Linux




PTR bulk DNS resolver in Perl to see what is in the name

There are many ways to do PTR resolving in bulk, and this is just one of them. It doesn't pretend to be the fastest/coolest/best, the only thing I can claim - it works. # Yuri # 19.02.2013 # this script accepts range of IP addresses to do PTr resolving for …



Bash script to generate random passwords

Here I stumbled on an intro into Bash scripting for NetOps by John Kristoff " Introduction to Shell and Perl scripting for Network Operators" and could't help but do it my way. Here it is, bash script that generates random password of printable characters, up to 15 at least. 1 2 …



md5 sha256 sha-1 tiger and whirlpool sum checker for Windows

Trying out Amazon AWS Glacier with fastglacier.com as the upload GUI app I looked at few SHA256 sum calculating tools, and found this one by Jesse Kornblum to be the best for Windows. It has some quite useful options like recursive folders calculation, file size limitation, reading file names …



Agressive scans from 69.175.126.170 - HD Moore is trying to save the Internet

I've been seeing this for some time so you will see it soon too. We speak here mostly about SNMP probes coming from a set of very specific IPs. If you do a search on IP you get to the webpage below (critical.io ) , explaining to the reader that it …



Watch your DNS records day and night with Nagios plugins

Domain records are most visible vulnerable and many time crucial asset of the company. Attackers need not break your firewall protection, find and develop exploits for software running on your server to cut off your company from mails - it is enough for them to cause a change of MX record …



'How to separate inbound and outbound data graphs in Nfsen Netflow tool '

As I said already ( here and here ) for gathering Netflow data, especially with security in mind, I deem Nfsen/nfdump to be the best. And with some easy 2-minutes tweaking I can always make it do exactly what I want. By default when you configure Cisco to export both ingress …



You can be Nmap hacker too - contribute new signatures in few easy steps and feel proud of yourself

NMAP is probably the most known long standing and community involved security-related project in the Open Source universe ever. And it is quite naturally to think that there is nothing left to be done to improve it by end users like us, and of course the opposite is the case …



Best open source Netflow/sFlow analyzing software

People ask me frequently what software I would recommend for Netflow analysis , especially with security implementations in mind. I made my choice a long ago and haven't been complaining so far - Nfsen graphical frontend that has Nfdump as its data processing backend . It provides most flexibility, configurability; its filter syntax …



Grab bag of IPF firewall commands for FreeBSD and Solaris 10

Nothing new here , just a round-up of the commands/configs I happen to need from time to time. Google probably has better references for that.I talk about Pf firewall used in FreeBSD, OpenBSD and Solaris systems. Enable and disable firewall: pfctl –e Enable packet filter real time pfctl –ef …



Too much of the Zeus on TV

At 19th of October the 1st Russia channel aired the TV show called "Пусть говорят, Однажды в Америке" , dedicated to Zeus trojan story. You all saw and heard about this FBI operation that brought some 38 people to the captivity. The talk show on the most available and popular Russian …