Security Basics Mode:
(Page 9 of 1428)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >
bandwidth question 2013-09-16
ToddAndMargo (ToddAndMargo zoho com)
Hi All,

A customer has asked me to do some human penetration
testing for PCI compliance. I am planning on doing a bunch
of probing with nmap to look for openings. I plan to log into
the customer's network with Open VPN over my DSL line.
(And Metasploit when I figure out how to use it too.)

Quest

[ more ]  [ reply ]
nmap -p syntax question 2013-09-17
ToddAndMargo (ToddAndMargo zoho com)
Hi All,

On the nmap command line, some questions about the "-p"
parameter:

1) what is the "-p S:xxx". What protocol is "S"?
By change is it ICMP?

2) when you omitt the "T:" and/or the "U:" does it check
both TCP and UDP. What about the mysterious "S" protocol?
Does it check that too

[ more ]  [ reply ]
OWASP Zed Attack Proxy 2.2.0 2013-09-11
psiinon (psiinon gmail com)
Hi folks,

ZAP 2.2.0 is now available from http://code.google.com/p/zaproxy/downloads/list

This includes support for scripts embedded in ZAP components like the
active and passive scanners as well as support for Zest - a new
security focused scripting language from the Mozilla security team.
It als

[ more ]  [ reply ]
[Onapsis Research Labs] New SAP Security In-Depth issue: "Preventing Cyber-Attacks Against SAP Solution Manager" 2013-09-04
Onapsis Research Labs (research onapsis com)
Dear colleague,

We are happy to announce a new issue of the Onapsis SAP Security In-Depth publication.

SAP Security In-Depth is a free publication led by the Onapsis Research Labs with the purpose of providing specialized
information about the current and future risks in this area, allowing all th

[ more ]  [ reply ]
Call for Paper/Event - nullcon Goa 2014 2013-09-04
nullcon (nullcon nullcon net)
Hello All,

V are V

On our fifth Anniversary we are super excited to officially open the
CFP (Call for PARTYcipation!). Yes, this is going to be the biggest
nullcon till now with lot of sub-events, CTFs, villages, workshops,
talks, parties.

Time to tickle your gray cells and submit your research.

[ more ]  [ reply ]
Malware Analysis vs. Analysing a 'dirty' OS 2013-08-31
Syn Ack (synackackack gmail com) (1 replies)
Hi All,

So some time back (year or 2 ago at least) I bought a copy of Win
Server 2008 R2 from a computer mall/market type thing in Beijing,
China. Can't remember exactly how much it cost, but it was
ridiculously cheap. Came on a blank CD type deal.

Some questions:

1) Surely will have nasties (mal

[ more ]  [ reply ]
Re: Malware Analysis vs. Analysing a 'dirty' OS 2013-09-16
Robert Larsen (robert the-playground dk)
Re: Huge hidden process and port in Linux server 2013-08-20
John Forristel (jforristel auctiva com) (1 replies)
You could try looking for the key and renaming it. Once that's done,
the program/script will error, putting an entry in /var/log/syslog or
/var/log/messages. If this is an Ubuntu distro, you can also look at
/var/log/auth.log and see what or who is logging in. Any decent
hacker is going to cover

[ more ]  [ reply ]
Re: Huge hidden process and port in Linux server 2013-08-21
Ali Kapucu (alikapucu gmail com)
Re: Huge hidden process and port in Linux server 2013-08-20
J B (bakshi12 gmail com) (1 replies)
Thanks a lot to all of you for your responses.
I have just rebooted my local box and 2 days after that,
it doesn't attempt any attempt to ssh the remote box.
After then it again has started to log into the remoet
box with the right users and with a pubkey. Actually I
loginto the remote box with pubk

[ more ]  [ reply ]
Re: Huge hidden process and port in Linux server 2013-08-20
Ian McBeth (micro network-ops ca)
How to configure restricted SSH ? 2013-08-20
J B (bakshi12 gmail com) (1 replies)
Dear list,

I want to restrict the SSH users to their home directory only and with a predefined
commands to be executed by them. A jailshell configuration might not be my exact requirement.
I like users to browse within his home and execute the command which I like to provide and
exclude/include in

[ more ]  [ reply ]
RE: How to configure restricted SSH ? 2013-08-20
Justin Bowen (JBowen trustwave com)
Re: How to configure restricted SSH ? 2013-08-20
J B (bakshi12 gmail com)
On Tue, 20 Aug 2013 17:41:25 +0530
J B <bakshi12 (at) gmail (dot) com [email concealed]> wrote:

> Dear list,
>
> I want to restrict the SSH users to their home directory only and with a predefined
> commands to be executed by them. A jailshell configuration might not be my exact requirement.
> I like users to browse within hi

[ more ]  [ reply ]
Re: Fwd: Rainbow Tables 2013-08-07
Jeffrey Walton (noloader gmail com)
On Wed, Aug 7, 2013 at 4:10 AM, Nwadinobi, Edward
<Edward.Nwadinobi (at) uk.daiwacm (dot) com [email concealed]> wrote:
> Please remove my email from your circulation list.
>
http://www.securityfocus.com/archive/105/description

------------------------------------------------------------------------

Securing Apache Web Server

[ more ]  [ reply ]
Huge hidden process and port in Linux server 2013-08-07
J B (bakshi12 gmail com) (1 replies)
Hello list,

I have got a problem that my server is continuously doing ssh attack on a remote server (which I also work
time to time). My local linux server is attacking the remote linux box with the same remote user name
with pubkey. I also investigate the remote box and find same.

I install rootk

[ more ]  [ reply ]
Re: Huge hidden process and port in Linux server 2013-08-07
Raistlin Majere (raistlin majere net)
Re: Fwd: Rainbow Tables 2013-08-05
rstackackack gmail securityfocus com
> what if it is somewhere in the match is
actually somewhere in the middle of the chain, and since we aren't storing it we don't find it.

When you calculate a chain from the given hash you will eventually generate the one which is at the end of that chain, which you have stored. When you find that

[ more ]  [ reply ]
Fwd: Rainbow Tables 2013-08-02
Syn Ack (synackackack gmail com) (1 replies)
Hi List,

I have a question regarding Rainbow Tables.

So, first we find the chain:

- start with the hash to crack
- calculate a chain from it
- compare each password in its chain to the end passwords stored in
rainbow table
- if it matches, the password is likely somewhere in this given chain

Sec

[ more ]  [ reply ]
Re: Fwd: Rainbow Tables 2013-08-06
Michael Peppard (mpeppard impole com) (1 replies)
Re: Fwd: Rainbow Tables 2013-08-06
Jeffrey Walton (noloader gmail com) (1 replies)
RE: Fwd: Rainbow Tables 2013-08-07
Nwadinobi, Edward (Edward Nwadinobi uk daiwacm com)
Safety of using Bluetooth/IR keyboard 2013-08-02
Syn Ack (synackackack gmail com)
Hi list,

My question is about the safety of using Bluetooth/IR keyboards. I
currently have two keyboards hooked up to my PC, a wired PS/2 keyboard
and a Bluetooth keyboard. The wired PS/2 keyboard sole purpose is for
typing passwords.

I am wondering whether this is a valid concern or not, the like

[ more ]  [ reply ]
Ruxcon 2013 Final Call For Papers 2013-07-15
cfp ruxcon org au
Ruxcon 2013 Final Call For Papers
Melbourne, Australia, October 26th-27th
CQ Function Centre
http://www.ruxcon.org.au/call-for-papers/

The Ruxcon team is pleased to announce the final call for papers for Ruxcon.

This year the conference will take place over the weekend of the 26th and 27th
of Oc

[ more ]  [ reply ]
Cyber War and Law 2013-07-13
deadman_coming abv bg
http://resources.infosecinstitute.com/fitting-cyber-attacks-to-jus-ad-be
llum-instrument-based-approach/

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who n

[ more ]  [ reply ]
Ground Zero Summit - Call For Papers 2013-07-09
submit cfp (submitcfp g0s org)
Hi All,

Ground Zero Infosec Summit is an initiative of independent apex
not-for-profit body and is an outcome of an alliance between industry
and Government of India to tackle emerging cyber security threats
against critical information infrastructure. The summit is supported
by the Govt. of India.

[ more ]  [ reply ]
[HITB-Announce] REMINDER: #HITB2013KUL CFP Closes 25th July 2013-07-09
Hafez Kamal (aphesz hackinthebox org)
Hi everyone,

Just a gentle reminder that the Call for Papers for the 11th annual HITB
Security Conference in Malaysia, #HITB2013KUL, closes on the 25th of
July at 23:59 MYT!

As always, we're looking for talks that are highly technical, but most
importantly, material which is new, cutting edge and

[ more ]  [ reply ]
Bypassing Netgear`s router telnet lockout 2013-07-01
Marcin R (kaktus9news gmail com)
Hello List,

I`m working on a project that involves customization of Netgear`s
WNDR4500 router firmware, especially it`busybox. This one specific
router was chosen because of extended flash and ram capacity as
copared to some other routers.
The extended functionality that i have embedded into the bu

[ more ]  [ reply ]
The Art of Exploiting Injection Flaws@ Black Hat, Appsec, HITB, Brucon and Ruxcon 2013-06-29
Sumit Siddharth (sid notsosecure com)
Hi All,

I am delighted to announce that the course 'The Art of Exploiting
Injection Flaws' has been selected to run at all leading IT security
events around the world. These are:

Black Hat Las Vegas July 29th-30th
BruCon (Belgium) September 24th-25th
HITB (Malaysia) October 14th and 15th
Ruxcon (A

[ more ]  [ reply ]
(Page 9 of 1428)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus