BackTrack GNU/Linux Security Distro

BackTrack GNU/Linux from Offensive Security is a custom distribution designed for security testing for all skill levels from novice to expert. It is the largest collection of wireless hacking, server exploiting, web application assessing, social-engineering tools available in a single Linux distribution.

LogMeIn Hamachi VPN

A beta of LogMeIn Hamachi VPN is now available for Linux and offers connectivity from dispersed environments to your resources.

https://secure.logmein.com/welcome/visualization/fullscreen/

after installing the hamachi rpm

# service logmein-hamachi start
# hamachi login
# hamachi attach "your-logmein-email-addr"
# hamachi

the final hamachi command will list your settings

if you want it to autostart on reboot you’ll need to

# chkconfig logmein-hamachi on


full documentation is available in /opt/logmein-hamachi/README

# hamachi -h
LogMeIn Hamachi, a zero-config virtual private networking utility, ver 2.1.0.17


Backtrack GNU/Linux Security Distro

Backtrack GNU/Linux Security Distro for Net Admins and Sys Admins

Backtrack GNU/Linux – the penetration distribution – is the highest rated and acclaimed Linux security distribution to date.

Backtrack GNU/Linux is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking. BackTrack can be booted from a Live DVD or USB drive or installed locally.

Backtrack GNU/Linux has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester.

SmartBear SoapUI and LoadUI

SmartBear SoapUI and LoadUI can be used to test REST & SOAP Web Services before you embed them in your system or BI tool such as jitterbit.

• sourceforge.net/projects/soapui/
• soapui.org/Getting-Started/installing-on-linuxunix.html

and if you provide any REST or SOAP Web Services there’s now excuse for having any security vulnerabilities if you’ve used SmartBear SoapUI security testing features for

• SQL Injection
• XPath Injection
• Boundary Scan
• Invalid Datatype
• Cross Site Scripting
• XML Bomb
• Malicious Attachment
• Malformed XML
• Custom Scan

Oracle Java 7 has arrived

Oracle Java 7 (1.7) has arrived !

bitnami gotchas

bitnami gotchas

ssh is disabled so you need to enable ssh by
# cd /etc
# mv ssh.conf.bak ssh.conf
# stop ssh
# start ssh

ubuntu repos are disabled so you need to the enable ubuntu repos
# apt-get update

aptitude is not installed
# apt-get install aptitude

iptables blocks most connections
# aptitude remove iptables

mysql only allows local logins
update user set host =”%”

http.conf and my.cnf are not in /etc but in /opt/bitnami instead !

OpenDNS and IPv6

Did you miss World IPv6 Day last week ?

Dont worry you can still join the IPv6 world by using the OpenDNS IPv6 service and testing your IPv6 connectivity by using one of these IPv6 test sites:

• http://test-ipv6.com/
• http://www.kame.net/

android apps for sysadmins

now there’s a choice of website availability apps for sysadmins with androids !

decaf

• http://www.9apps.net/decaf-ec2-client/

mon.itor.us

• http://blog.mon.itor.us/?p=1310

PHP 5.2 to 5.3 gotcha

Of course everybody has been using <?php instead of <? in their PHP scripts for years now.

Well now its going to pay off because <? is FINALLY completely depreciated in PHP 5.3 ! So make sure you have replaced all your <? with <?php and all your <?= with <?php print !

OVH Cloud VMs HyperVisor

Which HyperVisor do OVH VPS Cloud VMs use ? KVM, VMware or Xen ?

I dont know ! But the output of LSPCI suggests its VMware (Server) !

# lspci
00:00.0 Host bridge: Intel Corporation 440BX/ZX/DX - 82443BX/ZX/DX Host bridge (rev 01)
00:01.0 PCI bridge: Intel Corporation 440BX/ZX/DX - 82443BX/ZX/DX AGP bridge (rev 01)
00:07.0 ISA bridge: Intel Corporation 82371AB/EB/MB PIIX4 ISA (rev 08)
00:07.1 IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)
00:07.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 08)
00:07.7 System peripheral: VMware Virtual Machine Communication Interface (rev 10)
00:0f.0 VGA compatible controller: VMware SVGA II Adapter
00:10.0 SCSI storage controller: LSI Logic / Symbios Logic 53c1030 PCI-X Fusion-MPT Dual Ultra320 SCSI (rev 01)
00:11.0 PCI bridge: VMware PCI bridge (rev 02)
00:15.0 PCI bridge: VMware PCI Express Root Port (rev 01)
...
00:18.7 PCI bridge: VMware PCI Express Root Port (rev 01)
02:00.0 Ethernet controller: Intel Corporation 82545EM Gigabit Ethernet Controller (Copper) (rev 01)