Showing headlines posted by fneagle

NeXpose from Rapid7 is a unified vulnerability solution that scans networks to identify the devices running on them and to probe these devices for vulnerabilities. It analyzes the scan data and processes it for reports. The vulnerability checks in NeXpose identify security weaknesses in all layers of a network computing environment, including operating systems, databases, applications, and files. NeXpose can detect malicious programs and worms, identify areas in your infrastructure that may be at risk for an attack, and verify patch updates and security compliance measures.

Do you have problems with viruses and malware? Do you like to test different Linux distribution on your PC? Do you like to have tools and utilities available to check your PC, to partition your hard disk or to rescue data? This is perhaps the best tool you have ever seen and the best stuff for your USB Stick. Shardana Antivirus Rescue Disk Utility (Sardu) is software that can produce an ISO or an IMA anti-virus bootable CD, comprehensive collections of utilities, the most popular distributions of Linux Lite, and the best known Windows PE. In this article we’ll describe how to install more the 20 Live Systems on your USB Stick in 4 steps.

Nessus is a proprietary comprehensive vulnerability scanning tool. It is free of charge for personal use in a non-enterprise environment. Its goal is to detect potential vulnerabilities on the tested systems. Tanable Network Security announced the release of Nessus 4.2.0 last month. Nessus is now using a web based interface to manage scans and their results. Scan results and policies are now stored on the server. Additionally you can now compare the current scan with „older“ scans.

Zenmap is the official graphical user interface (GUI) for the Nmap Security Scanner. It is a multi-platform, free and open-source application designed to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. The purpose of Zenmap is not to replace Nmap. You still can use the good old command-line, but you will be able to use some advanced features like the “Topology” tab. This is an interactive view of the connections between hosts in a network. The following article will explain how to install Zenmap 5.0 on an Ubuntu system and how to use the main features.

Linux-Tip Europe is a site designed to provide the Linux users community (not only in Europe) with news and articles that are of interest to them. It works by allowing members of the community to submit news and articles relating to Linux hardware and software. This same community can then decide what tips should be promoted based on what they consider to be the most important or interesting to the community by voting stories up and down. Stories that receive enough votes are promoted to the Linux-Tip Europe homepage.

The Conficker worm has infected several million computers since it first started spreading in late 2008. In this paper German developers presented several potential methods to repel Conficker. The approaches presented take advantage of the way Conficker patches infected systems, which can be used to remotely detect a compromised system. They also provided freely available tools including source code on their website. They also described how to use these findings which allows system administrators to quickly and easily scan their networks for infected hosts and to create rules for use in intrusion detection systems. Developers already started to integrate these findings in their network security scanner and equivalent tools like Nmap and Nessus. This article shows how to use four different methods to scan for Conficker infected machines in your network.

NoMachine NX is a solution for secure remote access, desktop virtualization, and hosted desktop deployment using compression, session resilience and resource management. It integrations a powerful audio, printing and resource sharing capabilities and makes it possible to run any graphical application (e.g KDE, Gnome etc.) across the network connection. The NX Free Edition is easy to install and woks on almost all Linux distributions. The following workshop describes the installation an the first run on an OpenSuse 11.1 server.

Here is my question: Are “cyEma7;IkmH!” or “hot1BA-Bitso69” secure passwords? Yes definitely, but who (the hell) can remember it! YOU WILL - after reading this article! Your passwords play a crucial role in protecting your computing accounts and the personal information that can be accessed through them. One of the problems with passwords is that users forget them. For that reason people use simple password phrases like their dog’s name, their kid’s first name and birthdates, the name of the current month or everything in different combinations.

OpenVAS stands for Open Vulnerability Assessment System and is a complete tool for network security scanning including a graphical user front-end. I is used to  detect security problems in remote systems and applications. The OpenVAS development team consists of various interested parties from academia and commercial entities as well as individuals. Please notice that there are currently two different series available for download: the stable 1.0 series and the upcoming 2.0 series. The OpenVAS developers recently have announced the release of the 2.0-rc1 versions of openvas-libraries, openvas-libnasl, openvas-server and openvas-client. In this step by step workshop we’ll describe how to compile, install and use OpenVAS 2.0 on a Mandriva 2009 server and client.

Here is a scenario you can think about. An administrator of a company has been accused of hoarding illegal material of questionable moral content on his company network system. You have been called upon to examine the suspect server and unearth evidence related to the said illegal material. Your boss have told you that you are not allowed to shutdown the server. Unfortunately no additional money is available to buy forensic tools or equipment. In this workshop we will explain, how to use free forensic tools to investigate such cases.

OpenSSH version 4.3 introduced a new feature: the ability to create on-the-fly "Virtual Private Networks" via the tunnel driver (the so-called "tun" driver). This allows you to create a network interface that bridges two physically disparate network segments in different locations. This article explains how to use SSH to set up SSH-based point to point connections with OpenSuse 11.0 which can then be used to create routes that create virtual private networks.

In a previous article Linux-Tip explained how to install the current release (Backtrack 3 Final) in a virtual environment using VMWare. The goal was to run Backtrack 3 from the hard disk connected to a Wireless USB Adapter and to use the tool Kismet. It further explains how to collect valid wireless networks and to display them on Google Earth’s worldwide map system. In this article we’ll show how to add Nessus and to use the already integrated SAINT vulnerability scanner and Maltego. We’ll update Fast-Track and will show how to use the web-based interface.

The new distribution gOS 3 Gadgets BETA is based on Ubuntu 8.04.1 and is able to interact with Google Documents, Calendar and Mail. The newest release of WINE 1.0 is included to now support thousands of Windows software. The new operation system will also be loaded with Lightweight X Desktop Environment (LXDE) and other Google software for Linux to improve the user experience. This workshop describes how to install and run the new software from an USB stick.

This workshop explains how to install the current release (Backtrack 3 Final) in a virtual environment using VMWare Server. The goal will be to run Backtrack 3 from the hard disk connected to a wireless USB adapter, a USB GPS antenna and to use the tool Kismet. It further describes how to collect valid wireless networks and to display them on Google Earth’s worldwide map system.

Read more at Linux-tip.net

Often, the web browser that comes with an operating system is not set up in a secure default configuration. Not securing your web browser can lead quickly to a variety of computer problems caused by anything from spyware being installed without your knowledge to intruders taking control of your computer. As a result, exploiting vulnerabilities in web browsers has become a popular way for attackers to compromise computer systems. For that reason, it is very important to take control and to decide what kind of  browser and plug-in to use. But here is the good news; Linux is already using Mozilla Firefox as a default browser. This workshop will describe how to use additional plug-ins to browse the Internet more secure but also anonymously on a Mandriva 2008 Spring client.

CAD Schroer released the Fourth Generation of the globally renowned MEDUSA engineering product suite. Its powerful software tools were developed to work the way engineers do, helping you get product to market faster, and designs to customers quicker and more efficiently. Now MEDUSA4 Personal users can benefit from additional functionality, and support for the current versions of the following Linux distributions: CentOS, Fedora, Mandriva, RedHat, SuSE and Ubuntu. The MEDUSA4 Personal version is functionality nearly identical to the professional MEDUSA4 version but is intended for non-commercial use by private individuals. The product allows you to import but not export data, and sheets are clearly marked as having originated from the personal use version. This workshop describes step by step, how to install MEDUSA4 Personal on an OpenSuse 10.3 client.

If you need to set up a compact, secure, easily configurable Web server in as short a time, then we recommend installing Abyss Web Server. The software is available for Windows, Mac OS X, Linux, and FreeBSD operating systems. Depending on your needs, you may choose one of the two available editions. The free personal edition (X1) is a fully usable web server with no limitations. The professional edition (X2) includes an immediate access at no additional cost to new minor and major versions for a small amount of money. Abyss isn't open source software, but it is an interesting product and can provide a full web server with no cost, on older hardware, and with high-performance results.

This month the KDE Community announced the immediate availability of KDE 4.0. This significant release marks both the end of the long and intensive development cycle leading up to KDE 4.0 and the beginning of the KDE 4 era. We will see major improvements in almost all areas. The Phonon multimedia framework provides platform independent multimedia support to all KDE applications. The KDE 4 desktop has gained some major new capabilities like the Plasma desktop an increased KDE Window manager a lot more. Lots of KDE applications have seen improvements as well. Visual updates through vector-based artwork, changes in the underlying libraries, user interface enhancements and new features and new applications. We will also test the new document viewer (Okular) and the new file manager (Dolphin). This workshop will describe how to install KDE 4 on Mandriva 2008.

Innotek VirtualBox is a general-purpose full virtualizer for x86 hardware. Targeted at server, desktop and embedded use, it is now the only professional-quality virtualization solution that is also Open Source Software. Some of the features of VirtualBox are: Modularity,  virtual machine descriptions in XML, guest additions for Windows and Linux and shared folders. The following workshop describes how to install VirtualBox (OSE) on OpenSuse 10.3 and to install  a WindowsXP guest addition.

VNC stands for Virtual Network Computing. It is remote control software which allows you to view and fully interact with one computer desktop using a VNC viewer on another computer desktop anywhere on the LAN or Internet. The two computers don't even have to be the same type, so for example you can use VNC to view a Windows XP desktop at the office on a Linux or Mac computer at home. Once you are connected, traffic between the viewer and the server is unencrypted, and could be sniffed by someone with access to the intervening network.