Month: July 2009

Categories
BackTrack Linux Security Windows

BT4 PreFinal Manual Installation to Hard Drive

Create the following volumes:

  • /dev/sda1 +64M Partition Boot Sector
  • /dev/sda2 Varies Swap
  • /dev/sda3 Varies /
  • /dev/sda4 Varies Windows (this is optional)

Format Drives

  • root@bt:~# mke2fs /dev/sda1
  • root@bt:~# mkswap /dev/sda2
  • root@bt:~# swapon /dev/sda2
  • root@bt:~# mkreiserfs /dev/sda3

Manually Copy OS Files

  • root@bt:~# mkdir /mnt/bt4
  • root@bt:~# mount /dev/sda3 /mnt/bt4/
  • root@bt:~# mkdir /mnt/bt4/boot
  • root@bt:~# mount /dev/sda1 /mnt/bt4/boot
  • root@bt:~# cp –preserve -R /{bin,dev,home,pentest,root,usr,boot,etc,lib,opt,sbin,var} /mnt/bt4/
  • root@bt:~# mkdir /mnt/bt4/{mnt,tmp,proc,sys}
  • root@bt:~# mount -t proc proc /mnt/bt4/proc
  • root@bt:~# mount -o bind /dev /mnt/bt4/dev/

Kernel BootSplash

  • root@bt:~# cd /media/cdrom0/boot
  • root@bt:~# cp –preserve -R {bootsplash,vmlinuz,initrd.gz} /mnt/bt4/boot/

Switch to Newly Created Installation

  • root@bt:~# chroot /mnt/bt4/ /bin/bash

Edit GRUB

  • root@bt:~# nano /boot/grub/menu.lst

———————————————————————————-
timeout 5 #The number of seconds GRUB should wait before booting an OS
default 0 #The entry which should be booted by default
fallback 1 #The entry which should be booted in the event of the first one failing

splashimage=(hd0,0)/grub/bt4.xpm.gz

# This is an example of using a separate partition for /boot (as in this example)
title BT4 PreFinal
root (hd0,0) # Boot Partition
kernel /vmlinuz root=/dev/sda3 rw vga=0x317 # 0x317 defines the right resolution for the monitor
initrd /initrd.gz
bootsplash

title Microsoft Windows XP Home #An entry for a Windows installation
root (hd0,3)
makeactive
chainloader +1
———————————————————————————-

Installing GRUB (When /boot resides in its own partition as in this example)

  • root@bt:~# grub
  • grub> find /grub/stage1
    (hd0,0)
  • grub> root (hd0,0)
  • grub> setup (hd0)
  • grub> quit

Note: The “root” line must point to the location of your /boot/ partition if you have one. If you do not have one, point it at your / partition.

Categories
Linux Windows

Even a stopped clock is right twice a day

Categories
Linux Passwords Security Windows

Cyber Security – Password Creation

Passwords are the most common means of authentication, but if you do not choose good passwords or keep them confidential, they are almost as ineffective as not having any password at all. Many systems and services have been successfully broken into due to the use of insecure and inadequate passwords. Some viruses and worms have exploited systems by guessing weak passwords. One good tip for creating a secure password is to use a combination of upper and lower case letters with numerals and symbols interposed that are not related to your birthday, social security number, etc. For example use “Il2pbb!” for I love to play basketball! This mnemonics device adds several layers of security ultimately decreasing your risk of becoming a victim.

Tune in next week for ways to protect your password.

Categories
Encryption Linux Passwords Windows

Linux User Commands

Every user who has access to a Linux system needs a login and a password. Each user must belong to a primary group and for security or access purposes can belong to several secondary groups.

In order to create new logins, modify or delete users, you must already be logged in as root. The root login is the highest level and only certain individuals should have access to the root account.

useradd – Adding a new user
Options:
-d home directory
-s starting program (shell)
-p password
-g (primary group assigned to the users)
-G (Other groups the user belongs to)
-m (Create the user’s home directory

Example: To add a new user with

  • a primary group of users
  • a second group mgmt
  • starting shell /bin/bash
  • password of xxxx
  • home directory of bubba
  • create home directory
  • a login name of bubba

useradd -gusers -Gmgmt -s/bin/shell -pxxxx -d/home/bubba -m bubba

usermod – Modifying existing user
Options:
-d home directory
-s starting program (shell)
-p password
-g (primary group assigned to the users)
-G (Other groups the user belongs to)

Example: To add the group ‘others’ to the user bubba

usermod -Gothers bubba

userdel – Deleting a user
Options:
-r (remove home directory)

Example: To remove the user ‘bubba’ and his home directory

userdel -r bubba

passwd – User’s Password
Options:
user’s name (Only required if you are root and want to change another user’s password)

Example: To change the password for the account you are currently logged in as…
passwdEnter existing passwordEnter new passwordEnter new password again (to validate)

Example: To change the password for the user ‘bubba’ (only you are logged in as root)…
passwd bubbaEnter existing password (can be either bubba’s password or root’s password)Enter new passwordEnter new password again (to validate)

Where user and group information stored
User names and primary groups are stored in /etc/passwd. This file can be directly edited using the ‘vi’ editor, although this is not recommended. Format of the file is…
User (name normally all lower case)
Password (encrypted – only contains the letter ‘x’)
User ID (a unique number of each user)
Primary Group ID
Comment (Normally the person’s full name)
Home directory (normally /home/
Default shell (normally /bin/bash)
Each field is separated by a colon.
Passwords for each user are stored in /etc/shadow. This file should only be changed using the passwd command.
Group information is stored in /etc/group. This file can be directly edited using the ‘vi’ editor. Format of the file is…
Group name
Group password (hardly ever used)
Group ID
User names (separated by commas)
Each field is separated by a colon.

Default files
When a new user is created, the default files and directories that are created are stored in /etc/skel.

This directory can be modified to fit your needs. Modifications only effect new users and does not change anything for existing users.

su – Switch User
To switch to another user, use the su command. This is most commonly used to switch to the root account.

Example: To switch to root account…suEnter root’s passwd
Example: To switch to the user ‘bubba’…su bubbaEnter bubba’s or root’s passwd

To return to original user, enter exit

Categories
Amazon Web Services AWS EC2 Linux PuTTY PuTTYgen SSH Windows

Connecting to AWS EC2 (Linux) Instance With PuTTY via SSH

In order to connect to an Amazon Web Services EC2 Linux instance using PuTTY over SSH you must generate a PPK file from your private key, then import the PPK to PuTTY.  PuTTY does not natively support the private key format generated by Amazon EC2, therefore PuttyGen must be used to convert keys to its internal format.

First, associate the private key (<keyname>.PEM) with the instance to which you want to connect using PuTTYgen.  Click on the Load button and browse to the location of your private key (you will probably have to change the file type to All Files (*.*)).  If all goes well you will see the message “Successfully imported foreign key. . .”

Click OK, then click Save Private Key.

Click Yes when PuTTYgen prompts you about saving the key without a passphrase.

Save the key as <keyname>.ppk.

Next launch Putty to open an SSH session and tell Putty to use that PPK file — NOT the PEM file! Expand connection, SSH, and select Auth. Click the browse button next to the Private key file for authentication: field, and select the .PPK file you just created with Puttygen.

Under category on the left go back to Session and Save the session.  Then click Open to connect.

Possible error messages with incorrect credentials.
* Putty failed: “Disconnected: No supported authentication methods available”
* Server refused our key

Keywords:

aws ssh instance

connecting to aws instance with putty

ec2 putty

how do you use putty with aws instance

access aws using putty

aws key file putty puttygen

aws putty

aws putty ppk pem

aws puttygen

connect to aws instance with putty
Categories
HTML Javascript Linux Windows Windows 2000

Display Today’s (Current) Date Dynamically in HTML Pages

The Easy Way

<script language="javascript">
<!--
document.write(Date());
-->
</script>

The easy way provides date, time and timezone information. If you want to display the date only, the following way will do that.

The Hard Way

<script language="javascript">
<!--
Today = new Date();

TodayDay = Today.getDate();
TodayMon = Today.getMonth();
TodayYear = Today.getYear();
if (TodayYear < 2000) TodayYear += 1900;

if (TodayMon == 0) { TodayMonth = "January"; }

else if (TodayMon == 1) { TodayMonth = "February"; }
else if (TodayMon == 2) { TodayMonth = "March"; }
else if (TodayMon == 3) { TodayMonth = "April"; }
else if (TodayMon == 4) { TodayMonth = "May"; }
else if (TodayMon == 5) { TodayMonth = "June"; }
else if (TodayMon == 6) { TodayMonth = "July"; }

else if (TodayMon == 7) { TodayMonth = "August"; }
else if (TodayMon == 8) { TodayMonth = "September"; }
else if (TodayMon == 9) { TodayMonth = "October"; }
else if (TodayMon == 10) { TodayMonth = "November"; }
else if (TodayMon == 11) { TodayMonth = "December"; }
else { TodayMonth = TodayMon; }

document.write(TodayMonth + " " + TodayDay + ", " + TodayYear);

-->
</script>

Categories
Apple Linux Passwords Windows Windows 2000 Windows 2003

How to recover missing, lost, or deleted files from Windows XP, Vista, Server 2003 and 2008 and Windows 7 as well as Apple Macs

Before reviewing the below recommendations and suggestions, verify that the files have actually been deleted; in some cases the files may have simply been moved. You can search the hard disk drive for the files you believe to be missing by running find or search on the computer.

Recover file from backup
If the file has been backed up to floppy disk or other medium it is recommended that the file be restored from that backup if the file cannot be found.

Restore from Recycling Bin or Trash
If you are running Apple MacOS, Microsoft Windows 95, NT, 98, 2000, ME, XP, Vista, or later operating system and the file has been recently deleted it is possible that the file may still be in the Trash or Recycle Bin. If present within this area it can be recovered.

Download freeware program and/or purchase a program
Below is a list of freeware file recovery programs that can be used freely to recover lost data.
PC Inspector File Recover
Restoration
Recuva
Undelete Plus
FreeUndelete
Photorec

In addition to the above freeware programs there are also several companies who have created programs designed to recover your lost data. For example, PowerQuest makes the utility Drive Image that in some cases can be used to recover data from a hard drive.

Utilize a service from a company that specializes in recovering lost data
Utilize the service of a local data recovery company or an out of state data recovery company. One word of caution is that these services can sometimes be very expensive. It is only recommended they be used if the data is extremely important. Below is a listing of a few major data recovery companies.
Action Front Data Recovery
CBL Data Recovery Technologies Inc.
Doctor Byte
DriveSavers Data Recovery
Lazarus Data Recovery
Ontrack
Virtual Data Recovery
Stellar Data Recovery
DataCent Professional Data Recovery

There are also several companies that specialize in the service of recovering files or documents that are password protected. Below is a listing of some of the companies that provide this service.

Passwordcrackers
Passwordservices.com
Password Recovery software

Categories
Linux Outlook Windows

How to recover emails, folders or public folders in Outlook

How to recover emails, folders or public folders in Outlook

1. Select parent folder of deleted item by clicking on to it and highlighting it.
2. Select Tools at top
3. Select Recover Deleted Item Tool
4. Right click item to restore and click restore
5. Confirm restoration

Categories
Linux Outlook Windows

Exchange 2007 OWA Virtual Directory Creation

HOW TO CREATE OWA Virtual Directory in Exchange 2007 (using MSH)
========================================================================================
New-OWAVirtualDirectory -OwaVersion:Exchange2007 -Name “owa” -WebSite “Default Web Site”

New-OWAVirtualDirectory -OwaVersion:Exchange2007 -Name “owa” -WebSite “Exchange.1701media.com”

OUTPUT:

Name Server OwaVersion
—- —— ———-
owa (Default Web Site) 1701DC01 Exchange2007

Categories
Linux Windows

Linux local content backup and rotation script

### Script by jim ballowe – content.sh can be put into
### /etc/cron.dailly on a RH linux box once complete
### and will backup to TARGET location on local filesystem

### Define variables for naming the final backup file
DATE=`date +%Y%m%d-%H%M` # Datestamp e.g 20080109-2200
DOW=`date +%A` # Day of the week e.g. Monday
DNOW=`date +%u` # Day number of the week 1 to 7 where 1 represents Monday
DOM=`date +%d` # Date of the Month e.g. 27
M=`date +%B` # Month e.g January
W=`date +%V` # Week Number e.g 37
VER=2.5 # Version Number

SOURCE=/var/www/html ### source directory being backed up
TARGET=/var/backup ### target where backups will live
AGE=15 ### number days of backup to keep

### TEST ECHO OF STRINGS
# echo Date = “$DATE”
# echo Source = “$SOURCE”
# echo Target = “$TARGET”
# echo Age = “$AGE”

### Search SOURCE for all files last modified AGE or more days ago
### executes a recursive forced (-rf) remove (rm) on those files
### The “{}” (curly braces) is placeholder for exec to use where it will put filenames
### The “;” tells exec that’s the end of the statement.
### Replace “rm -rf” with “ls -la” to get a list of all the files that would be removed
### If you want to remove files with specific names or extensions use the “-name” argument.

### USE THIS TO REMOVE FILES
find “$TARGET” -mtime +”$AGE” -type f -exec rm -rf {} ;

### USE TO TEST THE FIND LOGIC
# find “$TARGET” -mtime +”$AGE” -type f -exec ls -alh {} ;

# tar up the content in the backup directory
/bin/tar -cvf “$TARGET”/”$DATE”_cvsroot.tar “$SOURCE”

# compress the tar file
/bin/gzip -f “$TARGET”/”$DATE”_cvsroot.tar

### Once it works, create symbolic link to /root/bin/backup.sh in /etc/cron.daily
# ln -s /etc/cron.daily/backup.sh /root/bin/backup.sh

# move the tar file to another location (if necessary)
# mv /var/backup/content/”$DATE”_content.tar.gz /mnt/backup/content/”$DATE”_content.tar.gz