Backtrack basics: Services => VNC

Introduction When you setup the VNC server you can connect remotely with GUI access to Backtrack, for this reason, it is best to start the VNC server BEFORE you enter the GUI, that will save a little bit on resources such as RAM. The VNC server service will provide no encryption, so make sure you …

Security Weekly News 25 March 2011 – Summary

Thanks to Tadek for contributing to this security weekly news bulletin Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “If Iran got some forged certificates, it’s only because they don’t have a CA of their own. It’s considerably less hassle for most countries.” – Moxie Marlinspike (Abraham’s …

Security Weekly News 25 March 2011 – Full List

Category Index Hacking Incidents / Cybercrime Unpatched vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Mobile Security Privacy General Funny Hacking Incidents / Cybercrime   The Recent RA Compromise  [blogs.comodo.com] On March 15th 2011, a Comodo affiliate RA was compromised resulting in the fraudulent issue of 9 SSL certificates to sites in …

Backtrack basics: Networking

First Check recognised HW: # dmesg|grep eth jme: JMicron JMC2XX ethernet driver version 1.0.4 eth0: registered as PCnet/PCI II 79C970A eth1: registered as PCnet/PCI II 79C970A eth2: registered as PCnet/PCI II 79C970A Option 1 – The manual way: Static IP assignment and nework configuration: a) Sets your IP address # ifconfig eth0 192.168.0.123 b) Set …

Backtrack basics: Upgrading the proper way

NOTE: For this to work you obviously need network connectivity first! this is explained here Ok guys, finally this is the definitive guide from the Backtrack guys themselves (source): Update Back|Track Linux: apt-get update && apt-get upgrade && apt-get dist-upgrade Update Metasploit: cd /pentest/exploits/framework3 && svn update Update the Social-Engineer Toolkit (SET): cd /pentest/exploits/SET && …

Security Weekly News 18 March 2011 – Summary

Thanks to Tadek for contributing to this weekly security news bulletin Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “The media (and general community) responses on the nuke meltdown highlight human inability to contextualize risk.” – Rich Mogull “Getting a lot of enquiries lately to help orgs …

Security Weekly News 18 March 2011 – Full List

Category Index Hacking Incidents / Cybercrime Unpatched Vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Mobile Security Privacy General Funny Hacking Incidents / Cybercrime   Open Letter to RSA Customers  [www.rsa.com] Like any large company, EMC experiences and successfully repels multiple cyber attacks on its IT infrastructure every day. Recently, our security …

Security Weekly News 11 March 2011 – Summary

Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “Pwn2own breaking news: browsers still have vulnerabilities, and there still are people who know how to exploit them.” – Michal Zalewski “Just reached a company CEO on his cell to tell him that his firm’s dbase & cust. CCs …

Security Weekly News 11 March 2011 – Full List

Category Index Hacking Incidents / Cybercrime Software Updates Business Case for Security Web Technologies Network Security Database Security Mobile Security Physical Security Tools Funny Hacking Incidents / Cybercrime   Cord Blood Registry Notifies 300,000 Of Potential Data Loss  [www.darkreading.com] Backup tapes stolen from employee's car contained unencrypted data The Cord Blood Registry earlier this week …