Tuesday, June 29, 2010

Encrypting the Backup...

 

By now many of you might have come to know about the importance of backing up the data.To make the backed up data much more secure we have to encrypt the data so that,those who know the password can only check the data.
If you have ssl installed on your system, you can use it to encrypt your backup.

echo "your_key" > /tmp/.key

to save your data =>

tar cvf - files_to_save | openssl enc -des3 -salt -pass file:/tmp/.key >/dev/rmt0

to restore your data =>

openssl enc -d -des3 -pass file:/tmp/.key </dev/rmt0 | tar xvf -

NOTE:DON'T FORGET THE /tmp/.key file WHEN YOU ARE DONE WITH IT.!!!!

Where,
    * /dev/rmt0 : Tape device name.
    * openssl : The OpenSSL toolkit command line utility.
    * tar : The tar archiving utility.
    * des3 : Triple-DES Cipher (Triple DES is the common name for the Triple Data Encryption Algorithm).
    * -salt : The -salt option should ALWAYS be used if the key is being derived from a password unless you want compatibility with previous versions of OpenSSL and SSLeay. Without the -salt option it is possible to perform efficient dictionary attacks on the password and to attack stream cipher encrypted data. The reason for this is that without the salt the same password always generates the same encryption key. When the salt is being used the first eight bytes of the encrypted data are reserved for the salt: it is generated at random when encrypting a file and read from the encrypted file when it is decrypted. (source enc man page)

Saturday, June 26, 2010

Changing Wordpress admin link to whatever you like.

 

Every one might have heard about wordpress and those who have hosted their site using wordpress t will know that the default admin login link is given as wp-admin. So once the intruder gets the login page then he can try any tricks to crack into your hosted site.So for security purposes its better to hide ur admin login link so that it will be difficult for anyone to get find it…

This is how it is done…..

Locate your .htaccess file and edit it in the following way:

Edit your .htaccess file and add the following lines:

######################
RewriteEngine On
RewriteBase /
##### ABOVE THIS POINT IS ALREADY INSERTED BY WORD PRESS
##### Michi’s code is BELOW #####
RewriteCond %{REQUEST_URI} wp-admin/
RewriteCond %{QUERY_STRING} !YOURSECRETWORDHERE
RewriteRule .*\.php [F,L]
RewriteCond %{QUERY_STRING} !YOURSECRETWORDHERE
RewriteRule ^ADMINFOLDER/(.*) wp-admin/$1?%{QUERY_STRING}&YOURSECRETWORDHERE [L]
##### Dejavu’s code is ABOVE #####
##### BELOW THIS POINT IS ALREADY INSERTED BY WORD PRESS
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
#####################

Additional info:
* Change YOURSECRETWORDHERE to something else. It can be any word you want. Just make sure it’s unique and somewhat long. Make it, like, your pets name or something random. Read this post to understand why this matters.
* Change ADMINFOLDER to the new folder name you want. Letters, numbers, underscores, and dashes only. That ^ in front of it is on purpose. Don’t delete that.

 

Now your blog is a bit more secure than before….ENjoy..!!!!!!!!!!!

Thursday, June 24, 2010

Virtual Box –folders sharing-Permission problem.

 

While sharing folders between host and a virtual machine using Virtual box, Sometimes you may face the problem that after a folder is shared to the virtual machine from host machine you don't find execute permissions on the files shared and if you try to set the execute permissions with chmod command that don't work.

Here is an ugly way to make that work, if you are good at coding then you can  edit the vboxvfs kernel module (the joys of open source!).

NOTE: Do the steps at ur own risk..!!!

How to:
1. mount the VBoxGuestAdditions.iso (e.g. /media/cdrom0)
2. mkdir vbox && cd vbox && /media/cdrom0/VBoxLinuxAdditions.run --tar -xf
3. edit module/vboxvfs/utils.c, change line 96 "mode |= mode_set (IXUSR);" to "mode |= S_IXUSR;" (note addition of "S_" prefix... basically, always set executable flag)
4. sudo ./install.sh vfs-module
5. cd .. && rm -rf vbox

This sets the executable flag in the guest only (mode 700) for all shared files — the host still always gets mode 500 for newly created files. Hopefully a dev can make a proper fix. (slight improvement: set executable on new file creation, and keep file permissions in sync otherwise so non-executables in the host don't show up as executable in the guest)

But at least this lets you to do some development within a shared directory...

Tuesday, June 22, 2010

Sharing files between Guest and Host machines in Virtual Box.

 

If you are using VMware as your virtualization software you will be able to copy files directly from the host to the guest OS, and vice versa. But unfortunately this feature does not exist in Virtual Box. Not yet at least.

However, there is a very easy way you can share files between the host and guest when using Virtual Box – using Shared Folders.

First you have to create folder in your Windows host. For example, create a folder on your desktop called “myshared“.

Then start your Ubuntu VM. After you get to the desktop, press the right-Ctrl button so that your mouse pointer can move outside the Ubuntu desktop. From the menubar, go to Devices-> Shared Folders. After that click the Add New Shared Folder button and then browse to the folder you created earlier (myshared). Make sure you tick the “Make Permanent” checkbox.

shared folder

 

After you have added the folder, click OK and return back to your Ubuntu desktop. Then create a folder in Ubuntu which will be used as the shared folder on the guest OS. For example, create a folder called “SharedItems” on your desktop.

Then open a new Terminal window (Applications -> Accessories -> Terminal) and execute the following command:

sudo mount -t vboxsf myshared Desktop/SharedItems

The text in red is the name of the shared folder in the Windows host and the text in blue is the directory path of the shared folder on the Ubuntu guest.

Once you’ve done that, you can now share files between the two OSs by simply placing files in the folders.

 

EnJoy..!!!!!!!!!!!!!!!!

Sunday, June 20, 2010

The way to Multibooting: VMware & VirtualBox & MS Virtual PC

 

This is all for those who try many operating systems at the same time... and those who want to test a dose of the newly released operating system...with out making any changes to your Master Boot Record or to your current system...

1) You don't need to worry about partitioning if you are not aware of it. Here you can specify any of your harddisk drives for the purpose of storage for the other operating systems... The guest operating systems will use the free space available in the windows without harming anything to your files...

2) You don't specifically need the installation cd/dvd of the operating system... an image file in .iso format will also do the same...

3) You can create the files in the guest and can restrict the amount of HDD occupied by them...

4) You can allocate no: of processors for the guest operating system out your dual/quad core processor...

4) You can specify the amount of RAM for the guest since this ...

so a lot of freedom and customization... no risks of careless partitioning....

For more details you can refer through these websites:

http://www.vmware.com/products/workstation/

http://www.virtualbox.org/

http://www.microsoft.com/windows/virtual-pc/default.aspx

Friday, June 11, 2010

Softwares to Break BIOS Password:

 

Softwares to Break BIOS Password:

If your system boots but the BIOS password is still in place, there are several programs you can load that are designed to crack the passwords or clear them altogether. The encryption on BIOS passwords is not very complex. Following are links to a few of these free programs:

1. CmosPwd 4.8
http://www.softpedia.com/get/Security/Decrypting-Decoding/CmosPwd.shtml
Article source: faq.programmerworld.net

Wednesday, June 9, 2010

Break BIOS Password for Laptop :

 

Remember that laptops can be trickier, especially if it's a newer model. If it has a security chip on the motherboard forget about it. You either have to physically remove the chip or contact the mfg for the "master" password. If you can boot up off of a cd or floppy try any of these methods:

1. Create a Win98SE bootable media "or anything that lets you boot into MS-DOS" and boot off of it.
2. When the A:\> prompt appears type debug and press enter.
3. You will then only see a "-".
4. Type o 70 2E "include the spaces" and press Enter.
5. Type o 71 ff "include the spaces" and press Enter.
6. Type q and press Enter.
7. Here are a list of common mfg backdoor passwords
* AWARD BIOS
AWARD SW, AWARD_SW, Award SW, AWARD PW, _award, awkward, J64, j256, j262, j332, j322, 01322222, 589589, 589721, 595595, 598598, HLT, SER, SKY_FOX, aLLy, aLLY, Condo, CONCAT, TTPTHA, aPAf, HLT, KDD, ZBAAACA, ZAAADA, ZJAAADC,
* AMI BIOS
AMI, A.M.I., AMI SW, AMI_SW, BIOS, PASSWORD, HEWITT RAND, Oder

Monday, June 7, 2010

How to Break a BIOS Password?

 

Methods of breaking password for Desktop PC and for laptop is quite different. We would explain each.

Break BIOS Password for Desktop :
If it's a desktop PC, erasing the cmos memory will usually clear it.

Steps:

1. Power off the computer and make sure that it is unplugged.
2. Open up your computer case. You need physical access to the motherboard to complete this procedure.
3. Find a circular, (mostly) silver metallic object on the motherboard. This is the CMOS battery.
4. CAREFULLY remove the CMOS battery and leave it out for about 120- 180 seconds. This will flush the CMOS memory which stores the BIOS password and all other configuration. (See Warnings)
5. Set the battery back into place and power on the computer.
6. The computer should then warn you that the CMOS configuration could not be found. You can either reconfigure it yourself or restore defaults. Restoring the default configuration should be fine.
7. You will notice that the BIOS password has been cleared and you can boot without it. You may reset the BIOS password to something else by going into the BIOS configuration and setting a new User Password.

Alternate Method: (More Difficult)

Remove a jumper: There's a jumper on your motherboard that you'll need to identify and remove. Most motherboards make your job easier by actually labeling the correct jumper as "BIOS config" or something similar. (it looks like a small plastic thingy on 2 pins with 1 pin beside it, within a 1" of the battery). If you're having trouble looking for it, look in the motherboard manual.After you have found it, carefully pull straight up on it, and place it on the 2-3 pins(it was on the 1-2 pins). With the battery removed and the jumper moved, turn the computer on, and check to see if you can get into the bios. If you are able to, turn the computer off, put the jumper back on pins 1-2, and put the battery back in. Lastly put the case together and you are done.

Note: Don't forget to configure the BIOS (if you know how) after this process. If you you don't know how, just hold the "delete" button when starting your PC and when the blue screen appears, find the load safe defaults settings and press:

* ENTER button
* Y button
* F10 button

Thursday, June 3, 2010

Adding SWAP space to your machine.

Procedure to add a swap file :

CHECK How much swap space u r having on ur machine... using "free" command and if u find ur swap is low then add a swap file to ur machine...

You need to use dd command to create swap file. Next you need to use mkswap command to set up a Linux swap area on a device or in a file.

1) Login as the root user

2) Type following command to create 512MB swap file (1024 * 512MB = 524288 block size):
# dd if=/dev/zero of=/swapfile1 bs=1024 count=524288

3) Set up a Linux swap area:
# mkswap /swapfile1

4) Activate /swapfile1 swap space immediately:
# swapon /swapfile1

5) To activate /swapfile1 after Linux system reboot, add entry to /etc/fstab file. Open this file using text editor such as vi:
# vi /etc/fstab

Append following line:
/swapfile1 swap swap defaults 0 0

So next time Linux comes up after reboot, it enables the new swap file for you automatically.

6) How do I verify swap is activated or not?
Simply use free command:
$ free -m

 
Things You Should Know About Linux !!!