How To Make Windows More Secure Against Buffer Overflows

Bit protectionI recently found a great tutorial on how to make Windows Vista and XP more secure. By default Windows Vista and Windows XP SP2 or above have measures to prevent buffer overflows and memory corruption. Data Execution Prevention (DEP) is one of these measures Microsoft implemented. The problem with DEP is that you need to configure it right. The video I found takes you through the process of configuring it right both for Windows Vista and XP.

Here is the tutorial. It is really worth taking a look at.

I hope you find it helpful

A Hacker’s Live CD

Today penetration testing is becoming an important procedure for companies who want their network to be secure. For this reason more and more security consultants are looking for an operating system made for penetration testing. This is where Backtrack comes in handy.

Gained access to a Windows computer through the metasploit framework

Gained access to a Windows computer through the metasploit framework on Backtrack

Backtrack 3

Backtrack is a Live CD based on Slackware. It is the result of the merger of WHAX and Auditor Security Linux which were both Live CDs made for computer security professionals. Therefore it’s no surprise that Backtrack has a huge collection with more than 300 security and forensics tools. Backtrack was made for security penetration testers and for that reason all the tools are organized according to the workflow of security professionals. The tight integration of these tools into the Live CD make hacking even easier, e.g. by entering one command you will get the latest milw0rm exploits which you could use for an attack. For more information take a look at the official Backtrack homepage.

You can download Backtrack here, it is really worth taking a look at. Tell me what think about it.


Bookmark and Share

Forward DNS Bruteforcing with Python

GlobeDNS is one of the most important protocols on the internet. If you visited a homepage like this one your computer probably used DNS. The domain name system is used to associate ip addresses with certain domains, e.g. Google’s ip address is 64.233.167.99 and it is associated with google.com. So whenever you type google.com in your browser your computer actually looks up the ip address of it and further connects to it.
Forward DNS Bruteforcing
Forward DNS bruteforcing is method which uses DNS to find out about potential services of a domain. The concept is very simple. A lot of domains now a days have subdomains in the case of Google it could be mail.google.com. Here mail is a subdomain of Google thus it needs to have a certain ip address otherwise it wouldn’t be available over the internet. So what Forward DNS bruteforcing actually does is query DNS servers for subdomains and through the response you know whether it exists or not. Let’s take a look at an example.

Example
Let’s say we want to know whether Google has a VPN service available. You could try to forward bruteforce Google by querying a DNS server for vpn.google.com. Now if it exists it has to have an ip address and we would get it through the query.

Python DNS Bruteforcing Script
Now I coded this little script in Python. It actually does the same as stated above. I am not sure whether it works under Windows since it uses the “host” command to query for domains but it should work well under Linux. When you run the script you need to provide a file and a domain. The file should be just a list of subdomain names (e.g. vpn, mail, pop etc.) which you want to forward bruteforce. The domain is obvisiously the domain you want to bruteforce. Here is the source code of the script:

#!/usr/bin/env python

import os, sys, commands

if len(sys.argv) < 3:

    print ” DNS Bruteforce lookup on the domain by”
    print ” adding the names in the file to the domain”
    print “Usage: %s <file> <host>” % sys.argv[0]
    sys.exit(0)

file = sys.argv[1]
fh = open(file, “r”).readlines()
try:

      • val = name[0:len(name)-2]
        val = name[0:len(name)-1]
        print var
        print “Shutting down application …”
        sys.exit(0)
    • if name.endswith(“\r\n”):else:

      var = commands.getoutput(“host %s.%s ” % (val, sys.argv[2]))
      if not “not found” in var:

      except KeyboardInterrupt:

  • for name in fh:


Bookmark and Share

Where To Get Great Free Linux Ebooks

Today there is so much information on the internet that you do not know where to start looking for it. The most obvious place to look for information is in search engines. There you enter your keywords and get maybe 1,000,000 web sites related to your keywords?! This is the problem with the internet and probably the main reason why ebooks emerged. Ebooks provide you with concise information about a special topic. You have to pay for most of the ebooks on the web today but there are still some great ebooks available for free, you just have to know where to get them.
Since this blog is about computer security I am going to provide you with mostly security and network related books. If you want to get other free ebooks take a look at Wowio or search Google for “free ebooks.”

Great Linux Ebook Web Site
I recently found a really great web site which has a whole lot of Linux guides (ebooks). Take a look at it. It is called The Linux Documentation Project and their main goal is to provide detailed Linux tutorials. For example if you want to learn about Linux System Administration take a look at this guide. You can choose to download them or read them online.

Another web site at which you might want to take a look at would be Astalavista. They have a whole lot of whitepapers on computer security. Furthermore there are some guides and tutorials provided by users which might interest you.

Tell me what you think about it.

Bookmark and Share

Learning Python

Our way of living has totally changed over the last years. Now a days almost everything relies somehow on computers, e.g. a clothing shop uses some kind of software to keep track of their clients. Since this is getting more popular there is a stronger need for people who are able to create such software. Because of that I am going to show you how and where you can learn about creating software, i.e. programming. In this case we will use Python as our programming language.
Why Python?
Python is an relatively new programming language compared to C and other languages. Since it is a more modern programming language it is easier to use and does not require that much in-depth understanding. Further it is good to start with because you can see, at least partly, the results of what you programmed immediately.

To get started download the latest version of Python and install it. If you are having problems with setting it up visit the links below or post your problem here and I will get back to you.
Learning Python
To be able to use a programming language you first need to get a basic understanding. For that reason I suggest you read this Python tutorial. If you want to get even more in-depth knowledge feel free to take a look at this article. After having read about Python start to program a little bit. Don’t be frustrated if your program doesn’t work right away, that’s how you actually learn how to program. We learn through mistakes.

Feel free to contact me if you have any questions

Bookmark and Share

Automated Google Hacking

Using Google To Your Advantage

Google is one of the biggest companies now a days. It provides you with so many services that no one could imagine the internet without it. Google’s search engine is what I am going to focus on in this article since that is what Google Hacking is about. The term actually refers to using Google’s search engine in an advanced way to find sensitive information. If you haven’t done any Google Hacking yet then take a look at this hacking article.

Automated Google Hacking

Since Google Hacking can be quite time consuming people from the Cult of the Dead Cow wrote a program which automates this task. It is a pretty cool tool but the bad part is that you can not send queries that often. So do NOT use the program too often or send to many queries since that may cause Google to ban you!

It is still worth taking a look at especially for administrators to scan whether their websites give away too much information. I’ve used Google Hacking myself several times and found some really really sensitive information so Google Hacking is not something you should underestimate.

Bookmark and Share

Blogger.com 6th largest source of malware

I found an interesting article. The article talks about the sources of malware. According to a research group more than half of the malicious sites available on the internet are hosted in China. The more interesting thing is that Google and Blogger.com together are the 4th biggest source of malware. Ironically enough Google is the one who reported all the sites examined in the project as malicious.

Here is the whole article.