Haven’t had an entry in quite a while, but tonight’s work on getting a little pen test lab setup got me to document the process, before I forget what I did
So – objective: need to setup a virtual lab for pen-testing using Backtrack LiveCD as repository of penetration tools, and De-ICE LiveCDs as [...]
Filed under: Security, Virtualization | Leave a Comment »
Trying to build a little site as repository of consulting services offered by Network Fortius LLC. Still not decided which hosting company to use, so things may change. In any case – feel free to visit and, even more so, to contact us, if anything looks interesting to your [company's] present infrastructure needs:
- Cost-effective solutions [...]
Filed under: Data Center, Infrastructure, Networking, Security, who are we? | Leave a Comment »
This is what I have done on my macosx system for this:
1. created a directory for what I deem to be critical files (emails and configuration) on my system:
~$ md /<path-to-mail-backup-dir>/mail-backup
2. created a script able to update the backup directory, from the major ~/.kde place, tar and encrypt (using openssl and a password file to [...]
Filed under: Security | Leave a Comment »
From Matt Blaze’s blog:
We often say that researchers break poor security systems and that feats of cryptanalysis involve cracking codes. As natural and dramatic as this shorthand may be, it propagates a subtle and insidious fallacy that confuses discovery with causation. Unsound security systems are “broken” from the start, whether we happen to know about [...]
Filed under: Misc, Security | Leave a Comment »
How to obtain multiple files during a capture:
$ tethereal -i <interface> -a filesize:3000 -b 14 -s 96 -w <capture_file>
(3MB files of 96 bytes length)
NOTE: tcpdump defaults to 96 bytes length, also, but I am not sure if it supports ring buffer?!?
******
If multiple files matching the regexp FOOBAR are to be merged :
$ mergecap -w bigfile.cap [...]
Filed under: Networking, Security, Utilities, linkedin | Leave a Comment »
Generic:
$ ssh -N -f -L <local_port>:<end_server>:<end_port> user@ssh_intermediary_server
NOTE: if using auth. w/keys and no passwd, the last part (user@…) is not needed
Example:
$ ssh -f -N -L 8025:smtp.comcast.net:25 my_home_machine -L 8110:mail.comcast.net:110 my_home_machine
allows me to use the email client on a laptop, pointing to localhost:8025 for SMTP services, and localhost:8110 for POP3 services associated with my Comcast account, [...]
Filed under: Security, linkedin | Leave a Comment »
Execute on local host, under user’s pwd:
$ mkdir -p ~/.ssh
$ chmod 700 ~/.ssh
$ cd ~/.ssh
$ ssh-keygen -t dsa
Copy the public key to the remote host
$ scp -p id_dsa.pub remoteuser@remotehost:
Password: *********
Log into remote host and install public key
$ ssh remoteuser@remotehost
Password: ********
remotehost$ mkdir -p ~/.ssh
remotehost$ chmod 700 ~/.ssh
remotehost$ cat ida_dsa.pub >> ~/.ssh/authorized_keys
remotehost$ chmod 600 ~/.ssh/authorized_keys
remotehost$ mv id_dsa.pub [...]
Filed under: Security | Leave a Comment »
