Recently I got a chance to test ZTE MF627 USB 3G modem. To be able to use ZTE MF627 3G modem in openSUSE 11.3 you need to install the usb_modeswitch program. In openSUSE 11.3 it separated in two packages :
Please make sure you install the above packages with version 1.1.3 or newer.
While doing a research I utilized goorecon.rb in BackTrack 4. Unfortunately I encountered several problems while using it to enumerate email address.
Let’s produce the problem again here. I want to enumerate all of the email addresses of domain yourbank.com using goorecon.rb :
./goorecon.rb -e yourbank.com
Can you see where the problems are ?
My latest book on information security has been published and released. The title is “Endian Firewall: Network Security”. This book is published by InfoKomputer in Indonesian language.
Recently I’ve been busy with tuning Snort IDS (Intrusion Detection System) included with OSSIM. Compare to the installation process, the tuning process is much more involved and time-consuming.
You may wonder why should you do the tuning for you IDS ? Because if you don’t tune the IDS to suit your network environment (servers, network devices, security devices) you will get a lot of events. And I really mean A LOT OF. I received more than 100,000 events each day during the days before I did the tunnng. It’s a sure thing that if you received this number of events, you will not analyze them, you may not even read them anymore. The good thing is they are all false-positive, so you can ignore them. And of course you don’t want to store those false-positive events to disk. After the tuning process, I received less than ten events per day. :D
Suricata RC1 has been released. The latest version include the following new features :
- Support for the http_headers keyword was added
- libhtp was updated to version 0.2.3
- Privilege dropping using libcap-ng is now supported
- Proper support for “pass” rules was added
- Inline mode for Windows was added
I have also updated the openSUSE RPM specfile for the latest Suricata release.
OWASP just released the latest Top 10 Web Application Security Risks for 2010. And here is the list :
- A1: Injection
- A2: Cross-Site Scripting (XSS)
- A3: Broken Authentication and Session Management
- A4: Insecure Direct Object References
- A5: Cross-Site Request Forgery (CSRF)
- A6: Security Misconfiguration
- A7: Insecure Cryptographic Storage
- A8: Failure to Restrict URL Access
- A9: Insufficient Transport Layer Protection
- A10: Unvalidated Redirects and Forwards
Recently I setup a machine for OSSIM 2.2. The installation process went smoothly. But after I reboot the machine and using Linux kernel 2.6.31 there is an error message saying that my volume group is not found and the boot process stuck.