Featured Posts

<< >>

block ads in Mac OS X – mountail lion / lion/ snow leopard

no_ads

you can block most of the ads and pop ups from sites by blocking them in local DNS file simply open terminal and edit thisfile   $ sudo vi /private/etc/hosts

mac os x server file sharing not taking parent folder permission

The problem arises when someone other than me makes a folder in this shared directory. No one but the person who made that folder can write into it, not even

Traceroute – starwars story

trace

[root@ajay ~]# traceroute 216.81.59.173 traceroute to 216.81.59.173 (216.81.59.173), 30 hops max, 38 byte packets 1 196-47-64-59 (196.47.64.59) 0.918 ms 0.948 ms 0.652 ms 2 196-47-64-66 (196.47.64.66) 1.223 ms 2.747 ms

merge directories in Linux

newrsynclogo

To merge one folder to another : you can use rsync to do a incremental copy of source folder to destination Try something like this as root: # rsync -av

Squid https transparent proxy setup with SSL

squid-transparent

Squid https transparent proxy setup with SSL Let’s understand first how squid proxy works in transparent mode. While setting up squid as a transparent proxy we can forward the entire

define fully deligated subdomains in single zone file – bind

bind

This is very helpful when you need to add MX records for a sub domain, Instead of adding a separate zone file, you can add a virtual sub domain in zone file of the main domain.

 

with named

In named services you can add sub domains as below, here is my zone file

; zone fragment for ajayadas.com
; name servers in the same zone
$TTL 14400
$ORIGIN ajayadas.com.
ajayadas.com. IN     SOA   ns1.ajayadas.com. root.ajayadas.com. (
               2014072400 ; serial number
               2h         ; refresh =  2 hours 
               15M        ; update retry = 15 minutes
               3W12h      ; expiry = 3 weeks + 12 hours
               2h20M      ; minimum = 2 hours + 20 minutes
               )

; mail server for main domain
; will support email with addresses of the format 
; user@ajayadas.com

              IN      MX 10  mail.ajayadas.com.

; mail server for subdomain 'india'
; will support email with addresses of the format 
; user@india.example.com

india            IN      MX 10  mail.india.ajayadas.com.

; A record for main mail server above 

mail          IN      A      192.168.1.1


; other domain level hosts and services

; sub-domain definitions

$ORIGIN india.ajayadas.com.

; A record for subdomain mail server

mail          IN      A      10.10.0.29

; the record above could have been written as 
; mail.india.ajayadas.com. A 10.10.0.29 if it's less confusing
; other subdomain definitions as required 

New variant of Android Ransomware ‘SimpLocker’ spotted


A New variant of the Android Ransomware known as 'SimpLocker' has been spotted by Security researchers at ESET.

This new variant has a few significant improvements including the language in which the fake warning message is written, it is now in English rather than Russian.

The malware is masquerading as a flash player for the Android and tricks users into installing it with administrator privileges .

Once the device is infected, it will show a ransom message saying that your device is locked because you were doing illegal things and demands you to pay around $300.

One of the variant attaches the photo of the victim taken by the front camera in the ransom message.  This trick will definitely scare victims into paying the ransom.

One of the worst features added to this variant is now it encrypts the compressed files such as ZIP, RAR and 7ZIP.  It means even your backup files are being encrypted by this trojan.

ESET has released a tool to decrypt the files that have been encrypted by Simplocker.  The say prevention is better than cure, so better focus on prevention - Be careful while installing apps from unknown sources.

Cyber Security & Privacy Foundation certifies Security Products


Cyber Security and Privacy Foundation(CSPF) has certified a few security products after extensive testing.

CSPF has selected Avast Antivirus and ESET Nod32 as best anti virus products which is suitable for Indian environment.

"DiskCryptor" in disk encryption category, "React OS" in operating system category, 'Zemana' and 'Keyscrambler' in Anti keylogger category, "IronWASP" in Web Application pentesting tool category have all been certified by the CSPF.

We asked the founder of CSPF  Mr. J. Prasanna if CSPF will certify any other products in the future and on what basis these tools were chosen for testing? He said "We will only certify tools after they have been extensively tested for the Indian market, we do not take any funding or sponsorships from companies that own these products."

"We were recently approached by some other companies to test their products, but we discovered that many of them do not even pass the eligibility criteria."
 
We at EHN hope that CSPF will test many such products in the future and thus enable the public make better decisions about the softwares they run in their computers.

Indexeus.org website hacked by Pernicious Developers 2014

A day after Security blogger Brian Krebs published an article entitled "Even Script Kids Have a Right to Be Forgotten", hackers breached the Indexeus website(indexeus.org)

Yesterday, Krebs wrote an article about "Indexeus" which is a new search engine containing database of stolen user names and passwords from more than 100 data breaches.

According to KrebsOnSecurity, the database contained stolen credentials from the recent Yahoo and Adobe breaches.


The site also contained databases of few hacker forums that have been hacked. It seems to have ticked off many hackers.  Today, the website was defaced by hacker group Pernicious Developers.

"This is the Original Pernicious Developers, we're still here. Even if you don't know which version of the group who did this." The defacement message reads.  At the time of writing, the website shows a blank page. 

Owner of the Indexeus has replied in one of the threads in HackForums about the hack:



Mirror:
http://www.zone-h.org/mirror/id/22702440

*Update:
The hacker group have provided a screenshot that shows they uploaded a backdoor shell to the affected website.


Kronos: A new Banking Trojan for sale in Underground forums

Researchers from Trusteer have discovered a new Banking Trojan dubbed as "Kronos" which is being sold in the Underground forum.

The malware is being sold for $7,000 and the cyber criminals are offering one week test for the price of $1,000 with full access to the command and control server without any limitation.

Similar to other banking Trojans, this new malware also capable of doing form grabbing and HTML Injection.

Kronos has user-mode rootkit(ring3) capabilities that will help this trojan to defend itself from other pieces of malware, will work in both 32bit and 64 bit Operating systems.

It is also designed to evade antivirus software and bypass Sandbox. The malware use encryption to communicate with the C&C server.

Trusteer said it has not yet analyzed the malware sample in order to validate the seller’s claims, all the information provided are based on the advertisement in the underground forum.