Openssl. Win. gFTP Official Homepage. News: We Don't Need No Stinkin' Login. SSH Tunnel + SOCKS Proxy Forwarding = Secure Browsing « Ubuntu B. Posted by Carthik in applications, commands, guides, servers, ubuntu. Trackback When you are at the coffee shop, or at a conference, and you are not sure that you want to send all your data over the wi-fi network in plaintext, you want a secure tunnel to browse.
This happened to me recently and I stumbled across a neat feature of openssh (the ssh client on everyone’s computer). The wonders of ssh never cease to amaze me! You can use the “-D” flag of openssh to create a SOCKS proxy. The command first:$ssh -D 9999 username@ip-address-of-ssh-server This of course connects you to the server specified by “ip-address-of-ssh-server”. Now when you browse, all the connections you make to websites will seem to originate from the server to which you SSH-ed. Other applications (like email clients) may also support SOCKS proxies. Updates: Thanks a lot for the tips and pointers, folks.
Like this: Like Loading... StopBadware.org - Welcome to StopBadware.org. A Good Reason To Go Full-Time SSL For Gmail. TECH SOURCE FROM BOHOL: 10 Best Hacking and Security Software To. That you should check out. 1. John the Ripper 2. Nmap Nmap is my favorite network security scanner. Nmap runs on Linux, Microsoft Windows, Solaris, and BSD (including Mac OS X), and also on AmigaOS. 3. Nessus is a comprehensive vulnerability scanning software. -Vulnerabilities that allow a remote cracker to control or access sensitive data on a system. Nessus is the world's most popular vulnerability scanner, estimated to be used by over 75,000 organizations worldwide. 4. chkrootkit chkrootkit (Check Rootkit) is a common Unix-based program intended to help system administrators check their system for known rootkits.
It can be used from a "rescue disc" (typically a Live CD) or it can optionally use an alternative directory from which to run all of its own commands. There are inherent limitations to the reliability of any program that attempts to detect compromises (such as rootkits and computer viruses). 5. 6. netcat The original version of netcat is a UNIX program. 7. 8. hping 9. 10. tcpdump. Seth's Blog: Commercializing Captcha. From AWK to Google: Peter Weinberger Talks Search. E-biobanking: What Have You Done to My Cell Samples? The rise in biobanking (collecting and storing human biological material) has increased the need to store large quantities of related data and make that data available to researchers and others.
However, this introduces concerns regarding data security and dependability. The BiobankCloud project is developing technology to help create e-biobanking ecosystems based on a secure, dependable private-public "cloud of clouds" accessed through platform-as-a-service interfaces. Read full article » Highlights from Making Sense of Snowden, Part II: What's Significant in the NSA Revelations Susan Landau gives an update and analysis on the impact of Edward Snowden's initial leak of documents.
Arguing that it's time to give up on elaborate password rules, Google Vice President of Security Eric Grosse and engineer Mayank Upadhyay present a better way to achieve stronger user identification. Podcast: Silver Bullet. The instantly responsive enterprise. Internet criminals signing up students as 'sleepers' | Organised gangs are recruiting the next generation of internet criminals by approaching undergraduates on university campuses. In some cases gangs offer to finance undergraduates' studies and plant them as sleepers within target businesses, according to a report on cybercrime which draws on intelligence from the FBI and British and European hi-tech crime units.
Cybercriminals are exploiting the popularity of social networking sites such as MySpace to steal identities or craft more personalised fraud attempts, the report says. More than 1m computers were infected with malware this summer after MySpace users clicked on a spoof advertisement placed by hackers. Today's report by computer security company McAfee warns that online criminals are increasingly turning their attention to mobile phones, with the phenomenon of phishing, sending emails under a bogus identity to elicit personal information, spreading to text messages. The report warns: "There is a false economy of trust.
Junk and Jargon. Open-Source Spying. Linux Encryption HOWTO. Linux iptables HOWTO. ONLamp.com -- Google Your Site For Securit. By Nitesh Dhanjani 10/07/2004 If Google stumbles across data that may expose sensitive information about your organization, Google will not hesitate to index it. The search engine does not discriminate against data it indexes. How can you tell if your secrets have gone public? You can use Google to your advantage with some specific search queries. The inspiration for the examples presented in this article come from Johnny Long. Default Resources Web servers often install default web pages. Intitle:"Test Page for Apache" Directory Listings Web servers often serve directory listings when a default file such as index.html is not present in the directory. Intitle:"Index of" admin The above query will return URLs that contain directory listings of /admin.
Intitle:"Index of" .htpasswd intitle:"Index of" stats.html intitle:"Index of" backup intitle:"Index of" etc intitle:"Index of" finance.xls Error Messages Error messages from web servers and applications can give away a lot of details. Remote Services. Smashing The Stack For Fun And Profit.
SSLBridge - Open Source Linux VPN software. PuTTY Download Page. Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team Download: Stable · Snapshot | Docs | Changes | Wishlist PuTTY is a free implementation of SSH and Telnet for Windows and Unix platforms, along with an xterm terminal emulator. It is written and maintained primarily by Simon Tatham. The latest version is 0.70. Download it here. LEGAL WARNING: Use of PuTTY, PSCP, PSFTP and Plink is illegal in countries where encryption is outlawed. Use of the Telnet-only binary (PuTTYtel) is unrestricted by any cryptography laws. Latest news 2017-07-08 PuTTY 0.70 released, containing security and bug fixes PuTTY 0.70, released today, fixes further problems with Windows DLL hijacking, and also fixes a small number of bugs in 0.69, including broken printing support and Unicode keyboard input on Windows. 2017-04-29 PuTTY 0.69 released, containing security and bug fixes 2017-02-21 PuTTY 0.68 released, containing ECC, a 64-bit build, and security fixes We've also redesigned our website.
Site map. Punching holes into firewall. Or "Why firewalls shouldn't be considered a ultimate weapon for network security" or "Secure TCP-into-HTTP tunnelling guide" Introduction Firewalls are heavily used to secure private networks (home or corporate). Usually, they are used to protect the network from: intrusions from outsidersmisuse from insiders In a TCP/IP environment, the typical corporate firewall configuration is to block everything (both incoming and outgoing), and give access to the internet only through a HTTP proxy. Still, this should not considered a ultimate weapon, and network administrators should not rely on the firewalls only. Encapsulation is the basis of networking. As soon as you let a single protocol out, tunelling allows to let anything go through this protocol, and thus through the firewall. This paper demonstrates how to encapsulate any TCP-based protocol (SMTP, POP3, NNTP, telnet...) into HTTP, thus bypassing the firewall protection/censorship (depending on your point of view) A word of warning: The problem.
OpenSSH. Off-the-Record Messaging. OTR library and toolkit This is the portable OTR Messaging Library, as well as the toolkit to help you forge messages. You need this library in order to use the other OTR software on this page. [Note that some binary packages, particularly Windows, do not have a separate library package, but just include the library and toolkit in the packages below.] The current version is 4.0.0. UPGRADING from version 3.2.x Source code (4.0.0) Compressed tarball (sig) [Note that if you're compiling from source on win32, you may need to make this patch to libgcrypt-1.2.1.] Java OTR library This is the Java version of the OTR library. OTR localhost AIM proxy This software is no longer supported. This is a localhost proxy you can use with almost any AIM client in order to participate in Off-the-Record conversations.
Source code (0.3.1) Compressed tarball (sig) Windows (0.3.1) Win32 installer (sig) OS X package. How to Obscure Any URL. How to Obscure Any URLHow Spammers And Scammers Hide and ConfuseLast Updated Sunday, 13 January 2002 NOTICE: the IP address of this site has changed of late, and I've been unable to set aside time for the rather large task of revising this page. Its numerous links to the old IP address won't work. It'll be updated soon! Since this page was first written in 1999, Internet Explorer and Netscape have both begun dealing with URLs differently, particularly in versions 6 and above.
Some of the examples here will no longer work with those browser versions. The URL (Universal Resource Locator) of the page you are now viewing is It is also The weird-looking address above takes advantage of several things many people don't know about the structure of a valid URL. These tricks are known to the spammers and scammers, and they're used freely in unsolicited mails. How It's Done Go ahead and use the links. MidpSSH | SSH and Telnet client for Mobile. Latest News New and improved Blackberry specific build now available 4 March 2010 Marc Paradise is working on a new and improved Blackberry specific version based on MidpSSH. Visit the site Development Version 1.7.3 released 14 March 2008 This latest release attempts to address the problems Blackberry users have been having downloading and installing MidpSSH.
I recommend everyone tries the latest development release first. Stable Version 1.6.0 released 27 February 2007 After another year of off-and-on development there is another stable release version. Version 1.6 includes support for Keyboard Interactive authentication and an HTTP proxy solution for people behind telco firewalls. You may have noticed that the support forum has disappeared.
I am going to start writing about MidpSSH development on my blog so you can also follow the news there. Download MidpSSH News Archive About MidpSSH Java(tm) Telnet/SSH Applet is by Matthias L. Contribute. SSH Tunnels - Linuxlogin.com. Security Engineering - A Guide to Building. ‘I'm incredibly impressed that one person could produce such a thorough coverage.
Moreover, you make the stuff easy and enjoyable to read. I find it just as entertaining — and far more useful — than novels (and my normal science fiction). When I first got it in the mail, I said to myself "I'm never going to read all of that. " But once I started reading I just kept going and going. Fantastic: well done. Now, let's hope that all those in charge of security for information technology will also read the book and heed the lessons.’ ‘The book that you MUST READ RIGHT NOW is the second edition of Ross Anderson's Security Engineering book. ‘It's beautiful. All chapters from the second edition now available free online! When I wrote the first edition, we put the chapters online free after four years and found that this boosted sales of the paper edition. The first edition (2001) You can also download all of the first edition for free: The foreword, preface and other front matter.
Network File Copy using SSH. How to harden GNU/Linux again. How to safely connect from anywhere to you. In general all the great ideas are the simple ones. Many times we see a great idea in practice and we wander why didn’t we thought of that before? It is just so simple… The first time I have seen the knockd project I liked it instantly. The idea is so simple, and though so effective. Knockd is a port-knocking application that silently runs on a server passively listening to network traffic.
Once it will see a port sequence it has an action configured for it, it will run that action. We can see this as a remote control to our server: once we hit the right button it will take the appropriate action! How does a port knocker work? We install the port knocker daemon on our server (knockd)we configure some port sequences (tcp, udp, or both), and the appropriate actions for each sequence.the knockd daemon will be running in the background, at low level passively on the network interface. Installing knockd First you will need to install the knockd daemon.
Apt-get install knockd. Org & SSH Tunnels: Bypass (A. Creative Energy - Secret rooms, hidden pa. Analyzing 20,000 MySpace Passwords - Cyb. In a day where browsers are coming out with anti-phishing tactics, I can’t believe how many people still fall for phishing. It’s all over the news, and most email clients display warnings. I still get those letters from Nigeria saying they need my help transferring millions of dollars out of the country.
If nobody was falling for that they wouldn’t be doing that, I’m sure. So when I got an email from “Admin@MySpace.com” I kind of chuckled. It was the usual scam trying to get me to login to their fake MySpace login page. I have course entered in my bogus login details that I don’t have or will ever have. Then I went to the root directory the script was in. Yahoo, Hotmail, AOL. Character length means little if your passwords don’t have upper and lower case letters. There is still hope left for their password though, and that is if they added any numbers and or special characters. Next I tested all the passwords for password strength. PHP code I used: Most common passwords used: Summary: