Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.
http://www.sandboxie.com/
Monday, May 24, 2010
Tuesday, May 11, 2010
Yum not workingon Fedora Constantine
Downloaded the new Fedora 12 and had issues using yum..
Here is the fix
*Edit two of your repository files: /etc/yum.repos.d/fedora.repo and /etc/yum.repos.d/fedora-updates.repo.
*Un-comment all the lines that start with the term baseurl and place a comment before all lines that start with mirrorlist. .
* Edit your /etc/hosts file and append the following to it’s contents:
80.239.156.215 mirrors.fedoraproject.org
213.129.242.84 mirrors.rpmfusion.org
Here is the fix
*Edit two of your repository files: /etc/yum.repos.d/fedora.repo and /etc/yum.repos.d/fedora-updates.repo.
*Un-comment all the lines that start with the term baseurl and place a comment before all lines that start with mirrorlist. .
* Edit your /etc/hosts file and append the following to it’s contents:
80.239.156.215 mirrors.fedoraproject.org
213.129.242.84 mirrors.rpmfusion.org
Sunday, May 9, 2010
OSSIM
OSSIM stands for Open Source Security Information Management. Its goal is to provide a comprehensive compilation of tools which, when working together, grant network/security administrators with a detailed view over each and every aspect of his or her networks, hosts, physical access devices, server, etc.
Besides getting the most out of well known open source tools, some of which are briefly described below, OSSIM provides a strong correlation engine, detailed low, medium and high level visualization interfaces, and reporting and incident management tools, based on a set of defined assets such as hosts, networks, groups and services.
All of this information can be restricted by network or sensor in order to provide only the required information to specific users; allowing for a fine grained multi–user security environment. Finally, the ability to perform as an IPS (Intrusion Prevention System), using correlated information from virtually any source, will be a useful addition to any security professional’s arsenal.
Components
OSSIM features the following software components:
* Arpwatch – used for MAC anomaly detection.
* P0f – used for passive OS detection and OS change analysis.
* Pads – used for service anomaly detection.
* Nessus – used for vulnerability assessment and for cross correlation (IDS vs Security Scanner).
* Snort – the IDS, also used for cross correlation with nessus.
* Tcptrack – used for session data information which can prove useful for attack correlation.
* Ntop – which builds an impressive network information database from which we can identify aberrant behavior/anomaly detection.
* Nagios – fed from the host asset database, it monitors host and service availability information.
* Osiris – a great HIDS.
* OCS-NG – cross-platform inventory solution.
* OSSEC – integrity, rootkit, registry detection, and more.
http://www.alienvault.com/community.php?section=Home
Besides getting the most out of well known open source tools, some of which are briefly described below, OSSIM provides a strong correlation engine, detailed low, medium and high level visualization interfaces, and reporting and incident management tools, based on a set of defined assets such as hosts, networks, groups and services.
All of this information can be restricted by network or sensor in order to provide only the required information to specific users; allowing for a fine grained multi–user security environment. Finally, the ability to perform as an IPS (Intrusion Prevention System), using correlated information from virtually any source, will be a useful addition to any security professional’s arsenal.
Components
OSSIM features the following software components:
* Arpwatch – used for MAC anomaly detection.
* P0f – used for passive OS detection and OS change analysis.
* Pads – used for service anomaly detection.
* Nessus – used for vulnerability assessment and for cross correlation (IDS vs Security Scanner).
* Snort – the IDS, also used for cross correlation with nessus.
* Tcptrack – used for session data information which can prove useful for attack correlation.
* Ntop – which builds an impressive network information database from which we can identify aberrant behavior/anomaly detection.
* Nagios – fed from the host asset database, it monitors host and service availability information.
* Osiris – a great HIDS.
* OCS-NG – cross-platform inventory solution.
* OSSEC – integrity, rootkit, registry detection, and more.
http://www.alienvault.com/community.php?section=Home
Tuesday, May 4, 2010
Hacked US Treasury websites serve visitors malware
Websites operated by the US Treasury Department are redirecting visitors to websites that attempt to install malware on their PCs, a security researcher warned on Monday.
The infection buries an invisible iframe in bep.treas.gov, moneyfactory.gov, and bep.gov that invokes malicious scripts from grepad.com, Roger Thompson, chief research officer of AVG Technologies, told The Register. The code was discovered late Sunday night and was active at time of writing, about 12 hours later.
http://www.theregister.co.uk/2010/05/03/treasury_websites_attack/
The infection buries an invisible iframe in bep.treas.gov, moneyfactory.gov, and bep.gov that invokes malicious scripts from grepad.com, Roger Thompson, chief research officer of AVG Technologies, told The Register. The code was discovered late Sunday night and was active at time of writing, about 12 hours later.
http://www.theregister.co.uk/2010/05/03/treasury_websites_attack/
Subscribe to:
Posts (Atom)
