Hackosis

Emerging Threats hosts the only open snort rule set.

Emerging Threats is funded by National Science Foundation and the Army Research Office.

You can download the rule sets separately or all at once.

Check out the perl script to automatically update your iptables, Honeywall and Smoothwall configurations, and the inline snort config.

Confused? Read the Emerging Threats documentation site.

What is Snort?

SNORT® is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry.

If you use snort and don’t already know about Emerging Threats I am sure it will help you out on your intrusion detecting escapade. If you have any tips for using Emerging Threat’s rules let us know in the comments.

The Tor Browser bundle makes it easy to use Tor without having to install any software on your PC. You can even slap it on your jump drive to use any where you go.

And it is as easy as — download, extract, run!

From the site:

The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.

The Tor Browser Bundle lets you use Tor on Windows without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser and is self contained. The Tor IM Browser Bundle additionally allows instant messaging and chat. If you would prefer to use your existing web browser, install Tor permanently, or if you don’t use Windows, see the other ways to download Tor.

The bundle includes portable Firefox and also Pidgin IM software with the IM Browser bundle (separate download).

Check out the Tor Browser page for downloads and instructions.

If you like Tor you might want to check out Take Control of Tor With Vidalia, Browse Anonymously with XeroBank, and using Anonym.OS to encrypt and anonymize traffic.

You have multiple computers, and your desk is cluttered with keyboards, mice, and monitors? You desperately need more space, and you are tired of moving your hands the long way from one keyboard to the next? Do not worry any more - rescue is here in form of synergy.

Synergy is a nifty little program which allows you to share your mouse and keyboard with other computers on your network. Just move the mouse out of your screen and it magically appears on the screen of the next computer allowing you to type there. Additionally, you can share cut and paste selections, so you can cut something on one screen/PC, move the mouse to the other screen and paste your selection there . Synergy is available for Windows (XP, NT), GNU/Linux, Mac OS X, and Unix. And the best thing is you can even mix different operating systems. Sounds interesting? So let’s see how it works.

Synergy is composed of a server (synergys) and a client part (synergyc) which communicate with each other over a network to exchange keyboard and mouse events. The server is started on the main PC whose keyboard and mouse should be shared, and the client is started on each machine which should use the input devices of the server. In the configuration file, you define which screen is to the left, right, top, or bottom of each monitor. (like in other multi-monitor setups). If the mouse is moved over an edge, the control events are sent over the network to the host which is defined in the configuration.

Get it

There are binary packages available at the synergy sourceforge page, but if you are using a OS with package management system I recommend checking if it is available there first. Install synergy on every machine which should participate in the input sharing.

Read the rest of this entry …

Tired of users not being able to play videos to the the lack of proper media software or codecs? Fret no more as open source MakeInstantPlayer solves this issue by packing any video file into a self contained executable.

No additional software is required to play back the video:

MakeInstantPlayer is a tool for converting video files into self-running executables.
This is very useful for distributing videos, as the user doesn’t need any additional software for playback.
As MakeInstantPlayer uses the MPlayer engine for playback, it supports almost any video format in existance.
Furthermore it uses NSIS to pack everthing to one single EXE file.

Congrats to MuldeR for this nifty software! Be sure to check out MuldeR’s other projects as well.

Download MakeInstantPlayer.

TIP: when playing the .exe movie be sure that there is enough space on the system drive because MPlayer will create a temporary folder and the movie will be played from there.

Open source PHPIDS is a customizable intrusion detection system for your web applications. PHPIDS uses a set of filter rules to detect specific strings in URLs that indicate a possible hacking attempt.

PHPIDS can do everything from log the attacks to email you the IP address of the attacker. Be sure to check out the example.php inside of the docs folder for instructions on installation.

Download PHPIDS @ php-ids.org.

PHPIDS too complicated for you? Try the simple .htaccess intrusion detection system.

Hackosis.com is now open source. This opens up a whole new world of opportunity to this blog and anyone that wants to be involved.

What does this mean?

1. You can modify and redistribute the content on Hackosis.com in any way you like. We don’t require that you give credit, but it is appreciated.
2. You can submit articles to Hackosis using the submission form. We will give you credit.
3. You can participate in modifying posts to improve the quality and content. I have outlined the details on the open source statement page.

Remember, there are no restrictions on what you can submit or modify! Just be sure to follow proper netiquette, cite sources, no stealing content, etc.

My plans in the future include this blog turning into somewhat of a wiki-blog hybrid that everyone can easily take part in. Please contact us if you are interested in helping speed the process.

How does this benefit me?

1. While we prefer that you submit original content, it is not required for inclusion. You could link to your blog or web site.
2. Take part in what will be an awesome community with help from many great minds from around the web (including myself ;P).
3. The potential to be featured on lifehacker.com, digg.com or other great sites.
4. This site receives around 5,000 visits a day, so your content will be seen.
5. This is just the beginning. Remember everything here is changeable. Let your voice be heard.

That’s that, and I now invite you to suggest edits on content (including this post or any pages) and submission of posts. Through a collaborative effort we can make great things happen.

Lets experiment with the process on this page. You don’t have to register to comment.

[changefrom]the original content you wish to change[/changefrom]
[changeto]the new content you wish to change the original content to[/changeto]

Let the games begin…

Adeona is open source software to system used to securely and privately track the location of your Windows, Mac, or Linux laptop.

What makes Adeona stand out, even from proprietary solutions, is it’s ability to securely transmit the location data preventing 3rd parties from also gathering the information.

Keep in mind that Adeona is still in beta, so don’t expect a perfect program just yet. Please do report any bugs that you might find.

Installation methods differ between operating systems so be sure to read the download instructions.

One interesting question from the FAQs:

Can I install this on my girlfriend or boyfriend’s computer and track her or him, and perhaps get pictures of them while they’re doing certain activites?

Yes. Like all technologies, Adeona has the potential for being abused. However, if you are malicious enough to want to do the above, there is probably other software available out there more suited for your needs. (We won’t provide links to these more malicious tools.)

Adeona seems to be a good solution to give you a piece of mind that if your laptop gets stolen, you might have a chance to retrieve it.

If you have any other suggestions for software to track your stolen laptop, please let us know in the comments as always.

Need to securely erase any hard drives hooked to your PC automatically when the FBI knocks on the door? Lets hope that isn’t the case, but if so Darik’s Boot and Nuke is the perfect solution. Darik’s Boot and Nuke is a ’self contained floppy disc’ that securely wipes all hard drives detected on the local PC.

From the README:

1.0 About Darik’s Boot and Nuke
——————————–

Darik’s Boot and Nuke (”DBAN”) is a self-contained boot floppy that securely
wipes the hard disks of most computers. DBAN will automatically and completely
delete the contents of any hard disk that it can detect, which makes it an
appropriate utility for bulk or emergency data destruction.

Download the exe and write the image to a floppy. Just make sure your kids or little brother don’t accidentally get a hold of the disk a boot from it!

Linux users can also unzip the exe and use dd to transfer the image to a floppy (see the README).

I know a lot of you know longer have floppy drives - there are more convenient DBAN CD images available.

How to automatically wipe all hard drives

WARNING: THIS WILL PERMANENTLY ERASE ALL DATA ON ALL HARD DRIVE HOOKED TO THE PC!!!

1. Boot from the DBAN floppy or CD image.
2. Enter ‘autonuke’ at the boot prompt.

And it is as simple as that! Hope you enjoyed and if you have any other methods of securely wiping your hard drives on the fly let us know in the comments!

Have you ever changed or forgotten your Windows password? Fear not because I have the solution for you - and its completely free.

The following method works on Windows XP and Vista.

All you need is a Linux live CD (that auto mounts Windows partitions - ex. Ubuntu, Backtrack, Fedora, openSUSE).

Save the .iso and burn it to a disc.

Boot from the CD and follow these simple instructions - these instructions are assuming your are using backtrack, but should be similar for other Linux distributions:

1. Open a Linux terminal and enter the following commands:
2. cd /mnt
3. ls (Take note of the folders listed here. You might need them in the next step.)
4. cd sda1/Windows/System32/ (If this didn’t work you might have the wrong hard drive, try replacing ’sda1′ with sda2, hda1, or hda2)
5. mv utilman.exe utilman.old && cp cmd.exe utilman.exe
6. reboot (and remove the CD)
7. Once rebooted, at Vista or XP log in screen, Press Windows key + U to run CMD with system privileges. Replace username below with the one of your choice - it must not already exist!
8. c:\>net user username mypassword /add
9. c:\>net localgroup administrators username /add
10. Log in with the new admin account!

After completing don’t forget to copy the utilman.old back to utilman.exe or you will leave your system vulnerable - this is very important!!

I hope this helped in regaining access into your XP or Vista PC and if you know of any other tips like this please let us know in the comments.

UPDATE: Here is a backtrack video tutorial that covers the instructions.

Nothing is better than a 3D game, but when you haven’t installed a GUI and have a quick need to play for a bit, here are 4 text based Linux games for CLI:

1. Bastet - Tetris clone:

Bastet ("bastard tetris") is an ncurses Tetris clone which is harder than every other tetris released. It is based on a heuristics engine which tries to detect which block you need or don’t need, and then gives you the blocks that you don’t need. For instance, if you usually play by leaving long "canyons" one square wide and then waiting for the long "I" block, you’ll have to wait till eternity before you see it. The heuristics have been worked on for some time and are quite nasty.

Install Bastet on Ubuntu:

2. Ninvaders - Space Invaders Clone:

nInvaders project is a Space Invaders clone for ncurses.

Ever wanted to play space invaders when you can’t find a GUI? Now you can!

Install Ninvaders on Ubuntu:

3. Moon-buggy - drive on the moon:

Moon-buggy is a simple character graphics game, where you drive some kind of car across the moon’s surface. Unfortunately there are dangerous craters there. Fortunately your car can jump over them!

Install Moon-buggy on Ubuntu:

4. Greed - a puzzle game:

The strategy game of Greed. Try to eat as much as possible of the board before munching yourself into a corner.

Install Greed on Ubuntu:

Hope you enjoy playing these simple, but fun Linux based CLI games. You can play any of these games by entering “/usr/games/xxxxx” with the Xs being the name of the game.

Do you know of any other fun CLI based games for Linux? Let us know in the comments. [via mellowd.co.uk]