Linux Exposed :: The Linux Security and Hacking Resource - Home TechCrunch Sculpting text with regex, grep, sed and awk Theory: Regular languages Many tools for searching and sculpting text rely on a pattern language known as regular expressions. The theory of regular languages underpins regular expressions. (Caveat: Some modern "regular" expression systems can describe irregular languages, which is why the term "regex" is preferred for these systems.) Regular languages are a class of formal language equivalent in power to those recognized by deterministic finite automata (DFAs) and nondeterministic finite automata (NFAs). [See my post on converting regular expressions to NFAs.] In formal language theory, a language is a set of strings. For example, {"foo"} and {"foo", "foobar"} are formal (if small) languages. (Mathematicians don't typically put quotes around a string, preferring to let the fixed-width typewriter font distinguish it as one, but I'm guessing that programmers are more comfortable with the quotes around strings.) In regular language theory, there are two atomic languages: Useful grep flags The +? #!
Anti-Virus test file Additional notes: This file used to be named ducklin.htm or ducklin-html.htm or similar based on its original author Paul Ducklin and was made in cooperation with CARO.The definition of the file has been refined 1 May 2003 by Eddy Willems in cooperation with all vendors.The content of this documentation (title-only) was adapted 1 September 2006 to add verification of the activity of anti-malware or anti-spyware products. It was decided not to change the file itself for backward-compatibility reasons. Who needs the Anti-Malware Testfile (read the complete text, it contains important information)Version of 7 September 2006 If you are active in the anti-virus research field, then you will regularly receive requests for virus samples. Other requests come from people you have never heard from before. A third set of requests come from exactly the people you might think would be least likely to want viruses "users of anti-virus software". The good news is that such a test file already exists.
Network-Tools | Traceroute, Ping, Domain Name Server (DNS) Lookup, WHOIS Packet Crafting for Firewall & IDS Audits (Part 1 of 2) With the current threat environment that home and corporate users face today, having a firewall and IDS is no longer a luxury, but rather a necessity. Yet many people do not really take the time to make sure though that these lines of defense are indeed working properly. After all, it is very easy to invalidate your router's entire ACL list by making a single misconfigured entry. It is best to not blindly rely on the output of certain automated tools when auditing devices that safeguard your valuable computing assets. This article is the first of a two-part series that will discuss various methods to test the integrity of your firewall and IDS using low-level TCP/IP packet crafting tools and techniques. Benefits of packet crafting There are some side benefits to learning how to audit your firewall and IDS though the use of packet crafting. Several examples will be shown for both a firewall and IDS. Testing your firewall - first example Assumptions Concluding part one
Reverse IP Lookup - Find Other Web Sites Hosted on a Web Server Find other sites hosted on a web server by entering a domain or IP address above. Note: For those of you interested, as of May 2014, my database has grown to over 100 million domain names. I am now offering this domain list for purchase. A reverse IP domain check takes a domain name or IP address pointing to a web server and searches for other sites known to be hosted on that same web server. Data is gathered from search engine results, which are not guaranteed to be complete. IP-Address.org provides interesting visual reverse IP lookup tool. Background All web sites are hosted on web servers, which are computers running specialized software that distribute web content as requested. As of 2003, more than 87% of all active domains names were found to share their IP addresses (i.e. their web servers) with one or more additional domains. While IP sharing is typically transparent to ordinary users, it may cause complications for both search engine optimization and web site filtering. Solution
Forensic Analysis of a Live Linux System, Pt. 1 1. Introduction During the incident response process we often come across a situation where a compromised system wasn't powered off by a user or administrator. This is a great opportunity to acquire much valuable information, which is irretrievably lost after powering off. Sometimes the live procedure described here is the only way to acquire incident data because certain types of malicious code, such as LKM based rootkits, are loaded only to memory and don't modify any file or directory. On the other hand, methods presented below also have serious limitations and violate the primary requirement of the collection procedure for digital investigation -- a requirement which can not be easily fulfilled. Other problems arise when we plan to take legal actions and need to comply with local laws. Despite the above problem, software based methods also have advantages for forensic purposes, and I'll try to show them in this paper. 2. This article is divided into four related sections:
InternetSupervision | Website Monitoring Services