Featured Posts

<< >>

block ads in Mac OS X – mountail lion / lion/ snow leopard

no_ads

you can block most of the ads and pop ups from sites by blocking them in local DNS file simply open terminal and edit thisfile   $ sudo vi /private/etc/hosts

mac os x server file sharing not taking parent folder permission

The problem arises when someone other than me makes a folder in this shared directory. No one but the person who made that folder can write into it, not even

Traceroute – starwars story

trace

[root@ajay ~]# traceroute 216.81.59.173 traceroute to 216.81.59.173 (216.81.59.173), 30 hops max, 38 byte packets 1 196-47-64-59 (196.47.64.59) 0.918 ms 0.948 ms 0.652 ms 2 196-47-64-66 (196.47.64.66) 1.223 ms 2.747 ms

Install Cairo Dock – Linux Mint 16 or higher – cinnamon

dock

Cairo-Dock is a Mac OS X Dock-like application for Linux and BSD distributions that supports OpenGL and freedesktop standards. It provides a desktop interface for launching applications and accessing running

Squid – make HTTPS proxy

https

There seems to be a bit of confusion about configuring SQUID to transparently intercept SSL (read: HTTPS) connections. Some sites say it’s plain not possible: http://www.faqs.org/docs/Linux-mini/TransparentProxy.html#ss2.3 Recent development in SQUID

Dairy Queen admits Data Breach

Dairy Queen, a fast food restaurant, has confirmed that systems in a limited number of its stores have been infected by malware.  The data breach puts customers' credit card and debit card data at risk. 

Readmore at:
http://krebsonsecurity.com/2014/08/dq-breach-hq-says-no-but-would-it-know/

UPS store at 51 locations hit with Malware, Customers’ Card data at risk

UPS Store, a subsidiary of UPS, said that 51 US Stores in 24 States were hit with a malware which was not detected by current Antivirus software.

The breach puts customers who used a credit or debit card at one of the affected locations between January 20,2014 and August 11 at risk.

Customer information that may have been exposed in this breach includes names, postal addresses, email addresses and payment information.

The company hired an IT Security firm to conduct forensic investigation after receiving a notification about a "broad-based malware intrusion" from US Government.

The UPS Store said it eliminated the malware as of August 11.  The company is offering identity protection and credit card monitoring services to impacted customers.


Enable TLS/SSL ports 465 and 587 Exim – SMTP

auth smtp ssl

 

 

 

As iOS and Android devices all checking first for secure SMTP ports, it literally forced me to enable SSL / TLS ports in old exim setup.

 

anyway let’s create certificate and key files.

make a directory as below

mkdir /etc/ssl

Generate Certificate with below “simple” command.

openssl req -x509 -newkey rsa:1024 -keyout /etc/ssl/exim.key -out /etc/ssl/exim.cert -days  -nodes
 

Chnge permissions and owner so that exim can read the files.

chown mail:mail /etc/ssl/*
chmod 644 /etc/ssl/*

Now it’s time to change exim configuration to enable additional ports and specify the certificate files.

vim /etc/exim/exim.conf

enable / add these
tls_certificate = /etc/ssl/exim.cert
tls_privatekey = /etc/ssl/exim.key
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465 : 587

 

Sit tight and restart exim, let’s see

 /etc/init.d/exim restart

 

Whala! no errors, check if exim listening to ports
 netstat -tunelp

You might need to enable ports 465 and 587 in iptables to allow connections.

Whew! , life is little bit easier with this.

Hackers exploit HeartBleed vulnerability to compromise CHS


Community Health Systems (CHS) recently revealed that hackers have compromised their computer network and stolen personal information of around 4.5 million patients.


The report says the attackers have breached the CHS network in between April and July.  Mandiant, the company that did the forensic investigation found that the group responsible for the "Advanced Persistent Threat" attack is originated from China.

The compromised information includes patients names, phone numbers, Social Security Numbers and other details.

The company claims that no patient credit card, medical or clinical information has been taken.

According to TrustedSec, hackers have exploited the infamous OpenSSL "heart bleed" vulnerability to compromise the CHS network.

"Attackers were able to glean user credentials from memory on a CHS Juniper device via the heartbleed vulnerability (which was vulnerable at the time) and use them to login via a VPN." TrustedSec explained.



Android Malware ‘Krysanec’ masquerading as legitimate apps

Security Experts always recommend android users to download applications only from official Google Play store. If you are downloading apps from third-party markets, you may end up with malware on your device.

Researchers at ESET found a new piece of android malware that masquerading as legitimate android applications.

The sample ESET analyzed is detected as Android/Spy.Krysanec and found to be disguising as mobile banking application for Russian users, data usage monitoring apps.  One to them is disguised as Set Mobile security.

These modified apps is found to be containing the android version of Unrecom RAT.

The Trojan has ability to harvest various data from the infected device.  It is also capable of taking photo, recording audio,  contact list, sms and collect more information.