessary on a workstation.
named (DNS daemon)
httpd (apache webserver daemon)
nfs (network file system)
portmap (DARPA port to RPC program mapper)
ntpd (network time daemon)
nscd (name service caching daemon)
snmpd (simple network management protocol daemon)
What you might want to have running,
iptables (excellent local firewall)
sshd (Secure Shell daemon) will allow remote encrypted connection. (If you don't know what to use it for, turn it off!)
crond (schedule jobs)
apmd (monitors you battery level. For laptops)
syslog (system log messages)
This is just a tiny list of all the possible services you can have installed on your Linux or Unix box, but it is a start.
Now, you can check manually your active network status with the netstat command.
# netstat -an (will show you all listening and non-listening sockets in an alpanumeric way
You can pipe netstat -an to more and use spacebar to scroll down the list of connections.
# netstat -an | more
One easy way to see what ports your system is accepting connectons on is to use netstat and use the grep command.
[root@localhost ~]# netstat -an | grep LIST
tcp 0 0 :::22 :::* LISTEN
This shows you that your system is running a sshd server and that it is accepting connection on tcp port 22.
# netstat --tcp (shows you all active tcp connections)
[salt@localhost ~]$ netstat --tcp
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 192.168.33.77:54758 22.214.171.124:http TIME_WAIT
tcp 0 0 192.168.33.77:41690 eh-in-f191.google.com:http ESTABLISHED
tcp 0 0 192.168.33.77:41688 eh-in-f191.google.com:http ESTABLISHED
tcp 0 0 192.168.33.77:45580 126.96.36.199:http TIME_WAIT
Try to run these commands every now and then, so you get a picture of what is normal network activity on your system. And you will be suprised how much you can learn from just watching the netstat outputs.
The last thing in this little brief hardening post is iptables. Iptables will provide your system some shelter if configured correctly.
To see what the current iptables is protecting run this command;
# iptables -nL
Iptables will show you all your active firewall policies.
If you are no familiar with the iptables syntax, don't worry. There is plenty of frontends for setting up the rules.
On Red Hat and Fedora, you simply run;
# system-config-securitylevel (as user root)
See picture on the top left of this post.
Here it is just a matter of clicking to enable or disable services like ftp, httpd, sshd etc. Your new firewall configurations will be automically enabled after saving.
Ok, this is a few hacks you can do. This does not mean that your server or workstation is secure!! But it will most likely not give anyone a simple and free entrance to break into your system.
Next post will cover some more advanced security enhancements.
November 19, 2006
Wi-Fi protected access for you Unix Linux workstation can be a bit tricky the first time you set it up.
The setup I use in my example is from Fedora and Red Hat, but it should work on most Linux flavours and some Unix distributions. Oh, you will need to have a working ieee80211_crypt module and subsystem working with you kernel. Intel Wi-Fi card owners might check out http://ipw3945.sourceforge.net/ for some excellent resources.
To start using WPA or WPA-PSK you will need wpa_supplicant implementation installed on your box.
(Red Hat and Fedora user can download the wpa_supplicant rpm from Red Hat.
Fedora Core 5 users will find the rpm here.
# rpm -Uvh wpa_supplicant-0.4.9-1.fc5.i386.rpm
There is even a GUI ( frontend to wpa_supplicant at the Red Hat ftp site. Same directory as the wpa_supplicant rpm.
Source code way.
Check the author to wpa_supplicant site for the source code.
http://hostap.epitest.fi/ for the source code. Read the docs unpack the tarball and install.
$ tar -zxvf wpa_supplicant-0.4.9.tar.gz
Change directory to wpa_supplicant-0.4.9
$ cd wpa_supplicant-0.4.9
To build wpa_supplicant and wpa_cli
Now you can copy the binaries wpa_cli and wpa_supplicant to /usr/local/bin for example
$ su - ( you will most likely need to be root user for this, otherwise you might need to do a local security audit of your system. :-)
# cp wpa_supplicant wpa_cli /usr/local/bin/
(# Symbol for root user)
Now you should be ready to start testing.
If you are using the ipw3945d (binary user space regularity daemon) check that it is starting ok.
ipw3945d - regulatory daemon
Copyright (C) 2005-2006 Intel Corporation. All rights reserved.
Next fire up wpa_supplicant
You will usually find the wpa_supplicant.conf file under /etc/wpa_supplicant/wpa_supplicant.conf
# wpa_supplicant -i eth1 -c /etc/wpa_supplicant/wpa_supplicant.conf -d
For an Intel ipw3945 based card, the driver used in this example should work.
Next you will have to edit you configuration file to include your pre shared key or certificate.
Example wpa_supplicant.conf file
# home network; allow all valid ciphers
The psk= line can contain either your password in cleartext or the pre calc value of the shared key.
Then try to start and see if it can authenticate against your access point.
# wpa_supplicant -Dwext -i eth1 -c /etc/wpa_supplicant/wpa_supplicant.conf
You should see something like this;
Trying to associate with XX:XX:XX:XX:XX:XX (SSID='YOURSID' freq=0 MHz)
XX = Mac Address of your access point
Associated with XX:XX:XX:XX:XX:XX:XX:XX
WPA: Key negotiation completed with XX:XX:XX:XX:XX:XX:XX:XX [PTK=TKIP GTK=TKIP]
CTRL-EVENT-CONNECTED - Connection to XX:XX:XX:XX:XX:XX:XX:XX completed (auth)
WPA: Group rekeying completed with XX:XX:XX:XX:XX:XX:XX:XX [GTK=TKIP]
$ man wpa_supplicant (If you get stuck)
Try the -K option or -q for debugging
If everything works fine, you are ready to get an ip address to your interface.
Either statically assign or through a dchp request.
# dhclient eth1
If you are using Fedora or Red Hat you should be able to install the rpm wpa_supplicant-0.4.9-1.fc5
# yum install wpa_supplicant
Supported wireless cards/drivers
- Linux drivers that support Linux Wireless Extensions v19 or newer with WPA/WPA2 extensions
- Host AP driver for Prism2/2.5/3 (WPA and WPA2)
- Linuxant DriverLoader with Windows NDIS driver supporting WPA/WPA2
- Agere Systems Inc. Linux Driver (Hermes-I/Hermes-II chipset) (WPA, but not WPA2)
- madwifi (Atheros ar521x)
- ATMEL AT76C5XXx
- Linux ndiswrapper
- Broadcom wl.o driver
- Intel ipw2100
- Intel ipw2200
- Intel ipw3945
- Wired Ethernet drivers
- BSD net80211 layer (e.g., Atheros driver) (FreeBSD 6-CURRENT and NetBSD current)
- Windows NDIS drivers (Windows; at least XP and 2000, others not tested)
One of the best wireless routers is by the way Linksys WRT300N
Linksys WRT300N Wireless-N Broadband Router
WIRELESS GARDEN SCB10 Super Cantenna 802.11b 802.11g Booster Antenna
Or any paperback book covering the IT field, is usually heavy and takes a lot of the free space in
my backpack. I have tried to use the pdf files from the books, to read them from my mobile phone or pda, but the starring at colorful screen makes my eyes tired, so I bring the book instead.
Finally, Sony has a piece of hardware that could resolve the "problem". The have developed the Sony PRS-500, with E-ink technology from MIT. This peace of work could save my back and eyes. The E-ink uses micropulses and black and white nanoparticles to take care of the issues with reading tons of manuals. A full battery lasts about 7.500 pages, or 25 books. If there is good search feature, this baby rocks! Check it out, at sonystyle.com
November 17, 2006
Just a quicky about SE (Security Enhanced) Linux. SE Linux provides mandantory access control using LSM. (Linux Security Modules. Red Hat and Fedora provides quite a few security policy configurations by default. You can read more about SELinux here at http://fedoraproject.org/wiki/SELinux.
However, a few yeas ago, setting up SE Linux policies could be a daunting task, so I guess one or two ambitious sys admins got fed up and promised themselves to never ever use it again.
Today, you can just open up the GUI and start enforcing your protocols and services, such as ftp, kerberos, cron, named, nfs, samba, squid, sasl, ssl and many more.
So if you have not done it already, just do it.
November 8, 2006
Installed Oracle XE or 10g? Want to to connect but get error messages like;
ORA-12154: TNS:could not resolve the connect identifier specified?
Try checking your tnsnames.ora file. A sample tnsnames.ora file should be provided when you installed
the Oracle databas server. Can't find it? Here is a sample from the XE installation.
# tnsnames.ora Network Configuration File:
(ADDRESS_LIST= (ADDRESS = (PROTOCOL = TCP)(HOST =192.168.XX.XX)(PORT = 1521)))
(SID = XE)
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC_FOR_XE))
(SID = PLSExtProc)
(PRESENTATION = RO)
Port 1521/tcp is one of Oracle default ports for the TNS listener. TNS stands for Transparent Network Substrate. The TNS listener is responsible for managing network connections to the Oracle database.
The next step is to switch to your oracle user.
# su - oracle
From the prompt, you could now try and connect to your database with the SQLPLUS tool.
If you have default installation of Oracle XE 10g, try to log in with the hr account.
If you get the error message ORA-12162: TNS:net service name is incorrectly specified,
you have forgotten to specify Oracle's SID. You will need to provide the SID to sqlplus to be able to connect properly. The SID in this example is XE.
$ ./sqlplus hr/hr@XE
$ ./sqlplus /NOLOG
SQL*Plus: Release 10.2.0.1.0 - Production on Wed Nov 8 13:56:00 2006
Copyright (c) 1982, 2005, Oracle. All rights reserved.
SQL> connect hr@XE
Oracle Database 10g Express Edition Release 10.2.0.1.0 - Production
Make sure you have the tnsnames.ora file in your path. Under /etc for example.
If you are unsure where sqlplus looks for you tnsnames .ora file. Try running the strace command with the trace option, and log it to a file for analysis.
$ strace -ft ./sqlplus > /tmp/sqlplus_strace
Ok, happy Oracle:ing.