In case you didn't know, Ubuntu 10.10 was released on 10.10.10. I've not upgraded my systems as I am quite happy with 10.04 and the promise of it's LTS (Long Term Support). That said, I'll pick one of my machines and see how good 10.10 is and post my findings at a later date.
What have I been up to lately? My friend (droll) introduced me to a nifty little device called the Nokia N900 which is based of Maemo which is derived from Debian Linux.
I've gotten a nifty overclocking which allows my to underclock the device at 125MHz all the way to 1.15GHz (the stock speeds at 250MHz till 600MHz). I've also gotten kismet and nmap installed on this device so wireless testing is now simply putting my phone in my pocket and walking around. I will soon be trying to get install OpenVAS which should make for a rather complete basic pentesting setup, all on my phone. I may even try Ubuntu 9.04 which somebody ported over to the N900 (it's ARM based).
Though this site is called "Life with Ubuntu", I guess I'll be including some Maemo/MeeGo blogs in the future.
Wednesday, October 20, 2010
Saturday, July 31, 2010
News of interest for the month of July 2010...
inundator v0.5 Released – IDS/IPS/WAF Evasion & Flooding Tool
inundator is a multi-threaded, queue-driven, IDS evasion tool. Its purpose is to anonymously flood intrusion detection systems (specifically Snort) with traffic designed to trigger false positives via a SOCKS proxy in order to obfuscate a real attack.
http://inundator.sourceforge.net/
Safe3 SQL Injector – Automatic Detection & Exploitation Of SQL Injection Flaws
Safe3 SQL Injector is one of the most powerful penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers.
http://code.google.com/p/safe3si/
REMnux: A Linux Distribution For Reverse-Engineering Malware
REMnux is a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software. The distribution is based on Ubuntu and is maintained by Lenny Zeltser.
http://zeltser.com/remnux/
Andiparos – Open Source Web Application Security Assessment Tool
Andiparos is a fork of the famous Paros Proxy. It is an open source web application security assessment tool that gives penetration testers the ability to spider websites, analyze content, intercept and modify requests, etc.
http://code.google.com/p/andiparos/
Metasploit Framework 3.4.1 Released – 16 New Exploits, 22 Modules & 11 Meterpreter Scripts
The Metasploit Project is proud to announce the release of the Metasploit Framework version 3.4.1. This release sees the first official non-Windows Meterpreter payload, in PHP.
http://www.metasploit.com/
thc-ipv6 Toolkit – Attacking the IPV6 Protocol
A complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library. Please note to get full access to all the available tools you need to develop IPV6 tools yourself or submit patches, tools and feedback to the thc-ipv6 project.
http://thc.org/thc-ipv6/
Sagan – Real-time System & Event Log (syslog) Monitoring System
Sagan is a multi-threaded, real time system- and event-log monitoring system, but with a twist. Sagan uses a “Snort” like rule set for detecting “bad things” happening on your network and/or computer systems. If Sagan detects a “bad thing” happening, that event can be stored to a Snort database (MySQL/PostgreSQL) and Sagan will correlate the event with your Snort Intrusion Detection/Intrusion Prevention (IDS/IPS) system. Sagan is meant to be used in a ‘centralized’ logging environment, but will work fine as part of a standalone Host IDS system for workstations.
http://sagan.softwink.com/
PlainSight – Open Source Computer Forensics LiveCD
PlainSight is a versatile computer forensics environment that allows inexperienced forensic practitioners perform common tasks using powerful open source tools such as RegRipper, Pasco, Mork, Foremost and many more.
http://www.plainsight.info/
WPA2 Vulnerability Discovered – “Hole 196″ – A Flaw In GTK (Group Temporal Key)
Malicious insiders can exploit the vulnerability, named “Hole 196″ by the researcher who discovered it at wireless security company AirTight Networks. The moniker refers to the page of the IEEE 802.11 Standard (Revision, 2007) on which the vulnerability is buried. Hole 196 lends itself to man-in-the-middle-style exploits, whereby an internal, authorized Wi-Fi user can decrypt, over the air, the private data of others, inject malicious traffic into the network and compromise other authorized devices using open source software, according to AirTight.
http://www.networkworld.com/newsletters/wireless/2010/072610wireless1.html
iKAT – Interactive Kiosk Attack Tool v3
iKAT was designed to aid security consultants with the task of auditing the security of a Windows based internet Kiosk terminal. iKAT is designed to provide access to the underlying operating system of a Kiosk terminal by invoking native OS functionality. This tool should be (and is) used by Kiosk vendors/developers/suppliers to test the security of their own Kiosk products.
http://ikat.ha.cked.net/
Knock v1.4.2b – Subdomain Enumeration/Brute-Forcing Tool
Knock is a python script designed to enumerate sub-domains on a target domain through a wordlist.
http://knock.gianniamato.it/download.php
Websecurify 0.7RC1 - powerful web application security testing
Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.
http://code.google.com/p/websecurify/
inundator is a multi-threaded, queue-driven, IDS evasion tool. Its purpose is to anonymously flood intrusion detection systems (specifically Snort) with traffic designed to trigger false positives via a SOCKS proxy in order to obfuscate a real attack.
http://inundator.sourceforge.net/
Safe3 SQL Injector – Automatic Detection & Exploitation Of SQL Injection Flaws
Safe3 SQL Injector is one of the most powerful penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers.
http://code.google.com/p/safe3si/
REMnux: A Linux Distribution For Reverse-Engineering Malware
REMnux is a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software. The distribution is based on Ubuntu and is maintained by Lenny Zeltser.
http://zeltser.com/remnux/
Andiparos – Open Source Web Application Security Assessment Tool
Andiparos is a fork of the famous Paros Proxy. It is an open source web application security assessment tool that gives penetration testers the ability to spider websites, analyze content, intercept and modify requests, etc.
http://code.google.com/p/andiparos/
Metasploit Framework 3.4.1 Released – 16 New Exploits, 22 Modules & 11 Meterpreter Scripts
The Metasploit Project is proud to announce the release of the Metasploit Framework version 3.4.1. This release sees the first official non-Windows Meterpreter payload, in PHP.
http://www.metasploit.com/
thc-ipv6 Toolkit – Attacking the IPV6 Protocol
A complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library. Please note to get full access to all the available tools you need to develop IPV6 tools yourself or submit patches, tools and feedback to the thc-ipv6 project.
http://thc.org/thc-ipv6/
Sagan – Real-time System & Event Log (syslog) Monitoring System
Sagan is a multi-threaded, real time system- and event-log monitoring system, but with a twist. Sagan uses a “Snort” like rule set for detecting “bad things” happening on your network and/or computer systems. If Sagan detects a “bad thing” happening, that event can be stored to a Snort database (MySQL/PostgreSQL) and Sagan will correlate the event with your Snort Intrusion Detection/Intrusion Prevention (IDS/IPS) system. Sagan is meant to be used in a ‘centralized’ logging environment, but will work fine as part of a standalone Host IDS system for workstations.
http://sagan.softwink.com/
PlainSight – Open Source Computer Forensics LiveCD
PlainSight is a versatile computer forensics environment that allows inexperienced forensic practitioners perform common tasks using powerful open source tools such as RegRipper, Pasco, Mork, Foremost and many more.
http://www.plainsight.info/
WPA2 Vulnerability Discovered – “Hole 196″ – A Flaw In GTK (Group Temporal Key)
Malicious insiders can exploit the vulnerability, named “Hole 196″ by the researcher who discovered it at wireless security company AirTight Networks. The moniker refers to the page of the IEEE 802.11 Standard (Revision, 2007) on which the vulnerability is buried. Hole 196 lends itself to man-in-the-middle-style exploits, whereby an internal, authorized Wi-Fi user can decrypt, over the air, the private data of others, inject malicious traffic into the network and compromise other authorized devices using open source software, according to AirTight.
http://www.networkworld.com/newsletters/wireless/2010/072610wireless1.html
iKAT – Interactive Kiosk Attack Tool v3
iKAT was designed to aid security consultants with the task of auditing the security of a Windows based internet Kiosk terminal. iKAT is designed to provide access to the underlying operating system of a Kiosk terminal by invoking native OS functionality. This tool should be (and is) used by Kiosk vendors/developers/suppliers to test the security of their own Kiosk products.
http://ikat.ha.cked.net/
Knock v1.4.2b – Subdomain Enumeration/Brute-Forcing Tool
Knock is a python script designed to enumerate sub-domains on a target domain through a wordlist.
http://knock.gianniamato.it/download.php
Websecurify 0.7RC1 - powerful web application security testing
Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.
http://code.google.com/p/websecurify/
Saturday, June 26, 2010
News of interest for the month of June 2010...
Websecurify 0.6 - powerful web application security testing
Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.
http://code.google.com/p/websecurify/
w3af 1.0-rc3 Available For Download – Web Application Attack & Audit Framework
w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.
http://w3af.sourceforge.net/
OpenSCAP – Framework For Implementing SCAP (Security Content Automation Protocol)
The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP.
http://www.open-scap.org/page/Main_Page
Onapsis Bizploit – ERP Penetration Testing Framework
Bizploit is the first Opensource ERP Penetration Testing framework. Developed by the Onapsis Research Labs, Bizploit assists security professionals in the discovery, exploration, vulnerability assessment and exploitation phases of specialized ERP Penetration Tests.
http://www.onapsis.com/research.html#bizploit
Samurai Web Testing Framework v0.8 Released – Pen Testing Security LiveCD
The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites.
http://samurai.inguardians.com/
Knock v1.3b – Subdomain Enumeration/Brute-Forcing Tool
Knock is a python script designed to enumerate sub-domains on a target domain through a wordlist.
http://knock.gianniamato.it/download.php
sectool – Security Audit Tool and IDS
sectool is a security tool that can be used both as a security audit as well as a part of an intrusion detection system. It consists of set of tests, library and textual/graphical frontend. Tests are sorted into groups and security levels. Administrators can run selected tests, groups or whole security levels.
https://fedorahosted.org/sectool/
Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.
http://code.google.com/p/websecurify/
w3af 1.0-rc3 Available For Download – Web Application Attack & Audit Framework
w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.
http://w3af.sourceforge.net/
OpenSCAP – Framework For Implementing SCAP (Security Content Automation Protocol)
The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP.
http://www.open-scap.org/page/Main_Page
Onapsis Bizploit – ERP Penetration Testing Framework
Bizploit is the first Opensource ERP Penetration Testing framework. Developed by the Onapsis Research Labs, Bizploit assists security professionals in the discovery, exploration, vulnerability assessment and exploitation phases of specialized ERP Penetration Tests.
http://www.onapsis.com/research.html#bizploit
Samurai Web Testing Framework v0.8 Released – Pen Testing Security LiveCD
The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites.
http://samurai.inguardians.com/
Knock v1.3b – Subdomain Enumeration/Brute-Forcing Tool
Knock is a python script designed to enumerate sub-domains on a target domain through a wordlist.
http://knock.gianniamato.it/download.php
sectool – Security Audit Tool and IDS
sectool is a security tool that can be used both as a security audit as well as a part of an intrusion detection system. It consists of set of tests, library and textual/graphical frontend. Tests are sorted into groups and security levels. Administrators can run selected tests, groups or whole security levels.
https://fedorahosted.org/sectool/
Monday, June 21, 2010
Anti-virus revisited...
I remember writing a short post (read here) about why Ubuntu users don't need an anti-virus. However, over the past few months, my opinion on this has changed.
For starters, linux (unix in general) is more secure by design unless you are the village idiot who insist on logging into your Ubuntu setup as root (you actually need to hack this as Ubuntu by default prevents users from logging is as the root user). What few viruses/worms that do exist can only affect the user as per his/her access rights to the system.
However (I did say I've changed my opinion on this), Ubuntu users do receive a lot of files from other users who (gasp!) use Windoze (and Macs) and these platforms do have viruses/worms. What we do not want to be is a carrier for those malware. So installing an anti-virus should be done only for the occasional health scan and to maybe scan new files as you get them.
I have Googled around for a decent, free, linux based anti-virus and have found the following:
You can also check the Ubuntu page on anti-viruses here.
For starters, linux (unix in general) is more secure by design unless you are the village idiot who insist on logging into your Ubuntu setup as root (you actually need to hack this as Ubuntu by default prevents users from logging is as the root user). What few viruses/worms that do exist can only affect the user as per his/her access rights to the system.
However (I did say I've changed my opinion on this), Ubuntu users do receive a lot of files from other users who (gasp!) use Windoze (and Macs) and these platforms do have viruses/worms. What we do not want to be is a carrier for those malware. So installing an anti-virus should be done only for the occasional health scan and to maybe scan new files as you get them.
I have Googled around for a decent, free, linux based anti-virus and have found the following:
- ClamAV (URL http://www.clamav.net/lang/en/) or check with Synaptics
- avast! (URL http://www.avast.com/linux-home-edition)
- AVG (URL http://free.avg.com/gb-en/download.prd-afl)
- F-Prot (URL http://www.f-prot.com/products/home_use/linux/)
You can also check the Ubuntu page on anti-viruses here.
Tuesday, June 15, 2010
Eee-control is still alive!
Grigori Goronzy, the developer of eee-control has just release version 0.9.6 of the utility for Lucid Lynx (URL http://greg.geekmind.org/eee-control/). I strongly suggest all Asus EeePC users install this fantastic utility into their Ubuntu setups. Will test this myself when I get home. :)
Friday, May 21, 2010
Installing Sun/Oracle Java 6 Update 20 in Lucid...
Since Ubuntu 9.10 (Karmic Koala), Canonical has dropped support of Sun Java on Ubuntu. However, I noticed that Canonical has slowly reintroduced Sun Java to Ubuntu by placing the .deb installers into the Ubuntu 'partner' repository. To install, type in the following:
sudo add-apt-repository “deb http://archive.canonical.com/ lucid partner”
This will add the associated Ubuntu repository to your Ubuntu. Next, you'll want to install Java 6 Update 20, this can be done by:
sudo apt-get install sun-java6-jre sun-java6-plugin sun-java6-fonts
You will now have a proper version of Java in your Ubuntu setup.
sudo add-apt-repository “deb http://archive.canonical.com/ lucid partner”
This will add the associated Ubuntu repository to your Ubuntu. Next, you'll want to install Java 6 Update 20, this can be done by:
sudo apt-get install sun-java6-jre sun-java6-plugin sun-java6-fonts
You will now have a proper version of Java in your Ubuntu setup.
Sunday, May 16, 2010
Upgraded my laptop to Lucid Lynx...
I finally upgraded my laptop from Karmic -> Lucid today. If you've read my last post here about my initial reservations on upgrading to Lucid and how I checked if my laptop was affected by booting up the Lucid live CD, I am happy to report that I successfully upgraded to Lucid. The only problem I had after the upgrade was Plymouth not showing me the startup animation.
First thing I did was install the ppa-purge utility (see my blog post here). I then systematically checked the entries in /etc/apt/source.list and all the .list files in /etc/apt/source.list.d and purged all the PPA (Personal Package Archives) I was using and replacing them with official Karmic versions from the Ubuntu repository.
I then downloaded the ubuntu-10.04-alternate-i386.iso file from one of Ubuntu's mirror sites and following the instructions here, upgraded my setup to Ubuntu 10.04 (Lucid Lynx).
I rebooted the computer and did another update (since there are updates to some of the packages since the release on 29-Apr-2010) in a terminal shell by typing:
sudo apt-get update && sudo apt-get upgrade -y
Everything worked correctly as expected except by Plymouth. A quick Google search landed me here and my setup works exactly as expected.
I am now a happylemming lynx. :)
First thing I did was install the ppa-purge utility (see my blog post here). I then systematically checked the entries in /etc/apt/source.list and all the .list files in /etc/apt/source.list.d and purged all the PPA (Personal Package Archives) I was using and replacing them with official Karmic versions from the Ubuntu repository.
I then downloaded the ubuntu-10.04-alternate-i386.iso file from one of Ubuntu's mirror sites and following the instructions here, upgraded my setup to Ubuntu 10.04 (Lucid Lynx).
I rebooted the computer and did another update (since there are updates to some of the packages since the release on 29-Apr-2010) in a terminal shell by typing:
sudo apt-get update && sudo apt-get upgrade -y
Everything worked correctly as expected except by Plymouth. A quick Google search landed me here and my setup works exactly as expected.
I am now a happy
Subscribe to:
Posts (Atom)