Windows System Security Part I

Posted October 22nd, 2011. Filed under DotCom Security Stuff Tutoriale

The fundamentals to Windows System Security. This video will cover:


Adding Accounts
Deleting Accounts
Modifying Accounts
Viewing Account Settings
Enforcing Account Settings through Group Policy

Service Management: SERVICES.MSC / SC QUERY

Starting Services
Stopping Services
Configuring Services
Identifying Insecure Services (Telnet/FTP)
Secure Alternatives


Viewing Processes
Forcing Processes to Stop
Killing Specific Processes (Malware)
Starting Processes

Group Policy Security: GPEDIT.MSC / GPUPDATE

Audit Policy
User Rights Assignment
Security Options
Account Policies (Covered in Account Management)


Tips and Tricks for looking for Malware
Identifying Compromise
Viewing open shares/connections
Creating and Destroying shares

Next Video Information: NETSH ROUTING IP / CACLS / EventVwr.msc / 3rd Party Tools

Applying Packet Filters through NetSH
File Permissions with CACLS
Configuring Client Side Browsers
Sysinternals and other 3rd party tools
Logs and EventViewer

(c) Devon Greene

PHP and MySQL LiveLessons (2011)

Posted October 9th, 2011. Filed under Security Stuff

For every developer who wants to build production-quality applications using PHP and MySQL. In this one-of-a-kind video package, top Web developer and Prentice Hall author Marc Wandschneider shows you exactly how to build reliable, secure, industrial-strength Web applications with PHP and MySQL. You’ll master both PHP and MySQL through 18 comprehensive video lessons, and you’ll have your first PHP/MySQL application running in less than an hour.


Product Description

For every developer who wants to build production-quality applications using PHP and MySQL. 

In this one-of-a-kind video package, top Web developer and Prentice Hall author Marc Wandschneider shows you exactly how to build reliable, secure, industrial-strength Web applications with PHP and MySQL. You’ll master both PHP and MySQL through 18 comprehensive video lessons, and you’ll have your first PHP/MySQL application running in less than an hour.

Wandschneider shows how to set up PHP on Windows and Mac OS X and then builds your skills by walking you through actual application development projects. Just click, watch, and learn efficient ways to implement user account creation, form validation, cookie and session management, file upload/download, and much more.

Everything’s taught visually, using sample applications ranging from a simple calculator to a full-fledged photo sharing site, and all the sample code is on the DVD. Programming challenges at the end of each lesson teach you how to take your skills to the next level. You’ll master essential PHP and MySQL best practices at your own pace and learn how to deliver production-quality PHP/MySQL solutions faster and more effectively.

LiveLessons: Video Instruction from Technology Experts

Looking for a better way to master today’s rapidly changing technologies? Want expert help, but don’t have the time or energy to read a book? Can’t find classroom training worth the money? Discover LiveLessons: self-paced, personal video instruction from the world’s leading experts.
LiveLessons are video courses, on DVD with a book supplement, that are organized into bite-sized, self-contained sessions—you’ll learn key skills in as little as fifteen minutes!
Each lesson begins with well-defined learning objectives so you know exactly what you will learn in the lesson.
Follow along as your instructor shows exactly how to get great results in your real-world environment.

About the Author

Marc Wandschneider is the author of Core Web Application Development with PHP and MySQL (Prentice Hall, 2006). He has been a programmer for more than fifteen years and has worked extensively with open source platforms. He designed and implemented Swik to help people collaboratively document open source software, and continues to work on various free and open source projects. He currently travels the globe, consulting as a lead manager for software projects and teams. A graduate of McGill University’s School of Computer Science, he spent nearly six years at Microsoft as a developer and leader on the Visual Basic, Visual J++, and .NET Windows Forms teams.

Download :


The book argues that computer security has evolved from a technical discipline to a strategic
concept. The world’s growing dependence on a powerful but vulnerable Internet – combined
with the disruptive capabilities of cyber attackers – now threatens national and international

Strategic challenges require strategic solutions. The author examines four nation-state approaches to cyber attack mitigation:
•  Internet Protocol version 6 (IPv6)
•  Sun Tzu’s Art of War
•  Cyber attack deterrence
•  Cyber arms control

The four threat mitigation strategies fall into several categories. IPv6 is a technical solution.
Art of War is military. The third and fourth strategies are hybrid: deterrence is a mix of military and political considerations; arms control is a political/technical approach.

The Decision Making Trial and Evaluation Laboratory (DEMATEL) is used to place the key
research concepts into an influence matrix. DEMATEL analysis demonstrates that IPv6 is
currently the most likely of the four examined strategies to improve a nation’s cyber defence

There are two primary reasons why IPv6 scores well in this research. First, as a technology,
IPv6 is more resistant to outside influence than the other proposed strategies, particularly
deterrence and arms control, which should make it a more reliable investment. Second, IPv6
addresses the most significant advantage of cyber attackers today – anonymity.

Download the book as a PDF or as an ePUB.

About the Author
Kenneth Geers, PhD, CISSP, Naval Criminal Investigative Service (NCIS), is a Scientist and the
U.S. Representative to the NATO CCD COE in Tallinn, Estonia.

via : pyth0n3

In Debian Lenny vine instalata versiunea 4.69 de default
Dupa ce vine configurat serviciul rămîne vulnerabil la un atac remote
Ce se întîmplă în cîteva cuvinte.
Vine folosita o tehnica de overflow , nu e una clasica
Vine creat un header email foarte mare care reușește sa rescrie variabilele asociate la MAIL
FROM , așadar poate fi executat cod intrun mod mult mai eficace asupra sistemului operativ
Am incercat sa blochez exploit-ul folosind o opțiune în fișierul de configurare
log_selector = -rejected_header , oricum nu a ajutat la nimic
Trebuie facut update
In cazul in care vine compilata ultima versiune este vulnerabila la local privilege escalation
Exista update si pt asta
Daca vine instalat din sursa ar fi bine sa fie compilat cu optiunea ALT_CONFIG_ROOT_ONLY
Note: Diverse alte sisteme sunt vulnerabile

WATOBO v.0.9.6 Released

Posted March 1st, 2011. Filed under Security Stuff

WATOBO is intended to enable security professionals to perform highly efficient (semi-automated ) web application security audits. We are convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities.WATOBO has no attack capabilities and is provided for legal vulnerability audit purposes only.WATOBO works like a local proxy, similar to Webscarab, Paros or BurpSuite.

Additionally, WATOBO supports passive and active checks. Passive checks are more like filter functions. They are used to collect useful information, e.g. email or IP addresses. Passive checks will be performed during normal browsing activities. No additional requests are sent to the (web) application.
Active checks instead will produce a high number of requests (depending on the check module) because they do the automatic part of vulnerability identification, e.g. during a scan.

* General: Supports One-Time-Tokens (e.g. Anti-CSRF-Tokens)
* General: NTLM Authentication (Server and Proxy)
* New Plugin: FileFinder
* GUI: switch the icon and text size for lower screen resolution
* Manual Request Editor: Table-View for easier parameter manipulation


Video demo:

via :

Protejarea bazelor de date folosind GreenSQL

Posted February 22nd, 2011. Filed under Security Stuff

logo Green SQL este un Open Soruce Firewall conceput pentru a proteja bazele
de date împotriva atacurilor SQL injection.

Cum “lucrează” GreenSQL ?

GreenSQL este un “reverse proxy” pentru interogările SQL , mai exact GreenSQL este “pus” între aplicaţie şi serverul nostru astfel încât aplicaţia este întâi connectată la GreenSQL iar în cele din urmă la server , lucru cei îi permite acestuia să analizeze toate interogariile SQL şi apoi dacă sunt considerate “safe” vor fii trimise mai departe către server .GreenSQL suportă MySQL și PostgreSQL


Cum instalăm GreenSQL
// Green este distribuit sub GPL license //

Download greensql-fw de aici : download page.

Pachetele sunt disponibile pentru : RedHat , CentOS , Fedora, SuSe
Mandriva, Debian , Ubuntu .

Eu voi prezenta instalarea pe Ubuntu .

După ce am downloadat folosim :

sudo dpkg -i greensql-fw_X.X.X.deb
X.X.X = versiunea curentă.

În timpul instalării vom răspunde la câteva întrebări în legătură cu
configuraţia bazei de date. ( ceva normal şi uşor, nu voi întra în detalii ) .


Cum pornim GreenSQL

sudo /etc/init.d/greensql-fw start

logs : /var/log/greensql.log – pentru eventuale erori.

Configurarea consolei ( web -based pentru GreenSQL )

cd /var/www

ln -s /usr/share/greensql-fw/ greensql


cd /var/www/greensql

chmod   0777   templates_c

Default user : admin , password : pwd

Cum verificăm dacă totul a decurs cum trebuie ?

mysql -h -P 3305 -u root -p

Avem proxy instalat , ce urmează?

Edităm “config.php”  ( ex. wordpress are wp-config.php ) de aici se înțelege ce am vrut să spun prin “config.php”
Căutăm :

mysql_connect(‘localhost’, ‘mysql_user’, ‘mysql_password’);

și înlocuim cum :

mysql_connect(‘’, ‘mysql_user’, ‘mysql_password’);

Întrebări ?

Powered by HaxTor | CopyWrong © 2011