mysql --user="root" --password="your_root_password"
CREATE USER 'new_username'@'localhost' IDENTIFIED BY 'password_for_new_username';
GRANT ALL ON *.* TO 'new_username'@'localhost'; (change for your security/access situation)
exit
Friday, July 30, 2010
MySQL error: ERROR 1045 (28000)
PROBLEM
Trying to login MySQL with a newly created user, error:
mysql -u username-p
Enter password: xxxxx
ERROR 1045 (28000): Access denied for user 'xxxxx'@'localhost' (using password: YES)
SOLUTION
Restart MySQL
( sudo /etc/init.d/mysql restart )
Trying to login MySQL with a newly created user, error:
mysql -u username-p
Enter password: xxxxx
ERROR 1045 (28000): Access denied for user 'xxxxx'@'localhost' (using password: YES)
SOLUTION
Restart MySQL
( sudo /etc/init.d/mysql restart )
RRDtool
RRDtool is the OpenSource industry standard, high performance data logging and graphing system for time series data. Use it to write your custom monitoring shell scripts or create whole applications using its Perl, Python, Ruby, TCL or PHP bindings.
http://oss.oetiker.ch/rrdtool/
http://oss.oetiker.ch/rrdtool/
The BlindElephant Web Application Fingerprinter
The BlindElephant Web Application Fingerprinter attempts to discover the version of a (known) web application by comparing static files at known locations against precomputed hashes for versions of those files in all all available releases. The technique is fast, low-bandwidth, non-invasive, generic, and highly automatable.
http://blindelephant.sourceforge.net
http://blindelephant.sourceforge.net
Wednesday, July 28, 2010
Project Razorback
Project Razorback™ is an undertaking by the Sourcefire VRT.
Razorback is a framework for an intelligence driven security solution. It consists of a Dispatcher at the core of the system, surrounded by Nuggets of varying types.
Project hosting for Razorback and the surrounding Nuggets is provided by Sourceforge. The following links will take you to the Sourceforge hosted sites.
http://labs.snort.org/razorback/
Razorback is a framework for an intelligence driven security solution. It consists of a Dispatcher at the core of the system, surrounded by Nuggets of varying types.
Project hosting for Razorback and the surrounding Nuggets is provided by Sourceforge. The following links will take you to the Sourceforge hosted sites.
http://labs.snort.org/razorback/
Tuesday, July 27, 2010
MRTG error: Creating templock /var/lock/mrtg/_xxx.cfg No such file or directory at /usr/bin/mrtg line
MRTG stopped working after restart of the server.
Error in mrtg.log:
MRTG error: Creating templock /var/lock/mrtg/_xxx.cfg No such file or directory at /usr/bin/mrtg line
SOLUTION
mkdir /var/lock/mrtg
Error in mrtg.log:
MRTG error: Creating templock /var/lock/mrtg/_xxx.cfg No such file or directory at /usr/bin/mrtg line
SOLUTION
mkdir /var/lock/mrtg
Monday, July 26, 2010
Cacti
Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices.
http://www.cacti.net
http://www.cacti.net
Shinken
Shinken is a new, Nagios compatible monitoring tool, written in Python. The main goal of Shinken is to allow users to have a fully flexible architecture for their monitoring system that can easily scale to large environments. It’s as simple as in all the marketing “cloud computing” slides, but here, it’s real!
Shinken is backwards-compatible with the Nagios configuration standard and plugins. It works on any operating system and architecture that supports Python, which includes Windows and Mac OS X/Darwin.
http://www.shinken-monitoring.org
Shinken is backwards-compatible with the Nagios configuration standard and plugins. It works on any operating system and architecture that supports Python, which includes Windows and Mac OS X/Darwin.
http://www.shinken-monitoring.org
Sunday, July 25, 2010
NSClient++
NSClient++ aims to be a simple yet powerful and secure monitoring daemon for Windows operating systems. It is built for Nagios, but nothing in the daemon is actually Nagios specific and could probably, with little or no change, be integrated into any monitoring software that supports running user tools for polling.
http://nsclient.org
http://nsclient.org
MySQL Control Center
MySQL Control Center is an excellent GUI front end for MySQL database creation and administration. It allows multiple concurrent MySQL server connections, MDI (or not under Linux), stored login credentials, point and click dump file imports and more.
http://sourceforge.net/projects/mysqlcc/
http://sourceforge.net/projects/mysqlcc/
Saturday, July 24, 2010
Change keyoboard layout Debian Linux
After installing OSSIM I disovered that they keyboard layout was qwerty and I needed azerty. Using the command below will help you to change to a different layout:
dpkg-reconfigure console-data
dpkg-reconfigure console-data
FreeTDS
FreeTDS is a set of libraries for Unix and Linux that allows your programs to natively talk to Microsoft SQL Server and Sybase databases.
http://www.freetds.org
http://www.freetds.org
Lynx - text based browser (Linux)
Lynx is a text-only Web browser for use on cursor-addressable character cell terminals. It is released as Free software under the GNU General Public License. Supported protocols are Gopher, HTTP, HTTPS, FTP, WAIS, and NNTP.
Installation instructions:
sudo apt-get install lynx

http://lynx.isc.org
Installation instructions:
sudo apt-get install lynx

http://lynx.isc.org
PsGetsid
PsGetsid allows you to translate SIDs to their display name and vice versa. It works on builtin accounts, domain accounts, and local accounts.
http://technet.microsoft.com/en-us/sysinternals/bb897417.aspx
http://technet.microsoft.com/en-us/sysinternals/bb897417.aspx
Thursday, July 22, 2010
Eggdrop
Eggdrop is the world's most popular open source Internet Relay Chat (IRC) bot. Originally created by Robey Pointer in December 1993 for use on a channel called #gayteen, it has spawned an almost cult like following of users. It is a feature rich program designed to be easily used and expanded upon (using Tcl scripting) by both novice and advanced IRC users on a variety of hardware and software platforms.
http://www.eggheads.org
http://www.eggheads.org
Security event manager (SEM)
A security event manager (SEM) is a computerized tool used on enterprise data networks to centralize the storage and interpretation of logs, or events, generated by other software running on the network.
Click here for more information @ Wikipedia
Click here for more information @ Wikipedia
iSCSI
In computing, iSCSI (pronounced /aɪˈskʌzi/ "eye-scuzzy"), is an abbreviation of Internet Small Computer System Interface, an Internet Protocol (IP)-based storage networking standard for linking data storage facilities. By carrying SCSI commands over IP networks, iSCSI is used to facilitate data transfers over intranets and to manage storage over long distances. iSCSI can be used to transmit data over local area networks (LANs), wide area networks (WANs), or the Internet and can enable location-independent data storage and retrieval. The protocol allows clients (called initiators) to send SCSI commands (CDBs) to SCSI storage devices (targets) on remote servers. It is a popular storage area network (SAN) protocol, allowing organizations to consolidate storage into data center storage arrays while providing hosts (such as database and web servers) with the illusion of locally-attached disks. Unlike traditional Fibre Channel, which requires special-purpose cabling, iSCSI can be run over long distances using existing network infrastructure.
Click here to read more @ Wikipedia
Click here to read more @ Wikipedia
LUN
In computer storage, a logical unit number or LUN is the identifier of a SCSI logical unit, and by extension of a Fibre Channel or iSCSI logical unit. A logical unit is a SCSI protocol entity which performs classic storage operations such as read and write. Each SCSI target provides one or more logical units. A logical unit typically corresponds to a storage volume and is represented within a computer operating system as a device.
Click here for more info @ Wikipedia
Click here for more info @ Wikipedia
Wednesday, July 21, 2010
FirePlotter
FirePlotter is a real-time session monitor for your firewall. FirePlotter, simply shows you the traffic that is flowing through your internet connection moment to moment - in real-time. FirePlotter can also be described as a firewall vizualization tool, or a bandwidth analyzer or a connection monitor for your Cisco ASA/PIX firewall or FortiNet FortiGate firewall. FirePlotter can replay all the session data it collects.
http://www.fireplotter.com
http://www.fireplotter.com
Tobi Oetiker's MRTG - The Multi Router Traffic Grapher
You have a router, you want to know what it does all day long? Then MRTG is for you. It will monitor SNMP network devices and draw pretty pictures showing how much traffic has passed through each interface.
http://oss.oetiker.ch/mrtg
http://oss.oetiker.ch/mrtg
Simple Network Management Protocol (SNMP)
Simple Network Management Protocol (SNMP) is a UDP-based network protocol. It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention. SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF). It consists of a set of standards for network management, including an application layer protocol, a database schema, and a set of data objects.
SNMP exposes management data in the form of variables on the managed systems, which describe the system configuration. These variables can then be queried (and sometimes set) by managing applications.
Click here for more information @ Wikipedia
SNMP exposes management data in the form of variables on the managed systems, which describe the system configuration. These variables can then be queried (and sometimes set) by managing applications.
Click here for more information @ Wikipedia
SEC - simple event correlator
SEC is an open source and platform independent event correlation tool that was designed to fill the gap between commercial event correlation systems and homegrown solutions that usually comprise a few simple shell scripts. SEC accepts input from regular files, named pipes, and standard input, and can thus be employed as an event correlator for any application that is able to write its output events to a file stream. The SEC configuration is stored in text files as rules, each rule specifying an event matching condition, an action list, and optionally a Boolean expression whose truth value decides whether the rule can be applied at a given moment. Regular expressions, Perl subroutines, etc. are used for defining event matching conditions. SEC can produce output events by executing user-specified shell scripts or programs (e.g., snmptrap or mail), by writing messages to pipes or files, and by various other means.
http://simple-evcorr.sourceforge.net
http://simple-evcorr.sourceforge.net
Sunday, July 18, 2010
Burp Scanner
Burp Scanner is a tool for performing automated discovery of security vulnerabilities in web applications. It is designed to be used by penetration testers, and to fit in closely with your existing techniques and methodologies for performing manual and semi-automated penetration tests of web applications.
http://portswigger.net/scanner/
http://portswigger.net/scanner/
DenyHosts
DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).
http://denyhosts.sourceforge.net
http://denyhosts.sourceforge.net
Install Ubuntu security updates from command line
You can install Ubuntu (security updates) from command line by typing:
sudo apt-get dist-upgrade
(dist-upgrade, in addition to performing the function of upgrade, also intelligently handles changing dependencies with new versions of packages)
OR
sudo apt-get upgrade
(upgrade is used to install the newest versions of all packages currently installed on the system)
sudo apt-get dist-upgrade
(dist-upgrade, in addition to performing the function of upgrade, also intelligently handles changing dependencies with new versions of packages)
OR
sudo apt-get upgrade
(upgrade is used to install the newest versions of all packages currently installed on the system)
Subscribe to:
Posts (Atom)