Next generation Nokia

YoLinux Tutorials

http://www.yolinux.com/TUTORIALS/

"The YoLinux site is rich with links to tutorials covering everything from installation, basic Linux, setting up a workstation, setting up a server, the Web, email, and programming. These tutorials are incisive and easy to read. With enough detail to allow the user a broader experience than just cut and paste, and an approach that's friendly to even the newest Linux user, the YoLinux Tutorials are a great place to start your Linux learning."

WormScan 1.5.4

http://www.websoup.net/wormscan/

"WormScan is a utility written in Java for the purpose of reporting attempted attacks on your Apache Web server. It was written to be able to support an unlimited number of worms. It is, however, very extendable, and can easily be configured to search and report on just about anything that can be found in your Web server's log files. The reports themselves are customizable, and can easily be modified to suit your needs. Numerous configuration options let you tweak the performance and the output."

Azz Cardfile is simple and powerful, totally customizable organizer software without predefined fields, it can be set to specific use as Recipe Software, Personal Information Manager (PIM), Address Book, Rolodex, Contact Management Software, Small Database, Organizer for Notes, References or any other items.

Dll-files.com - Everyone have sometime got a pop-up window saying: "Couldn't find ****.dll" Well folks, your problems are over! The most common dll-files that suddenly disappears will you find here! (and no, I haven't stolen them from you.) Feel free to download! (and don't forget to bookmark, never know when they disappear.)

How do you make a website skinnable?

mIRC 6.03 released. Latest version of the most popular windows IRC client is out.

KAlarm - a personal alarm/reminder message, and command, scheduler for KDE (Linux)

"KAlarm lets you set up personal alarm/reminder messages and commands via a graphical interface. The messages pop up on the screen, or the commands execute, at the time you specify. "

The Penguin's Armor Series from Lockergnome.com

If you're looking to secure your 'Net connected Linux system, you'll need to arm yourself with a few facts, first. Above all else, you should have a basic understanding of how your system interfaces with the Internet.

Linux, even in a default configuration, is capable of creating and launching many internal servers. These servers can be assigned to nearly any in a full range of ports. What are ports? I've always considered ports to be the "portal"s between your system and the 'Net. They are, in fact, software portholes to which programs can attach themselves to listen for requests for data or services. For example, the FTP service is usually found at port 21. An FTP server running on your machine may sit quietly attached to port 21, listening for requests. When one is received, it fires up, completes the request, if possible, then heads back to a listening mode. That's a serious simplification, but it serves the purpose of illustrating the purpose of a port and the interaction between these "portals" and your programs.

So, if the ports are opened in software to create communication with programs on your system, how can you tell which services are actually running at any given time? This, really, is the first step in securing your system - knowing what's open and shutting down what's not essential.

As you might expect, a simple command will tell you loads about your vulnerability. netstat is a program in Linux that reports on network connections and activity. Using the -tap options, you can construct a command in netstat that will show you all the active servers on your system:

netstat -tap | grep LISTEN

Piping the output of the netstat command through grep will allow you to filter the servers down to only the ones that are actually in the LISTEN mode, as we discussed above. The -tap options instruct netstat to return [a]ll the [t]cp connections and to display the attached programs and their [p]rocess ids. Your output will clearly vary, but will probably include many lines. Look closely at the output. If you see a line similar to this:

tcp 0 0 *:http *:* LISTEN 890/httpd

it's telling you that you have a web server [httpd] LISTENing on the *:http port (normally 80) assigned process id 890. Work your way through all the output on your machine. If you have questions about a particular service, feel free to use the man pages:

man httpd

You'll get a good description of the service, its options and use.

Are you a bit surprised after looking through the output? Did you find, for example, an ftpd process - the ftp server - that you neither use nor need? How about the other servers that netstat revealed. Are they crucial to your daily operation? If not, you've created or left an opening in your system through which you could be vulnerable.

Remember that sense of surprise and come back tomorrow, when we'll talk about some ways to start securing your system by closing down unnecessary ports."

The Penguin's Armor - Part III

So, you're a bit surprised at how many servers netstat revealed. Remember that each of those servers is attached to an open port - a hole to the Internet that anyone from script kiddies to serious crackers can crawl into. Once your machine has been compromised, the battle to lock it back down becomes a much steeper hill to climb.

Today, we'll turn off services that are unnecessary on most home machines. Remember that you're the final arbiter of what's necessary and what's not. If you have a real daily need for one of these servers, feel free to leave it on. Just understand that it's an opening into your system.

Let's run the netstat command again and look at the output:

netstat -tap | grep LISTEN

If any of the following servers are active and in LISTEN mode, you should probably shut them down:


telnetd
ftpd
named or BIND
rsh
rlogin
rcp
nfsd
lockd
statd
mountd
And, unless you're actively running a web server from home, you should also shut down any running httpd process.

One of the netstat options we gave yesterday - [p] - lists the process ID (PID) of each active server. Today, you're going to use that PID to shut down the servers you don't actually need. Monday, we'll talk about how to prevent them from starting again at your next bootup.

The last field in each line of the netstat output delivers the PID and the process to which it's attached. For instance:

tcp 0 0 *:2710 *:* LISTEN 1038/upsd

shows the ups daemon running on PID 1038:

1038/upsd

You'll only see these PIDs and programs if you're the owner. In other words, you'll want to run netstat as the root user in order to see all the information you'll need to shut down unnecessary daemons. For each unnecessary process, issue the following command:

kill PID

In other words, issue the kill command followed by the process ID number. To test, run the netstat -tap | grep LISTEN command again. The offending server should be gone. Repeat this command sequence for each server you're sure you don't need.

Now that you've shut these stray servers down for the current session, you'll need to make a few configuration modifications to prevent them from starting again at the next bootup.

Smallblueprinter.com

A website that allows you to create simple blue prints online then view them in 3D, isometrically (3D from above), walk through etc. You can also print out your blue print in landscape or portrait.

From Searchday.com:

Robotcop enforces robots.txt
http://www.robotcop.org/
http://www.searchtools.com/robots/robots-txt.html

The Robots.txt file is a cooperative way to request that crawlers and
spiders avoid certain parts of web sites. This free server module watches
for spiders which read pages disallowed in robots.txt, and blocks all
further requests from that IP address. It is particularly useful for
blocking email address harvesters, while still allowing legitimate search
engine spiders. Be sure to double-check your robots.txt file (use one or
more of the robots.txt checkers), before implementing it, and to watch
your server logs carefully. The August 2002 version (0.6) works with
Apache 1.3 on FreeBSD and Linux.

New NVIDIA detonator 40 video drivers have been released

The Problem with Proxies - David Lamo walks into the WorldCom network via a misconfigured proxy server....

"As he has with other networks, Lamo found the keys to WorldCom's kingdom in open Internet proxy servers. In normal operation, a proxy server is a dedicated machine that sits between a local network and the outside world, passing internal surfers' Web requests out to the Internet, often caching the results to speed up subsequent visits to the same URL.

But it's easy and common for administrators to inadvertently misconfigure proxy servers, allowing anyone on the Internet to channel through them. Sometimes companies and organizations even unknowingly run proxies. Hackers and privacy-conscious netizens catalog these open proxies, using them to anonymize their surfing. Lamo has perfected a different use: jumping through them to pose as a node on a company's internal network.

Using a common hacker tool called "Proxy Hunter," Lamo scanned WorldCom's corporate Internet address space, and quickly found five open proxies -- one of them hiding in plain site at wireless.wcom.com. From there, he needed only to configure his browser to use one of the proxies, and he could surf WorldCom's private network as an employee.

Once inside, he found other layers of security protecting various intranet sites from employees who might exceed their authorized access. But after a couple of months of sporadic exploring, Lamo has made substantial inroads. He can use WorldCom human resources system to list names and matching social security numbers for any or all of the company's 86,000 employees. With this information, all he needs is a birth date (he swears by anybirthday.com) and he can reset an employee's password and access his or her payroll records, including information like their salary, emergency contacts, and direct deposit instructions, complete with bank account numbers. He could even modify the employee's direct deposit bank account, and divert a paycheck to his own account, if he wanted to. "A lot of people would be willing to blow town for a couple hundred thousand dollars," says Lamo.

MORE

Practical Privacy Guide from all-nettools.com
Data Encryption
Steganography
Anonymous Surfing
Anonymous Usenet
Working with E-mail
Searching for People
IRC and Chatrooms
Secure Communications
Stealth Logging
Firewalls and Intrusion Detection
Tools of the Trade

MultiProxy is a multifunctional personal proxy server that protects your privacy while on the Internet as well as speeds up your downloads, especially if you are trying to get several files form overseas or from otherwise rather slow server. It can also completely hide your IP address by dynamically connecting to non-transparent anonymizing public proxy servers. You can also test a list of proxy servers and sort them by connection speed and level of anonimity.

MultProxy listents on port 8088 by default, so you will need to configure your browser to connect to Internet via proxy server at address 127.0.0.1 (localhost) and port 8088. You can change the port number from options dialog box. If you want other computers on your LAN (without Internet access) to connect to Internet through MultiProxy, you need to enter the actual IP address of the computer where MultiProxy has been installed (instead of 127.0.0.1). You can find out the computer's IP address by running winipcfg.exe (via Start|Run from Windows taskbar, for example).

MultiProxy is Freeware

"No-HTML plug-in for Outlook available

Among the more ostentatious security pitfalls deliberately coded into Outlook is its determination to accommodate the mighty Direct Marketing Association (DMA) spam lobby by refusing to allow users to shut off HTML (which exposes us to myriad forms of malicious code in received messages), as this would have a devastating impact on advert click-throughs for hot, wet teens, scientific studies have shown.

You can decline to send HTML messages, as any decent Netizen does; but you can't decline to receive them. No, that would be downright hostile to the spam establishment, and Microsoft knows better than tangle with one of the few industries which dwarfs it.

However, some of us now have a nifty tool called NoHTML to disable HTML displays in Outlook, thanks to Russ Cooper of NTBugtraq. In Outlook 2000, NoHTML supposedly converts HTML to RTF. In Outlook 2002, it converts HTML to plain text. Pretty neat.

In NT, 2K or XP, just install the file (a DLL) in: Documents and Settings\(user)\Application Data\Microsoft\Addins. Finish the installation as described below, re-boot, and all should be well."

MORE

Vigor2600 ADSL Router

"The DrayTek Vigor 2600 router range features highly specified ADSL routers combined with Firewall & Security facilities and packed with so many other advanced facilities not normally found in a router in this price range...

Vigor 2600 Highlights

Built-in ADSL modem - plugs directly into your ADSL-enabled line
Universal Plug'n'Play (uPnP) Compliant (feature est. approx 3Q/02)
DNS Proxy/Cache & DHCP Server
Comprehensive Firewall - with keepstate facility, DoS/DDoS protection, IP anti-spoofing and user-configurable packet-filtering.
Built-in native VPN facility with PPTP, L2TP & 3DES IPSec
LAN-to-LAN linking via ISDN, Internet or VPN with support for multiple remote private subnets via single gateway
VPN Passthrough for VPN client/server running behind the router
4-Port 10/100BaseT Ethernet Switch (with automatic uplink detection)
NAT port forwarding (For individual ports, ranges and DMZ)
Support for non-NAT public subnets (multiple public IP addresses)
LAN Side IP address ranges fully configurable
Automatic support for popular multimedia applications including Netmeeting & MSN Messenger for multiple LAN users.
SNMP & Syslog control/logging/monitoring
Dynamic DNS Posting, compatible with popular services
Easy configuration, monitoring & control from web-interface
Wireless Access Point (802.11b Ethernet) for wireless LAN (Vigor 2600We/W only)
ISDN Interface for dial-up access and backup for ADSL (Vigor2600W/X only)
Optional ADSL Microfilters available"

Not bad at all for £179

free2air.org - all things wireless.

More evil spyware...

"NEW eBlaster 3.0 - Now Records and Automatically Forwards Email!

eBlaster lets you know EXACTLY what your employees or family members are doing on the Internet, even if you are thousands of miles away.

eBlaster records their emails, chats, instant messages, web sites visited and keystrokes typed -- and then automatically sends this recorded information to your own email address.

Within seconds of them sending or receiving an email, you will receive your own copy of that email.

In addition, every 60 minutes, you receive an Activity Report of their latest chats, instant messages, keystrokes and web sites visited, plus a summary of all emails. (If you want to receive reports less frequently than once every 60 minutes, it's easy to change to once every few hours or just once a day.)"

ORDB.org is the Open Relay Database.
ORDB.org is a non-profit organisation which stores a IP-addresses of verified open SMTP relays.
These relays are, or are likely to be, used as conduits for sending unsolicited bulk email, also known as spam. By accessing this list, system administrators are allowed to choose to accept or deny email exchange with servers at these addresses.

Please note: ORDB.org does not block any email. No mail passes through ORDB servers.
Any and all blocking that occurs, takes place at the receiving system. Please do not complain to us if your email is being blocked, complain to your local postmaster, who, most likely, is the only one able to solve your problem.

Nodedb.com - International Wireless Node Database

Transport for London journey planner - excellent