Cracking WEP Using Backtrack: Beginner’s Guide

This tutorial is intended for user’s with little or no experience with Linux or wifi. BackTrack, from remote-exploit is a tool which makes it very easy to access any network secured by WEP encryption. This tutorial aims to guide you through the process of using it effectively. Required Tools You will need a computer with a wireless […]

Checking your Linux system for Rootkits

Chkrootkit is a tool to locally check for signs of a rootkit wget wget 2) Check the md5checksum: md5sum chkrootkit.tar.gz 3) Then extract and install: tar -zxvf chkrootkit.tar.gzcd chkrootkit./configuremake sense 4) You can run it with the following command: ./chkrootkit 5) Now we are going to add it to contrab to schedule daily […]

Linux / UNIX Software that make retrieving the data more difficult with Department of Defense ( DoD 5520.22-M ) compliant disk / file wiping

Many programs exists for doing Department of Defense (DoD) compliant disk wipe program to remove files / disk securely. One of my favorite program is scrub, which writes patterns on special files (i.e. raw disk devices) or regular files to make retrieving the data more difficult. Scrub implements user-selectable pattern algorithms that are compliant with DoD […]

Installing & Configuring Advanced Policy Firewall (APF)

Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall system designed around the essential needs of today’s Internet deployed servers and the unique needs of custom deployed Linux installations. In this paper I will show you how to install and configure APF firewall to your system. It is one of the best open source firewalls […]

Securely remove multiple files so they cannot be recovered

Shred utility overwrites a file to hide its contents, and optionally delete it if needed. The idea is pretty simple as it overwrites the specified FILE(s) repeatedly, in order to make it harder for even very expensive hardware probing to recover the data. By default file is overwritten 25 times. I’ve seen cases where law […]

Internet Safety: How to keep your computer safe on the Internet

Here are some things you can, and should, do to stay safe. Stay Up-To-Date – Most virus infections don’t have to happen. Software vulnerabilities that the viruses exploit usually already have patches available by the time the virus reaches a computer. The problem? The user simply failed to install the latest patches and updates that would […]

Understanding the Linux /etc/shadow file

Can you explain /etc/shadow file used under Linux or UNIX?/etc/shadow file stores actual password in encrypted format for user’s account with additional properties related to user password i.e. it stores secure user account information. All fields are separated by a colon (:) symbol. It contains one entry per line for each user listed in /etc/passwd […]

Understanding Linux /etc/passwd File Format

/etc/passwd file stores essential information, which is required during login i.e. user account information./etc/passwd is a text file, that contains a list of the system’s accounts, giving for each account some useful information like user ID, group ID, home directory, shell, etc. It should have general read permission as many utilities, like ls use it […]

Linux Security Practices

Protect the root accountThe root, or superuser, account on a Linux system allows access to anything and everything. For this reason, it’s well worth taking extra steps to protect it. Start by setting a hard-to-guess password for this account with the passwd command and change it on a regular basis. Next, restrict the terminals that […]

Linux Password Cracking: Explain unshadow and john commands ( john the ripper tool )

Can you tell me more about unshadow and john command line tools? How does it protect my server from crackers? Both unshadow and john distributed with – John the Ripper security software or fast password cracker software. It is free and Open Source software. It runs on Windows, UNIX and Linux operating system. Use this […]