webstersprodigy.net

proxychains is a pretty amazing tool available at http://proxychains.sourceforge.net/. It is a versitile proxy tool. So folks like me, who would like the source IPs to be from a proxy, or multiple proxys. For me, the main uses are proxying gui port scan stuff like nessus and proxying tor.ychains.sourceforge.net/. It is a versitile proxy tool. So folks like me, who would like the source IPs to be from a proxy, or multiple proxys. For me, the main uses are proxying gui port scan stuff like nessus and proxying tor.

Everytime I come across a service like http://virustotal.com/ I remember how awesome the Internet is.

My bank is to blame for this… They require me to change my password every other week, which seems a tad excessive. Anywhoo, you also can’t reuse passwords. So what I’ve been doing is just entering jiberish and having firefox remember it for me. Good, right? Ok – except when it changed the form on me, so firefox wouldn’t auto-enter it.

Here are some flags that may help vulnerable code from being executed.

-D_FORTIFY_SOURCE=2

This should get rid of some buffer overflows that can be analyzed statically and some obvious ones (strcpying input, format string vulnerabilities).
More information can be found here: http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html

-fstack-protector-all

From the man page:
Emit extra code to check for buffer overflows, such as stack smashing attacks.  This [...]

This is the very start of our cryptanal program frontend. (for more up to date see the Software page).

These are some new tools I discovered this weekend and really liked.

This was accepted into openssh sometime in 2002. It helps make openssh exploits more difficult in terms of gaining root.

These are some small steps you can take to make it harder for an attacker to figure out what version of some things you have running. These are specific to ubuntu:

In an attempt to determint the bind version number remotely, usually something like: dig @dnsserver.net version.bind txt ch will give you what you need. However, this is a configuration option that can be tured off.

<mopey> how do I export a variable in pvm?  I add it to my .bashrc or .profile but it ignores it.
<mopey> an environment variable
<mopey> Because I get this error:
<mopey> The value of the $PVM_ROOT environment
<mopey> variable on compute-0-1 is invalid (“”).
<mopey> Use the absolute path to the pvm3/ directory.
<mopey> but if I ssh into compute-0-1, [...]

chkrootkit operates sort of like a virus scanners for windows in a way – in that it looks for infected files from signatures.

This is version 1.0 of Unmask – a python script that attempts to unmask anonymous text by matching its statistical properties against someone else’s text with a known identity. Other uses include determining “area of origin”,gender,age, occupation,
sexual orientation, etc from text’s statistical properties. Any decision YOU can make against an unknown author, Unmask will also make.

scanrand is a cool tool for network scanning written by Dan Kaminski. The big advantage to this tool as a network scanner is that it can scan very large networks very very fast.