background preloader


Facebook Twitter


Camaras. Tres distribuciones Linux para la recuperación de datos. Noticias de Seguridad Informática - Segu-Info: Manualde Gestión de Incidentes de Seguridad Informática. El presente manual ha sido desarrollado en el marco de las actividades del Proyecto AMPARO, una iniciativa de LACNIC con el apoyo de IDRC de Canadá.

Noticias de Seguridad Informática - Segu-Info: Manualde Gestión de Incidentes de Seguridad Informática

Este proyecto se propone fortalecer la difusión, conocimiento y atención de la problemática de Seguridad Informática en los distintos países de América Latina y el Caribe fundamentalmente en el ámbito privado de las empresas y organizaciones sociales. El proceso de creación de este manual ha implicado un gran esfuerzo por parte de un equipo de expertos en el manejo de incidentes de seguridad, académicos de diversos países de la región, de alto reconocimiento nacional e internacional y personal de LACNIC, e IDRC, con los que nos ha tocado vivir esta primera fase del Proyecto. A todos ellos un inmenso agradecimiento, porque han hecho posible la creación del primer Manual de Gestión de Incidentes de Seguridad Informática, que será puesto a consideración de la comunidad técnica de América Latina y el Caribe.

20 Linux Server Hardening Security Tips. Securing your Linux server is important to protect your data, intellectual property, and time, from the hands of crackers (hackers).

20 Linux Server Hardening Security Tips

The system administrator is responsible for security Linux box. In this first part of a Linux server security series, I will provide 20 hardening tips for default installation of Linux system. Linux Server Hardening Checklist and Tips The following instructions assume that you are using CentOS/RHEL or Ubuntu/Debian based Linux distribution. #1: Encrypt Data Communication All data transmitted over a network is open to monitoring. Use scp, ssh, rsync, or sftp for file transfer. Top 20 OpenSSH Server Best Security Practices. OpenSSH is the implementation of the SSH protocol.

Top 20 OpenSSH Server Best Security Practices

OpenSSH is recommended for remote login, making backups, remote file transfer via scp or sftp, and much more. SSH is perfect to keep confidentiality and integrity for data exchanged between two networks and systems. However, the main advantage is server authentication, through the use of public key cryptography. From time to time there are rumors about OpenSSH zero day exploit. SecurityTube - Watch, Learn and Contribute Computer Security Videos.

Incident report for 04/09/2010 : Apache Infrastructure Team. incident report for 04/09/2010 services recently suffered a direct, targeted attack against our infrastructure, specifically the server hosting our issue-tracking software.

incident report for 04/09/2010 : Apache Infrastructure Team

The Apache Software Foundation uses a donated instance of Atlassian JIRA as an issue tracker for our projects. Among other projects, the ASF Infrastructure Team uses it to track issues and requests. Our JIRA instance was hosted on, a machine running Ubuntu Linux 8.04 LTS. Password Security If you are a user of the Apache hosted JIRA, Bugzilla, or Confluence, a hashed copy of your password has been compromised. JIRA and Confluence both use a SHA-512 hash, but without a random salt. Bugzilla uses a SHA-256, including a random salt. In addition, if you logged into the Apache JIRA instance between April 6th and April 9th, you should consider the password as compromised, because the attackers changed the login form to log them.

Capturar usuarios y contraseñas de red « Informático de Guardia. Ataque man-in-the-middle en Linux « Informático de Guardia. Listado de Diccionarios para Realizar Ataques de Fuerza Bruta. CeWL – Generador de Diccionarios Personalizados. What the Internet knows about you. Category:OWASP Guide Project.

OWASP Developer Guide The OWASP Developer Guide 2014 is a dramatic re-write of one of OWASP's first and most downloaded projects.

Category:OWASP Guide Project

The focus moves from countermeasures and weaknesses to secure software engineering. Introduction The OWASP Developer Guide is the original OWASP project. It was first published in 2002, when Ajax was only a mote in Microsoft's eye with the new e-mail notification in Outlook Web Access (and only if you used Internet Explorer). The Developer Guide 2014 is a "first principles" book - it's not specific to any one language or framework, as they all borrow ideas and syntax from each other.

The major themes in the Developer Guide include: Foundation Architecture Design Build Configure Operate We are re-factoring the original material from the Developer Guide 2.0, released in July 2005, and bring it into the modern world, and focus it tightly on modern web apps that use Ajax and RESTful API, and of course, mobile applications. Intended audience Presentation. 10 of the Worst Moments in Network Security History. Books and Courses - SleuthKitWiki. Pensando en la seguridad del HTML5. Sony, Rootkits and Digital Rights Management Gone Too Far - Mark's Blog.

Last week when I was testing the latest version of RootkitRevealer (RKR) I ran a scan on one of my systems and was shocked to see evidence of a rootkit.

Sony, Rootkits and Digital Rights Management Gone Too Far - Mark's Blog

Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden (see my “Unearthing Rootkits” article from thre June issue of Windows IT Pro Magazine for more information on rootkits). The RKR results window reported a hidden directory, several hidden device drivers, and a hidden application: Given the fact that I’m careful in my surfing habits and only install software from reputable sources I had no idea how I’d picked up a real rootkit, and if it were not for the suspicious names of the listed files I would have suspected RKR to have a bug.

Reverse Engineering de Código Cifrado. F O R A T » Como proteger tu servidor Linux de ataques por fuerza bruta » Phrack Magazine. Descripción de la actualización de las tecnologías de activación de Windows. There is an update available to the activation and validation components in Windows Activation Technologies for Windows 7.

Descripción de la actualización de las tecnologías de activación de Windows

Windows Activation Technologies helps you confirm that the copy of Windows 7 that is running on your computer is genuine. Additionally, Windows Activation Technologies helps protect against the risks of counterfeit software. Windows Activation Technologies in Windows 7 consists of activation and validation components that contain anti-piracy features.

Activation is an anti-piracy technology that verifies the product key for the copy of Windows 7 that is running on your computer. The product key is a 25-character code that is located on the Certificate of Authenticity label or on the proof of license label. How to obtain the update package. Libro de Seguridad informatica gratis (Parte 1) Detectando ficheros con Truecrypt. Hola lectores,

Detectando ficheros con Truecrypt

Qué son los Spywares, cómo funcionan y cómo eliminarlos. SecurityTube - Watch, Learn and Contribute Computer Security Videos. Bios virus. Hacking de Redes UPnP - Parte I. Introduction to metasploit. How to write a Linux virus in 5 easy steps. Note: I posted a follow up to summarise points and comments I receivedas part of the overwhelming feedback to this article.

How to write a Linux virus in 5 easy steps

Please read this follow-upbefore (!) Posting a comment, since some of what you might want to saymay already have been addressed. For the gist of it... ... just scroll down to the compact step-by-step guide. But if you like to get some of the background and related explanations then just read on. The rumor of the bullet-proof Linux architecture There is this rumor going around that Linux is virus free. Therefore, we are told, the very architecture of Linux is so much more superior to Windows that it's just not possible to successfully spread malware. At least so the story goes. Cracking WindowsXP local user password with Backtrack 3 « IT DIY.

Cracking job become easy when Backtrack Linux distro come in place, and it get easier when you want crack password saved in WinXP.

Cracking WindowsXP local user password with Backtrack 3 « IT DIY

Windows XP stored it username and password information in file named SAM at %SystemDrive%:\Windows\system32\config\. The SAM file is encrypted using LM hashes, which is vulnerable to rainbow table attack and bruteforce attack. Insert the Backtrack3 CD/USB, make it a live boot up. When you get into Backtrack 3 Desktop On the console, type. 10 consejos para proteger tu privacidad en Facebook.

InfoSpyware. OWASP.