Testing Snort 2.7.0 Beta 1

After reading a news from Snort website, I grab the latest beta version of Snort 2.7.0 beta1.
Then I build the RPM packages from it using the following command :
$ rpmbuild –with mysql -ta snort-2.7.0.beta1.tar.gz
Next, I install it to my system :
# rpm -Fvh rpms/RPMS/i586/snort-2.7.0.beta1-1.i586.rpm \ rpms/RPMS/i586/snort-mysql-2.7.0.beta1-1.i586.rpm
Preparing… [...]

Read Full Post »

Testing Snort 2.6.x

Download the latest snort tarball, then I create snort RPMS :
$ rpmbuild -tb snort-2.6.x.tar.gz –with mysql…Wrote: /home/tedi/rpms/RPMS/i586/snort-2.6.x-1.i586.rpmWrote: /home/tedi/rpms/RPMS/i586/snort-mysql-2.6.x-1.i586.rpm…
Next, I registered to Snort community to be able to download Snort rules.
Then I extract the rules and move all of the files in rules/ directory to /etc/snort/rules directory :
# mv rules/* /etc/snort/rules/
# mv /etc/snort/rules/sid-msg.map /etc/snort/
I found out [...]

Read Full Post »

SQL in Chocolate Cover

I got the following picture from Jeremiah Grossman’s blog.
I highligthed the SQL code for your easy reading.

Read Full Post »

Link : Beyond The CPU: Cheating Hardware Based RAM Forensics

Joanna Rutkowska posted a blog about “Beyond The CPU: Cheating Hardware Based RAM Forensics“.
Here is the main point of the blog :
The whole idea behind hardware based RAM acquisition is that the process of reading the memory is using Direct Memory Access (DMA) to read the physical memory. DMA, as the name suggests, does not [...]

Read Full Post »

Blog’s Template Updated

Finally, after a long and hot discussion with my friend (Ai_Zeus), I got the blog layout like I wanted. Now in the archives, we can see how many post available.
To get this layout is very easy, just update your blog template to the latest version. Last time, I forgot to update it when I updated [...]

Read Full Post »

Nessus 3.0.5

Tenable Network Security has released Nessus version 3.0.5. It fixes several “features” available in the 3.0.4 version. The fixes include :

Faster startup time, especially on laptops
Improved the performance of the SYN port scanner
Fixed a memory leak in the Mac OS X client
Vista compatibility improved
Various minor bugs fixed in the NASL engine
Better chasing of zombie processes

You [...]

Read Full Post »

0trace : A Tool to Trace Behind The Firewall

Michal Zalewski has just released a new security tool called 0trace. Here is a brief description about it :
This tool enables the user to perform hop enumeration (”traceroute”) within an established TCP connection, such as a HTTP or SMTP session.
This is opposed to sending stray packets, as traceroute-type tools usually do.
Here is the benefit of [...]

Read Full Post »

Disable Preferences Menu in Ampache 3.3.2.1

A friend of mine (you know who you are :D) asked me about how to disable preferences menu in Ampache 3.3.2.1.I thought this should be easy, there should be a config that we can turn off or turn on to set this item. Unfortunately, my thought was wrong. There is no configuration for that.
Then [...]

Read Full Post »

Compile Atheros Driver in OpenSUSE 10.x

I just bought an atheros-based card, it’s a NetGear WPN511. For this card, I can use madwifi as its driver.
At madwifi site, they also provide the RPM for OpenSUSE, but I sometime like to compile the software myself, so I can adjust it to my needs.
Without further ado, here are the steps to compile the [...]

Read Full Post »

Running IE on Linux

If you have time to spare, you may want to look at the IEs4Linux site.
You may want to ask, what is IEs4Linux. Here is the answer I took from the webpage :

IEs4Linux is the simpler way to have Microsoft Internet Explorer running on Linux (or any OS running Wine).
No clicks needed. No boring setup [...]

Read Full Post »