Thursday, January 31, 2008

Security-Related Busines Challenges

Face up to Today's most pressing Security-Related Business Challenges

Compliance is a particularly urgent concern today, especially because non-compliance exposures and penalties can threaten the reputation and financial health of our businesses. Addressing regulatory mandates drives an enterprise to protect its private data, establish and consistently enforce internal controls, and effectively demonstrate to auditors that these requirements are met.

Audit requests related to compliance with service level agreements (SLAs) can be just as time-consuming to address and are vital to the health of the business. These compliance efforts may include services delivered to both internal and external customers.

Because of the high stakes involved, we need ways to address audit and compliance initiatives efficiently and effectively. Proactive compliance management involving control automation and enforcement can actually lead to business benefits beyound the compliance process, such as productivity and improved security. It is vital to have a way to view the effectiveness of overall compliance efforts and receive alerts about potential violations that can affect our businesses priorities.

Reporting tools and streamlined audit responses are not enough; thorough reports are no good if we do not have the proper controls and monitoring data to report on. Underneath must be a security platform that helps our businesses define effective security policy and consistently enforce it - accross the enterprise.

The good news is that an effective, integrated security platform helps us with more than compliance. It helps overcome barriers that keeps our employees from accessing the applications, services and data that make them most productive. And it can bridge the silos and the inflexible structures that might keep us from developing new services quickly and partnering with other businesses to take full advantage of market opportunities.

Wednesday, January 30, 2008

MetaSploit launches version 3.1

Improves Windows GUI - Supports IPhone ...

The Metasploit Project released version 3.1 of its exploit development and attack framework. Key additions include a better Windows interface and support for the iPhone.


Metasploit, the brainchild of H D Moore, is an open source tool that outlines attack vectors. In a blog post announcing the launch of Metasploit 3.1 Moor said multiple researchers have contributed code to Metasploit.


Among the key features of Metasploit 3.1:

  • A graphical user interface, full support for the Windows platform, and over 450 modules, including 265 remote exploits.

  • A bevy of new exploits. Moore notes: “Notable exploits in the 3.1 release include a remote, unpatched kernel-land exploit for Novell Netware, written by toto, a series of 802.11 fuzzing modules that can spray the local airspace with malformed frames, taking out a wide swath of wireless-enabled devices, and a battery of exploits targeted at Borland’s InterBase product line.”

  • Code from the “Hacking the iPhone” effort.
I qoute from MetaSploit website:


"The Metasploit Project announced today the free, world-wide availability of version 3.1 of their exploit development and attack framework. The latest version features a graphical user interface, full support for the Windows platform, and over 450 modules, including 265 remote exploits. "Metasploit 3.1 consolidates a year of research and development, integrating ideas and code from some of the sharpest and most innovative folks in the security research community" said H D Moore, project manager. Moore is referring the numerous research projects that have lent code to the framework."


Download MetSploit 3.1 User Guide.

Tuesday, January 29, 2008

Hello SecureWorld

Virtual labs, Videos and more

Welcome To Security Sector 7

Defending the Virtual Universe since 1981

Write Safer Code - Build Safer Net - Surf Safer Web

http://www.microsoft.com/click/hellosecureworld/default.mspx

Technika

XSS Discovery Tool # 2

Technika is another tool from GNUCITIZEN that allows you to easily construct bookmarklets and automatically execute them, imitating the functionalities of GreaseMonkey.

Technika is very small and integrates well with the Firebug command console, which can be used to test and develop your bookmarklets.The extension can be found at www.gnucitizen.org/projects/technika.

If you have Firebug installed you will be able to use Technika bookmarklet constructing features. You can use the Firebug console to test the bookmarklet and make sure that it is working. When you are happy with your code you can easily convert it to a bookmarklet by accessing the Technika menu and selecting Build Bookmarklet.You will be asked to select the folder where you want the bookmarklet to be stored.Type the bookmarklet name and press the OK button. If later you want to modify your bookmarklet, you can select the Technika menu and choose the Load Bookmarklet option. Another useful feature of Technika is that you can set your autorunable bookmarklets on different levels and define the order of their execution.

This mechanism is very similar to initrd booting mechanism on Unix/Linux. For example, if you want to develop a framework that consists of several bookmarklets, you may need to load the core libraries before the actual user scripts.

Thursday, January 24, 2008

Microsoft Vista One Year Vulnerability Report

Vista logged fewer vulnerabilities in its first year than XP, Red Hat, Ubuntu, and Apple Mac OS X did in their first years

Jeff Jones has just released a pdf, Windows Vista One Year Vulnerability Report. I’m still digging into the report, but I like how he’s shown a side by side comparison between the number of vulnerabilities XP had at one year versus the number Vista has had at one year.

A number that would be more revealing, but that we’re not going to see, would be the number of open, unpatched vulnerabilities in each system today. That would tell us a lot more about how secure we are, which is really what we really want to know. I think Jeff does a very good job of comparing apples to apples in the report, but it doesn’t do much to prove that as of today, Windows Vista is the most secure OS available.

I’m still not upgrading to Vista until I can make sure the 64-bit drivers exist for all of my hardware. Even if Vista is as secure as Jeff asserts, it’s not enough to make the upgrade worthwhile to me.

Download PDF Report.

Wednesday, January 23, 2008

Bittorent Forensic Analysis

You Can Be Tracked while using Bittorent..

I was reading Jonathan Care's blog and found out an interesting post by him about Bittorent Forensic Analysis. The video clip from his blog which is posted below clearly shows in a simple way how you can be tracked using Bittorent.



I qoute from Jonathan Care's post :

Interesting stuff, and worth remembering as a former colleague of mine said "The internet is NOT anonymous, you have an IP address, which return traffic is sent to, therefore you can be tracked."

Tuesday, January 22, 2008

Keeping the Lights On

MANAGING RISK before it manages you

A client in the health service industry was recently amazed to discover that of the 4216 active hosts (IP addresses) discovered in its environment, 1193 (27%) had at least one high risk vulnerability. The organisation is responsible for the funding, management and delivery of public health services to an area containing 1.1 million people, so with a high risk of emerging worms, malware attacks and hacker exploitation indentified, the exisitng situation meant that the confidentiality of patient records and sensitive personal information was at an unacceptable risk. In addition, the character of a number of high risk vulnerabilities increased the likelihood of business disruption.

What about your environment? Have you performed a security risk baseline accross your entire organisation? Is network and system disruption a concern? Are your security controls appropriate to the level of risk faced?

It is likely that your IT environment also contains numerous security weaknesses which may lead to system outage and/or unauthorised access. Other major risks include service disruption and failure to comply with service level agreements, performance degradation, loss of data or system integrity, and exposure of confidential information. These outcomes can have a detrimental effect on your business.

So don't wait until an incident occurs - proactively manage your risks before they manage you!

Monday, January 21, 2008

Top 50 Apps That Fit On A USB Drive

Portable Softwares which you should carry on your USB Drive...

Sometimes you just need to take your apps on the go. Whether you’re providing support or just trying to make a strange computer feel more familiar, having a collection of portable applications is very useful. From development to security, these apps are some of the best tools you’ll ever keep in your pocket.

Development

Edit code wherever you are with these handy tools.

  1. Vim: The Vim text editor has lots of features that are great for source code editing, like file comparison, regular expressions, and GUI mode. It’s also highly portable, working with even obscure platforms.
  2. Dev-C++: This integrated development environment is much like Microsoft Visual Studio, except that it has DevPaks that offer additional utilities, libraries, and templates.
  3. Server2Go: With Server2Go, you’ll have access to PHP, MySQL, Apache, and Perl.
  4. Notepad++: Notepad++ is a free source code editor that offers an efficient binary as well as a customizable GUI.

Graphics

Edit graphics, create animations, and view images on the go with these pocket graphics apps.

  1. Anim8or: Anim8tor, though small in size, is packed with loads of features and tools. It also has plenty of easy tutorials for modeling and animation.
  2. IrfanView: Using this image viewer for Windows, you can view, edit, and convert image files, as well as play some video and audio formats. It even supports formats like Flash, MP3, and MPEG.
  3. ArtRage: ArtRage, a bitmap graphics editor, is great for use on tablet PCs. Available mediums on ArtRage include oil painting, pencils, and tools that offer textures and other special effects.
  4. Inkscape: Inkscape is a vector graphics editor application that runs on nearly any operating system, making it a great tool for using on unfamiliar computers.
  5. FastStone Image Viewer: Use FastStone to view images, manage thumbnails, and perform various image editing tasks.
  6. Blender: This 3D animation program can be used for a number of different uses, including modeling, rendering, and animating.
  7. GIMP: The GNU Image Manipulation Program is used to process digital graphics and photographs, and even create basic GIF images.
  8. UnFREEz: Coming in at a tiny 19.5 kb, UnFREEz just might be one of the smallest apps ever. Using this tiny GIF app, you can combine a series of images to create an animation.

Documents

Have your
office with you wherever you go with these portable document applications.

  1. Open Office: This office suite works on a number of different operating systems, and offers document functionality in word processing, spreadsheet, presentation, database, and more.
  2. Foxit Reader: Take this small, fast PDF viewer with you wherever you go to avoid having to use Adobe Acrobat.
  3. NoteTab: This text editor offers the option of a tabbed document interface, making it easy to manage multiple documents at once.
  4. Scribus: The Scribus desktop publishing program offers layout and typesetting as well as the ability to create PDF forms with animations and interactive functions.
  5. RagTime: Using RagTime, you can create documents in spreadsheets, word processing, HTML, and even AutoCad files.
  6. TextPad: The TextPad app offers easy text creation and editing, as well as helpful features like a clip library.

Internet

Get the Internet the way you want it with these portable browsers, chat programs, and email applications.

  1. Firefox Portable: Take your Firefox, with all of its bookmarks, plugins, and extensions anywhere using Firefox Portable.
  2. ChatZilla: Get this IRC client, and you can chat on any platform that has a Mozilla web browser, like the aforementioned Firefox Portable.
  3. Google Talk: You can use this application for VoIP and instant messaging on nearly any Windows machine.
  4. Portable Thunderbird: Using this portable email app, you can keep your email, address book and settings right in your pocket.
  5. PuTTY: This little gem is a terminal emulator that can act as a client for a variety of protocols, like SSH and Telnet.
  6. Pidgin: Use Pidgin, a multi-platform IM client, to enjoy encrypted IM discussions.
  7. XeroBank Browser: This internet browser has Tor access built in, so you can stay anonymous.
  8. Adium: This Mac OS X instant messaging client can be used with AIM, Google Talk, ICQ, Jabber, and many more messaging services.
  9. FileZilla: Use FileZilla, a very popular cross-platform FTP client, to share and remotely access files.
  10. Trillian Anywhere: Take Trillian, a multiprotocol IM application, anywhere using this app.
  11. Portable Bookmarks: Keep all of your bookmarks on your flash drive with Portable Bookmarks.
  12. uTorrent: With uTottent, you can buse BitTorrent while using minimal computer resources.
  13. Gaviri PocketSearch: This file management software makes it easy to locate files across all of your devices.
  14. Miniaim: Get around instant messaging restrictions with this minimalist AIM client.

Multimedia

Get mobile media functionality with these awesome tools.

  1. Audiograbber: Extract audio from CDs and convert into a number of different formats like WAV, MP3, and WMA.
  2. DeepBurner: Take this CD/DVD authoring program on the go to burn discs and ISO images.
  3. VideoLAN: This software plays video and other media formats on the go.
  4. REAPER: This digital audio workstation uses very light resources and can currently be used on Windows, with Mac OS X soon to come.
  5. MediaCoder: Use MediaCoder to batch transcode, compress, or convert audio and video.
  6. StationRipper: With StationRipper, you can record audio from podcasts, Shoutcast, Last.fm stations and more, all with iTunes integration.
  7. Audacity: Edit digital audio on the go and on a number of different platforms with Audacity.
  8. Winamp: Use this popular, skinnable media player for music and more on the go.

Security

Ensure a secure workspace, or just help Grandma get spyware off of her computer using these portable security apps.

  1. KeePass: Carry your password safe around with you, and rest assured that your information is encrypted.
  2. Ad-Aware: Take this popular adware zapper on the go to find trouble on any computer you might be using.
  3. ClamWin: Use ClamWin to scan for viruses on a Windows machine with the Clam AntiVirus engine.
  4. Eraser: Make sure you’re safely deleting files when you leave a strange computer by using Eraser.
  5. RoboForm: This program won’t just manage your passwords, it will also fill in web forms for you.
  6. HijackThis: Find and destroy malware with this freeware spyware-removal tool.

More

Get even more use on the go with the USB apps.

  1. Universal Extractor: Extract files from any archive, anywhere.
  2. Converber: Make easy conversions on any computer with Converber.
  3. Launchy: This program locates programs to launch based on a user search, making it easy to launch anything from games to an internet browser.
  4. DOSBox Portable: Play around with your USB stick, and enjoy classic DOS games on the go.

Thursday, January 17, 2008

Protech

Ubuntu Based Linux Security Distro..

Another Linux Security - penetration testing Distro has just been released by tech4master , it’s called Protech! Since Protech is an Ubuntu based Linux Security Distro, it is known to have the most compatible hardware detection system. The review I read on fusion’s blog said something like this:

"My personal favourite is the Ubuntu based Protech ONE distro. I suggest it over other live security distros because of the Ubuntu cores’ hardware compatibility. Most other distros have several problems when it comes to newer computers, especially laptops. I have booted this cd on several of my computers and never had a single problem so far. The other reason I suggest it is the simplicity of aptitude for installing packages. Although most Ubuntu package repositories are noted for having out of date versions of software, they are tested and working. For a Linux newbie, compiling programs, resolving dependencies, and proper configuration can be the biggest turn off."

Softwares that included in this distro are:

Window Manager: Fluxbox

Browsers: Opera® (with tor and privoxy) and w3m (console browser)

File manager: Thunar

Search software: Catfish

Text editors: Mousepad; Vim; Nano

Multimedia: Audacious; Player; Gnome baker

Network: XAMPP; Hamachi; Ndiswrapper (GUI); AutoScan; Hybrid-Share; Wicd (Network Manager); Network Tools; Gftp; Pidgin; telnet; Remote Desktop; Samba (pyNeighbourhood); OpenVNC; VNCviewer

Programming: Python2.5; Emacs22 (gtk2); Anjuta

Tools: ParolaPass; Calculator; GPSdrive; XPDF; Xarchiver

System: Printer / Scanner manager; Htop; Iftop; Start-up Manager (SUM); Ntfs-Config; Gparted; Synaptic; Screenlocker (alock); Fluxbox Menu Editor

Security ToolsAcquiring Tools: DCFLDD; DD; DD_Rescue

Cisco: Yersinia: Asleap; Cisco Exploiter

Database: Blind SQL Injection; Hackerstorm; HTTP SQL Bruteforce; Metacoretex; SQL Inject

Enumeration: DNS: Dig; DNS Enum; DNSWalk; HostGoogle: Finger Google; Google Mail Enum; Google Search; GooScanMisc: p0fSamba: NBTScan; Samba

EnumSMTP: Relay Scanner; SMTP VrfySNMP: SNMP Enum: SNMPget; SNMPset; SNMPwalkWWW: ISR Forms; List URLs; Paros Proxy

Exploits: Exploit Tree; Metasploit Framework 3; Milw0rm

Forensics: Analisys: AutopsyFile Carving: Foremost

Fuzzers: Bed; Clfuzz; Pirana

Honeypot: Labrea; Honeyd; Tinyhoneypot

Oracle: Metacoretex; OAT

Password Attacks: Offline: Rainbow Crack; Hash Collision; John; Ophcrack;

Samdump2Online: Hydra; Medusa; THC PPTP

Rootkit: rkhunter; chkrootkit

Sandbox: Plash

Scanners: Port Scanners: Amap; Nmap; OnesistyoneVPN Scanners: IKE Scan; PSK CrackVulnerability Scanners: Nikto (Nessus is not allowed, requires manual install)

Sniffers: Ettercap; Driftnet; Dsniff; Filesnarf; SSHMITM; Msgsnarf; Mailsnarf; SShow; URLsnarf; Wireshark

Spoofing: Ettercap; Yersinia; ARSpoof; DNSSpoof; Etherwake; Fragrouter; Fragroute; Icmpush

System Hardening: Bastille

Tunelling: Cryptcat; OpenVPN

Wireless Analysis: Kismet / GkismetAP Fakers: FakeAP; HotspotterCracking: Aircrack; Cowpatty; Aircrack-ptw; Airsnort.

Packet Forge: Aireplay

Protech ’s torrent are now available on
here.

Web Attacker Toolkit

Thousands of Web Servers was compromised with this toolkit.

I was reading news on the internet today and i read something about a hacking toolkit that was able to compromise thousands of webservers. Well, apparently the tool called the "Web Attacker Toolkit" can be bought from the Russian hacking group called Inex-Lux for a cheap price. All unpatched IE and Firefox browsers can be compromised, with a trojan silently being installed into the local PC without user knowing it.

Check out those three links below:

http://www.informationweek.com/news/showArticle.jhtmlarticleID=186700539

http://www.websense.com/securitylabs/alerts/alert.phpAlertID=472

http://informationweek.com/news/showArticle.jhtml?articleID=205603044

Monday, January 14, 2008

Burp

XSS Discovery Tool # 1

I’ve just found a great book published by syngress , titled Xss attack , here are the short exceprt which is token from the book about the Burp Proxy suite , a tool to discover xss vulnerabilites on web applications.

The modern browser is designed for speed and efficiency, which means Web application security assessment is a painful task, because probing a Web application requires in-depth analysis. Generally, to test an application, you want to slow down the transmission of data to and from the server to a snail’s pace so you can read and modify the transmitted data; hence the proxy.

In the early days of security, proxies were capable of slowing down the connection in only the outbound direction and as such, a user could only alter the information being transferred to the server; however, that’s only part of the equation when analyzing a Web application. Sometimes it greatly behooves you to be able to modify the incoming data.


For example, you might want to modify a cookie so that it doesn’t use HttpOnly, or remove a JavaScript function. Sometimes you just want a bidirectional microscopic view into every request your browser is making. And then there was Burp Proxy.

Burp Proxy is part of a suite of Java tools called Burp Suite that allow for Web application penetration, but for the purposes of this book only one function is particularly useful, and that’s the proxy.To get started, you need the Java run time environment installed, which you can get from Java.com’s Web site. Once that is installed you modify your proxy settings in your browser to use localhost or 127.0.0.1 at port 8080.

Once this is done, you can launch Burp Proxy, which will show you a blank screen.The Intercept and Options windows are the most important ones that we will be focusing on.First let’s configure Burp Proxy to watch both inbound and outbound requests. Under “Options” uncheck resource type restrictions, turn on interception of Server Responses, and uncheck “text” as a content type.This will show you all of the data to and from every server you connect to.

Once this has been configured, you should be able to surf and see any data being transferred to and from the host.This will allow you to both detect the data in transit and modify it as you see fit. Of course any data you modify that is sent to your browser affects you and you alone, however, if it can turn off JavaScript client side protection this can be used to do other nefarious things, like persistent XSS, which would normally not be allowed due to the client side protections in place. Also, in the days of Asynchronous JavaScript and XML (AJAX), this tool can be incredibly powerful to detect and modify data in transit in both directions, while turning off any protection put in place by the client to avoid modification by the browser.

This can also help remove lots of information that would otherwise leak to the target,including cookies, referrers, or other things that are either unnecessary or slow down the exploitation. Another useful feature is the ability to switch into hex mode.This is particularly useful when you are viewing pages in alternate encoding methods, like US-ASCII or UTF-16.

Burp proxy is by far one of the most useful Web application security tools in any manual security assessment. Not only does it help uncover the obvious stuff, but it’s possible to write custom rules if you know what you are looking for. For instance, if you wanted to find only XML files for debugging AJAX applications, a Burp proxy rule can be created to capture just this information.

Ultimately, Burp is only one tool amongst a wide array of others that do parts of what Burp does as well or better, but nothing works in quite the same way or with quite the same power as Burp Suite. Burp Proxy is not for the faint of heart, but once you get accustomed to it, it is a great learning tool for understanding how Hypertext Transfer Protocol (HTTP) actually works under the hood.Download URL : http://portswigger.net/proxy/

More reviews can be found on thespanner.co.uk , xssworm.blogvis.com , ha.ckers.org .

Maltego

Best Information Gathering Tool...

Maltego is a new breakthrough in information gathering tools. The classical method of information gathering , such as : domain-whois , search-engine , archive , etc are now available on automatic mode on Maltego!Maltego is a program with its purpose to determine the relationship and real world links between : People , groups of People , Companies , Organisations , Web sites , Domains , DNS names , NetBlock ,IP addresses , phrases , affiliations , documents and files.

Maltego uses the method of relation-chainings between some objects (IP, DNS, website,email ,etc). What Maltego actually does is to describe the relation between those objects. For example , you want to search for everything that related to example.com , hence example.com will be the 1st object to be searched for. Then Maltego will search for any other object that related to the object example.com , eg : example.com ’s IP address , example.com’s IP NetBlock , example.com’s mx records , persons that related to example.com. We could also dig more about what social networks that the person joins , and so on..

To try their web interface , you can go here. And to download the application you can simply click here.

Thursday, January 10, 2008

Fast Flux

Thinking fast flux - New bait for advanced phishing tactics

Years ago, attackers would often have one or two really important machines that were the centerpiece of their criminal money-making schemes. The bad guys, thus, often faced one or more single points of failure in their criminal infrastructures. A phisher's imposter Web site could be taken out. A spammer's mail server could be added to a blacklist. And for bot-herders, an IRC server, historically used by many botnets to distribute commands to all of the bot-infected hosts, could be shut down.

So, how have today's enterprising bot-herders, making millions of dollars from their criminal empires, responded to the single points of failure? Two words: fast flux.
Since the summer of 2007, there has been an explosion of large-scale fast-flux botnets. With this technique, bad guys can leverage thousands of disposable drone machines as intermediaries, rapidly swapping among different systems, confounding investigators who try to trace back a constantly fluctuating set of targets.

Full Article Can Be Read Here.

Calling All Web Hacks Of 2007

Jeremiah Grossman is trying to gather all the neat researches behind web hacks of 2007.

"The hardest part is collecting a rather complete list of references to vote on, they’re all over the place, so that’s the reason for this post. Below is what I’ve gathered so far, and if you know of others, please comment them in with the title and link and I’ll add them. In the next few days the list will be compiled and I’ll create an open survey."

Read the entire post here

I think its a great idea. It will not only help build a repository of all cool hacks of 2007 but also give people a chance to showcase their work. Letting the industry select the top 10 is an impartial way to choose the best. For those who cannot get into top 10, will still get a lot of visibility, appreciation and who knows that might motivate them for the next year.

If you know of something which is not already in the list, please feel free to add it.It would be really interesting to see who the winners are.

Good Luck to all the participants.

Tuesday, January 8, 2008

Zenmap - GUI Based Network Scanner

Newest Version of Nmap is available in GUI called Zenmap.

On December 13, 2007 , insecure.org has made the announcement of the availability of the newest version of Nmap , which is Nmap 4.50 . Since Nmap is the most powerful network scanner tool which is more capable to be run under Linux Environment , insecure.org seems to want it to be run under Windows in its best performance too. That’s why Zenmap has been developed by insecure.org. Zenmap is the combination between Nmap command line tool and GUI which will simply offer the ease of use of its features to Windows users. The recently released version 4.5 has more features , such as : 2nd Generation OS Detection, the Nmap Scripting Engine, a rewritten host discovery system, performance optimization, advanced traceroute functionality, TCP and IP options support, and nearly 1,500 new version detection signatures.

Links:

Windows Installation manual
Download Zenmap - Windows Version

Bill Gates' Last Day At Microsoft

What Will Gates Do Next?

I was reading Roger Halbheer's Blog and got to know about an interesting video about Bill Gates.

It is really funny and worth watching it.

Have a look: Bill Gates Last Day At Microsoft

Complete CES Keynote : Defining Tomorrow Technology

Cheers

Shoaib

Monday, January 7, 2008

Boeing New 787 May Be Vulnerable to Hacker Attack

Unbelievable - Hacking Boeing Jet.

Well, it will really sound scary when i will say Boeing NEW 787 maybe hacked. Just picture this, someone sitting in the New 787 and notice on of the passenger has hacked the Dreamliner Jet.

"This is serious," said Mark Loveless, a network security analyst with Autonomic Networks, a company in stealth mode, who presented a conference talk last year on Hacking the Friendly Skies (PowerPoint). "This isn’t a desktop computer. It's controlling the systems that are keeping people from plunging to their deaths. So I hope they are really thinking about how to get this right."

Please read full article on: New 787 May Be Vulnerable to Hacker Attack.

Sunday, January 6, 2008

EnGarde - Secure Linux

First Open Source Internet Operating Platform - Live CD

EnGarde is the first secure open source Internet operating platform.It also has a feature-rich Internet application.

EnGarde ’s features :
  • robust SELinux policies with ease
  • maintain secure Web sites
  • Monitor networks using advanced IDS
  • Protect user with web and email content filtering* Control access to Internet resources
How toInstall SELinux:
  1. Install distro
  2. Update distro
  3. Run apt-get install selinux-basics selinux-policy-refpolicy-targeted1.
  4. Edit /boot/grub/menu.lst and add selinux=1 to your kernel command line (by adding it to the #kopt= line and then running update-grub). If you are using lilo, you must instead make similar changes to /etc/lilo.conf and run lilo.
  5. Fix dependencies listed. Below are the highlights. For a complete list please visit, http://wiki.debian.org/SELinux/Setup#package-specific):

How to Install EnGarde:

  1. Select dhcp or enter manual ip
  2. Choose LiveCD or install
  3. Click log in
  4. Open a browser and go to https://x.x.x.x:1023/. Login with username admin and whatever you set for the password.
  5. Use the WebTool’s pulldown menus to select either a service or system you would like to use.
  6. Simply click on the modules to carry out your requests.

Total time to install EnGarde with SELinux is approx. 15-20 minutes (depending on your connection speed). Please note that a full install was not performed for this review. The concept was to see if EnGarde was a product that was worthwhile. Since EnGarde can run SELinux, it seemed that it would make sense to see everything else that was going on with EnGarde. To perform a full install of EnGarde for SELinux is beyond the scope of this article.

Download EnGarde Now !

Friday, January 4, 2008

Coolest Hacks

The Five Coolest Hacks of 2007

Hackers are creative folk, for sure. But some researchers are more imaginative and crafty than others. We're talking the kind of guys who aren't content with finding the next bug in Windows or a Cisco router. Instead, they go after the everyday things we take for granted even more than our PCs -- our cars, our wireless connections, and (gulp) the electronic financial trading systems that record our stock purchases and other online transactions.


1. The car navigation system
DECEMBER 31, 2007 A pair of Italian researchers earlier this year drove right through holes they discovered in some car navigation systems -- vulnerabilities that would let an attacker inject phony messages into the system or launch a denial-of-service attack against it. (See
Hacking the Car Navigation System.)


2. WiFi 'sidejacking'
DECEMBER 31, 2007 First it was the Ferret, then the Hamster: WiFi will never be safe again. Researcher Robert Graham, CEO of Errata Security, wowed (and in some cases, shamed) the Black Hat DC and Las Vegas crowds this year with live hacks of attendees who dared to use the WiFi network unprotected, using his homegrown WiFi sniffing tools that basically sniff and grab WiFi traffic out of the air.


3. Eighteen-wheelers
DECEMBER 31, 2007 Truckers are sleep-deprived enough without having to worry about their RFID-based electronic product code (EPC)-based load of plasma TVs getting hacked while they park and snooze at a truck stop. But researchers from
fuzzing tool PacketFocus Security Solutions have shown that's a very real threat. (See Hacking Truckers.)


4. 'Hacking capitalism'
DECEMBER 31, 2007 The financial services industry is typically on the leading edge when it comes to adopting new security technologies and standards. But researchers at Matasano Security this year revealed that one of the most popular application-layer protocols used by financial services firms, stock exchanges, and investment banks for automated financial trading, has some serious security holes. (See
'Hacking Capitalism'.)


5. iPhone
DECEMBER 31, 2007 Hacking and bypassing the iPhone's exclusive service with AT&T was all the rage when the new device first got into user's palms this year, but it wasn't until researcher HD Moore added an iPhone hacking module to the Metasploit penetration testing tool that the real iPhone hacking could begin. (See
Metasploit Adds iPhone Hacking Tools and i Caramba! iPhone Hacked Already.)

Source: DarkReading