Moving GroupWise mailboxes between post offices

The reason for this article is to illustrate the simplicity of moving user mailbox on the other post office within Novell GroupWise.

First of aware the user that the will be no access to his e-mail throughout the move.

Find the user in eDirectory (GroupWise tree) -> right click -> properties -> GroupWise tab -> disable logins.

Next step is to run GWcheck on the mailbox prior to the move to avoid situations where it gets stuck or can’t read parts of the mailbox etc.

Right-click the username -> GroupWise utilities -> Mailbox/Library Maintenance and set the flags as shown below:

You may noticed the Misc tab which allows to add additional parameters such ATTCLIP (for sorting out attachment related issues)

In the result tab CC: e-mail must be specified to see if the mailbox has been successfully checked and no errors occurred.

In the received e-mail with the logs scroll down to overview ( JOB LOG SUMMARY)

As shown above No problems were found and mailbox is ready to be moved (right-click username -> move -> select the PO)

GWCheck may need to be run few times for the results to come with no problems. (see GroupWise wiki for error codes and how to fix them)

After selecting to move the user onto another PO you can view it’s progress by selecting the destination PO -> Tools (top bar menu) -> GroupWise Utilities -> User move status:

.

Move completed.

Understanding of Novell Vibe Access Control

For confidential workspace and by recommending teaming to other users it’s important that All users part of access control remains unticked.

Understanding Default Roles for Workspaces and Folders

• Visitor – Has read-only and comment-only access.
• Participant – Can create entries and modify those entries, plus perform tasks associated with the Visitor role.
• Guest Participant – Can read entries, create entries, and add comments.
• Team Member – Has all the rights of a Participant. In addition, can generate reports and manage community tags.
• Workspace and Folder Administrators – Can create, modify, or delete workspaces or folders; moderate participation (modify or delete the entries of others); design entries and workflows; set entry-level access controls on entries of others; and can perform tasks associated with the Participant and Team Member role.
• Workspace Creator – Can create sub-workspaces. In Team Workspace Root workspaces, this role allows users to create their own team workspaces.
• Site Administrator Has all rights associated with access control. Available only to Teaming
  

SSD Windows 7 settings

Solid state drives are getting popular, just got one for a home use.

After loads of research it turns out Crucial State Drive2 64GB M4 (£80) has the best performance and value (same for 128GB,512GB). 3 years warranty.

The drives are still quite expensive so you can get it just for your windows and application and store the rest of the data on another drive.

Nonetheless, the performance of the PC is great, Windows reboots within seconds , 95 windows updates installed in under 5 minutes.

I’d advise anyone to cut down on the price of the CPU from i7 to i5 and get SSD.



Windows 7 x 64bit installation turns out to take around 23GB of space!

Here are 2 steps that helped me to severly reduce it.

1. Disable hibernation.

The best way to delete hiberfil.sys or disable hibernate:

Go to Start menu, type “cmd” open up command prompt
Type “powercfg.exe -h off” [make sure you are an Administrator]
ENTER
Type “exit”
ENTER

2. Remove file paging (if you have enough RAM)

Control Panel -> System and Maintenance -> System
On the left-hand side bar under Task -> Advanced System settings
System Properties -> Advanced tab -> Performance Settings… -> advanced tab -> Change
Uncheck “Automatically manage paging file size for all drivers”
Set it to 400MB (minimum safe I’d say)

3. Move the user folder on another drive.(Create another admin user to do this, after it can be purged)

Copy the original Default profile folder in C:\users to the new location. (by default this “Default” directory is hidden, you need to go Tools > Folder Options > View (tab) > Show Hidden files, folders, and drivers.)
Copy the original Public profile folder in C:\users to the new location. (lets say D:\ drive)
Open Registry Editor by type regedit from command line, and navigate to HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CurrentVersion\ProfileList.
Change the value of the Default, Public, Profile Directory keys to the new location accordingly.
Log off. From this point on, any new user logged in to this computer will have a new user profile that’s located in the new location.



And also:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters

EnablePrefetcher and EnableSuperFetch should be set to 0

information gathered from few web forums/blogs/own practical experience combined into one source of information.

LPIC 101 Certification Guide

1. Forget about GUI and use command like for any single task,
2. Use man pages to learn more about commands and try many options,
3. Don't rely on screenshots, go and explore config files such as /etc/lilo.conf,
4. Use few distros, test yourself extensively on both rpm and deb management,
5. Remember the paths to most important files fstab,inittab,etc..
6. Open yourself more to subject you think may be unrelated to you,
7. Don't rely on books, check the objectives on LPIC website.

Good luck!

Guide for IT Administration in 10 steps

1. Be Pro-active, Do things before they are requested by the user.
2. Perfect setup. By deploying the perfect image you will save your time and satisfy the users.
3. Ask for help. Don't hesitate to escalate the issue if you are stack. Speed is important for all businesses.
4. Don't forget. Don't forget the promises you have made and tasks you were allocated to. Keep and eye on your deadlines.
5. IT Orientation. Make sure user understand the system from day 1. Poor IT induction is the crucial part of further issues
6. Be polite. Users reactions can vary. stay cool and professional ensuring user you do all you possibly can.
7. Keep your eyes open. Look for everyday things that could be improved or automated.
8. Open your mind. If you see an improvement don't hesitate to tell your manager about it.
9. No Limits. Don't just do your job, keep interest in new aspects of IT, show you are passionate.
10. Be yourself. Assuming you are not a grumpy old man, talk to users,relax and be yourself.

Unix secondary groups - quick reference

Adding user to new/existing group:
usermod -G group user - adds user to group/multiple groups
usermod -G sales testuser - example
Append user to existing group:
usermod -a -G group user - appends user to group/multiple groups
Link to man usermod http://linux.die.net/man/8/usermod



Removing user from a group:
gpasswd (administer /etc/group)
gpasswd -d user group - removes user from group
usermod -G group user - removes all the other groups apart from specified.
link to man gpasswd http://man.he.net/man1/gpasswd

Revised Security Auditing

Security Auditing


Security auditing is not very appreciated process within any organization due to the fact that someone external is going to check already hired individuals and their skills. It may be a bit difficult to explain why security is so important and why certain mechanisms should be implemented especially for non-technical management. On the other hand some businesses can appreciate the benefits from security auditing for in result many weaknesses are identified and countered or advise on better software or hardware is given to save that organization’s money.

The mechanism for security audit is hardly ever standard due to difference of environment between companies. Techniques such as interviews, vulnerability scans and observation/analyses are steps undertaken by security auditor. Often the companies’ security policies and procedures need to be analysed not only to check if there is lack of consistency within those documents but also to base the analyses and mechanism of auditing on these policies. CAAT’s (Computer-Assigned audit Technologies) are utilities to generate system reports that store all the logs and configuration files and sometimes even monitor activities. I think that it’s very useful as the information can be very well formatted and display to an auditor without him going into specific directories/volumes or configuration files to get the information needed. Some of these tools actually have programmed patterns of for instance default configuration files which are being matched to the tested system configuration files and it flags the auditor when positive.

Considering auditor role as an investigator there are certain areas that are need to be checked for instance the way the passwords are generated or the way backups are stored often by asking all sorts of questions based on the auditors experience. I think the very important issue to observe is that some companies have got their own internal auditors/security consultant/officers which can help however to gain objective system audit an external auditor is a must. In many companies that is a way to check how the IT Department is developing and progressing. External auditor will produce the report on their achieved goals and aims for the next audit. That is normally the formal report produced few weeks after the audit takes place. Some institutions like Higher education or some government bodies have a law that impose to make sure that externals audits are up to date and consistently maintained.

John Edwards. (2008). The Essential Guide to Security Audits. Available: http://www.itsecurity.com/features/security-audit-essentials-042908/#comments.

Java Hangman game with source code

Please include me in your references if you copy any part of the code.

User Guide:


Source Code:

package hangMAN;

import java.awt.BorderLayout;
import javax.swing.*;
import java.awt.event.*;
import java.util.ArrayList;
import java.util.List;
import java.util.Random;


/**
* @author Malkor13
* ispired by System of a Down mix albums playlist
*/
public class hangman2 {


//list of hidden words.

private List wordList = new ArrayList();

// list of labels

private List labelList = new ArrayList();

// The secret word.

private String hiddenWord;

// fiel for input.

private JTextField inputLetterField;

// Frame

private JFrame frame;

// panel to display the game

private JPanel gamePanel;

// panel to dispay the label

private JPanel labelPanel;

// panel to display the lives

private JPanel livesPanel;

// Panel for cathegory

private JPanel cathegoryPanel;
//Label for cathegory

private JLabel catLabel;


// index from list for keeping track of secret hidden word.


private int previousIndex;

// lives.

private int lives;

// Label for lives.

private JLabel livesLabel;

//Main method

public static void main(String[] args) {
hangman2 hangman = new hangman2();
hangman.addWords(); // add secret words to list
hangman.getWord(); // make secret word
hangman.display(); // display game
}


// List of the premiership teams to make it easier to guess

public void addWords() {
wordList.add("manchesterunited");
wordList.add("liverpool");
wordList.add("chelsea");
wordList.add("arsenal");
wordList.add("astonvilla");
wordList.add("everton");
wordList.add("fulham");
wordList.add("westham");
wordList.add("manchestercity");
wordList.add("tottenham");
wordList.add("wigan");
wordList.add("stoke");
wordList.add("bolton");
wordList.add("portsmouth");
wordList.add("blackburn");
wordList.add("hull");
wordList.add("newcastle");
wordList.add("middlesbourgh");
wordList.add("westbrom");


}
//method for random word
public void getWord() {
Random random = new Random();
int index = random.nextInt(wordList.size());
while (index == previousIndex) {
index = random.nextInt(wordList.size());
}
hiddenWord = wordList.get(index);
previousIndex = index;
}


// gui

public void display() {
frame = new JFrame("HaNgMaN");
frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
frame.setJMenuBar(new GameBar());
gamePanel = new JPanel(new BorderLayout());
livesPanel = new JPanel();
lives = 6;
livesLabel = new JLabel(lives + " lives remaining");
livesPanel.add(livesLabel);
gamePanel.add(livesPanel, BorderLayout.WEST);
cathegoryPanel = new JPanel();
catLabel = new JLabel("Cathegory: Premiership Football Teams 2008/09");
cathegoryPanel.add(catLabel);
gamePanel.add(cathegoryPanel, BorderLayout.NORTH);


JPanel fieldPanel = new JPanel();
inputLetterField = new JTextField(1);
inputLetterField.addKeyListener(new LetterChecker());
fieldPanel.add(inputLetterField);
gamePanel.add(fieldPanel, BorderLayout.CENTER);

labelPanel = new JPanel();
setupLabels();
frame.add(gamePanel, BorderLayout.CENTER);

frame.setSize(300,150);
frame.setResizable(false);
frame.setVisible(true);
}

//lebel to display dashes
private void setupLabels() {
for (int i=0; i < hiddenWord.length(); i++) {
JLabel label = new JLabel("-");
labelList.add(label);
labelPanel.add(label);
}
gamePanel.add(labelPanel, BorderLayout.SOUTH);
}

//newgame method ,sets lives to 7 and refresh panels
private void newGame() {

lives = 6; // reset lives
livesLabel.setText(lives + " lives remaining");
livesPanel.validate(); // refresh lives panel
// remove all labels
for (JLabel label : labelList) {
labelPanel.remove(label);
}
labelPanel.validate(); // refresh label panel
gamePanel.remove(labelPanel); // remove label panel
gamePanel.validate(); // refresh game panel
labelList.clear();
getWord();
setupLabels();
frame.validate(); // refresh frame
}

//inner class for menu bar
private class GameBar extends JMenuBar {
private GameBar() {
super();
generateGameMenu();
}

//gui for menu
private void generateGameMenu() {
JMenu gameMenu = new JMenu("Game");
gameMenu.setMnemonic(KeyEvent.VK_G);
JMenuItem newGameItem = new JMenuItem(new GameAction());
newGameItem.setAccelerator(KeyStroke.getKeyStroke(KeyEvent.VK_N,
InputEvent.ALT_DOWN_MASK)); //shortcut
gameMenu.add(newGameItem);
gameMenu.addSeparator();
JMenuItem exitItem = new JMenuItem(new ExitAction());
exitItem.setAccelerator(KeyStroke.getKeyStroke(KeyEvent.VK_F4,
InputEvent.ALT_DOWN_MASK)); // shortcut ;)
gameMenu.add(exitItem);
add(gameMenu);
}

} // end inner class

//inner class for action
private class GameAction extends AbstractAction {
private GameAction() {
putValue(AbstractAction.NAME, "New");
putValue(AbstractAction.SHORT_DESCRIPTION, "New game");
putValue(AbstractAction.MNEMONIC_KEY, KeyEvent.VK_N);
}
//new game
@Override
public void actionPerformed(ActionEvent e) {
newGame();
}

} // end inner class
//inner class for another action
private class ExitAction extends AbstractAction {
private ExitAction() {
putValue(AbstractAction.NAME, "Exit");
putValue(AbstractAction.SHORT_DESCRIPTION, "Exit game");
putValue(AbstractAction.MNEMONIC_KEY, KeyEvent.VK_X);
}
//for exit
@Override
public void actionPerformed(ActionEvent e) {
System.exit(0);
}

} // end inner class


//checks user input

private class LetterChecker extends KeyAdapter {
private boolean isComplete() {
int length = 0;
for (JLabel label : labelList) {
if (label.getText().charAt(0) != '-') {
length++;
}
}
if (hiddenWord.length() != length) {
return false;
}
else {
return true;
}
}
//validate user inpit
@Override
public void keyTyped(KeyEvent e) {
char ch = e.getKeyChar(); // get input
// check if input is numeric
if (e.isAltDown() || e.isShiftDown() || Character.isDigit(ch)) {}
else {
char[] ary = new char[hiddenWord.length()];
ary = hiddenWord.toCharArray();
boolean noMatch = true; // assume incorrect input
for (int i=0; i < ary.length; i++) {
if (ch == ary[i]) {
// get label index
JLabel charLabel = labelList.get(i);
// update label
charLabel.setText(Character.toString(ch));
noMatch = false;
if (isComplete()) { // check if word is completed
//shows dialog
int option = JOptionPane.showConfirmDialog(null,
"Congratulations ! New game??",
"Gooooooooooooooooood!",
JOptionPane.OK_CANCEL_OPTION,
JOptionPane.PLAIN_MESSAGE);
if (option == JOptionPane.OK_OPTION) {
newGame();
}
}
}
}
if (noMatch) { // incorrect input
lives--; // decrement lives
// update lives label
livesLabel.setText(lives + " lives remaining");
livesPanel.validate(); // refresh lives panel
if (lives == 0) {
int option = JOptionPane.showConfirmDialog(null,
"Game over! New game?",
"Buuuuuuuuuu!",
JOptionPane.OK_CANCEL_OPTION,
JOptionPane.PLAIN_MESSAGE);
if (option == JOptionPane.OK_OPTION) {
newGame(); // restart game
}
}
else {
JOptionPane.showMessageDialog(null, "No match :-P",
"Wrong", JOptionPane.PLAIN_MESSAGE);
gamePanel.validate(); // refresh game panel
frame.validate(); // refresh window
}
}
inputLetterField.setText(""); // display only one letter
}
}

} // end inner class
}

Flex emulating sh terminal

private function keyHandler(event:KeyboardEvent):void
{
if(event.keyCode == Keyboard.ENTER){
// variable to hold user input
var command:String = userInput.text;
// variable to read from output and keep history
var history:String = console.text;
// variables to create shell like enviroment
var root:String = "root@LB:~# ";
var rootchanged:String = "root@LB:";
var i:int = 0;
// cd command (for instance cd /home)
if (command.charAt(0) == "c" && command.charAt(1) == "d"){
var words:Array = command.split(" ");
var changedcurrent:String = words[1];
console.text = history + rootchanged + changedcurrent + "#" + "\n"}
else{
//arrays that holds possbile commands and output
known.push("pwd","ls","arp","help");
answer.push("/root" ,"filezilla3","192.168.25.254 either 00:50:56:f0:87:d2 eth1","pwd, ls, arp, help");
hint.push("help");
// loop through known commands
for (i=0; i if(userInput.text == known[i]){
//displaying output
console.text = history + root + userInput.text + "\n"+ answer[i] + "\n"
}}}}}

Primitive type is to be replaced by more object-oriented approach.

LulzSec malware hoax

"IDG News Service - The LulzSec hacking group sailed off into the sunset Saturday, leaving behind a treasure trove of stolen data along with what some antivirus programs identified as a nasty surprise for anyone who downloaded the Torrent file: a Trojan horse program.

But not so fast. On Monday several antivirus vendors took a close look at the file in question and decided that the program wasn't actually harmful. Consider it an inadvertent parting prank on the security industry the hacking grew took such delight in tormenting. More Lulz for the Lulz Boat.

Early in the day, 26 of the 42 security companies whose scanning products can be tested on the VirusTotal Web site reported that a file within LulzSec's "AT&T internal data" folder was malware, designed to give hackers remote access to the victim's computer.

But by Monday night Kaspersky Lab, McAfee and Trend Micro all reported that this was incorrect. According to Roel Schouwenberg, a researcher at Kaspersky Lab, other companies are flagging the file as a Trojan because it used pirated WinRar compression software that made the file look very similar to known malicious programs. These pirated compression programs are often used to compress malicious files and "a lot of companies are quite aggressive with these detections," he said in an interview.

In its final press release, LulzSec blamed the whole thing on AT&T, warning readers not to open the file and saying, "it is malware (due to AT&T using a pirated copy of WinRar)"

The file in question has reportedly been pulled from the LulzSec torrent, but the incident added to the chaos and confusion that the LulzSec crew seemed to love leaving in its wake.

LulzSec took particular pleasure in causing trouble for security companies, especially those it saw as aiding its enemies -- such as Prolexic, a provider of denial-of-service attack mitigation services, thought to be securing Sony's networks, and Endgame Systems, a company with links to the U.S. Central Intelligence Agency. The hackers released dox -- dossiers of information including phone numbers, addresses and online profiles of the executives at these companies and their family members." By Robert McMillan
June 28, 2011 04:14 AM ET
Good article written by Robert McMillan


LulzSec did it again, by proving that such companies are not protected against an entry-level hack. For the last few weeks I gathered that using some hacks dated back to 2002 still works due to loads of unpatched web servers/DNS servers etc. Seem like LulzSec in some sense will add importance and increase the level's of security worldwide.It's a Machiavelli's way to do so and many companies,students,entry-level IT staff will suffer. As for us professionals we have to make sure that we patch and monitor our system pro-actively on regular bases.

Final thought

Shouldn't authorities learn from them?!

LulzSec - my view on security

"The hacker group LulzSec released what it said are sensitive documents from the Arizona Department of Public Safety today to protest the agency's "racial-profiling anti-immigrant" policies.

Read more: http://news.cnet.com/8301-27080_3-20073843-245/lulzsec-releases-arizona-law-enforcement-data/#ixzz1QYXsKJr8"

I don't know what to think any more. I am not supporting them , I am not against them.
There are so many companies who don't hire enough IT professionals to protect their systems/networks and there are companies that do however they can't really monitor it efficiently.

The times where we could set up firewalls and zones and then just sit back and drink coffee are passed although loads of Network/Security Officers still think they are in the dreamland. IDS,IPS,Honeypots are a must and even if implemented won't guarantee the confidentiality, integrity and availability. Most of the companies who got hacked and reported it (rare) are the victim due to a lack of updates on their systems rather than 0 day exploits. It's quite easy these day for script-kiddies to download the existing tools and pull of some attacks which is also a problem for insecure companies. The number of web severs running on the old worldpress,apache etc are so massive that without proper knowledge and just by using existing tools can be all hacked as we speak.



Apparently UK spent loads of money on cyber-crime this and coming year, how come you can't see what they are doing? Fighting face-book abuse??!

Dropbox - no authentication for 4hours?! Rainy Clouds

Just when the world start to believe and use cloud computing Dropbox addmited having issues with their authentication systems on the 20th of June where anyone could log in on any account without correct password. Another question is the lack of encryption of the sync where files can be seen in plain text.

http://www.cio.co.uk/news/3287251/dropbox-hit-by-password-failure/?olo=rss

Adobe Flex Animations +MS PowerPoint - Computer Based Training (CBT,WBT)

Computer/Web based training requires some sort of presentation component to display the main content and images to the users. Early days for development of first session were no much effective due to amount of time spent for use of adobe flash for simple animation. There was a time for analyses and new approach has been chosen.

The way new approach has been successful was to create a power point slides for each session and they have been broken down to 2,3 or 4 parts depending on the size of the session. Tool has been found to convert the created PowerPoint session into .avi video format using EM Free PowerPoint Video Converter.



After there was a need to convert that .avi format into flash .swf and Free Video to Flash Converter v 4.7.21 build 305 was found to do the job as shown below:



The output became a .swf flash video with all the PowerPoint build in animations and time frame that changes as it has been chosen using converters. Disadvantage of this method was to use Actionscript Timer class in order to trigger events.
.swf files can be easily added within flex applications.

Hidden Password vs Javascript

javascript:(function(){var%20s,F,j,f,i;%20s%20=%20%22%22;
%20F%20=%20document.forms;%20for(j=0;%20j%20{%20f%20=%20F[j];%20for%20(i=0;%20i%20{%20if%20(f[i].type.toLowerCase()%20==%20%22password%22)
%20s%20+=%20f[i].value%20+%20%22\n%22;%20}%20}%20if
%20(s)%20alert(%22Passwords%20in%20forms%20on%20this
%20page:\n\n%22%20+%20s);%20else%20alert(%22There%20are
%20no%20passwords%20in%20forms%20on%20this
%20page.%22);})();

Honeypots , HoneyBOT vs Honeyd

Honeypot is a device on the computer network designed to capture malicious traffic. It disguises itself as real production system but contains dummy information. Often located behind the firewall inside the network and it is used to learn about intruders and detect vulnerabilities. Any connections to it on strange ports may mean that they may be a vulnerability or wrong configuration on the firewall. It can also disguise itself as routers or firewalls. Honeypots are becoming leading security tools especially detecting latest tricks and exploits.

Brief Overview

HoneyBOT – brief
“Development began as a small project to capture attacks of Code Red and Nimda worms which were propagating widely on the internet “in 2001. In September 2005 they had first public release and it’s maintained by Atomic Software solutions.

HoneyBOT open a large number of listening sockets on computer where it is installed. These sockets appear open so that any attempt to connect to them or even an attempt to scan a port is logged as shown on the Figure A1. It requires windows operating system and it has its own graphical user interface therefore is quite user friendly.



Honeyd.- brief

It has been created and developed by Niels Provos who is a Principal Engineer for Google Inc. It has been released it in 2007 under GNU General Public License therefore it developed rapidly due to many people who contributed by fixing bugs and developing the code.

Honeyd is a small daemon that allows you to create virtual nodes on the network.
They can disguise themselves as any operating system or device such as router or switch. It offers wide range of functionality for instance it allows for virtual host to claim multiple addresses. It is supported on unix based operating systems with some attempts towards windows platform - even more complex to set it up.



HoneyBOT functionality.
It has very simple and straightforward options. Even thought by default it opens large number of services (1339) it allows for selection of ports to be opened as well.
It has a build in email alert function that sends a daily e-mail with all the log files.It also checks for updates and allows for anytime log export.

Honeyd Functionality.
Honeyd is far more complex in terms of functionality, it emulates different operating systems using the same fingerprint database used by nmap (nmap.prints).It also can disguised itself as routers, here’s example:

create router
set router personality "Cisco 4500-M running IOS 11.3(6) IP Plus"
add router tcp port 23 "/usr/bin/perl scripts/router-telnet.pl"
set router default tcp action reset
set router uid 2500 gid 2500 set router uptime 1736485
bind 192.168.1.150 router
Another important function is ability to run subsystems, as in above example of router there is a script that is added to the port that will creating some interaction between the system and attacker. With the large number or these so called subsystems it’s possible to create the most ‘real’ environment and log the attackers moves.
An example of outcome for telneting into above router shown below:





I believe that two tools that I have compared has many strengths and weaknesses. Starting with HoneyBOT it is very easy to install and use due to graphical user interface and very user-friendly controls, there is plenty of web based guides and support and updates provided by Atomic software solutions. The weakness is the default configuration that opens more than a thousand ports which makes it look too obvious rather than a real production server. Another disadvantage is the way the file logs are presented , without any sort of programming skills to apply some filtering it may be really time talking to go through them in order to indentify the attacker. Lastly the fact that it’s a really small application and requires an operating system to run is a huge weakness due to power consumption, cost and management.

Honeyd is quite advanced in terms of functionality, it allows to create multiple honeypots at the time and to link multiple ip addresses with one honeypot. It can disguise itself as a real production system due to subsystem functionality that enables to run perl scripts that are executed while intruder tries to connect. Additionally it can also emulate routers and actually route traffic therefore ‘disguised’ network topologies may be created .Daemon is really small and it doesn’t need a dedicated server to run, all of the above can be managed from a single configuration file which is a big advantage. The most important weakness is the complexity of advanced functions and hardly any support.

To conclude even though honeyd scored slightly less points than HoneyBOT I believe it’s a better piece of software. The scope for further development is extraordinary, the implementation of the whole spoofed networks with subsystems and routing is just great environment for detection of latest exploits etc.It has some weaknesses but in my opinion support will come as soon as people realise the potential. The developer is currently working on the new release.

GeForce 9600GT 512MB [Overclocking]

Graphics card is much more easier to overclock then a PCU.
A freeware RivaTuner does the trick.
Each card has Core clock, Shader clock and memory clock and in GeForce 9600GT for instance it's 650/1625/900.
Currently I run it at 701/1752/1000 which gives much better FPS,
RivaTuner allows for monitoring the temperature, its best not to exceed 80C, however GeForce cards can handle up to 120C!!!


My card reaches 65C under load although if i push the specs a bit higher it occasionally crashes.

To test FPS use 3DMark 11 for latest cards and 3DMark 6,7 for older ones.

Intel Core 2 Duo E4500 @ 2.2GHz to 3.25Ghz[Overclocking]

E4500 turn out to be a great when it comes to overclocking.
First of all download CPU-Z and RealTemp to monitor hardware and temperature.
Secondly download Prime95 which will allow to test the processor under 100% load also called stressing.

The best way to overclock PCU is to do so though the BIOS.
To start you can set FSB Memory clock mode to linked and increase FSB by 20-50mhz (that will decrease your ram performance for now). Load the system and prime95 and check the temperature. Here it's done @2.75Ghz





Keep increasing the FSB until the temperature start to reach 67-70C as 72C is max for this Intel processor.If you can afford get different cooler.
After stable PCU, unlinked it from memory (you can also overclock the memory a bit 20-50mhz and give a bit of vol. between 1.8-2.2 - which is max BE CAREFUL!) I run my crossair PC6400 at 1000mhz (800mhz stock) 1.95v

My E4500 is now @3.25GHz (FSB 275x11) but I have seen people with some £20 quid worth of cooling push it towards @3.6GHz.

The current 3.06Ghz CPU gets quite hot after 3H of prime95 stressing. I ignore it as even playing latest games graphics card to most of the work. PCU shouldn't be getting as hot.

www.learnbash.co.uk/learnbash.html

Final year project completed.

Project tittle : Development of an interactive computer based training that allows students to learn Bourne Again Shell (BASH) scripting language.

Main reason for the project is the lack of such products. Moreover the end product is also to help students undertaking Operating Systems module at University of East London and is expected to be used as a part of a practical sessions of that module, as well as any interested world wide web user

The application has been build using Adobe Flex Builder 4 and Actions Script 3.0.
The session were .ppt files converted into .avi and converted once more into .swf format which has been implemented in Flex.



The scope for this project is excellent and there is still plenty that is planned to achieve in the future. After all the bugs are fixed and application is stable, rest of the sessions are ready to be developed. That includes some interesting sessions such as Network Security or Firewalls where BASH would be used to automate some advanced tasks. Another crucial thing would be to expand console component not only to accepts strings as ‘cd /home/ and then while accessing ‘pwd’ to display that current directory but far more than that. A console that simulates unix text editor and allow user to write scripts and analyses them. At some point console component would have allocated disk space so that it can emulate file system and user can create, copy and move files which would be very useful in the session where the task is to move the users from one volume to another.
Moreover users could register on the website and keep record of the sessions they have completed and maintain the same emulated environment with their files etc. That will require additional disk space depending on the number of users.
Another aspect to enchant is to index the page with Google and do searching optimization tasks to make the web based training popular on the World Wide Web.
Android is gaining popularity and recently released 3.0 Honeycomb software designed especially for tablets. Tables average screen size is 10’inch and they have flash support (except Apple) therefore the application could be optimized towards tables if needed. (Geere, D. 2011)
Moreover Adobe Air package offers a possibility for converting this already made application to Adobe Air , that means that the application could be downloaded as a standalone application and run even without network connection.
New ideas for further enchantments are coming every day. There seem to be no ending.

Personal Reflections

To conclude the project has been successful even though the result is below personal expectation. Based on the users feedback there is still plenty to improve such as console component and other bits and pieces. There is still few bugs that were found during testing that need to be fixed before proceeding towards creating of more advanced sessions. Overall look of the web based training is pleasurable for the eye and attracts new users, therefore there is a big scope for future enchantments listed above. Due to some constrains there was less time for this project than expected and deadlines were really tight nonetheless successful. If there was anything that I would change with the application is better use of Action Script libraries and use classes such as event. COMPLETE rather than to start timers for each session. The attempt was made to make different way to make it work however Flex Builder version 4 has not been that stable. Time is needed for evaluation and sorting out the application component by component, which eventually will become superb.

Personal Development

Throughout the project I have learnt how to work really hard and meet my deadlines and especially how to use my time efficiently. I have learnt Bourne Again Shell scripting language, Flex syntax and ActionScript 3.0 which is a massive progress for me in such a short period of time. I have also developed the ways to think outside the box while quick research on PowerPoint and then conversion to video and then to flash. It was also very good for me to use these tools. Flex Builder 4 has been designed with the same GUI as eclipse did so it’s much easier for me now to write code in Java or PHP using eclipse after knowing all the tricks and being familiar with the interface and functions.

Sample of the code for session component.

protected function session1_clickHandler(event:MouseEvent):void
{
//clear interaction panel
interaction.removeAllElements();
// start timer and listener
var timer:Timer = new Timer(205000,1);
timer.addEventListener(TimerEvent.TIMER, ses1con1);
timer.start();
// add session .swf file to the loader.
interaction.addElement(loader);
loader.source="sessions/session1.swf";
// play mp3 for the session
snd = new Sound(new URLRequest("audio/session1.mp3"));
snd.play();

}

protected function ok1_clickHandler(event:MouseEvent):void
{
// victory mp.3 play for guessing correct answer
victory.play();
// display that correct answer was chosen
Alert.show("Correct answer! Keep it up!","Good",Alert.OK);
// clear interaction panel
interaction.removeAllElements();
interaction.addElement(loader);
// load session, sound and timer
loader.source="sessions/session1_1.swf";
snd = new Sound(new URLRequest("audio/session1_1.mp3"));
var timer2:Timer = new Timer(95000,1);
timer2.addEventListener(TimerEvent.TIMER, ses1con2);
timer2.start();
snd.play();
}


I would like to thank:

Mike Kretsis who is senior lecturer at University of East London and my project supervisor, without whose help and support throughout, this project would not have been possible.

My lovely partner Margareta for all the support and care she gave me.

All the participants who agreed and evaluated this project, even more for those who were critical.

Windows 7 god mode [old but worth to mention!]

shortcut to access various operating system control settings...quick source for navigation win 7

Create new folder and rename it to GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} and here's sample of what you get:

VmWare Server setup guide with IE8, Windows XP/7 installing Backtrack

VmWare Server setup isn't that too difficult however it may be a bit confusing for someone new to virtualization. I have created step by step guide by the end of which you should have your WM up and running.

Step 1:

Go to http://www.vmware.com/products/server/ to download the product.
You need to register and activate your account to receive a free license number.



Step 2:

After download , install VmWare Server (try to find some place to store all the data for new virtual machines, I have dedicated one partition for my testing)

After installation , click on the VmWare Server Home page icon in your 'All programs menu or desktop shortcut'. You will be warned by the browser that connection is insecure as ie can't locate appropriate certificate. Click to continue anyway. You will be prompted for user-name and password - it's your Windows administrator user-name and password.

Step 3:

Click to add virtual machine:



Step 4:

Select the name and continue:




Step 5:

Select Linux, other 32bit.



Step 6:

Allocate memory, recommended 256-512mb unless you have got 4GB+ RAM. (you may wat to run few vm's at the time)
Allocate volume space , if not sure give it around 8-10GB.



Step 7:

Accept default bridged connection.(You can leave it disconnected from the network if you plan to release any warms etc, a little bit of common sense)




Step 8:

I have selected to use my physical device as I have my os on the DVD, select ISO only when you have got ISO image.(You can edit these settings later, don't worry too much)



Step 9:

Select your CD/DVD Drive patch and don't use Floopy disk. (unless you have to?)
You should see this screen now:



You can see newly created Virtual Machine.



Step 10:

Select console tab and install the plug-in, after that restart IE8.
You would notice that you can't run VM due to the fact that browser still thinks that it's insecure.




Go to internet options - security - trusted sites and add your VM console patch as trusted , in my case that would be : https://valkyrie:8333/ui/ , When you restart the browser IE8 will still flag it as insecure however you Vm console should run:




Hope that helped. Feel free to contact me.

ITU X.800 brief overview

ITU X.800 is a security/threat model for end to end communication.
Standard consists of Planes and Layers as well as security dimensions to provide very efficient Architecture and security for end to end communication.
There are eight security dimensions addresses to network vulnerability which are listed below with brief explanation and a way of how can they be implemented:

• Access Control – as it can be understood by its name it controls the access to services such as routers, switches, firewalls etc. Implementation can be done in the configuration of such network element or host and for example linking authentication server with these elements.
• Authentication – request of proving subjects identity by for instance digital certificate.
• Non-repudiation – as far as I understand this section keeps the logs and has abilities to do some actions.
• Data Consistency – Provides for instance encryption based on our organization file classification to make sure that our sensitive data is protected.
• Communication Security – that’s security between point A and B. Uses of non-obscured protocols such as VPN so that sniffing or eavesdropping becomes very unlikely.
• Data integrity – checks that both incoming and outgoing data is correct – means for instance if we request 308kb we should receive the same size file on the destination host.
• Availability – makes sure that legitimate users have got access to all necessary network elements and application according to what they suppose to do (role).
• Privacy – provides again encryption of data as one way of implementation but also for instance Network Address Translation (NAT) to protect internal hosts and redirect all the incoming traffic to the border firewall.


Zachary Zeltsan,. (2005*). ITU/IETF Workshop on NGN

Java IpAddressLookup simple class

import java.net.*;
import java.util.*;
public class IpAddressLookup {

public static void main(String[] args) {
try
{

System.out.print("Please enter the address : ");
Scanner Sc = new Scanner(System.in);
String host= Sc.next();
InetAddress PC = InetAddress.getByName(host);

String hostname = PC.getHostName();
byte[] signed = PC.getAddress();
System.out.println("Hostname is : " + hostname);
System.out.println("Signed address is " + signed);
int unsigned;
System.out.println();
System.out.print("IP Address is : ");

for(int i=0; i {
unsigned = signed[i] < 0 ? signed[i] + 256 : signed[i];

System.out.print(unsigned + ".");
}
System.out.println();
}
catch (UnknownHostException e){
System.out.println("Can't find the IP Address or the hostname");
}}}

E-mail spoofing - brief

How easy is to spoof a e-mail address. All can be achieved by a simple PHP code accessible in many places across the internet. It often contains a html website layouts and signatures therefore it becomes even harder to detect. Most of the times it's being broadcast-ed to thousands at the time. Its a great tool to get some credentials or other personal information. It can also be used as a small clever denial of service attack depends on the target and aims.

$frm = "John@microsoft.com";
$attn1 = "Steve@bbc.co.uk";

$subject = 'Hi Steve';


$message = "
Hello x,

info,
malicious link

John \n
";
$from = "From: $frm\r\n";
mail($attn1, $subject, $message, $from);
?>

ISO 27001 (17799) - brief Overview

Security of information is essential for reliability, and perhaps even the survival of the organisation. Every IT infrastructure uses data clusters for storing the information and they are often being targeted by attackers who want to infiltrate their resources for many different reasons, quite often financial. It’s not as it use to be years ago where we had to deal with individual or group of individuals who where gaining access to classified documents for fun. Nowadays there are organisation having a proper managers and directors who hire programmers and make business by breaking into systems and stealing personal data. The security became even more important as much as complicated to fight as what we call now cybercrime.
ISO 27001/2 helps to manage a valuable resource of information and protects it.
ISO 27001/2 is the international standard that specifies requirements for information security management systems (ISMS) and it has been developed to ensure the selection of adequate and organised security measures are implemented at least at minimum level.
This helps in protecting information and give confidence to users, managers and directors of company that has implemented it. The standard process is based on the method of establishing, implementing, operating, monitoring, testing, maintaining and improving Information systems.
(Calder A., et al. Information Security Risk Management for ISO 27001/ISO 17799 ,2007)

ISO 27001 areas

• Security policy – controls the security structure with law and business requirements, it’s including two parts: information security policy document which shows overall approach and dedication of the organisation to their information security. Second part is the review of information security policy which is based on the first document and shows ongoing progress.

• Organization of information security – is quite detailed and important as it has ability to manage the information security within the company. It’s based on authorisation and accountability – rights are assigned to the job descriptions. Documents the rights for external services like auditors and provides user agreements and risk assessment for both internal and external authorities.

• Asset Classification and Control – is a set of policies which helps with protecting company assets. Provides some classification for the assets so it is obvious which information should be protected more than the other and also policies on which some assets may need to be disposed.

• Personnel Security – addresses a ways to reduce a risk based on human interactivity with the system. As nowadays we refer to code of conduct or terms and conditions of employment that are some of its implementation. It also defines rules in case of violation of its implemented policies.

• Physical and Environmental Security –as it can understood by its name controls the risk based on the premises of the organisation. All sets of health and safety tests, environmental hazards and most importantly it need to be classified so that for instance a payroll officer hasn’t got physical access to Data Centre unless his job description entitles him to. It contains a mechanism which should be triggered in case of a security breach.

• Communication and Operation Management – includes a general ability to control proper functionality of all the assets and operations. Sets of operational procedures, rules to reduce the risk in case of malicious software being detected and network management. It should also contain information about incident management and ways to evaluate the security of current state of the system.

• Access Control – it simply means user and host control. Mechanisms to register and review user accounts, define network routing and segmentation which is also a form of access control for instance you can listen to the network traffic if you are on different subnet. Its host access control is for instance implementation of connection timeouts. One of the most modern sets of policies are set towards mobile computing due to its growth over the years.

• System Development and Maintenance – addresses set of rules to make sure that appropriate security controls are implemented and maintained. Few sub components are cryptography, software integrity and development security all of which are ensuring the integrity and reviewing the development process.

• Business Continuity Management – includes set of policies in case of service interruptions, set of strategies and counteraction in case of that happening.

• Compliance – as it can be understood by its name is a set of policies in place to make sure that everything is up to some sort of standard, it includes things like Data privacy often seen on commercial websites as well as many internal documents such as intellectual property rights.

(audit-is.com.ISO 27002 (ISO 17799), 2006)