Sep 16 2004
Here is a simple tutorial I found on the internet I am saving it for personal use.
here is the link where you can read it too.
http://georgetoft.com/linux/security/sysadmin1.html
Continua”Tharwting The System Hacker”
Sep 14 2004
UNIX Security: the Buffer Overflow problem
Introduction
As a Web server administrator, I’m concerned by security holes. After many weeks of setup, I was really CERTAIN that our server was clean and secure. One day, I read in the news that a new Web site treating about security had born: Jason T. Murphy ’s Linux Security Home Page . I decided to browse it and to retrieve some exploits to test my system.
I was afraid to discover that any local user could gain root access simply by using LPR, MOUNT, UMOUNT, and even through the network by using a fake library which fooled the telnetd !!! I’ve patched all that was tested and tried to find other bugs.
I understood that Linux is able to execute code in the stack (!), which made it possible to overflow a buffer of any root program and make it execute a shell or any program. This is the most common method of gaining root with suid-root programs. That’s why I’ll describe it here, and, of course, some ways to avoid that in your programs.
I then wrote an exploit for suidperl under Linux, and someone told me it would be impossible on Sparcs because “their stack wasn’t executable”. I decided to try to understand how Sparcs really work concerning the stack, and I wrote a second exploit, but now for xterm under SunOS 4.1.4.
I will describe here why and how it works on each of these systems and/or architectures, how it is possible to test the vulnerability of one system, how to exploit one system’s holes and how to protect against these exploits.
Linux/ix86 buffer overflows
SunOS 4.1/Sparc buffer overflows
Linux/ix86 GENeric OVerflow EXploiter and tester (source)
Continua”Buffer Overflows on linux”
Sep 14 2004
This stuff is trully great if you are trying to copy your OS to another computer.
Sep 13 2004
Here is all you need to know about the pig.
Learn to write your own rules
Continua”The Snort Manual”
Sep 13 2004
Write Your Own Snort Rules
Customize Snort for your own needs quickly and easily by leveraging its flexible rule engine and language
[Discuss (0) | Link to this hack]
One of the best features of Snort is its rule engine and language. Snort’s rule engine provides an extensive language that enables you to write your own rules, allowing you to extend it to meet the needs of your own network.
Continua”How to write your own snort rules”
Sep 11 2004
Building Snort with ACID (Analysis Console for Intrusion Databases) is not that difficult. On some level it may seem complex because there is a lot to compile, recompile, configure, install and reinstall. Don’t throw in the towel. Stick with it and you shall prosper. It’s well worth it. I have built snort with ACID more than 10 times in the last two months. Based on those experiences, I have done everything to make your experience quick and easy.
Continua”HOWTO Build Snort with ACID”
Sep 11 2004
1.0 Introduction
Java servlets are a powerful tool for building websites and web based applications. One skill that every Java web developer should have is the ability to install and configure the Tomcat servlet engine. Many thanks to the Apache Software Foundation for providing this mature, stable, open source software. It was recently voted the Best Application Server of 2003 by InfoWorld readers.
Continua”Integrating Tomcat and Apache on Red Hat Linux 9 or Red Hat Enterprise Linux 3″
Sep 11 2004
This tutorial is about the compilation, installation and configuration of a LAMPS server.
Continua”LAMPS Tutorial 2.0 (v2.0.5)”
Sep 11 2004
This is how I installed my apache server on my server .
It is working now and I am saving this instructions for future reference. :)
Continua”How to install Apache + PHP/MySQL + mod_ssl/OpenSSL on Linux using the MySQL RPMs”
