The Misadventures of Penoi

1. Download and untar funplug(i have problems with 0.4 version cause there's no dropbear.sh in the package file)

http://www.inreto.de/dns323/fun-plug/0.3/funplug-0.3.tar.gz

2. Copy fun_plug and fun_plug.tar into Volume_1 of Dlink DNS-323

3. Restart Dlink DNS-323

4. Telnet to your DNS 323

#cd /mnt/HD_a2/fun_plug.d/start


#sh dropbear.sh start

5. Set your root account

#echo "root::0:0:99999:7:::" >>/etc/shadow
#passwd root

6. Test first your ssh access with the new password

7. Store your root password

#/mnt/HD_a2/fun_plug.d/bin/store-passwd.sh

8. Configure your dropbear.sh and rsyncd.sh to start at bootup

#chmod a+x dropbear.sh

#chmod a+x rsyncd.sh

9. Disable insecure telnet

#chmod a-x telnetd.sh

10. Restart your DNS-323

Tired of unorganized ssh putty sessions and don't have the budget for SecureCRT??? Use PuttyTabs!!! PuttyTabs is a utility use to organize your ssh on tabs. It has its own docking window that you can hide in your desktop.

Installing Security Auditor's Research Assistant(SARA) in backtrack linux 

Install tcsh. Perl needs the csh shell to execute SARA
#wget http://mirror.muntinternet.net/pub/slackware/slackware_source/a/tcsh/tcsh-6.15.00.tar.bz2
#bunzip2 tcsh-6.15.00.tar.bz2
#tar xvf tcsh-6.15.00.tar
#cd tcsh-6.15.00
#./configure
#make
#make install
#ln -sf /usr/local/bin/tcsh /bin/csh

Download and install SARA
#wget http://www-arc.com/sara/downloads/sara-7.5.2.tgz
#tar xvzf sara-7.5.2.tgz
#cd sara-7.5.2
#./configure
#make
#make install

Add sara user
./add_user

Scan a host
./sara -a4 <ip.address>

Run SARA in daemon mode
./sara -D

Now browse to http://localhost:666

my 30 days lab access ended last February for the security course that im attending. Im still waiting for a May slot and extend another 30 days access. For the meantime, im struggling to learn perl and python programming needed in some of the course lab exercises.

SEO Poisoning Attacks 

"Online fraudsters have continued to expand their efforts this week to inject iframe attacks into the optimized search results of major Web sites.

The attack abuses a common practice among Web sites -- caching search queries -- an activity designed to boost their rankings among major search engines, such as Google, according to security researcher Dancho Danchev. The attackers inject common search terms and an iframe script designed to send victims to other sites hosting malicious code. The search term and iframe redirect get cached in search engines such as Google."

Its Holy Week again!!! Time to pray and to ask forgiveness for our sins. Nakakalungkot isipin, pero  kapag narinig natin ang word Holy week, ang unang pumapasok sa isip natin ay BAKASYON, BEACH at HIKING.

So saan ako ngayong Lenten Season??? sa bahay lang, kasama ang buong pamilya at buong araw ko lang kukulitin ang aking mga pamangkin :)

March 11, 2008 -- A new chapter in the legendary career of multi-Platinum rockers JOURNEY--Neal Schon (guitar), Jonathan Cain (keyboards), Ross Valory (bass), Deen Castronovo (drums) and Arnel Pineda (vocals)—will begin on June 3 with the highly anticipated release of REVELATION, a three-disc CD and DVD package to be sold exclusively at Wal-Mart stores in North America.

The first disc will consist of 11 re-recorded classics, the second is filled with 11 new songs, and the third is a live, in-concert DVD. All of the music on REVELATION was produced by Kevin Shirley (who previously worked with JOURNEY on their Platinum-certified TRIAL BY FIRE album).
JOURNEY will take REVELATION on the U.S. concert trail later this July, with details to be announced in the coming weeks.

taken from journeymusic.com

My officemate created a Xen Windows 2003 server virtual machine on one server. The virtual machine supposedly was configured to eat up 30GB of hard disk space but unknowingly it goes up to 85 Gb which eats up all of hd space and cause my server to hang.

I have to restart and fix all of MySQL table crashes. Here's a simple script that i created that will help me monitor my server's harddisk and mysql crash

*************************************************************************************************

#!/bin/sh
#check harddisk space
date > serverhealth.log
echo "******** Disk Space **********" >> serverhealth.log
df -h >> serverhealth.log
echo "********Check Eventum database ***********" >> serverhealth.log
#check Mysql datase for errors
mysqlcheck -umysqluser -ppassword mysqldatabase >> serverhealth.log

SUBJECT=`hostname`" Automated Server Health Alert"

TO="admin@admin.com"

mail -s "$SUBJECT" "$TO" < /root/serverhealth.log
**************************************************************************************

"the art is not in the machine"

- taken from imag photography magazine

im a newbie in dslr photography and still learning how aperture, shutter, flash, etc. works. Photography is addicting especially in upgrading gadgets if you have the extra bucks :)

check out some of my photos at penoi's multiply site....