Copyright © if not true then false. All Rights Reserved. Snowblind by Themes by bavotasan.com. Powered by WordPress.
Posts Tagged ‘ Security ’
Apache Applications Bash CentOS Coding Command line CSS Database date Fedora Firefox Gnome Google Hacked Howto HTML Java JavaScript KDE Links Linux MySQL News Perl PHP PostgreSQL PostgreSQL Partitioning Programming Programs psql Red Hat RHEL Security SQL Styles Terminal time Tips Tricks Tweets Twitter UNIX Windows XFCE Yum
Few days ago I write about shred, which work fine for old systems, like EXT2, but not so nice with journaled file systems. Modern file systems need something more robust, like dd and srm (a secure replacement for rm). Unlike the standard rm, srm overwrites and rename the files before unlinking them. This makes it very hard to recovery of the data.
Create test file:
echo "secure content" > /tmp/secure.txt
» Continue Reading "Delete files securely on Linux – Journaled file systems"
I before post ‘Twitter Hacked by Iranian Cyber Army’, but actually just Twitter DNS records was hacked. I think even twitter.com server headers and tracepath to servers simply prove this, because they are completely different normally when hacked.
Hacked twitter.com headers:
» Continue Reading "Twitter hacked? Not really, only Twitter DNS records compromised"
Twitter site is hacked by Iranian Cyber Army. Here is some screenshots and full info about page.
Screenshots
Server info and full html content
lynx -mime_header http://twitter.com
HTTP/1.1 200 OK Date: Fri, 18 Dec 2009 06:42:08 GMT Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8l DAV/2 mod_auth_passthrough/2.1 FrontPage/5.0.2.2635 Last-Modified: Fri, 18 Dec 2009 06:21:13 GMT ETag: "90c06a-717-47afabf13c840" Accept-Ranges: bytes Content-Length: 1815 Connection: close Content-Type: text/html <html> <head> <meta http-equiv="Content-Language" content="en-us"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>..:: This Web Site Has Been Hacked By Iranian Cyber Army ::.. </title> </head> <body bgcolor="#000000"> <p align="center"> </p> <p align="center"><img border="0" src="index.6.gif"><img border="0" src="index.2.gif"><img border="0" src="index.7.gif"></p> <p align="center"><img border="0" src="index.8.gif"></p> <p align="center"> <a href="mailto:iranian.cyber.army@gmail.com?subject=Mowjcamp"> <img border="0" src="index.5.gif"></a></p> <p align="center"><img border="0" src="index.3.jpg" width="43%" height="106%"></p> <p align="center"><font face="Tahoma" size="2"><b> </b></font></p> <p align="center"><b><font face="Tahoma" size="2" color="#FFFFFF"> بنام خدا<br> به عنوان یک ایرانی در پاسخ به دخالت های شیطنت آمیز این سرویس دهنده به دستور مقامات آمریکایی در امور داخلی کشورم ) <br> این سایت به عنوان هشدار هک می شود <br> </font></b></p> </body> </html>
By default almost all Apache installation shows sensitive server information with Apache version number, server operating system details, installed Apache modules, PHP-version and so on. Attackers can use this information when performing attacks.
Some examples howto check server information that Apache sends
» Continue Reading "Howto hide and modify Apache server information (ServerSignature and ServerTokens) and Hide PHP version (X-Powered-By)"Syndicate this blog
Subscribe to RSS Feed and Follow Me on Twitter.