Nabble - Security - Unix

Replicating the Gonzalez Cyber Attacks through Penetration Testing

2009-11-20T16:07:11Z

--------------------------------------------------------------------------------
YOU'RE INVITED: IT SECURITY ON DEMAND WEBCAST

"Replicating the Gonzalez Cyber Attacks through Penetration Testing"
Register: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez
---------------------------------------------------------------------------------

Recently, we saw the indictment of cybercrime kingpin Albert Gonzalez, one of the accused masterminds behind high-profile data breaches at Heartland Payment Systems, Hannaford Bros. Supermarkets, 7-Eleven, and TJX. Next week, Core Security Technologies will present a hands-on look at the attacks Gonzalez and his co-conspirators are believed to have used in breaching these organizations.

Leveraging the actual indictment document as a guide, Core Security senior product manager Alex Horan will use CORE IMPACT Pro penetration testing software to demonstrate the techniques by which Gonzales allegedly stole millions of credit card numbers* - showing you how to identify IT exposures in your own environment before cybercriminals do.

> Register here: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez

During the webcast, you'll see a step-by-step depiction of an attack similar to that described in the Gonzalez indictment, including the following critical stages:

* the initial web application compromise via SQL Injection
* the use of a well-known backend database command to make the attacks even
* more invasive
* the planting of malware on the backend database server
* the collection and transmission of credit card transactions to the
* attackers

Through the demonstration, you'll also learn how commercial-grade penetration testing software enables you to see your IT systems as an attacker would -- not only by determining if the kinds of issues that Gonzalez reportedly leveraged are present in your environment, but also by ...

* assessing how deployed defenses react to specific threats
* revealing what systems and data would be exposed by a breach
* depicting how chains of vulnerabilities open paths to mission-critical
* systems and information
* providing actionable data for immediately mitigating critical exposures
* repeating tests to ensure the effectiveness of remediation efforts

This webcast is ideal for anyone interested in proactively assessing their security posture against real-world cyber threats.

> Register here: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez

---------------------------------------------------------------------
To unsubscribe, e-mail: focus-unix-other-unsubscribe@...
For additional commands, e-mail: focus-unix-other-help@...

Training & jobs

2009-01-27T23:35:45Z

“Join us to make future”
FOR OPT/F-1 STUDENTS
FREE TRAINING
FOOD ACCOMODATION
H1B PROCESSING
FOR L1/ L2/ H1/ H4/ EAD/ GC
EXCELLENT OPPRTUNITIES
TRAINING
PLACEMENT
Highly Competitive offers for New H1b Transfers

About Us:
V2 technology inc is serving NJ since 2005, for us our employees are
of utmost importance. Our highly skilled and dedicated instructors
train you explicitly in market-related technologies for today and
tomorrow. We will work with you in developing marketing strategies
and finding the assignments of your choice.
We not only help you get a job but we build your long lasting
careers!!!
What are we Looking for:
Excellent communication skills.
Valid F1/ OPT/ CPT/ H1/ H4/ L1 or valid work status
(EAD, GC).
Bachelors’ degree in CS/ IT or previous IT experience.
Preferably (not mandatory) Master's Degree in Computers/
Electronics or previous IT experience.
Willing to relocate anywhere in USA.

What’s The Deal:
H1-B sponsorship to F1/ OPT/ H4/ L1/ L2/ E3/ EAD
Transfer of H1 & L1 visas.
Green Card sponsorship through PERM
Job focused professional training in
Java/ J2EE
.NET
Documentum
Share point
Oracle
Data Modeling
Relocation assistance- airfare, hotel accommodation, car rental
etc
Guarantee lowest bench period.
Employee referral program.
Effective Resume writing help, Marketing and Placement.
Technical mock interviews. Preparation of In Person Interviews

100% Guaranteed placement
Get in Touch:
write mail at jobs@v2techinc.com

Proxy List For You!

2007-10-16T10:19:45Z

NEW PROXY UPDATE EVERYDAY
http://www.boy.us.com/proxylist.php.

Fake IP Address
When you connect to a web site, it can see your IP address as the "Remote IP" or "Remote Address". When you surf through a proxy server, these fields contain the IP address of the proxy server instead of your own IP address. So the web site will see the address of the proxy instead of your actual address.But all non-anonymous proxies usually put the IP addresses of their clients (i.e. of the computers using those proxies) in either of the two following request headers (variables): "HTTP_CLIENT_IP" or "HTTP_X_FORWARDED_FOR_IP" There are no strict standards, so one proxy may be sending the IP with "Client_IP" variable and another with "X_Forwarded_For_IP".

There is not much difference between them but they are never used together - either one or the other.So, if the proxy you are using is not anonymous, the web site will be able to see you true IP address in one of these fields.Requests that are generated by anonymous servers do not have these fields (that's what makes them anonymous).The thing is that you can set A4Proxy to create these fields, and put there "fake" IP addresses (they are generated as random numbers, so they are different for each request).

As the result, the web site which you are visiting will "think" that you are visiting it through a non-anonymous proxy server (while in fact it is a truly anonymous server with an additional fake field generated by A4Proxy). Not all web sites will look for these fields (Client_IP or X_Forwarded_For_IP). However, those which do look for them will definitely be confused as the fake IP address will be different for each request.It may be a good idea to switch on one of these options (and it is not important which one).Finally, if you want a particular address to be sent to the web site in one of that field, you will need to create a modification for that field on the Browser Options tab, in addition to enabling the appropriate Simulate... option.

Re: monitoring incoming connections

2006-11-23T09:51:58Z

If you need check ftp connections remplace this line:

if (/telnet\/tcp: Connection from\s+(\S+)\s+$(\S+)$ at (\S+) (\S+)\s+(\S+) (\S+) (\S+)$/)

by this:

if (/ftp\/tcp: Connection from\s+(\S+)\s+$(\S+)$ at (\S+) (\S+)\s+(\S+) (\S+) (\S+)$/)

greetings.

mexlord wrote:

Example to monitoring incoming connections in your system. Tested in HP-UX v11.00.

# Listing IP's for Telnet connections in HP-UX
# Ricardo Pelcastre
#!/opt/perl/bin/perl

%dias = (Sun => "Dom",
Mon => "Lun",
Tue => "Mar",
Wed => "Mie",
Thu => "Jue",
Fri => "Vie",
Sat => "Sab"
);

%meses = (Jan => "Ene",
Feb => "Feb",
Mar => "Mar",
Apr => "Abr",
May => "May",
Jun => "Jun",
Jul => "Jul",
Aug => "Ago",
Sep => "Sep",
Oct => "Oct",
Nov => "Nov",
Dec => "Dic"
);

$ip=$ARGV[0];
$cmd="/usr/bin/grep \"$ip\" /var/adm/syslog/syslog.log\n";

@lineas=qx($cmd);
foreach (@lineas)
{

if (/telnet\/tcp: Connection from\s+(\S+)\s+$(\S+)$ at (\S+) (\S+)\s+(\S+) (\S+) (\S+)$/)
{
$salida=sprintf("[%s %2s %s %s] - %s => %s\n",$dias{$3},$5,$meses{$4},$6,$1,$2);
print $salida;
}

}

monitoring incoming connections

2006-11-23T09:42:45Z

Example to monitoring incoming connections in your system. Tested in HP-UX v11.00.

# Listing IP's for Telnet connections in HP-UX
# Ricardo Pelcastre
#!/opt/perl/bin/perl

%dias = (Sun => "Dom",
Mon => "Lun",
Tue => "Mar",
Wed => "Mie",
Thu => "Jue",
Fri => "Vie",
Sat => "Sab"
);

%meses = (Jan => "Ene",
Feb => "Feb",
Mar => "Mar",
Apr => "Abr",
May => "May",
Jun => "Jun",
Jul => "Jul",
Aug => "Ago",
Sep => "Sep",
Oct => "Oct",
Nov => "Nov",
Dec => "Dic"
);

$ip=$ARGV[0];
$cmd="/usr/bin/grep \"$ip\" /var/adm/syslog/syslog.log\n";

@lineas=qx($cmd);
foreach (@lineas)
{

if (/telnet\/tcp: Connection from\s+(\S+)\s+$(\S+)$ at (\S+) (\S+)\s+(\S+) (\S+) (\S+)$/)
{
$salida=sprintf("[%s %2s %s %s] - %s => %s\n",$dias{$3},$5,$meses{$4},$6,$1,$2);
print $salida;
}

}