background preloader

Segurança da Informação

Facebook Twitter

Linux: 20 Iptables Examples For New SysAdmins. Linux comes with a host based firewall called Netfilter.

Linux: 20 Iptables Examples For New SysAdmins

According to the official project site: netfilter is a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack. A registered callback function is then called back for every packet that traverses the respective hook within the network stack. This Linux based firewall is controlled by the program called iptables to handles filtering for IPv4, and ip6tables handles filtering for IPv6. I strongly recommend that you first read our quick tutorial that explains how to configure a host-based firewall called Netfilter (iptables) under CentOS / RHEL / Fedora / Redhat Enterprise Linux. IPTABLES Rules Example Most of the actions listed in this post are written with the assumption that they will be executed by the root user running the bash or any other modern shell. . #1: Displaying the Status of Your Firewall Type the following command as root: # iptables -L -n -v Sample outputs: DDOSIM v0.2. [Mini Artigo]Baixando,Compilando e Utilizando o T50 Packet Injector.

Programas - GPGee. O GPGee permite que ao clicar com o botão direito do mouse sobre um arquivo qualquer do Windows o usuário tenha, além das opções de abrir, copiar, recortar, excluir e etc, a opção de criptografar, assinar e descriptografar.

Programas - GPGee

O programa vem incluido no pacote GPG4Win e utiliza o GnuPG, também incluido no pacote. Utilização Tendo o GPGee instalado no computador, para realizar qualquer operação basta clicar num arquivo(no exemplo usamos uma planilha do Excel chamada "Contabilidade da empresa") com o botão direito do mouse, arrastar o mouse até o submenu GPGee conforme a figura abaixo, e clicar na 1ª opção: "Sign/Encrypt" Será aberta uma nova janela onde estará a lista de todas as chaves públicas contidas no seu chaveiro do GnuPG. Você deve assinalar as caixas a esquerda de todos aqueles que você quer que sejam capazes de descriptografar o arquivo que será gerado. Será solicitada a senha da sua chave secreta, basta escrever e dar "Ok" de novo. GnuPG. GnuPG O objetivo desse documento não é produzir uma descrição exaustiva de cada funcionalidade do programa, apenas os comandos necessários para ajudar quem ainda não possui um par de chaves, e também aqueles que pretendem colaborar no Launchpad, onde é necessário assinar o Código de Conduta utilizando as chaves GnuPG.

GnuPG

The Mask, a malware campaign that remained undetected for 7 Years. A Sophisticated cyber spying operation, ‘The Mask’, that has been under the mask for about 7 years targeting approximately 31 countries, has now been ‘unmasked’ by researchers at Kaspersky Labs.

The Mask, a malware campaign that remained undetected for 7 Years

The Researchers believe that the program has been operational since 2007 and is seems to be sophisticated nation-state spying tool that targeted government agencies and diplomatic offices and embassies before it was disclosed last month. In the unveiling document published by Kaspersky, they found more than 380 unique victims, including Government institutions, diplomatic offices/embassies, private companies, research institutions, activists etc.

The name "Mask" comes from the Spanish slang word "Careto" ("Ugly Face" or “Mask”) which the authors included in some of the malware modules. The malware targets files having an extension: The malware remains untraceable for about 7 years and was able to infect Mac OS X version, Linux, Windows, iPad/iPhone and android running devices. Duqu Trojan developed in unknown programming language. Duqu Trojan developed in unknown programming language Researchers at Kaspersky have reached out for assistance after an investigation into the Duqu Trojan uncovered a section that is written in an unknown programming language.

Duqu Trojan developed in unknown programming language

The Russian security company says this new information could help them discover how the worm was able to communicate with its Command and Control (C&C) servers. The C&C servers essentially tell the worm what to do once it has accessed a system. While the majority of Duqu is written in C++, the Framework was not and was not compiled with Microsoft’s Visual C++ 2008. Other languages ruled out include Python, Java, Objective C, Ada and Lua. The mysterious code could be the work of a separate collaborator, indiciating that multiple parties worked to develop the infection. Researchers have noted a number of similarities in the behaviour and spread of Duqu with the infamous Stuxnet malware, leading some researchers to dub Duqu as the successor to Stuxnet.