security

Bookmarks for 27 apr 2011 through 28 apr 2011

These are my links for 27 apr 2011 through 28 apr 2011:

  • Yes, You Can Run 18 Static Sites on a 64MB Link-1 VPS – Low … – […] So, just trying to prove the point that yes, 64MB is more than enough to host 18 static sites, I decided to add a Link-1 Xen to my account and document the process […]<br />
    <br />
    Yeah!
  • Advanced Nmap – […] Tonight I wanted to share some Nmap stuff that I’ve been using lately or am getting ready to start using […]<br />
    <br />
    [via http://www.bufferoverflow.it]
  • logrotate in bash – logrotate is a bash script which can rotate log files and multilog log directories and archive them in a central location.logrotate requires GNU bash, GNU gzip and GNU date.

Bookmarks for 25 gen 2011 through 26 gen 2011

These are my links for 25 gen 2011 through 26 gen 2011:

  • Tricks with ‘sqsh’ – sqsh is -if you didn't know already- a superior replacement for Sybase's default ASCII query tool isql (sqsh has been described as 'isql the way it should have been').[…]
  • Grsecurity – Wikibooks, open books for an open world – […] grsecurity is a set of patches for the Linux kernel with an emphasis on enhancing security. It allows the system administrator to, among other things, define a least privilege policy for the system, in which every process and user have only the lowest privileges needed to function.This book is intended as a comprehensive up-to-date user guide about setting up and administrating a grsecurity-enabled system[…]
  • Hardening The Linux Kernel With Grsecurity (Debian … – […] This howto was performed on a Debian Lenny system. Thus some tools are Debian specific. However, tasks can be performed with other distro specific tools or even with universal tools (make).<br />
    Everything will done with root privileges. However, you can perform them with a limited account thanks to sudo and fake-kpkg tools[…]

Bookmarks for 11 gen 2011 through 12 gen 2011

These are my links for 11 gen 2011 through 12 gen 2011:

  • 500 Internal Server Error – 500 Internal Server Error
  • DISABLING BASH_HISTORY AND/OR LOGGING ALL USER’S CMDS – ancora su audit bash:<br />
    Once you have logged out of your shell by default bash will store the last 500 previous cmds (commands), and/or 500 lines, you executed to your .bash_history file for easy recall on future sessions (Ctrl+R or ! or !!). Even passwords that were entered as plain text, such as: mysqladmin -u root password 'new-password'I've listed a number of different methods to disable it, limit it, or stop users from altering their own .bash_history for auditing needs. Depending on your own needs select a method/s.                   
  • History Time Format | Crisis – Un bel post di Giorgio in inglese su audit dell'history bash (inserire a fianco di ogni comando nella history, data e ora di esecuzione)

Bookmarks for 14 dic 2010 through 18 dic 2010

These are my links for 14 dic 2010 through 18 dic 2010:

  • FreeNATS: Free Network Automatic Testing System – FreeNATS is a PHP and MySQL based automatic network status testing, alerting and repoting package from PurplePixie Systems and released under the GNU General Public Licence for free use. <br />
    <br />
    Current Test Types: Ping (ICMP), HTTP/HTTPs (Web), IMAP/IMAPs, POP3/POP3s, MySQL Connection, MySQL Queries, TCP Port, 2Various Node-based Monitors<br />
    <br />
    [ via http://www.delicious.com/farmando ]
  • PacketFence – What is PacketFence ?<br />
    PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, integration with the Snort IDS and the Nessus vulnerability scanner; PacketFence can be used to effectively secure networks – from small to very large heterogeneous networks. <br />
    <br />
    [ via http://www.delicious.com/farmando ]
  • Open Web Analytics – Easy, Open, Web Analytics.Open Web Analytics (OWA) is open source web analytics software that you can use to track and analyze how people use your web sites and applications. OWA is licensed under GPL and provides web site owners and developers with easy ways to add web analytics to their sites using simple Javascript, PHP, or REST based APIs. OWA also comes with built-in support for tracking web sites made with popular content management frameworks such as WordPress and MediaWiki.
  • 500 Internal Server Error – 500 Internal Server Error
  • SQL for Tivoli Storage Manager – This page has a collection of useful SQL statements for IBM Tivoli Storage Manager (TSM). Here you can find out a lot of selects that will help you to get information from TSM and to construct your own SQL statements.

Bookmarks for 18 nov 2010 through 22 nov 2010

These are my links for 18 nov 2010 through 22 nov 2010:

  • proXPN – Create a FREE VPN Account – Secure your internet connection … – What proXPN does…<br />
    upgrades your internet connection with VPN encryption<br />
    secures all types of connections from DSL and cable to 3G<br />
    gives you 100% private access to the internet<br />
    allows you to access content restricted to the United States<br />
    With proXPN nobody* can…<br />
    see the websites you visit<br />
    hijack your passwords, credit cards, or banking details<br />
    intercept and spy on your email, IMs, calls, or anything else<br />
    record your web history<br />
    run traces to find out where you live<br />
    <br />
    [via http://www.afhome.org/ ]
  • FREE VPN ACCOUNT | Best Free VPN Service – Yes, our VPN service is FREE! You pay nothing to use our high quality VPN service. Our service is maintained through the fund coming from advertisement and donation. Since we are expert in VPN service for many years, our service is extremely reliable and with high quality!<br />
    <br />
    [via http://www.afhome.org/ ]
  • 500 Internal Server Error – 500 Internal Server Error
  • FYI :: Operating Systems Release History :: Software Development … – Last updated: June 21, 2005<br />
    <br />
    The release history (below) includes the published dates (E&OE) when the vendor will withdraw product availability and support for various released versions of their respective operating systems. Knowing these dates in advance helps customers (e.g., system administrators) to plan and make informed IT decisions (such as operating system upgrades, software and hardware purchases, etc.).<br />
    <br />
    Similarly, application developers can respond proactively through adaptive maintenace, or at least be aware of (and thus, anticipate) inquiries about migration (e.g., environment differences), compatibility (e.g., APIs), and porting (e.g., 32-bit to 64-bit).<br />
    <br />
    Disclaimer: Please check with the vendor's web site for updates and program details (e.g., support options, service level, geographical differences, etc.).<br />
    <br />
    [Occhio che è aggiornata al 2005]

Bookmarks for 7 ott 2010 through 20 ott 2010

These are my links for 7 ott 2010 through 20 ott 2010:

  • CSS + XHTML Table Generator | WebmasterCorey
  • Qink | Free Books – A lot of people keep asking about a good list of programming books. Hence, we are building this list to save your time and to spread the knowledge.<br />
    <br />
    Some of these books will definitely help us to evolve our coding skills and thought processes for developing better solutions. We will do our best to keep updating this list, hope you find this list useful, here we go[…]<br />
    <br />
    E' una raccolta di ebook gratuiti sulla programmazione.<br />
    [via http://www.masayume.it/drupal/content/la-libreria-dello-sviluppatore ]
  • SendSMTP – SendSMTP is a command-line SMTP mailer for Windows 95/98/ME/Windows NT4/2K/XP/2003/Vista/2008. It may be used in batch files or interactively.<br />
    <br />
    SendSMTP is designed to be as clear and easy-to-use as possible. Easily send properly-formatted email on-demand!
  • HOWTO: Install AIX – To my surprise many AIX administrators have never had the opportunity to actually install AIX from scratch. This article is for admins new to AIX and anyone else interested in what the steps are to install AIX. The screenshots are from install AIX 7.1 onto a partition using the ASCII interface.
  • Use socat as tcp forwarder on Windows and restrict a few hosts to connect to it – Objective: on the company LAN, only one Windows server is able to connect to smtp server, some other servers need to connect to smtp server as well<br />
    Environment: Windows 2000 server A with one NIC, another Windows 2000 server B will be connecting to A at port 25 to reach company smtp server smtp.domain.com.

Bookmarks for 24 set 2010 through 28 set 2010

These are my links for 24 set 2010 through 28 set 2010:

  • xCAT – Extreme Cloud Administration Toolkit – xCAT offers complete and ideal management for HPC clusters, RenderFarms, Grids, WebFarms, Online Gaming Infrastructure, Clouds, Datacenters, and whatever tomorrow's buzzwords may be. It is agile, extendable, and based on years of system administration best practices and experience.
  • CoolSQL-Database-JDBC, Ibatis-Ibator(Abator) – CoolSQL is a cool tool used to view and manage database. It provides a nice user interface which makes a wonderful experience to user. CoolSQL inclineds to view and analyze data in the database, provides abundant functions including querying, modifying, exporting, supporting sqlscript and analyzing data. Convenience and maneuverability are the most advantages of CoolSQL. CoolSQL is written in java, thus it should run on any operating system that provides a Java Runtime (1.5 or above).
  • ottimizzazioni (quasi) estreme – In fondo, perché far ricomprimere ad Apache lo stesso file centomila volte al giorno, se questo non cambia praticamente mai? Non sarebbe possibile comprimerlo “a priori” e poi istruire il server a fornire la giusta versione a seconda che il browser dell’utente supporti o meno il formato gzip? A quanto pare la risposta è si
  • Trouble-Maker – Being a system administrator is full of interesting challenges. We like this. However, some of these challenges can be problematic, if they cause service interrupts on production systems. Most system administrators have run into the situation where something is wrong, the server is down, and we don't know what is going on. This project attempts to help.<br />
    <br />
    There are a lot of tools out there to make the system administrator's life easier. However, no tool is a replacement for properly understanding the system and experience in troubleshooting unknown situations. This is where Trouble-Maker comes in. Unlike other projects, we do not attempt to solve problems — we cause them.
  • iScanner – Remove website malwares, web pages viruses and malicious codes – iScanner is a free open source tool lets you detect and remove malicious codes and web page malwares from your website easily and automatically. iScanner will not only show you the infected files in your server but it's also able to clean these files by removing the malware code ONLY from the infected files.<br />
    <br />
    [ via http://www.bufferoverflow.it/ ]

Bookmarks for 20 set 2010 through 23 set 2010

These are my links for 20 set 2010 through 23 set 2010:

  • Blungr.com | domain name generator – Are you looking for a domain name for your startup or project? Or maybe you are looking for your comapny name?<br />
    Try Blungr.com – a simple domain name generator. Just type one or two keywords, choose settings and mix them up! Also, you can check the domain availability. If it is available, you can purchase it!
  • 20+ .htaccess Hacks Every Web Developer Should Know About | DevMoose – […] Apache's .htaccess(hypertext access) configuration file can be a very powerful tool in a web developer's toolkit if used properly. It can be found in the webroot of your server and can be easily edited using any text editor. In this article I'm going to show you 20 .htaccess hacks and how to use them.<br />
    Before I start with this article I'd like to start by saying that abusing the .htaccess file will hurt the performance of your website. The .htaccess file should only be used if you have no other way to achieve certain things.<br />
    Make sure to back up your current .htaccess file before applying any of the following hacks. […]<br />
    <br />
    via http://www.bufferoverflow.it/
  • Keeping an eye on TSM volumes – […] I wrote a quick script which tells me when volumes in TSM (Tivoli Storage Manager) have access and/or media issues and shoots me off an email. The script does two things:<br />
    1) Checks for volumes which are NOT in the states READWRITE or OFFSITE.<br />
    2) Checks for volumes which have a read/write error count >0.<br />
    I’m sure that most people running TSM in their environment have some sort of daily reporting that gets sent out. If that’s the case, you can simply extract the SQL from the script and use it in your own reporting tools.<br />
    […]
  • Read Ruby 1.9: Free Ebook About the Ruby Programming Language – Very early draft of a book about version 1.9 of the Ruby programming language, released under a Creative Commons license.<br />
    <br />
    [via Bru Blogs Aggregator http://pipes.yahoo.com/codewitchbru/myblogs ]
  • Know Your UNIX System Administrator: A Field Guide – There are four major species of Unix sysad…<br />
    Esilarante 🙂

Bookmarks for 21 lug 2010 through 22 lug 2010

These are my links for 21 lug 2010 through 22 lug 2010:

  • TestKing Pass4Sure 70-290 MCSE 70-620 CCNA 640-802 70-270 70-291 70-647 … – Welcome to ExamCollection.com!<br />
    <br />
    Have you ever prepared for a certification exam using PDFs or braindumps? If yes, then I think you will agree with me that using practice test software is more comfortable and efficient way to prepare.<br />
    <br />
    The purpose of this site is to help you use TestKing, Pass4sure, CertifyMe, ActualTest, Braindumps and other PDFs as practice exams, not the multipage text documents as most of us have used it.<br />
    <br />
    Here you can download free practice tests for such certifications as MCSE, MCDBA, MCSD, A+, Network+, Security+, CCNA, CCNP, and so on. All tests on this site have been created with Visual CertExam Suite. Visual CertExam Suite is an exam simulator developed for certification exam preparation. You can also use it as a Trandumper replacement. Files with VCE extension can be opened with this program.
  • Sagan from Softwink, Inc [800-538-9357] – Sagan is a multi-threaded, real time system and event log monitoring system, but with a twist. Sagan uses a "Snort" like rule set for detecting bad things happening on your network and/or computer systems. If Sagan detects a "bad thing" happening, that event can be stored to a Snort database (MySQL/PostgreSQL) and Sagan will attempt to correlate the event with your Snort Intrusion Detection/Intrusion Prevention (IDS/IPS) system.
  • Carta – Forbice – Sasso – La strategia per vincere 🙂
  • How to improve creativity – A two part ( series on using psychological techniques to improve your creativity <br />
    <br />
    [via http://delicious.com/pecus ]

Bookmarks for 20 mag 2010 from 13:04 to 17:45

These are my links for 20 mag 2010 from 13:04 to 17:45:

  • Come utilizzare netcat per effettuare il monitoraggio del traffico di rete – Le situazioni in cui si ha bisogno di effettuare il monitoraggio del traffico HTTP (o comunque TCP/UDP) tra un client ed un server sono molteplici: di solito questa esigenza si manifesta quando ad esempio si effettua il degg di un’applicazione web o comunque quando i dati che transitano devono (magari per motivi di sicurezza) essere registrati e storicizzati.
  • Snippet Compiler – Great utility for compiling and testing .net code snippets!
  • DenisFrati.it » Blog Archive » Manuale (incompleto) Caine 1.5 – Lo scorso autunno (2009) avvevo cominciato a lavorare alla stesura del manuale per la versione 1.5 di Caine, attualmente disponibile per il download in attesa della nuova release.<br />
    Quando mi staccai dal progetto Caine lo sviluppo del manuale si fermò e lo stesso rimase incompleto e congelato.<br />
    In questi giorni ho visto su LinuxMagazine (numero di giugno 2010) un corposo articolo riguardante Caine e mi sono detto che forse a qualcuno quella ventina di pagine di manuale incompleto potrebbero comunque fare comodo.