Thursday 31 May 2012

Design Of A Default Redhat Server 6.2 As Honeypot | HoneyPot Methods

Introduction

The following paper is a description of how I have designed and implemented a honeypot system. The paper describes how the honeypot is used to capture data in layers using different techniques. The aim of the honeypot is to discover the techniques and tactics used by blackhats (hackers) to compromise computer systems. The methods used are similar to the methods used by the Honeynet Project.

Complete Adobe Flash Professional CS5.5 v11.5 Incl Keymaker - Full Software with K3yG3n.

Adobe Flash Professional CS5.5 v11.5 Incl Keymaker-CORE | 981 MB

Adobe Flash Professional CS5.5 software is the industry-leading authoring environment for producing expressive interactive content. Create immersive experiences that present consistently to audiences across desktops, smartphones, tablets, and televisions.

This book looks at network security in a new and refreshing way. It guides readers step-by-step through the "stack" -- the seven layers of a network. Each chapter focuses on one layer of the stack along with the attacks, vulnerabilities, and exploits that can be found at that layer. The book even includes a chapter on the Mythical Eighth Layer: "The people layer".

Ways of InterVLAN Routing - Routing between VLAN Networks | Need Of VLAN Routing | Types of VLANs Routing

Introduction

This article deals with the popular topic of InterVLAN routing, which is used to allow routing & communication between VLAN networks. Our article analyses InterVLAN routing and provides 4 different methods of InterVLAN routing to help understand the concept.

RedHat / CentOS Install and Configure Cacti Network Graphing Tool

Cacti is a network graphing tool similar to MRTG. How do I install and configure common options to collect SNMP data and various other data (such as system load, network link status, hard disk space, logged in users etc) into an RRD?

ISO/IEC 27001, part of the growing ISO/IEC 27000 family of standards, is an Information Security Management System (ISMS) standard published in October 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

Its full name is ISO/IEC 27001:2005 - Information technology -- Security techniques -- Information security management systems -- Requirements.

If you are starting to implement ISO 27001, you are probably looking for an easy way to implement it. Let me disappoint you: there is no easy way to do it.However, I'll try to make your job easier - here is the list of sixteen steps you have to go through if you want to achieve ISO 27001 certification:

Using The Paessler PRTG Traffic Grapher In a Cisco Wide Area Application Services | PRTG Grapher for Cisco Router and Switches

About the PRTG Traffic Grapher

The PRTG Traffic Grapher is a Microsoft Windows software tool for monitoring and classifying traffic bandwidth use. It offers a simple, easy-to-learn interface and provides system administrators with live readings and long-term use trends for their network devices. The PRTG Traffic Grapher is most commonly used for bandwidth management, but its sensor technology can also be used to:

• Log the amount of data flowing in and out of Simple Network Management Protocol (SNMP)-enabled network components using the Internet MIB-2 standard.

• Inspect all data packets passing a computer's network interface card (packet sniffing).

• Incorporate bandwidth use data sent by Cisco routers using the NetFlow Version 5 protocol.

The packet sniffer and NetFlow-based monitoring capabilities of the PRTG Traffic Grapher provide the capability to classify traffic by protocol, IP address, and MAC address.

Two applications I've recently come across were Belarc Advisor (BA) and Jelly Bean (JB). These are useful applications that locate all the licenses for your installed applications on your Windows PC.

EBook - "Microsoft Log Parser Toolkit: A complete toolkit for Microsoft's undocumented log analysis tool" by Gabriele Giuseppini, Mark Burnett, Jeremy Faircloth and David A. Kleiman

Written by Microsoft's Log Parser developer, this is the first book available on Microsoft's popular yet undocumented log parser tool. The book and accompanying Web site contain hundreds of customized, working scripts and templates that system administrators will find invaluable for Analyzing the log files from Windows Server, Snort IDS, ISA Server, IIS Server, Exchange Server, and other products.

Packet Tracer 5.1

About Packet Tracer

Packet Tracer is a self-paced, visual, interactive teaching and learning tool. It is designed to increase interaction between students and instructors, promote student learning, and enhance instructor presentations. This technology is a new and fun way to expand teaching and learning experiences beyond the limitations of a traditional lab environment. Packet Tracer helps resolve some common challenges that instructors face on a daily basis, while enabling us to explore new frontiers in networking education.

What Are Honetpots ?

Just as honey attracts bears, a honeypot is designed to attract hackers. Honeypots have no production value. They are set up specifically for the following purposes:

Providing advance warning of a real attack.
Tracking the activity and keystrokes of an attacker.
Increasing knowledge of how hackers attack systems.
Luring the attacker away from the real network.

It is a trap as bears are attracted to honey in the same way a honeypot is designed to attract hackers and black hat people.They are used specifically for the following purposes:

1.Warn about a future attack.
2.Monitoring the activity of an attacker
3.Inorder to know the way of attack used by the attacker.
4.Creating a virtual environment to mislead the attack.
5.It is also very useful in malware analysis.

Free Download - Atomix Virtual DJ V7.0 PRO + Crack

Virtual DJ Pro is the one n only Best DJ software.

Virtual DJ is the hottest AUDIO and VIDEO CLIP mixing computer software, targeting DJs in the bed room, phone, and specialist superstars like Carl Cox.With VirtualDJ's breakthrough BeatLock engine, songs will often remain in beat, along with the DJ operates their mixes incredibly swifter than they at any time could.

Using and Abusing Alternate Data Streams For Windows

This post is to detail a very simple method that has been used by Viruses, Malware Authors and others to hide data.

What are Alternate Data Streams (ADS)

Alternate Data Streams (ADS) were created to make NTFS compatible with the HFS file system. In NTFS there are 2 streams to a file, the data portion and the resource portion. It is relatively simple to hide data in the resource portion and without using specific tools this data would remain hidden.

RAID (Redundant Array of Inexpensive Disks)

RAID is a technology that is used to increase the performance and/or reliability of data storage. The abbreviation stands for Redundant Array of Inexpensive Disks(or sometimes "Independent"). A RAID system consists of two or more disks working in parallel. These disks can be hard discs but there is a trend to also use the technology for solid state drives. There are different RAID levels, each optimized for a specific situation. These are not standardized by an industry group or standardisation committee. This explains why companies sometimes come up with their own unique numbers and implementations.

The software to perform the RAID-functionality and control the hard disks can either be located on a separate controller card (a hardware RAID controller) or it can simply be a driver. Some versions of Windows, such as Windows Server 2003, as well as Mac OS X include software RAID functionality. Hardware RAID controllers cost more than pure software but they also offer better performance.

Linux: Setup a transparent proxy with Squid in three easy steps

Setup Squid proxy as a transparent server with Squid and iptables.

Main benefit of setting transparent proxy is you do not have to setup up individual browsers to work with proxies.

DNS Spoofing- Ettercap Backtrack5 Tutorial

DNS Spoofing attack

Spoofing attack is unlike sniffing attack, there is a little difference between spoofing and sniffing. Sniffing is an act to capture or view the incoming and outgoing packets from the network while spoofing is an act to forging one's source address. In spoofing attack an attacker make himself a source or desire address. This is basically done by using some tricks.

Complete AUTODESK MAYA V2013 WIN32/WIN64 DVD (.ISO) - Full Software (with Cr@ck) | SINGLE LINK - AUTODESK MAYA 2013

AUTODESK MAYA V2013 WIN32/WIN64 | 2.84 GB | 1 LINK ONLY

AutodeskMaya 3D animation software delivers an end-to-end creative workflow with comprehensive tools for animation, modeling, simulation,visual effects, rendering, matchmoving, and compositing on a highly extensible production platform. Whether you work in film, games, television, advertising, publishing, or graphic design, Maya offers state-of-the-art toolsets, combined into a single affordable offering designed to help meet today demanding production requirements. Autodesk Maya 2012 delivers new toolsets for previsualization and game prototyping, extended simulation capabilities, and improved pipeline integration.

BCCPA - Blue Coat Certified Proxy Administrator

In the Blue Coat Certified Proxy Administrator (BCCPA) course, intended for students who wish to master the fundamentals of Blue Coat ProxySG, you will learn the major functions of the ProxySG, how they work, how to administer them, and how the ProxySG interfaces with other Blue Coat products. You will learn key concepts of network security and wide-area network (WAN) optimization and how to get service and support from Blue Coat.

SmartSound SonicFire Pro.v5.7.1 Scoring Network Edition for Window

SmartSound Sonicfire Pro 5 ignites your creativity like no other music solution in the world. Effortlessly mold music from the largest fully-customizable music library to custom-fit any production. The fusion of patented music editing technology, intuitive design and prolific music production makes Sonicfire Pro 5 and the SmartSound Music Library the most innovative way to add a custom music score to your productions.

Belarc - System Management For The Internet Age

The Belarc Advisor builds a detailed profile of your installed software and hardware, network inventory, missing Microsoft hotfixes, anti-virus status, security benchmarks, and displays the results in your Web browser. All of your PC profile information is kept private on your PC and is not sent to any web server.

Exploiting Software: How to Break Code | Greg Hoglund, Gary McGraw

Addison Wesley | ISBN: 0201786958 | 2004 | PDF | 512 pages | 7.58 MB

How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers. Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.

Password Recovery on a Cisco Router

In this post I'll demonstrate how to perform password recovery on a Cisco router, and I'll also show you how to prevent password recovery.

Password recovery might be necessary for legtimate needs or it could be used by an attacker for nefarious purposes such as to gain access to router or switch configurations. Physical access is required for password recovery so if your routers (or switches) are in an accessible area and cannot be physically secured you may want to use the command listed below for preventing password recovery (if your router supports it that is).

Abusing VLANs With BackTrack

In this post I'm going to have a little fun with VLANs. As I've been studying for the CCNA cert I've been reading how great VLANs are, so in this post i'm going to have a little fun with some really cool tools from the Backtrack distro. My aim is to demonstrate why simlpy placing hosts in a seperate VLAN might sometimes not be enough if you really don't want anyone to have access to them. Let's get started.

Tools:

BackTrack.
Yersinia.
vconfig.
Wireshark.
Nmap.

Finding Traces of Executables in the Registry

Hi Friends,

Today,I found a registry key that is really quite interesting and I can see how it might come in handy when looking at a system that may have been compromised.

By following the procedure detailed below I was able to quickly find all programs or executables that have been installed or executed on a system by the logged in user.

Setting Up SSH on a Cisco Devices (Router and Switches,etc)

In this post I'll demonstrate how to configure SSH on a cisco router.

Below are the commands I used to name the router and provide a domain name. These details are required rior to generating the key. I then generate a 2048 bit RSA key (this took abolut 10 minutes, I should have done 1024). Following the key creation I configure SSH to have a 60 minute timeout, to use SSH version 2 and to exit after 3 failed login attempts. Finally I assign SSH and Telnet (for backup) to my VTY ports and create a user called XcessL.

Free EBook - XSS Attacks : Cross Site Scripting Exploits & Defence (Mediafire Link)

XSS Attacks: Cross Site Scripting Exploits and Defense By Seth Fogie, Jeremiah Grossman
Publisher: Syngress 2007 | 480 Pages | ISBN: 1597491543 | PDF | 5 MB

Cross Site Scripting Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familiar with basic web programming (HTML) and JavaScript. First it discusses the concepts, methodology, and technology that makes XSS a valid concern. It then moves into the various types of XSS attacks, how they are implemented, used, and abused. After XSS is thoroughly explored, the next part provides examples of XSS malware and demonstrates real cases where XSS is a dangerous risk that exposes internet users to remote access, sensitive data theft, and monetary losses. Finally, the book closes by examining the ways developers can avoid XSS vulnerabilities in their web applications, and how users can avoid becoming a victim. The audience is web developers, security practitioners, and managers.

Colasoft Packet Builder

Colasoft Packet Builder enables creating custom network packets; users can use this tool to check their network protection against attacks and intruders.Colasoft Packet Builder includes a very powerful editing feature. Besides common HEX editing raw data, it features a Decoding Editor allowing users to edit specific protocol field values much easier.

Users are also able to edit decoding information in two editors - Decode Editor and Hex Editor.

Cisco Advanced CCIE R&S WorkBook | 351.66Mb

The CCIE Routing & Switching Advanced Technologies Class is the first step in understanding CCIE level technologies and is a companion to the Advanced Technologies Lab Workbook. Each technology you need to know for the CCIE Routing & Switching lab.

Platinum Hide IP 3.1

Get Platinum Online Privacy Protection. With Platinum Hide IP, you can surf anonymously, send anonymous emails through any web based mail system, access blocked websites or forums, get protected from any website that wants to monitor your reading interests and spy upon you through your unique IP address, etc. Your identity is secure, protected, and anonymized.

What's more, Platinum Hide IP allows you to select your IP location such as United States, United kingdom, France, etc. from the Choose IP Country window.

What is Remote File Inclusion ?

First of all what is Remote File Inclusion? Commonly referred as RFI, this is an uncommon form of web attack where the attacker can inject their own scripts and execute it on the web server. I like to call RFI the execution of unpredictable and uncontrollable code.

I'm sure many of you who are reading this have attempted RFI and probably are saying that its a simple method of attack. But ill bet that not many know what occurs behind the scene, how it works, and why it works. Today ill clarify that.

Combine Two Internet Connections Into One to Get Highspeed!

Process for Installing and Configuring Wingate Proxy Server

1. Install Wingate:-

Compress 5GB into 5MB this works 1000% Tested Myself.

KGB Archiver is the compression tool with unbelievable high compression rate. It beats UHARC and 7zip!!

KGB Archiver is the compression tool with unbelievable high compression rate. It surpasses even such efficient compression tool like 7zip and UHARC in terms of the abilities.

Many new Windows applications requires latest version of Microsoft .NET framework which is version 3.5 at the time of of writing of this post.

If you go to Microsoft download center, then by default you will get live installer of approximately 2-3 MB’s while complete .NET framework requires 50-200 MB. Actually on the same page there are links to complete setup but they are placed in a way that anyone can hardly notice them. Seems like Microsoft wants you to download live installer but there are problems with live installer..

GFI SandBox - Powerful automated malware analysis

GFI SandBox™ (formerly CWSandbox) is an industry leading dynamic malware analysis tool. It gives you the power to analyze virtually any Windows application or file including infected: Office documents, PDFs, malicious URLs, Flash ads and custom applications.Targeted attacks, hacked websites, malicious Office documents, infected email attachments and social engineering are all part of the Internet threat landscape today. Only GFI SandBox™ gives you a complete view of every aspect and element of a threat, from infection vector to payload execution. And GFI SandBox can quickly and intelligently identify malicious behavior using Digital Behavior Traits™ technology.

Hacking Exposed Computer Forensics: Secrets & Solutions By Aaron Philipp, David Cowen, Chris Davis (2 Edition) | Mcgraw Hill - Hacking Exposed Computer Forensics

Publisher: Mc/Gra w-Hi l l | 2009 | 544 Pages | ISBN: 0071626778 | PDF | 12 MB

The latest strategies for investigating cyber-crime

Identify and investigate computer criminals of all stripes with help from this fully updated. real-world resource. Hacking Exposed Computer Forensics, Second Edition explains how to construct a high-tech forensic lab, collect prosecutable evidence, discover e-mail and system file clues, track wireless activity, and recover obscured documents. Learn how to re-create an attacker's footsteps, communicate with council, prepare court-ready reports, and work through legal and organizational challenges. Case studies straight from today's headlines cover IP theft, mortgage fraud, employee misconduct, securities fraud, embezzlement, organized crime, and consumer fraud cases.

How To Install Backtrack 5 Dual Boot-Tutorial | Install Backtrack with Windows 7

In this article I will discuss how to make dual boot to use Linux (Backtrack 5) with Windows 7.The overall method of installation is same as discussed before but the step in which you have to mention the partition is change because of dual boot, for this technique it is assume that you have installed windows on your entire disk and you want to make a partition to install backtrack 5 as well, backtrack 5 is not necessary you can use this technique to install any other version and distro of Linux.

Now I am going to show you how to do this, first of all make back up of your windows installer, if you are using USB to boot backtrack than first learn how to make USB click here.

GFI LANguard Network Security Scanner (N.S.S.) is a complete network vulnerability management solution that allows you to scan, detect, assess and remediate any security vulnerabilities on your network.

This award-winning solution scans the entire network, performs over 15,000 vulnerability assessments and identifies all possible security threats. The complete and thorough vulnerability assessment database includes standards such as OVAL (2,000+ checks) and SANS Top 20.

Here is list of useful and Best Software tools that helpful in Ethical Hacking and Penetration Testing, Forensics ...

MetaSploit

Metsploit is a very Powerful PenTesting Tool . Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. The Metasploit Project is also well known for anti-forensic and evasion tools, some of which are built into the Metasploit Framework. Very useful tool for Information Gathering, Vulnerability Scanning, Exploit Development, Client side exploits,...

Official site: Click Here

Metasploit has now become the king of tools used in penetration testing. It’s comprised of a collection of all available exploits. The tool has its pros and cons;

Some advantages are:

It automates the process of penetration testing.

Fast (less time require).

Reliable.

It offers a lot of advanced features that we will discuss step by step .

Pages

Thursday 31 May 2012

Wednesday 30 May 2012

Tuesday 29 May 2012

Introduction

Monday 28 May 2012

Saturday 26 May 2012

Thursday 24 May 2012

What Are Honetpots ?

Just as honey attracts bears, a honeypot is designed to attract hackers. Honeypots have no production value. They are set up specifically for the following purposes:

Wednesday 23 May 2012

Virtual DJ Pro is the one n only Best DJ software.

Tuesday 22 May 2012

Monday 21 May 2012

Saturday 19 May 2012

Friday 18 May 2012

BCCPA - Blue Coat Certified Proxy Administrator

Thursday 17 May 2012

Wednesday 16 May 2012

Tuesday 15 May 2012

Monday 14 May 2012

Saturday 12 May 2012

Friday 11 May 2012

Wednesday 9 May 2012

Tuesday 8 May 2012

Monday 7 May 2012

My Blog List

Subscribe To