Camaras. ¿Fue buena idea usar AES256 con el archivo INSURANCE de Wikileaks? Tres distribuciones Linux para la recuperación de datos. Una de las cosas que en algún momento hemos debido afrontar cuando trabajamos con ordenadores es un fallo del sistema operativo.
Llegado este momento tiramos de copia de seguridad para recuperar nuestros datos. Es entonces cuando vemos que nos faltan datos, que en algunos casos pueden ser importantes o dolorosa su pérdida como fotos o vídeos personales. Por eso vamos a proponeros cuatro distribuciones Linux para la recuperación de datos. Porque una vez que nos falla el sistema o el disco tiene sectores dañados en el inicio y no nos permite arrancar, tenemos la alternativa de buscar otro ordenador donde poder conectar este disco duro como secundario o esclavo para poder intentar acceder a él. Esto no siempre es posible, y sobre todo lleva su tiempo puesto que si no tenemos otro equipo en casa podemos tardar en contactar con alguien para realizar esta operación.
Redo Backup and Recovery. Noticias de Seguridad Informática - Segu-Info: Manualde Gestión de Incidentes de Seguridad Informática. El presente manual ha sido desarrollado en el marco de las actividades del Proyecto AMPARO, una iniciativa de LACNIC con el apoyo de IDRC de Canadá.
Este proyecto se propone fortalecer la difusión, conocimiento y atención de la problemática de Seguridad Informática en los distintos países de América Latina y el Caribe fundamentalmente en el ámbito privado de las empresas y organizaciones sociales. El proceso de creación de este manual ha implicado un gran esfuerzo por parte de un equipo de expertos en el manejo de incidentes de seguridad, académicos de diversos países de la región, de alto reconocimiento nacional e internacional y personal de LACNIC, e IDRC, con los que nos ha tocado vivir esta primera fase del Proyecto. A todos ellos un inmenso agradecimiento, porque han hecho posible la creación del primer Manual de Gestión de Incidentes de Seguridad Informática, que será puesto a consideración de la comunidad técnica de América Latina y el Caribe. Contenido: Fuente: Proyecto AMPARO. 20 Linux Server Hardening Security Tips.
Securing your Linux server is important to protect your data, intellectual property, and time, from the hands of crackers (hackers).
The system administrator is responsible for security Linux box. In this first part of a Linux server security series, I will provide 20 hardening tips for default installation of Linux system. Linux Server Hardening Checklist and Tips The following instructions assume that you are using CentOS/RHEL or Ubuntu/Debian based Linux distribution. #1: Encrypt Data Communication All data transmitted over a network is open to monitoring.
Use scp, ssh, rsync, or sftp for file transfer. . #1.1: Avoid Using FTP, Telnet, And Rlogin / Rsh Services Under most network configurations, user names, passwords, FTP / telnet / rsh commands and transferred files can be captured by anyone on the same network using a packet sniffer. . #2: Minimize Software to Minimize Vulnerability Do you really need all sort of web services installed? Top 20 OpenSSH Server Best Security Practices. OpenSSH is the implementation of the SSH protocol.
OpenSSH is recommended for remote login, making backups, remote file transfer via scp or sftp, and much more. SSH is perfect to keep confidentiality and integrity for data exchanged between two networks and systems. SecurityTube - Watch, Learn and Contribute Computer Security Videos. Incident report for 04/09/2010 : Apache Infrastructure Team. Apache.org incident report for 04/09/2010 Apache.org services recently suffered a direct, targeted attack against our infrastructure, specifically the server hosting our issue-tracking software.
The Apache Software Foundation uses a donated instance of Atlassian JIRA as an issue tracker for our projects. Among other projects, the ASF Infrastructure Team uses it to track issues and requests. Our JIRA instance was hosted on brutus.apache.org, a machine running Ubuntu Linux 8.04 LTS. Password Security If you are a user of the Apache hosted JIRA, Bugzilla, or Confluence, a hashed copy of your password has been compromised. JIRA and Confluence both use a SHA-512 hash, but without a random salt. Bugzilla uses a SHA-256, including a random salt. In addition, if you logged into the Apache JIRA instance between April 6th and April 9th, you should consider the password as compromised, because the attackers changed the login form to log them. Capturar usuarios y contraseñas de red « Informático de Guardia. Ataque man-in-the-middle en Linux « Informático de Guardia. Listado de Diccionarios para Realizar Ataques de Fuerza Bruta.
CeWL – Generador de Diccionarios Personalizados. What the Internet knows about you. Category:OWASP Guide Project. OWASP Developer Guide The OWASP Developer Guide 2014 is a dramatic re-write of one of OWASP's first and most downloaded projects.
The focus moves from countermeasures and weaknesses to secure software engineering. Introduction The OWASP Developer Guide is the original OWASP project. It was first published in 2002, when Ajax was only a mote in Microsoft's eye with the new e-mail notification in Outlook Web Access (and only if you used Internet Explorer).
The Developer Guide 2014 is a "first principles" book - it's not specific to any one language or framework, as they all borrow ideas and syntax from each other. The major themes in the Developer Guide include: Foundation Architecture Design Build Configure Operate We are re-factoring the original material from the Developer Guide 2.0, released in July 2005, and bring it into the modern world, and focus it tightly on modern web apps that use Ajax and RESTful API, and of course, mobile applications. Intended audience Presentation Project Leader. 10 of the Worst Moments in Network Security History.
Books and Courses - SleuthKitWiki. Pensando en la seguridad del HTML5. Sony, Rootkits and Digital Rights Management Gone Too Far - Mark's Blog. Last week when I was testing the latest version of RootkitRevealer (RKR) I ran a scan on one of my systems and was shocked to see evidence of a rootkit.
Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden (see my “Unearthing Rootkits” article from thre June issue of Windows IT Pro Magazine for more information on rootkits). The RKR results window reported a hidden directory, several hidden device drivers, and a hidden application: Given the fact that I’m careful in my surfing habits and only install software from reputable sources I had no idea how I’d picked up a real rootkit, and if it were not for the suspicious names of the listed files I would have suspected RKR to have a bug.
Reverse Engineering de Código Cifrado. F O R A T » Como proteger tu servidor Linux de ataques por fuerza bruta » Phrack Magazine. Descripción de la actualización de las tecnologías de activación de Windows. There is an update available to the activation and validation components in Windows Activation Technologies for Windows 7.
Windows Activation Technologies helps you confirm that the copy of Windows 7 that is running on your computer is genuine. Additionally, Windows Activation Technologies helps protect against the risks of counterfeit software. Windows Activation Technologies in Windows 7 consists of activation and validation components that contain anti-piracy features.
Activation is an anti-piracy technology that verifies the product key for the copy of Windows 7 that is running on your computer. The product key is a 25-character code that is located on the Certificate of Authenticity label or on the proof of license label. How to obtain the update package This update package is available through Windows Update and Microsoft Download Center. Windows Update Microsoft Download Center. Libro de Seguridad informatica gratis (Parte 1) Detectando ficheros con Truecrypt. Hola lectores,
Qué son los Spywares, cómo funcionan y cómo eliminarlos. SecurityTube - Watch, Learn and Contribute Computer Security Videos. Bios virus. Hacking de Redes UPnP - Parte I. =======================Hacking de Redes UPnP – Parte IHacking de Redes UPnP – Parte IIHacking de Redes UPnP – Parte III ======================= UPnP (Universal Plug-N-Play) es un protocolo que permite que varios dispositivos de red se autoconfiguren por si mismos.
Uno de los usos mas comunes de este protocolo es permitir que dispositivos o programas abran puertos en tu router casero con el objetivo de comunicarse apropiadamente con el mundo exterior (El Xbox, por ejemplo, lo hace). El protocolo UPnP está basado en protocolos y especificaciones pre-existentes, más precisamente en UDP, SSDP, SOAP y XML. Introduction to metasploit. How to write a Linux virus in 5 easy steps. Note: I posted a follow up to summarise points and comments I receivedas part of the overwhelming feedback to this article. Cracking WindowsXP local user password with Backtrack 3 « IT DIY.
Cracking job become easy when Backtrack Linux distro come in place, and it get easier when you want crack password saved in WinXP. Windows XP stored it username and password information in file named SAM at %SystemDrive%:\Windows\system32\config\. The SAM file is encrypted using LM hashes, which is vulnerable to rainbow table attack and bruteforce attack. 10 consejos para proteger tu privacidad en Facebook. InfoSpyware. OWASP.