There is a false sense of security when you envision your network as inside and outside, with a firewall protecting you from hostile users on the outside. One particularly nasty problem is when users bring their laptops home, surf, read email, and then plug it right back in to the corporate LAN on Monday morning. […]
Setting Up a Windows Server 2003 Host Based Firewall
Securing PHP
The first step to secure PHP is from the system perspective. Only provide what you have to. Of course, the code needs to be secure as well by using proper input validation, encryption, etc., but as systems administrators, we can head off some problems. First off, you can view a complete rundown of your current […]
Running a Quick Ping Scan using NMAP
Nmap can make quick of work of doing a ping sweep of your network: [usr-1@srv-1 ~]$ nmap -sP 10.50.100.1-255 Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2005-06-13 15:50 PDT Host 10.50.100.1 appears to be up. Host 10.50.100.2 appears to be up. Host 10.50.100.22 appears to be up. Host mondo (10.50.100.72) appears to be up. Host […]
Configuring the Red Hat Enterprise Firewall
First off, let’s test ssh access: host user $ ssh x.y.z.w ssh: connect to host x.y.z.w port 22: Connection timed out host user $ Let’s add ssh access. Go to Applications->System Settings->Security Level: If you are not root, you will get a prompt to enter the root password: Be default nothing is enabled as trusted. […]
Automating Secure FTP Downloads With Kermit
If you need to automate FTP downloads, and want lots of flexibility, an oldie but goodie is Kermit. I know what you’re thinking: “Hey, isn’t Kermit an old DOS comms program?”. Yes, it is a very old program. The cool thing about this, though, is that if you need to automate file transfers, it has […]
Linux Kernel Exploit
There is a local user privilege exploit for the Linux kernel. Details are here: http://isec.pl/vulnerabilities/isec-0021-uselib.txt One thing to remember is that a local user does not mean that the user has to have access to the physical machine. It means that any user that can run code on the machine can gain root access.
Compiling PGP 2.6.2
This is certainly an old topic, but I always forget how to compile PGP 2.6.2 on GNU/Linux. Grab the source from MIT, probably, is what you want. You may also want to consider gpg. Much has changed since 1994! PGP 2.6.2 is particularly interesting for keeping password files using conventional encryption. It is possible to […]
Using MD5deep To Verify Tree Integrity
We talked a little about MD5deep in this article. One nice thing about MD5deep is that it can do recursion. This allows you to create a set of MD5 sums for an entire directory. /etc is a good one to use as an example. Let’s create the set of MD5 sums: root@srv-1 etc # md5deep […]
New Worm that Doesn’t Need Attachment
There is a new bagle worm that uses an exploit in IE. It does not need to have the user open an attachment, they just need to read an email with HTML in it. !!! There is a test to see if you are vulnerable here: http://secunia.com/MS03-032 More detailed info here: href=http://secunia.com/advisories/9580/ Bagle Q info […]
ClamAV Free AntiVirus Software
ClamAV is a GPL virus scanner that will integrate with mail servers, scan filesystems from the command line, and automatically update its virus signatures. There are many ports of ClamAV to various platforms, including Windows. This article will show how to compile and install ClamAV for a single user on GNU/Linux. First, we grab the […]
Microsoft Windows Metafile Exploit Workaround
[January 5 update: Microsoft released a fix for this vulnerability available here. The below information has some related procedures that may be useful. ] There is a zero day expoit in the wild that can infect your Windows system via email and web browsing. There is no known fix yet, but there is a workaround […]
Monitor Default Web Logs
Most web addresses are all name based on the server side. That is, netadmintools.com and associated logs are monitored and tracked in a different file than requests to the IP address. The first entry in the VirtualHost section of the httpd.conf file for Apache is where the requests without a name go. Stick a very […]
Adding a BugTraq Feed to Firefox
There is a cool feature in Firefox that will put live RSS feeds right on the toolbar simply by clicking the orange icon in the URL window. We have this capability on NetAdminTools. Clicking on the Add Live Bookmark will add a list of our latest articles. For the RSS 2.0 specification, see this page. […]
SolarWinds Top 5 Essential IT Tools
Manage and Monitor Your Network in One Simple Bundle
- Help desk ticketing and asset management software
- Remote support and systems management solution
- Network configuration and automation software
- Safe file transfer management solution
- Network management and troubleshooting software
Fully functional for 14 days