LinuxHaxor.net at āCertified Ethical Hacker v6ā³ Courseware!!
Today, I got an e-mail from EC-Council, about my site being mentioned as a reference material for the ‘Certified Ethical Hacker v6′ courseware. Here is the e-mail I received [some information withheld].
Hello,
Greetings of the day.
Please allow me to introduce myself as a member of the technical development team at EC-Council.
Currently we are finalizing the release version of our courseware that prepares aspirants for the certification āCertified Ethical Hacker v6′ as awarded by EC-Council. In this context, we would like to seek your permission to include references to your work āNetenumā published as a resource material for the said instructional material.
It would be an honor for us to feature your work here and look forward to hearing from you regarding your kind consent. All due credits will be given in the courseware in the research endnotes and if you would like to adhere to any specific copyright clause, please do let us know.
We are committed towards protecting intellectual property and willing to do all that it takes to uphold this principle.
While this might not be a big deal to some. It is a big deal to me, and hopefully the beginning of other good things to come. As you might have seen that I have not updated this site as often as I would love to. That’s because I am adding some projects to this existing site which you can see in the right-hand corner in the sidebar. Along with this blog, I have 10 other blogs that I almost regularly work on, and I have some clients and their website that I work with. Which is why I can’t post as often. Hope fully I will get things in order and start posting more often.
On the bight side I am accepting guest posts, and also hiring authors who are willing to work in this blog (and others). Guest posters have the option of mentioning their blogs/website in their article while Paid authors will be paid CPM based. If you are interested. Shoot me an e-mail at pavs.ma@ gmail.com or admin@ linuxhaxor.net
PSAD is a collection of four lightweight system daemons written in Perl and in C that is designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options (Linux 2.4.x kernels only), reverse DNS info, email alerting, and automatic blocking of offending ip addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the tcp signatures included in Snort to detect highly suspect scans.
Monitoring your server for activities in real-time is perhaps the most fun things to do for geeks like me. While most people would use some kind of loging script to look at preety data in html format I like mine raw and in realtime. I would log into my server over SSH and use these three tools to monitor my system:
1) htop : While most people probably will settle for top, htop is my choice. I can’t think of a better monitoring system than htop, and I can’t imagine how I would live without it. I used it regularly on my local system as well. Here I am enjoying my htop in action while logging into myserver over SSH:
2) Trafshow: This is a network monitoring utility that shows traffic source, and services it’s connecting to, ports being used, bytes being used. And so on and so forth. Very usefull utility:
3) tail -f: tailing apache logs, access logs, error logs and similar logs should be a priority.
There are other ways to log information and or setting up scripts to e-mail you when anything fishy comes up in log files. Than there is data integrity checker like tripwire. Like I said there are many other ways to track information about your server health and security but these are my main methods I use.
Just a quick note with the current status of moving my blog to the new host. There was some major hiccups while moving the blog. So everything is not yet back to normal. I am holding off posting new contents until everything comes back to normal. Hopefully by monday, everything will be fine.
***Warning!! May contain personal gloating and self promotion ***
January has been an amazing month for Linuxhaxor. Every since this site has been mentioned in lifehacker the feed growth and daily hits have both doubled. With Recent update of google pagerank (though it didn’t affect our pagerank), search results for certain keywords are now more favorable. Google organic traffic is now the most significant source of traffic for this blog.
All this is good only if you have a host that can handle the traffic. Since the beginning of this blog (when I was hosting this site from my home server) linuxhaxor was in the front page of digg 8 times (my count), every single time this site has gone down. This site has gone down even when hit by stumbleupon and lifehacker. I guess this is the price you pay for having your site hosted in a shared environment.
Well, not anymore. Today I signed up with a leading hosting service for a dedicated server. the specs are: Dual Xeon 2.4, 4096mb RAM, 2×80gb SATA and 2,500gb Bandwidth. I think this should take care of the traffic for the time being.
On a side-note this process of moving this blog to it’s new home will be done in the next 48 (according to my host the time needed to setup dedicated server) During this time the site may not be visible for long period of time.
Some stats for the site, though it’s not absolutely ground breaking, it certainly is something I am proud of.
Last 30 days Traffic:
Last 7 months Traffic. This stat is not correct for many reasons. I updated my word press template many many times, some of you who have been following this blog long enough will probably know it. Unfortunately each time I updated the template I didn’t update the site meter code to track traffic. Same thing with google analytics.
TrafShow continuously display the information regarding packet traffic on the configured network interface that match the boolean expression. It periodically sorts and updates this information. This program may be useful for locating suspicious network traffic on the net or to evaluate current utilization of the network interface.
You can choose your network interface:
And browse through all your connections, which can be setup to be updated in realtime or set refresh interval in seconds :
Nap is a console napster client written by Kevin Sullivan. It runs on Linux, OpenBSD, and other systems. Current releases of nap, such as 1.5.4, are very stable. They can run for weeks at a time without crashing or user intervention.
Brief History
Nap, writtin by Kevin Sullivan sometime in 1999, was one of the first napster clients besides Shawn Fanning’s original Windows client. It was also the first client that ran on linux. Kevin learned much about the inner workings of the napster protocol by collaborating with Jordan Ritter, who was one of the co-founders of Napster and its Chief Server Architect at the time.
I (Peter Selinger) took over the development of nap in February 2001. First I (Peter Selinger) posted patches, but soon the patches became so long that I (Peter Selinger) started making releases. A lot of features were added, and some existing ones redesigned, to make nap more stable, user-friendly, and reliable. However, the original “look and feel” has been preserved. Probably nap is one of the most robust napster clients for linux today. It has been packaged for a variety of popular platforms, and it is now shipped with some distributions of Debian Linux and OpenBSD.
Since June 2001, Napster Inc. has modified their servers to use a new client authentification scheme, and nap users can no longer connect to Napster Inc.’s servers. Thus, nap is configured to connect to the OpenNap servers by default. The OpenNap system is a network of napster servers that are independently owned (not run by Napster, the company). When starting up, nap will automatically download a list of servers from www.gotnap.com, and it will connect to the first available one.
durep was designed for monitoring disk usage in a more visual way than du. The du program works fine but doesn’t allow a lot of control over how the results are displayed. This perl script is designed to produce output more useful for reports. Although durep can produce text output similar to du, its real advantage is that it allows you to navigate through the directory structure as web pages. Each page shows bar graphs for entries so it is easy to see immediately which directory is using the most storage space. The report generated can be configured in several ways (hiding directories, collapsing directory entries, hiding entries below certain sizes, etc) all of which are described below. The text report that durep generates is also configurable. You may limit the depth to which it displays entries, allowing a quick non-detailed view. This is generally meant to compliment the web views.
To show report of a specific directory in text format in terminal: durep /etc
To get it in html format just use -w
. The html report is browsable by clicking on the folders links. The report itself is extensively customizable with loads of other info, check out the MAN page.
