Search Results

Search found 37 results on 2 pages for 'stealth'.

Page 1/2 | 1 2  | Next Page >

  • Trouble getting started with the STEALTH monitoring package

    - by dlanced
    Is anyone here familiar with the Linux-based STEALTH package (for monitoring FS integrity of client systems)? I'm trying to get started with a very simple configuration, but I'm running into trouble (this is running under Ubuntu 14.04): Config line `USE BASE/root/stealth/10.0.0.79' invalid STEALTH (2.11.02) started at Fri, 30 May 2014 15:25:00 +0000 Program terminated due to non-zero exit value for -type f -exec /usr/bin/sha1sum {} \; (EOC Fri May 30 15:25:00 2014 127) Stealth is creating a binary tmp file in the Stealth server root and generating a "report" file in the start directory, but not much else. Regarding the "USE BASE...invalid" error, and just to be sure, I manually created the directories in /root, but it didn't help. And, by the way, I am running stealth with sudo. Everything seems to be configured correctly: I'm able to ssh into root@client from the stealth machine without a password Here's my "policy" file (I've removed the email directives just for simplicity): DEFINE SSHCMD /usr/bin/ssh [email protected] -T -q exec /bin/bash --noprofile DEFINE EXECSHA1 -xdev -perm +u+s,g+s ( -user root -or -group root ) \ -type f -exec /usr/bin/sha1sum {} \; USE BASE/root/stealth/10.0.0.79 USE SSH ${SSHCMD} USE DD /bin/dd USE DIFF /usr/bin/diff USE PIDFILE /var/run/stealth- USE REPORT report USE SH /bin/sh GET /usr/bin/sha1sum /root/tmp LABEL \nchecking the client's /usr/bin/find program CHECK LOG = remote/binfind /usr/bin/sha1sum /usr/bin/find LABEL \nsuid/sgid/executable files uid or gid root on the / partition CHECK LOG = remote/setuidgid /usr/bin/find / ${EXECSHA1} LABEL \nconfiguration files under /etc CHECK LOG = remote/etcfiles \ /usr/bin/find /etc -type f -not -perm /6111 \ -not -regex "/etc/(adjtime\|mtab)"\ -exec /usr/bin/sha1sum {} \; Any ideas? Thanks,

    Read the article

  • Nameserver configuration error (Stealth NS records)

    - by Saif Bechan
    Hello i have a nameserver with a primary domain configured. Now i added a second domain, I have set NS records of the second domain to use the first domain, but i get some strange error. When i do the nameserver check at SIDN, for domains in the netherlands, i sais everything is right configured: Errors=0, Warnings=0, Informational=3 ** Summary: ACCEPTED centshopper.nl. ** Full check report: primary name server "ns1.rdshosting.nl." Info: name server looks correctly configured. secondary name server "ns2.rdshosting.nl." Info: name server looks correctly configured. secondary name server "ns3.rdshosting.nl." Info: name server looks correctly configured. ** DNScheck 4.2.6, 2010/03/12 23:19:58 CET+0100 Now when i check my dns settings over at http://intodns.com/centshopper.nl i get the following 2 errors: 1) Missing nameservers reported by parent FAIL: The following nameservers are listed at your nameservers as nameservers for your domain, but are not listed at the parent nameservers (see RFC2181 5.4.1). You need to make sure that these nameservers are working.If they are not working ok, you may have problems! ns3.rdshosting.nl 2) Stealth NS records sent Stealth NS records were sent: ns3.rdshosting.nl I am running plesk icw centos. In my opinion everything is ok. Does anyone know of this error and know what the possible cause would be. I have checked the first few hits on google already, and can't come up with a working solution. On a sidenote, can anyone explain to me what GLUE is and why i am not getting any. If you have been, thanks for reading!

    Read the article

  • Apache: Stealth 404 the admin area until authenticated via basic auth, then allow access

    - by Kzqai
    Given a administrative area with urls like this: wp-admin/ wp-admin/whatever wp-admin/another-page wp-adminsecretlogin/ A standard basic-auth coverage would provide a username and password prompt on all three urls, and return a 403 on all failed auth attempts. This is a pretty obvious signal that something exists there, and thus is an invitation to script/brute force access. I would like to instead, require basic auth everywhere, but when not authenticated, not prompt for username and password, and instead return a 404 not found error for all urls except a wp-adminsecretlogin/ url. At that individual-to-the-site url, basic auth could go through, and unlock the rest of the administrative functionality (though the standard application login would still be necessary). How would I do that via apache .htaccess or .conf directives?

    Read the article

  • OS X stealth mode: where is it enacted?

    - by er4z0r
    I am working through the security guide from apple (which they did not update since Snow Leopard). In the firewall section it states that ipfw has a default allow rule: 65535 allow ip from any to any And if you enable the firewalls 'stealth mode' via the settings the following rule should be added: 33300 deny icmp from any to me in icmptypes 8 The funny thing is: I have stealth enabled and I do not see this rule when doing sudo ipfw print Any idea where stealth mode is enforced if not in the ipfw ruleset?

    Read the article

  • Detecting 'stealth' web-crawlers

    - by Jacco
    What options are there to detect web-crawlers that do not want to be detected? (I know that listing detection techniques will allow the smart stealth-crawler programmer to make a better spider, but I do not think that we will ever be able to block smart stealth-crawlers anyway, only the ones that make mistakes.) I'm not talking about the nice crawlers such as googlebot and Yahoo! Slurp. I consider a bot nice if it: identifies itself as a bot in the user agent string reads robots.txt (and obeys it) I'm talking about the bad crawlers, hiding behind common user agents, using my bandwidth and never giving me anything in return. There are some trapdoors that can be constructed updated list (thanks Chris, gs): Adding a directory only listed (marked as disallow) in the robots.txt, Adding invisible links (possibly marked as rel="nofollow"?), style="display: none;" on link or parent container placed underneath another element with higher z-index detect who doesn't understand CaPiTaLiSaTioN, detect who tries to post replies but always fail the Captcha. detect GET requests to POST-only resources detect interval between requests detect order of pages requested detect who (consistently) requests https resources over http detect who does not request image file (this in combination with a list of user-agents of known image capable browsers works surprisingly nice) Some traps would be triggered by both 'good' and 'bad' bots. you could combine those with a whitelist: It trigger a trap It request robots.txt? It doest not trigger another trap because it obeyed robots.txt One other important thing here is: Please consider blind people using a screen readers: give people a way to contact you, or solve a (non-image) Captcha to continue browsing. What methods are there to automatically detect the web crawlers trying to mask themselves as normal human visitors. Update The question is not: How do I catch every crawler. The question is: How can I maximize the chance of detecting a crawler. Some spiders are really good, and actually parse and understand html, xhtml, css javascript, VB script etc... I have no illusions: I won't be able to beat them. You would however be surprised how stupid some crawlers are. With the best example of stupidity (in my opinion) being: cast all URLs to lower case before requesting them. And then there is a whole bunch of crawlers that are just 'not good enough' to avoid the various trapdoors.

    Read the article

  • Please recommend a free stealth remote access solution for internal network

    - by Nathaniel_613
    Hi, I need to have ability to stealthfully access, view, and control a few dozen PC's on my company's network. I would need a control panel window, so I can instantly connect to any of the users. Please recommend a secure solution, that will not make us vulnerable to viruses and hackers. All of the PC's have dynamic IP addresses, so I may have to use the DNS name or have a solution that uses web. Thank you very much, Nathaniel.

    Read the article

  • What are the technial and programming requirements for writing a stealth keylogger?

    - by user970533
    I'm planning to write/code one such stealth keylogger that would bypass detection by a certain antivirus. (I don't want to name the vendor as I know how good Google queries are against StackExchange websites). I don't want to just download any keylogger from internet and try to encode it to evade detection. Writing code myself I would have the ability to make changes as I go; obscuration on both high-level and low-level language. I like control too. It seems naive but is it true that keyloggers are a thing of the past, probably because of how effective AV's have become in detecting such programs? I want some nice points on how can one easily write a robust, effective key logger preferably for a Windows environment?

    Read the article

  • Is it possible to "stealth" dual boot a machine?

    - by BrianH
    I have a loaner laptop that has MS Windows with locked down permissions. It works okay for what I need to do, but I started wondering if there was a way to install a separate Windows OS on a separate hard drive to do what I want to do on it. Virtual I wish I could use VirtualBox or VMWare, but that is not an option (I even tried VBox portable). External Drive My next trial was see if it was possible to install Windows on an external drive, and then plug that drive in and boot from it whenever I wanted my own OS. After a few Google searches, I see that is not really a possibility. Swap Primary Drive Another option, would be to get a second internal hard drive, take the existing HD out, and install a new Windows OS on the secondary HD. This would mean swapping the internal hard drive each time I want to switch OSs - doable, but not very convenient. Dual Boot The laptop has an expansion slot where a second hard drive can be plugged in quickly. I thought about Dual booting, but I don't want to mess with the MBR on the primary hard drive. When I have to give the laptop back, I don't want a dual-boot screen to popup. Summary Is there a way to have 2 hard-drives on a machine, each with it's own OS, and maybe use BIOS settings to have only 1 hard drive active at a time? That way both hard drives could be physically connected, but only one would actually be active at a time. I basically want a second OS that does not (can not) affect the existing OS in any way, and can be removed at any time without affecting the existing OS. The secondary OS does not need any of the files on the main hard drive - it's basically like having 2 separate computers using the same hard ware... Is this possible, or would it be easier just to go out and buy a different laptop? Thanks in advance! EDIT I just discovered that my BIOS allows me to pick (at startup) which hard drive I want to boot from. I poked around in the BIOS and there is not a place to disable certain devices, like the primary hard drive. My only concern about plugging in a second hard drive and installing Windows to the second hard drive is that it will mess with the primary hard drive, or add a bootloader screen to pick which windows install to use. My thought would be to physically unplug the primary, plug in the secondary and install windows to the secondary. After the install is working properly, I can plug the primary back in and use the BIOS feature to determine which drive to boot to. Is there any way after I have 2 separate installs on 2 separate hard drives that one of the installs could mess with the MBR on the other drive?

    Read the article

  • Cant access a remote server due mistake by setting firewall rule

    - by LMIT
    I need help due a my silly mistake! So for long time i have a dedicate server hosted by register.it Usually i access remotly to this server (Windows 2008 server) by Terminal Server. Today i wanted to block one site that continually send request to my server. So i was adding a new rule in the firewall (the native firewall on windows 2008 server), as i did many time, but this time, probably i was sleeping with my brain i add a general rules that stop everything! So i cant access to the server anymore, as no any users can browse the sites, nothing is working because this rule block everything. I know that is a silly mistake, no need to tell me :) so please what i can do ? The only 1 thing that my provider let me is reboot the server by his control panel, but this not help me in any way because the firewall block me again. i have administrator username and password, so what i really can do ? there are some trick some tecnique, some expert guru that can help me in this very bad situation ? UPDATE i follow the Tony suggest and i did a NMAP to check if some ports are open but look like all closed: NMAP RESULT Starting Nmap 6.00 ( http://nmap.org ) at 2012-05-29 22:32 W. Europe Daylight Time NSE: Loaded 93 scripts for scanning. NSE: Script Pre-scanning. Initiating Parallel DNS resolution of 1 host. at 22:32 Completed Parallel DNS resolution of 1 host. at 22:33, 13.00s elapsed Initiating SYN Stealth Scan at 22:33 Scanning xxx.xxx.xxx.xxx [1000 ports] SYN Stealth Scan Timing: About 29.00% done; ETC: 22:34 (0:01:16 remaining) SYN Stealth Scan Timing: About 58.00% done; ETC: 22:34 (0:00:44 remaining) Completed SYN Stealth Scan at 22:34, 104.39s elapsed (1000 total ports) Initiating Service scan at 22:34 Initiating OS detection (try #1) against xxx.xxx.xxx.xxx Retrying OS detection (try #2) against xxx.xxx.xxx.xxx Initiating Traceroute at 22:34 Completed Traceroute at 22:35, 6.27s elapsed Initiating Parallel DNS resolution of 11 hosts. at 22:35 Completed Parallel DNS resolution of 11 hosts. at 22:35, 13.00s elapsed NSE: Script scanning xxx.xxx.xxx.xxx. Initiating NSE at 22:35 Completed NSE at 22:35, 0.00s elapsed Nmap scan report for xxx.xxx.xxx.xxx Host is up. All 1000 scanned ports on xxx.xxx.xxx.xxx are filtered Too many fingerprints match this host to give specific OS details TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS 1 ... ... ... 13 ... 30 NSE: Script Post-scanning. Read data files from: D:\Program Files\Nmap OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 145.08 seconds Raw packets sent: 2116 (96.576KB) | Rcvd: 61 (4.082KB) Question: The provider locally can access by username and password ?

    Read the article

  • Configure firewall (Shorewall/UFW) to allow traffic for services on an Ubuntu Server

    - by Niklas
    I have an Ubuntu Server 11.04 x64 which I want to secure. The server will be open to Internet and I want to be able to SSH/SFTP into the machine and the SSH-server runs on a custom set port. I also want a web server accessible from the Internet. These tasks seems not to hard to perform but I also want SAMBA-shares to be accessible from within the local network and this seems to be a bit trickier. If possible I also want to be able to "stealth" the ports necessary to protect the server further but also allow the SAMBA-shares to be automatically found within the local network. I've never configured firewalls before except for a router and I always bump into a bunch of problem when doing it all by myself so I was hoping for some tips or preferably a guide on how to this. Thank you! Update: On second thought I'd could just as likely go with UFW if the same settings are achievable ("stealth" ports).

    Read the article

  • different nmap results

    - by aasasas
    Hello I have a scan on my server form outside and from inside, why results are different? [root@xxx ~]# nmap -sV -p 0-65535 localhost Starting Nmap 5.51 ( http://nmap.org ) at 2011-02-16 07:59 MSK Nmap scan report for localhost (127.0.0.1) Host is up (0.000015s latency). rDNS record for 127.0.0.1: localhost.localdomain Not shown: 65534 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 4.3 (protocol 2.0) 80/tcp open http Apache httpd 2.2.3 ((CentOS)) Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 7.99 seconds AND sh-3.2# nmap -sV -p 0-65535 xxx.com Starting Nmap 5.51 ( http://nmap.org ) at 2011-02-16 00:01 EST Warning: Unable to open interface vmnet1 -- skipping it. Warning: Unable to open interface vmnet8 -- skipping it. Stats: 0:07:49 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 36.92% done; ETC: 00:22 (0:13:21 remaining) Stats: 0:22:05 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan Service scan Timing: About 75.00% done; ETC: 00:23 (0:00:02 remaining) Nmap scan report for xxx.com (x.x.x.x) Host is up (0.22s latency). Not shown: 65528 closed ports PORT STATE SERVICE VERSION 21/tcp open tcpwrapped 22/tcp open ssh OpenSSH 4.3 (protocol 2.0) 25/tcp open tcpwrapped 80/tcp open http Apache httpd 2.2.3 ((CentOS)) 110/tcp open tcpwrapped 143/tcp open tcpwrapped 443/tcp open tcpwrapped 8080/tcp open http-proxy?

    Read the article

  • Port forwarding 443 doesn't work

    - by Interstellar_Coder
    So i'm hosting my own svn server and also have wamp running on the same machine. I have forwarded port 443 which the svn server is listening on. I can't seem to login when i simply forward the port, if i make the server a DMZ host then i can log in via https://mydomain.com, but i can't seem to figure out why simply forwarding port 443 doesn't work. Any ideas ? I checked online and it shows that port as stealth.

    Read the article

  • linux centos 5.6 someone installed irc

    - by Peter
    I need some help, my server provider contacted me to tell me my server was using 200mbit/s bandwidth. Upon investigation I found processes for a user that should not be there.. I found processes as follows: 26269 511 Nov27 ./stealth 58.22.68.253 53 775 511 Oct12 ./eggdrop -m botnick.conf I know eggdrop is IRC, my question is, where can I find out where the software has been installed for these processes?

    Read the article

  • How do I know if my firewall is on?

    - by paercebal
    I installed Firestarter, and configured my firewall. But I'm in doubt : On boot, I sometimes see a [FAIL] marker, and to the left, I guess it was something like "start firewall". I can't be sure because the message is seen for less than a second, so I wanted to know if there is a way, without starting the whole firestarter software, to know if the firewall is on and working, or not. Either a gadget, or better, some console instruction, the exact name of the firewall process/daemon, or bash script, will do. Edit: I already tested my computer with the "Shield's Up" http://www.grc.com feature, which marks my computer as "Stealth", but as I am behind a router, I'm not surprised. Still, apparently, my computer answers to pings... Strange...

    Read the article

  • Secure Open Source?

    - by opatachibueze
    I want to make a delicate application of mine (an antivirus actually) open source but I want to have a control on who really obtains the source or not. Preferably they should apply and I or administrators approve their applications. Is there any online platform for this? The main reason for the control/security is to possibly prevent malware makers to easily discover how to bypass the stealth checking methods it utilizes for malware detection. Edit: I am looking for advice - possibly to hear from someone who has done something similar. Thanks!

    Read the article

  • Minecraft program frame rate is very slow

    - by Cade
    I have recently downloaded Minecraft to Ubuntu 12.04. It launches and plays successfully, however- the frame rates for the game are extremely slow. They never go past 9 fps and usually drop below 3 fps. I have been a Windows XP user for years and have just recently switched to Ubuntu, so I'm not an expert with this OS. My video card is a Diamond Stealth s60 with Radeon 7000. I don't know what other information you guys need but if you ask for it, and would please tell me how to get to it, I will tell you as soon as I can. Thanks for your help.

    Read the article

  • Hardware upgrade: Windows 7 bluescreens, Vista loads

    - by Daniel Schaffer
    I just did a fairly significant hardware upgrade while keeping my hard disks. The old system was a dell Optiplex 745 with an Intel Core 2 duo, LGA 775. The new system is custom built, Intel i5 750. I know you're supposed to do a clean install with a hardware upgrade like this, but I'd had success in the past doing the stealth hardware upgrade like this, so I figured I'd give it a shot. Windows 7 Ultimate 64 bit gets through the loading screen and immediately blue screens and reboots. Windows Vista Home Premium 32-bit, which I have on an old hard drive from an AMD box (!!) loads up fine. I ran through the windows memory checker just to be sure, and my memory is fine. So, is the BSOD the result of some sort of protection mechanism specific to Windows 7? Is there any hope of salvaging that install?

    Read the article

  • Visible Keylogger (ie not evil)

    - by Ben Haley
    I want keylogging software on my laptop for lifelogging purposes. But the software I can find is targeted towards stealth activity. Can anyone recommend a keylogging software targeted towards personal backup. Ideal Functionality Runs publicly (like in the task bar). Easy to turn off (via keyboard shortcut is best... at least via button click) Encrypted log Fast Free Cross platform ( windows at least ) The best I have found is pykeylogger which does not attempt to be stealthy, but does not attempt to be visible either. I want a keylogger focused on transparency, speed, and security so I can safely record myself. *note: Christian has a similar question with a different emphasis

    Read the article

  • Second video card (PCI) under Windows 7

    - by dbkk101
    I'm trying to get an old PCI video card (Diamond Stealth 2500) along with a normal PCI-E video card. In BIOS, there is a setting to switch between PEG/PCI or PCI/PEG on startup (PEG is PCI-E Graphics). When I use PCI/PEG only the old PCI card works, when I use the other one, only the new PEG card works. In PEG/PCI mode, Windows 7 recognizes the card and shows it in Device Manager as Standard VGA adapter, but it shows a warning for the device ("This device cannot start. (Code 10)").

    Read the article

  • Hooking domain to home server with port

    - by user1071461
    Alright, I'm asking two things here. First of all, if i purchase a domain let's say myhomeserver.com, am I able to make the default port go through a different port instead of the default port 80? (that is without having to do myhomeserver.com:5000 for example). Also this should be without blocking other ports (so no stealth forwarding to myhomeserver.com:5000 i think) Secondly, How could I go about hooking a domain to a windows 2008 server? I've seen it on linux but no clue how to do it on windows if it's even possible. I know I'm asking a lot here, just some tips are appereciated. Also, yes I know, using a home server is horrible for security and preformance and whatnot, I understand this already, thanks ^^

    Read the article

  • Hooking domain to home server (WinServer2008) with specific port

    - by user1071461
    Alright, I'm asking two things here. First of all, if i purchase a domain let's say myhomeserver.com, am I able to make the default port go through a different port instead of the default port 80? (that is without having to do myhomeserver.com:5000 for example). Also this should be without blocking other ports (so no stealth forwarding to myhomeserver.com:5000 i think) Secondly, How could I go about hooking a domain to a windows 2008 server? I've seen it on linux but no clue how to do it on windows if it's even possible. I know I'm asking a lot here, just some tips are appereciated. Also, yes I know, using a home server is horrible for security and preformance and whatnot, I understand this already, thanks ^^

    Read the article

  • How do I make money from my FOSS while staying anonymous?

    - by user21007
    Let's say that: You have created a FOSS project that other people find useful, perhaps useful enough to donate to or pay for modifications to be done. It is a perfectly legitimate and innocuous software project. It has nothing to do with cryptography as munitions, p2p music, or anything likely to lead to a search warrant or being sued. You want your involvement to stay anonymous or pseudonymous. You would like to receive some money for your efforts, if people are willing. Is that possible, and if so, how could it be done? When I talk about anonymity, I realize that it is necessary to define the extent. I am not talking about Wikileaks style 20 layers of proxies worth of anonymity. I would expect a 3 letter agency to be able to identify the person easily. What is wanted is shielding from commercial competitors or random people, who would not be expected to be able to get the financial intermediary to divulge your details just by asking for them. Why would you want to stay anonymous? I can think of several valid reasons, maybe you operate a stealth mode startup and don't want to give your competitors clues as to the technology you are using. Maybe it is a project that has nothing to do with your daily job, is not developed there, but the company you work for has an unfair (and possibly unenforceable) policy stating that any coding you do is owned by them. Maybe you just value your privacy. For what it's worth, you intend to pay the relevant taxes in your country on any donations.

    Read the article

  • Draw "vision cone" / targetting element onto game world

    - by gkimsey
    I'm wanting to indicate various things using a "pie slice" sort of shape as below. Similar to vision cones in stealth game minimaps, or targetting indicators in RTS type games for frontal area attacks. Something generic enough to be used for both would be ideal. I need to be able to procedurally (and efficiently) change things like the slice width and length, color, transparency, position in the world, etc. For my particular situation, there's no concern with elevation, funky terrain, or really any third axis at all as far as this element is concerned. I have two first inclinations on how to accomplish this: 1) Manually generate the vertices for a main triangle, (possibly two, superimposed to get the border effect), a handful more to approximate the arc at the end, and roll it into a mesh. 2) Use some sort of 2D drawing library to create a circle and mask it off at the right angles, render to texture, and use that. For reference, I have some experience with Ogre3D, but I'm not attached to it as this is a mostly academic pursuit at the moment. Other technologies that might be better at accomplishing this are more than welcome. Finally, I'm kind of curious about how to do a "flashlight" or similar 3D effect that could produce the same result, but on all surfaces in the lit area.

    Read the article

1 2  | Next Page >