Folks,
Almost after a few year of silence.. The Blogger returns..
I am going to start writing some articles on security.. !
Watch this space for more news.!
Cheers,
Saturday, April 12, 2008
Monday, August 27, 2007
Alternative to Apple's Browser Sync [ dot mac ] / Google Browser Sync
In a recent expedition to find some stuff for my MSc Project i was looking around google labs section. I particularly need to synchronize by book marks and sessions across machines.. which is why i was *thinking* of buying a dot mac account espically since now they have increased the disk quota as well. On google i found a new extension for firefox which lets you sync
1. Cookies
2. Saved Passwords
3. Bookmarks
4. History
5. Tabs & Windows
All these can be selected and optionally encrypted as well.. You need to get your self a google account [ Free Signup ]. Install the firefox extension, called Googles browser sync. [ here ]
Enter you google account details, followed by a password / PIN that needs to be used on both the machines. And vola you are ready to go !
The first time it took a bit of time to get it synced..
But then again.. it works.. like a charm..
Have fun..
Herez a Snapshot of the the tool on google..
1. Cookies
2. Saved Passwords
3. Bookmarks
4. History
5. Tabs & Windows
All these can be selected and optionally encrypted as well.. You need to get your self a google account [ Free Signup ]. Install the firefox extension, called Googles browser sync. [ here ]
Enter you google account details, followed by a password / PIN that needs to be used on both the machines. And vola you are ready to go !
The first time it took a bit of time to get it synced..
But then again.. it works.. like a charm..
Have fun..
Herez a Snapshot of the the tool on google..
Saturday, July 21, 2007
ICICI Bank Frauds.
ICIC Bank joins the list of frauds in India,
I know some one who has been a victim of this ICICI Bank Credit Card Fraud.
ICICI Bank employees are involved in this fraud as well.
heres what happens..
Typically doctors , engineers and other high waged earners are targeted.
With the help of ICICI Bank employees a real add-on credit card [ with PIN ] is created in the name of the fake son/daughter/spouse & issued. The Bank Employees have access to the bank database which has all your details, PAN Numbers, Other bank account details and personal details including your signatures [ which they quite easily forge]. The criminal makes Cash withdrawals totaling up to one lakh and above The victim is expected to the pay the bill for this. Since there are no purchases involved using the credit card there is no merchant or merchandise that could be used to trace the criminals to.
Also when you call the call center for support they are not helpful at all and they are aware of these kinds of frauds. The call center refuses to send written or any kind of statement voiding the victim of the liability of these charges. This causes a lot of trauma to the victims.
Also, the bank & the criminals are aware that a writ petition or a case in the court could take at least 5 to 7 years for the hearing.. the criminals can get away with this very easily.
Be-ware.
Please send these to all your friends and relatives & possibly ask them to stop using ICICI Bank Credit cards.
Way to go ICICI Bank !
5/5 Stars for your customer care as well. They are not at all helpful and may be the Bank should encourage Employees for this type of fraud that way you can earn a lot more money on Late Payment fees and other interest charges!
I know some one who has been a victim of this ICICI Bank Credit Card Fraud.
ICICI Bank employees are involved in this fraud as well.
heres what happens..
Typically doctors , engineers and other high waged earners are targeted.
With the help of ICICI Bank employees a real add-on credit card [ with PIN ] is created in the name of the fake son/daughter/spouse & issued. The Bank Employees have access to the bank database which has all your details, PAN Numbers, Other bank account details and personal details including your signatures [ which they quite easily forge]. The criminal makes Cash withdrawals totaling up to one lakh and above The victim is expected to the pay the bill for this. Since there are no purchases involved using the credit card there is no merchant or merchandise that could be used to trace the criminals to.
Also when you call the call center for support they are not helpful at all and they are aware of these kinds of frauds. The call center refuses to send written or any kind of statement voiding the victim of the liability of these charges. This causes a lot of trauma to the victims.
Also, the bank & the criminals are aware that a writ petition or a case in the court could take at least 5 to 7 years for the hearing.. the criminals can get away with this very easily.
Be-ware.
Please send these to all your friends and relatives & possibly ask them to stop using ICICI Bank Credit cards.
Way to go ICICI Bank !
5/5 Stars for your customer care as well. They are not at all helpful and may be the Bank should encourage Employees for this type of fraud that way you can earn a lot more money on Late Payment fees and other interest charges!
Friday, June 29, 2007
Mozy Backup Solution
My Post after quite a while of silence!
I was recently looking for a free backup solution for backing up
my laptop. I have a external disk to which i back up but then the
doubt popped up in my mind what if the Drive Fails? [ Ultra paranoid as I am ]
Googling around got me to Mozy
Mozy gives 2GB free space [ You can buy space! ]
Data is Encrypted using Blowfish and the best part that i like is
that Mozy lets you create / manage the keys for encryption or can do it for you
so works quite well for Novice's and Advanced Crypto geeks!
Another good part is that every friend you refer to who "uses" mozy
you get 256MB extra of free space so does he.
So if you use the below link you and i Both get an extra 256MB Free space.
https://mozy.com/?code=6W7UV2
The bad side is however that it takes 350MB of data just says Used by other computers,
I just have one! so what other computers??
But then again i have about 3GB+ and im quite happy with it!
Thankfully havent had to do a restore yet, but it has a neat web interface that lets you select files to restore etc..
Overall id give it 4 Stars on 5 !
Tuesday, May 22, 2007
Exam Update
I is a Student.!
Exams are on.. and its almost finished.. Just thought that id
write a line for those who have been waiting patiently to read
Thanks-
Cheers,
Abhijeet
Exams are on.. and its almost finished.. Just thought that id
write a line for those who have been waiting patiently to read
Thanks-
Cheers,
Abhijeet
Thursday, April 19, 2007
Security Enhanced Linux Troubleshooter for Fedora 6 / RHEL 5
One of the great strengths of SELinux and other MAC architectures is that applications do not have to be modified to be protected by SELinux. This allows us to write policy for a great many services without going through the process of modifying code and getting upstream acceptance. It also allows flexibility in that different vendors or different users can have different security profiles for an application without having to modify the application.
While this is a great benefit to the developers it is not necessarily a great benefit to usability. Since applications do not understand what SELinux is doing, they can not report that SELinux is preventing them from doing something. As an example if you are running an Apache Web Server and SELinux denies access to a file, the apache web server reports permission denied. Users of Unix and other operating systems have gained experience through the years, understand that permission denied means that there is a problem with either the files ownership or file permissions (DAC). But when they go look at the file they see that apache has ownership and can read it. This leads them to scratching their heads. They go back to the log file and all it says is permission denied.
Some may suspect that SELinux is the problem, but how do they tell? If they figure that SELinux is causing the denial, how do they fix it? Could this be a security violation attempt? Could this be a configuration problem? Is the file mislabeled?
We have created a new tool in FC6 and RHEL5 called the SELinux Troubleshooter. (setroubleshoot). This tool watches the
audit log files for AVC messages. When an AVC messages arrives the tool runs through the SELinux plugins database
looking for a match and then sends a message to the user with a description, and a suggested fix.
As an example, say you create a file index.html in your homedir and mv it to /var/html/www directory. If you try to access this file via a web browser you will receive an avc message that looks like:
type=AVC msg=audit(1155056960.933:208967): avc: denied { getattr } for pid=12321 comm="httpd" name="index.html" dev=dm-0 ino=6260297 scontext=user_u:system_r:httpd_t:s0-s0:c1,c2 tcontext=system_u:object_r:user_home_t:s0 tclass=file
Obviously this tells you that apache web server is not allowed to look at files labeled with the users home directory label.:^)
With setroubleshoot you receive a message like the following:
SELinux image showing alert message
You can also configure the setroubleshoot daemon to send mail when it receives an AVC. So you will get them even on servers or when
not logged in.
There are currently 56 Plugins which map to all of the booleans along with several known situations that come up. There is also
a catchall plugin (disable_trans) which will look for avc's with no match and will suggest either writing a loadable policy module or
disable trans.
You can read more about this tool at
http://fedoraproject.org/wiki/SELinux/setroubleshoot
The Plugin code to generate the above message is fairly simple and looks like this:
from setroubleshoot.util import *
from setroubleshoot.Plugin import Plugin
from rhpl.translate import _
import re
class plugin(Plugin):
summary =_('''
SELinux is preventing the http daemon from using potentially mislabeled files ($
TARGET_PATH).
''')
problem_description = _('''
SELinux has denied the http daemon access to potentially
mislabeled files ($TARGET_PATH). This means that SELinux will not
allow http to use these files. It is common for users to edit
files in their home directory or tmp directories and then move
(mv) them to the httpd directory tree. The problem is that they
end up with a file context which http is not allowed to access.
''')
fix_description = _('''
If you want the http daemon to access this files, you need to
relabel them using restorecon if they are under the standard
httpdirectory tree, or use chcon -t http_sys_content_t. You can
look at the httpd_selinux man page for addtional information.
''')
def __init__(self):
Plugin.__init__(self,__name__)
def analyze(self):
if self.avc.sourceTypeMatch("httpd_t httpd_sys_script_t httpd_user_script_t
httpd_staff_script_t") and \
self.avc.targetTypeMatch("user_home_t staff_home_t user_tmp_t staff_t
mp_t tmp_t"):
return True
return False
Now if you are interested in helping in this effort. We could use help:
* proof reading thes plugins. They are in /usr/share/setroubleshoot/plugins directory.
* If you have ideas about additional plugins, bring them up on the fedora-selinux list. Patches Welcome.
* Testing.
This tool is a work in progress.
There are some gotchas in this tool and it has been known to go into an infinite loop. Usually when it reports bugs about itself.
Via DanWalsh
While this is a great benefit to the developers it is not necessarily a great benefit to usability. Since applications do not understand what SELinux is doing, they can not report that SELinux is preventing them from doing something. As an example if you are running an Apache Web Server and SELinux denies access to a file, the apache web server reports permission denied. Users of Unix and other operating systems have gained experience through the years, understand that permission denied means that there is a problem with either the files ownership or file permissions (DAC). But when they go look at the file they see that apache has ownership and can read it. This leads them to scratching their heads. They go back to the log file and all it says is permission denied.
Some may suspect that SELinux is the problem, but how do they tell? If they figure that SELinux is causing the denial, how do they fix it? Could this be a security violation attempt? Could this be a configuration problem? Is the file mislabeled?
We have created a new tool in FC6 and RHEL5 called the SELinux Troubleshooter. (setroubleshoot). This tool watches the
audit log files for AVC messages. When an AVC messages arrives the tool runs through the SELinux plugins database
looking for a match and then sends a message to the user with a description, and a suggested fix.
As an example, say you create a file index.html in your homedir and mv it to /var/html/www directory. If you try to access this file via a web browser you will receive an avc message that looks like:
type=AVC msg=audit(1155056960.933:208967): avc: denied { getattr } for pid=12321 comm="httpd" name="index.html" dev=dm-0 ino=6260297 scontext=user_u:system_r:httpd_t:s0-s0:c1,c2 tcontext=system_u:object_r:user_home_t:s0 tclass=file
Obviously this tells you that apache web server is not allowed to look at files labeled with the users home directory label.:^)
With setroubleshoot you receive a message like the following:
SELinux image showing alert message
You can also configure the setroubleshoot daemon to send mail when it receives an AVC. So you will get them even on servers or when
not logged in.
There are currently 56 Plugins which map to all of the booleans along with several known situations that come up. There is also
a catchall plugin (disable_trans) which will look for avc's with no match and will suggest either writing a loadable policy module or
disable trans.
You can read more about this tool at
http://fedoraproject.org/wiki/SELinux/setroubleshoot
The Plugin code to generate the above message is fairly simple and looks like this:
from setroubleshoot.util import *
from setroubleshoot.Plugin import Plugin
from rhpl.translate import _
import re
class plugin(Plugin):
summary =_('''
SELinux is preventing the http daemon from using potentially mislabeled files ($
TARGET_PATH).
''')
problem_description = _('''
SELinux has denied the http daemon access to potentially
mislabeled files ($TARGET_PATH). This means that SELinux will not
allow http to use these files. It is common for users to edit
files in their home directory or tmp directories and then move
(mv) them to the httpd directory tree. The problem is that they
end up with a file context which http is not allowed to access.
''')
fix_description = _('''
If you want the http daemon to access this files, you need to
relabel them using restorecon if they are under the standard
httpdirectory tree, or use chcon -t http_sys_content_t. You can
look at the httpd_selinux man page for addtional information.
''')
def __init__(self):
Plugin.__init__(self,__name__)
def analyze(self):
if self.avc.sourceTypeMatch("httpd_t httpd_sys_script_t httpd_user_script_t
httpd_staff_script_t") and \
self.avc.targetTypeMatch("user_home_t staff_home_t user_tmp_t staff_t
mp_t tmp_t"):
return True
return False
Now if you are interested in helping in this effort. We could use help:
* proof reading thes plugins. They are in /usr/share/setroubleshoot/plugins directory.
* If you have ideas about additional plugins, bring them up on the fedora-selinux list. Patches Welcome.
* Testing.
This tool is a work in progress.
There are some gotchas in this tool and it has been known to go into an infinite loop. Usually when it reports bugs about itself.
Via DanWalsh
Friday, April 13, 2007
Apple WiFi iPod plans
Apple WiFi iPod plans
A report claims WiFi-enabled iPods will ship later this year
Jonny Evans
Apple's iPod has attracted its latest rumour – that a WiFi-enabled iPod will ship in the second half of 2007.
A report on DigiTimes claims Universal Scientific Industrial (USI) and Foxconn have been contracted to manufacture the new devices, with USI delivering the first batch of WiFi modules later this month.
The report claims Foxconn – which will provide the final assembly of the devices – will begin shipping the products in the third quarter.
While other manufacturers are moving to embrace WiFi in their players, it is already known that Apple plans to include wireless technology in its soon-to-ship (in the US) iPhone.
Via - MacWorld
A report claims WiFi-enabled iPods will ship later this year
Jonny Evans
Apple's iPod has attracted its latest rumour – that a WiFi-enabled iPod will ship in the second half of 2007.
A report on DigiTimes claims Universal Scientific Industrial (USI) and Foxconn have been contracted to manufacture the new devices, with USI delivering the first batch of WiFi modules later this month.
The report claims Foxconn – which will provide the final assembly of the devices – will begin shipping the products in the third quarter.
While other manufacturers are moving to embrace WiFi in their players, it is already known that Apple plans to include wireless technology in its soon-to-ship (in the US) iPhone.
Via - MacWorld
Apple Delays Leopard to October
Apple Delays Leopard to October: "SuperMog2002 writes 'Apple Insider has the sad news that Mac OS X Leopard has been delayed until October. Apparantly software engineers and QA had to be reassigned to the iPhone in order to get it out on time, costing Leopard its release at WWDC. For now the original press release from Apple can be found on the 'Hot News' part of their site, though Apple did not provide a permanent link to the story. 'While Leopard's features will be complete by June, the Cupertino-based company said it cannot deliver the quality release expected by its customers within that time. Apple now plans to show its developers a near final version of Leopard at the conference, give them a beta copy to take home so they can do their final testing, and ship the software in October.''
"
(Via Slashdot:.)
Back Track v2.0
BackTrack v2.0 - Hackers LiveCD Finally Released
Darknet spilled these bits on April 13th 2007 @ 6:35 am
BackTrack is the result of the merging of the two innovative penetration testing live linux distributions Auditor security collection and Whax. By combining the best features from both distributions and putting continous development energy, the most complete and finest security testing live distro was born: BackTrack
BackTrack
BackTrack v.2.0 is finally released, it’s been a long wait that’s for sure, it does look good though so perhaps it was worth rate.
You can find some screenshots here.
BackTrack ranked number one in Darknet’s well regarded list 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery).
It’s taken BackTrack almost 5 months to pull themselves out of the beta stage. Many features have been added and many of the persistent bugs have been fixed.
New exciting features in BackTrack 2, to mention a few:
* Updated Kernel-Running 2.6.20, with several patches.
* Broadcom based wireless card support
* Most wireless drivers are built to support raw packet injection
* Metasploit2 and Metasploit3 framework integration
* Alignment to open standards and frameworks like ISSAF and OSSTMM
* Redesigned menu structure to assist the novice as well as the pro
* Japanese input support-reading and writing in Hiragana / Katakana / Kanji.
As usual, Nessus is not included into BackTrack as Tenable forbid redistribution.
The public wiki project is available at http://backtrack.offensive-security.com. Please help us by providing entries in HCL (Hardware compatibility list).
You can download BackTrack here
BackTrack 2 Stable release Mar 06 2007
Darknet spilled these bits on April 13th 2007 @ 6:35 am
BackTrack is the result of the merging of the two innovative penetration testing live linux distributions Auditor security collection and Whax. By combining the best features from both distributions and putting continous development energy, the most complete and finest security testing live distro was born: BackTrack
BackTrack
BackTrack v.2.0 is finally released, it’s been a long wait that’s for sure, it does look good though so perhaps it was worth rate.
You can find some screenshots here.
BackTrack ranked number one in Darknet’s well regarded list 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery).
It’s taken BackTrack almost 5 months to pull themselves out of the beta stage. Many features have been added and many of the persistent bugs have been fixed.
New exciting features in BackTrack 2, to mention a few:
* Updated Kernel-Running 2.6.20, with several patches.
* Broadcom based wireless card support
* Most wireless drivers are built to support raw packet injection
* Metasploit2 and Metasploit3 framework integration
* Alignment to open standards and frameworks like ISSAF and OSSTMM
* Redesigned menu structure to assist the novice as well as the pro
* Japanese input support-reading and writing in Hiragana / Katakana / Kanji.
As usual, Nessus is not included into BackTrack as Tenable forbid redistribution.
The public wiki project is available at http://backtrack.offensive-security.com. Please help us by providing entries in HCL (Hardware compatibility list).
You can download BackTrack here
BackTrack 2 Stable release Mar 06 2007
Subscribe to:
Comments (Atom)