malware – jtheo

Bookmarks for 9 March 2017

These are my links forÂ 9 March 201:

Relentless Coding – A Javascript malware analysis tool using static analysis / deobfuscation techniques and an execution engine featuring HTML DOM emulationRead more Â»
Deis | Your Paas. Your Rules. – Deis (pronounced DAY-iss) is an open source PaaS that makes it easy to deploy and manage applications on your own servers. Deis builds upon Docker and CoreOS to provide a lightweight PaaS with a Heroku-inspired workflow.
Speed up WordPress on DreamHost with OPcache
Installing OPcache can improve your siteâ€™s performance by decreasing the php execution process when a script is requested. DreamHost permits a user to log into the server through secure shell with user level permissions. Since user level permissions cannot install software, the module will need to be manually compiled.
Reduce TIME_WAIT socket connections | Linux BrigadeReduce TIME_WAIT socket connections in Apache/Linux
Some time in your life youâ€™ll run across an Apache server that always has tons of TIME_WAIT connections just seeming to hang out. While these donâ€™t take up as many resources as an ESTABLISHED connection, why keep them around so long? This short article will show you how to identify how many you have, and how to tell your server to reduce them, reuse and recycle them (see, recycling IS a good thing).
Analyzing Apache Log Files < System | The Art of Web
There are many different packages that allow you to generate reports on who’s visiting your site and what they’re doing. The most popular at this time appear to be “Analog”, “The Webalizer” and “AWStats” which are installed by default on many shared servers. While such programs generate attractive reports, they only scratch the surface of what the log files can tell you. In this section we look at ways you can delve more deeply – focussing on the use of simple command line tools, particularly grep, awk and sed.

Bookmarks for 16 Mar 2016 through 24 Mar 2016

These are my links for 16 Mar 2016 through 24 Mar 2016:

“Reverse Engineering for Beginners” free book –
Resolve Hardware Status Alert SEL_FULLNESS | Brian Ragazzi – […] I noticed an alert on two UCS B250M2 hosts in the vSphere Client. The alert Name was â€œStatus of other host hardware objectsâ€. This isnâ€™t helpful. To get more information, you have to navigate to the Hardware Status tab of the host properties. Here I saw more information about the alert. Itâ€™s cryptically named â€œSystem Board 0 SEL_FULLNESSâ€. […]
Network Stack: Cisco ASA Packet Capture – […] The ASA platform has fantastic built-in packet capture capabilities which can come in very handy for troubleshooting issues. I will be demonstrating some of the capabilities using an ASA 5505 running version 9.0(1).Performing a packet capture is done using the capture command from privileged exec mode. […][ Fantastic… I won’t say that ]
Sanesecurity ClamAV Malware, Phishing, and Spam Signatures – Sanesecurity produces add-ons signatures to help improve the ClamAV detection rate on Zero-Day malware and even on Zero-Hour malware. Since 2006 we have provided professional quality ClamAV signatures to protect against the following email types: Macro malware, Zip malware, Rar malware, Javascript malware, 7z malware, Phishing, Spear phishing and other types of common emailed malware and spam. Sanesecurity 3rd Party ClamAV signatures can also help prevent TeslaCrypt, Cryptowall, Cryptolocker and other ransomware, whoâ€™s source usually starts as a malicious email.
Multistage environments with Ansible â€“ Ross Tuck – Ansible has excellent documentation but one thing I was confused about was the best way to store the configuration for multistage projects: say, different passwords for dev, staging, production. This isnâ€™t really covered in the ansible-examples repo because itâ€™s specific to your project and while the documentation has recommendations, it doesnâ€™t spell it out completely (which I need since Iâ€™m an idiot).

Bookmarks for 19 set 2013 through 25 set 2013

These are my links for 19 set 2013 through 25 set 2013:

AIXchange: Restricting FTP Access (AIX) – A customer was trying to restrict user access to a particular directory on an AIX system when FTP was used. We came across two good options.
FBI Tor Malware Analysis – […] In April 2013, a piece of malware was found embedded in Freedom Hosting's darknet server that would exploit a security hole in a particular web browser and execute code on the user's computer. This code gathered some information about the user and sent it to a server in Virginia and then crashed – it had no obvious malicious intent that is so characteristic of malware. It was therefore theorised that the FBI, who have offices in Virginia, and who have 'form' for writing malware, may have authored it – this now appears to be true. […]
Samba4 and OpenChange on a Debian or Ubuntu server – Samba4/Openchange suite promises to provide a complete Active Directory© domain controller with an alternative to a Microsoft Exchange server. Gracefully to the rewrite of MAPI protocol, Outlook can now seamlessly connect to a Linux server for synchronizing and sharing calendars, contacts, tasks and mails.

Bookmarks for 28 mag 2012 through 2 giu 2012

These are my links for 28 mag 2012 through 2 giu 2012:

Straccetti di pollo con broccoli – La ricetta di OsteMatto – Straccetti di petto di pollo cucinati e serviti con cime di broccoli croccanti. Un secondo piatto molto veloce da preparare, delicato, leggero ed economico.
Configure Windows Server 2003 and 2008 w32tm commands on domain controller – 1st Byte Solutions – This drove me nuts! Why Microsoft had to take something totally simple in Windows 2000 and make it a complicated thing is NOT beyond me! This is MS we’re talking about! Of course it’s not easy with newer versions.
Took me a little bit, but here’s the commands I used on our primary domain controller, and it’s working great. that first w32tm command is all one line.
peframe – Static Analysis of Portable Executable Malware – Google Project Hosting – peframe is a tool to perform static analysis on (portable executable) malware. You can use the single command-line options or access to the console.

Bookmarks for 10 mag 2012 through 11 mag 2012

These are my links for 10 mag 2012 through 11 mag 2012:

Linux Malware Detect | R-fx Networks – Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. In addition, threat data is also derived from user submissions with the LMD checkout feature and from malware community resources. The signatures that LMD uses are MD5 file hashes and HEX pattern matches, they are also easily exported to any number of detection tools such as ClamAV.
Shinken | The next Industry Standard in IT Monitoring – Shinken is an open source Nagios® like tool, redesigned and rewritten from scratch. Its main goal is to meet today’s system monitoring requirements while still allowing compatibility to Nagios®
Index of /downloads/binaries/latest – These binaries are statically linked using http://landley.net/aboriginal

Bookmarks for 24 mar 2012 through 5 apr 2012

These are my links for 24 mar 2012 through 5 apr 2012:

LINUX VPN server for Android | Zews.org – Fedora 15 used for VPN server
VPN server is behid a firewall
L2TP/IPSec PSK VPN so it would be compatible with all of my Android devices
Punch a hole throuh you firewall. I have an iptables firewall and use fwbuilder to edit the firewall rules.
Android L2TP/IPSec VPN mini-howto — BrainBlog – I would have preferred that my Android 1.6 device supported OpenVPN out of the box. Unfortunately, this is only available for rooted devices and a bit of suffering. Instead, I went for configuring IPsec inside L2TP VPN server. All of it stuffed into an old and low-end Soekris net4511 board running Voyage Linux.
How to set up a VPN server for Android Clients | Android Apps by Doenter Limited – Have problems with connecting your Android device to a VPN server? In this how-to, we intend to cover server configuration that are known to work with Android clients.
You probably also need to configure firewalls and routing in order for the server to work as you intend. That is not covered here.

This page is far from complete, and when time permits new configurations will be added.
Installation on Ubuntu Lucid Lynx (10.4) – OtterHub – OTRS Community Wiki – This article describes the installation of OTRS 3.0.x on Ubuntu Lucid Lynx (version 10.04 LTS).
UVK – Ultra Virus Killer – With simple and intuitive interface, UVK allows users to detect and delete all types of malware and spyware from infected systems. It also includes lots of tools to repair windows after the disinfection.

Bookmarks for 7 nov 2011 through 8 nov 2011

These are my links for 7 nov 2011 through 8 nov 2011:

Testing puppet with Jenkins before deploying | mig5.net – […] However, I had overlooked one element: I tend to make a lot of typos […]
funny and very instructive
VMware Monitoring Appliance with Nagios, NagVis, PNP4Nagios, Smokeping, Cacti and OpenNMS – Monitoring in just a few minutes! This VMware appliance based on Ubuntu Server Edition 10.10 64-bit contains the most important monitoring software packages, installed and ready-to-run:
Nagios 3.2.3
NagVis 1.5.5
PNP4Nagios 0.6.7
MK Livestatus 1.1.8
Cacti/Spine 0.8.7g
Smokeping 2.3.6
OpenNMS 1.8.5

You can start immediately. It is especially suitable for comparing these different monitoring solutions. Note that OpenNMS is written in Java and produces a high load on the system. Starting and Stopping OpenNMS takes a long time (several minutes!).
Squid Block – DNSBL Redirector for the Squid Proxy – dnsbl_redir is a shamelessly derived redirector based on the asqredir redirector written by Thomas Zippo < thomas at zippo dot ch >. Thanks!
Its been rewritten to use a DNSBL list (RHS type) to check for and block sites listed in the DNSBL. It will redirect your users to the page/site listed in the top of the dnsbl_redir.h file.

dnsbl_redir is written in C. It consists of one small source file and a small(er) .h file. It has been tested and runs on the current Squid versions. It performs very well on Linux (RedHat/Fedora), BSD and technically should compile and run on any gnu/linux.

Bookmarks for 24 set 2010 through 28 set 2010

These are my links for 24 set 2010 through 28 set 2010:

xCAT – Extreme Cloud Administration Toolkit – xCAT offers complete and ideal management for HPC clusters, RenderFarms, Grids, WebFarms, Online Gaming Infrastructure, Clouds, Datacenters, and whatever tomorrow's buzzwords may be. It is agile, extendable, and based on years of system administration best practices and experience.
CoolSQL-Database-JDBC, Ibatis-Ibator(Abator) – CoolSQL is a cool tool used to view and manage database. It provides a nice user interface which makes a wonderful experience to user. CoolSQL inclineds to view and analyze data in the database, provides abundant functions including querying, modifying, exporting, supporting sqlscript and analyzing data. Convenience and maneuverability are the most advantages of CoolSQL. CoolSQL is written in java, thus it should run on any operating system that provides a Java Runtime (1.5 or above).
ottimizzazioni (quasi) estreme – In fondo, perché far ricomprimere ad Apache lo stesso file centomila volte al giorno, se questo non cambia praticamente mai? Non sarebbe possibile comprimerlo “a priori” e poi istruire il server a fornire la giusta versione a seconda che il browser dell’utente supporti o meno il formato gzip? A quanto pare la risposta è si
Trouble-Maker – Being a system administrator is full of interesting challenges. We like this. However, some of these challenges can be problematic, if they cause service interrupts on production systems. Most system administrators have run into the situation where something is wrong, the server is down, and we don't know what is going on. This project attempts to help. 
 
There are a lot of tools out there to make the system administrator's life easier. However, no tool is a replacement for properly understanding the system and experience in troubleshooting unknown situations. This is where Trouble-Maker comes in. Unlike other projects, we do not attempt to solve problems — we cause them.
iScanner – Remove website malwares, web pages viruses and malicious codes – iScanner is a free open source tool lets you detect and remove malicious codes and web page malwares from your website easily and automatically. iScanner will not only show you the infected files in your server but it's also able to clean these files by removing the malware code ONLY from the infected files. 
 
[ via http://www.bufferoverflow.it/ ]

Bookmarks for 18 mag 2010 through 19 mag 2010

These are my links for 18 mag 2010 through 19 mag 2010:

Download details: Deployment Guide WSUS 3.0 SP2 – This guide describes how to deploy Microsoft Windows Server Update Services 3.0 SP2 (WSUS 3.0 SP2). You will find a comprehensive description of how WSUS functions, as well as descriptions of WSUS scalability and bandwidth management features. This guide also offers procedures for installation and configuration of the WSUS server and how to configure client workstations and servers that will be updated by WSUS. Also included are steps for setting up a WSUS server on an isolated segment of your network and manually importing updates.
Collabtive – Open Source collaboration – Collabtive is cloud based groupware easy and efficient for your projects 
Collabtive is web-based project management software. The project was started in November 2007. It is Open Source software and provides an alternative to proprietary tools like Basecamp. Collabtive is written in PHP and JavaScript. 
 
[Via Raccolta differenziata: http://rd.minimarketing.it/ ]
Giavasan » Conficker – Questo post è la traduzione di un lungo articolo pubblicato su The Atlantic. La traduzione è assolutamente non rigorosa. Ho saltato alcune parti (parecchie) e ne ho aggiunte altre (poche). Non credo di aver travisato nulla, ma consiglio a tutti di leggere l’originale.
How autonegotiation supposed to work –

Bookmarks for 4 apr 2010 through 6 apr 2010

These are my links for 4 apr 2010 through 6 apr 2010:

12 More of the Best Free Linux Books – We have tried to select a fairly diverse selection of books in this article so that there should be something of interest here for any type of user whatever their level of computing knowledge. This article should be read in conjunction with our previous article on free Linux books, entitled 20 of the Best Free Linux Books.
pwnat: far comunicare due PC dietro NAT senza port forwarding – Si chiama pwnat ed è un’utility per Linux (ma non solo a giudicare dai makefile con cui viene distribuita) che sto tenendo d’occhio da un po’ per la possibilità che offre di far comunicare direttamente due o più PC, client e server, dietro altrettanti NAT. Non è necessario impostare alcun port fowarding nei router in quanto pwnat stabilisce un tunnel che sfrutta il protocollo UDP tra i computer interessati.
Eliminare virus, worm, rootkit: i migliori strumenti (secondo me) – Negli ultimi giorni sono stato impegnato in pulizie di sistemi Windows infetti e vorrei dare qui una lista di programmi senza i quali non sarei riuscito a cavarmela con la stessa velocità e efficacia: