tssci security

Archive for Linux

How to pwn PWN2OWN

Day one of PWN2OWN was unsuccessful, which is no big surprise. But today, I am really hoping for something -- otherwise we'll have to wait until tomorrow for the third-party clieint-side exploits. Here's a little summary I wrote a bit back on how to [...]

Quick Shell Notes

I've been doing some work lately with text files and have been using various shell command techniques to manipulate them for whatever purposes I need. This isn't a HOWTO guide as much as it is a reference for myself and others that just need something [...]

Hardware VM security: past and present

Marcin and I were talking a bit about mainframe security today. I recalled how fantastic mainframes were while he had his hands in the trenches. Yes, I know that IBM renamed MVS to z/OS (as well as other things) years ago. However, the concepts remain [...]

Day 3: ITSM Vulnerability Assessment techniques

Lesson 3: After the first few days, we've covered securing WiFi, as well as basic software assurance tools to get you started with a web browser and crawler. This is just the beginning. Part 1: Information assurance vulnerability assessment — Sandboxing [...]

Operating systems aren't any more secure than the idiot using it

So this week, we've had a roundup of posts on Apple's latest OS X release, Leopard, and the security "features" that went into it, where they fall short, and what's missing. Thomas Ptacek has a great post over at Matasano with even more insightful [...]

How to install VMware Server on Ubuntu 7.10 Gutsy Gibbon

I recently upgraded my laptop to Ubuntu 7.10 'Gutsy Gibbon' from 7.04 'Feisty Fawn' and needed to install VMware Server again. Since my previous post was very popular in helping people get VMware Server installed on Feisty, I thought I would do the same [...]

Bash Tab Completion with Similar Filenames Sucks

Add this to your .bashrc to make tab completion with bash more useful when handling multiple files with similar names: bind '"\t":menu-complete' Ctrl-D can be used to exit Bash. This can be very convenient and then again, almost too convenient. Specify [...]

Idiocy in Kernel Land

C'mon guys, what in the hell are you releasing a .1 for just to fix four lines of code. I realize that an exploit in netfilter could be a serious issue, but netfilter doesn't belong in the kernel to begin with; it should be userland code. Grrrr. This is [...]

Notes for using Burp suite on Ubuntu

I went ahead and tried to run Burp suite on my laptop running Ubuntu today. First, check the readme.txt, which says I need JRE 1.4 or later installed. marcin@thinker:~/burpsuite_v1.01$ java --fullversion java full version "gcj-1.4.2" Okay... 1.4.2, but [...]

Ubuntu and the Vi Editor

Over the course of a day, I could log in to five different systems I'm currently working on. On each I'll get a Bash or Tcsh shell and it's almost guaranteed I'll need to edit a text file at some point during the day. On my home system, my choice of [...]

Feisty VMware install

Installing VMware Server is pretty straight-forward on Ubuntu 7.04 (Feisty Fawn). Make sure you have the build-essential package and the correct linux-headers for your kernel. $ sudo apt-get install build-essential linux-headers-`uname -r` Download [...]

Kismet, ipw2200, and wireless injection

To get Kismet to run under the ipw2200 driver, simply edit /etc/kismet/kismet.conf. Here is the diff -u output: --- kismet.conf.orig    2007-04-03 13:51:29.000000000 -0700 +++ kismet.conf 2007-04-03 13:53:55.000000000 -0700 @@ -7,10 +7,10 @@ [...]

Disable wireless on bootup

While at ShmooCon, I saw a fair share of rogue ap's pretending to be shmoocon ap's. We worked to pull down these access points, but you can never be sure. To help keep yourself from getting pwned, disable wireless upon startup by commenting out your [...]

Dell and Linux - Survey

Thanks to the amount of feedback on Ideastorm, Dell is seriously considering pre-installing Linux on desktop systems. Having had the chance to play with the Core 2 Duo systems Dell puts out, I can definitely say they are pimpin'. I want one, but my main [...]

What root never told you

While in L.A. at SCALE, I attended "Admin++, What root Never Told You," by Ron Gorodetzky, sysadmin for Digg.com and Revision3. His presentation gave some insight and tidbits on the things you forget when you have your own startup, and the other problems [...]

SCALE this weekend

I'm heading out to Los Angelos for the 5th Annual Southern California Linux Expo. I'll try and post inbetween sessions (that is... whenever I can). I'll be attending these talks: Leveraging the IT Community (This talk is focused on a building a new broad [...]
blog comments powered by Disqus