Kamis, 29 November 2012

Airsnarf - A rogue AP setup utility

Airsnarf - a rogue AP setup utility
Airsnarf is a simple rogue wireless access point setup utility designed to demonstrate how a rogue AP can steal usernames and passwords from public wireless hotspots.  Airsnarf was developed and released to demonstrate an inherent vulnerability of public 802.11b hotspots--snarfing usernames and passwords by confusing users with DNS and HTTP redirects from a competing AP.

  HotSpotDK checks for changes in ESSID, MAC address of the access point, MAC address of the default gateway, and radical signal strength fluctuations. Upon detecting a problem, HotSpotDK notifies the user that an attacker may be on the wireless network. Currently HotSpotDK runs on Mac OS X and Windows XP.

Airsnarf has been tested with (i.e. probably requires) the following:

Red Hat Linux 9.0 - http://www.redhat.com/
kernel-2.4.20-13.9.HOSTAP.i686.rpm - http://www.cat.pdx.edu/~baera/redhat_hostap/
iptables - Red Hat 9.0 CD 1
httpd - Red Hat 9.0 CD 1
dhcp - Red Hat 9.0 CD 2
sendmail - Red Hat 9.0 CD 1
Net::DNS Perl module - http://www.cpan.org/

Install & run Airsnarf with the following commands:

tar zxvf airsnarf-0.2.tar.gz
cd ./airsnarf-0.2

How does it work?  Basically, it's just a shell script that uses the above software to create a competing hotspot complete with a captive portal.  Variables such as local network, gateway, and SSID to assume can be configured within the ./cfg/airsnarf.cfg file.  Optionally, as a command line argument to Airsnarf, you may specify a directory that contains your own airsnarf.cfg, html, and cgi-bin.  Wireless clients that associate to your Airsnarf access point receive an IP, DNS, and gateway from you--just as they would any other hotspot.  Users will have all of their DNS queries resolve to your IP, regardless of their DNS settings, so any website they attempt to visit will bring up the Airsnarf "splash page", requesting a username and password.  The username and password entered  by unsuspecting users will be mailed to root@localhost.  The reason this works is 1) legitimate access points can be impersonated and/or drowned out by rogue access points and 2) users without a means to validate the authenticity of access points will nevertheless give up their hotspot credentials when asked for them.

So what's the big deal?  Well, with a setup like Airsnarf one can obviously create a "replica website" of many popular, nationally recognized, "pay to play" hotspots.  That's as simple as replacing the index.html file Airsnarf uses with your own custom webpage that still points its form field variables to the airsnarf.cgi.  Combined with sitting at or near a real hotspot, hotspot users will associate and unknowingly give out their username and password for the hotspot provider's network.  The usernames and passwords can then be misused at will to utilize other hotspots of the same provider, possibly anywhere in the nation, leaving the original duped user to pay the bill.  Should the user be charged per minute usage, they may recognize something is terribly wrong when they get their next bill.  If the user pays a flat rate for unlimited usage, the user may never realize their credentials have been captured and are being misused.

Wireless hotspot operators should consider the following:  stronger authentication mechanisms, one-time authentication setups, monitoring the existence and creation of APs, and perhaps just giving away hotspot access for free to remove any user service theft risks.

Watch Out for those SCAMMERS ONLINE!

Look before you Shop!

Gone are the days when Ramu had to visit the grocery store to fetch everything from a cricket ball to packaged goods. It’s so medieval in this age of online banking and shopping. Now Ramu can sit in the comfort of his air conditioned room and order some exquisite things from remote corners of this world just with a click of the mouse. ClichĂ©! Isn’t? Indeed just a click of mouse is all it takes. Life is better in 2011.
Online shopping has revolutionized the way we shop, and it’s no wonder that its popularity is soaring by the day. There are advantages like shop any time and from anywhere and of course no cash payment is required. Money transfer from a bank account online or a credit card would do! Tempted? Eh! You’re easy to lure! Maybe you are the best man to work for me. 
How about I make a phishing attack and steal your credit card information the next time you pay, or what if your ordered product never gets delivered… as they would say ‘Lost in translation!’ Scared baby?! Awww… Don’t worry dear! Main hoon na…
Your robin hood aka I will give you some simple yet effective tips to secure your hard looted money!
Before going for online shopping, install updated Anti-Spyware, Anti-Virus, and firewall and set your web browser security to the highest level.
Intensively research about the website you intend to buy from. There are various means to do that, check out customer reviews or note the physical address and telephone number of their help centers. Since most hackers try to trap with websites that only look legitimate, make sure you choose wisely and go with popular websites.
Before making transactions, check if the website is secured. Is there https or padlock on the browser address bar?
After finishing transactions, take a print out of details of purchase like price, confirmation receipt and conditions of sale.
Immediately check the credit card statements after making the payment, make sure they debit only the said amount. If any discrepancies are encountered report to bank authorities.
After finishing online shopping, clear the web browser cookies and turn off the PC as the spammers and phishers will be looking for the systems connected to net and try to send spam e-Mails or install malware into your system to leak out personal information.
Beware of e-Mails demanding you to confirm the payment by entering product details and credit card number after the purchase has already been made. Legitimate people never send e-Mails asking for confirmation.
Follow these simple common leads to save embarrassment! 

Using SmartOS as a Hypervisor - 1

Rabu, 28 November 2012

Don't Let Our Right to Privacy Expire

Internet freedom means different things to different people. But for most of us it boils down to this: the freedom to read, do and say what we want online — and in private.
This Thursday, that freedom could come under attack. The Senate Judiciary Committee wants to update the Electronic Communications Privacy Act (ECPA) — a bill passed in 1986, before most of us had even heard of the Internet — to bring it into the 21st century.
A good update to ECPA is in the works. It would ensure that our online activity is given the same privacy protections as snail mail and wired phone calls.
But a bad update is in the works, too. Sen. Chuck Grassley is pushing an amendment that would allow government agencies to snoop — without a warrant — on our email, our texts and any documents we have stored in the “cloud.”
The Judiciary Committee is voting this week on how to move forward with this important bill — either by strengthening privacy protections or getting rid of them. The Free Press Action Fund has joined a coalition of groups at VanishingRights.com to make sure the Senate moves to protect our right to online privacy.
Each day we communicate more and more online — where there's little protection against government snooping. We can fix this. Take action now to protect our online privacy and stand up for our Internet freedom.

Don’t Let Verizon ‘Edit’ the Internet

Think you have the right to speak freely via cellphones, websites and social media?
Well, Verizon doesn’t. In fact, the telecom giant is now claiming that the First Amendment gives it the right to “edit” you and everyone else on the Internet.
The company is twisting our most fundamental free speech right to assert that it can control the Internet and your content — just as a newspaper editor picks and chooses the articles that go to press.
In the first brief filed in its lawsuit to overturn the Federal Communications Commission’s Net Neutrality protections, Verizon argues that the First Amendment gives the company the right to block all digital communications that cross its wires, from photographs of your cousin’s backyard barbeque to YouTube videos of human rights violations in Syria. It’s a preposterous claim — and it shows just how far the company is willing to go to control what you do online.
Send this letter to top Verizon executives Lowell McAdams and Ivan Seidenberg. All Internet users must raise the alarm on behalf of free speech online and draw a line in the sand against any powerful entity that seeks to censor us.


The Stop Online Piracy Act seemed destined for passage when it first surfaced in the House of Representatives in 2011. Intended to discourage illegal copyright violations, SOPA would have given private entities the power to blacklist websites at will. It would have violated the due process rights of thousands of users who could have seen their sites disappear from the Internet. And it would have allowed banks to freeze financial deposits to the accounts of website owners, potentially forcing falsely accused Internet enterprises out of business.
Supporters claimed that SOPA was the only way to effectively fight online piracy. If it had passed, corporations (with the help of the courts) would have become the arbiters of what is and isn't lawful online activity, with millions of Internet users swept in their nets as collateral damage.
But on January 18, 2012, thousands of websites went dark to protest SOPA and its companion bill in the Senate, the Protect IP Act. Wikipedia, Reddit, BoingBoing, Free Press and Save the Internet were among the many participants in the protest, which created such a backlash that both bills were shelved.
This remarkable turn of events demonstrated the power of Internet organizing. But SOPA likely won't be the last time that powerful Hollywood studios and media companies use their Washington connections to try to slip through legislation that threatens the open Internet.

Please Help protect Our Internet Freedom.


Anonymous - You, ITU, & Internet Censorship

Selasa, 27 November 2012


The Open Source Solution to SPAM

 The Open Source Solution to SPAM

 Problems with Spam? Then this is the book for You. ( I didn't get paid to say This)

The annoyance factor for individual users whose email is crammed with pitches for pornography, absurd moneymaking schemes, and dubious health products is fierce. But for organizations, the cost of spam in lost productivity and burned bandwidth is astronomical. While society is grappling with a solution to the burgeoning crisis of spam proliferation, the pressure is on system administrators to find a solution to this massive problem in-house. And fast.
Sys admins can field scores of complaints and spend months testing software suites that turn out to be too aggressive, too passive, or too complicated to setup only to discover that SpamAssassin (SA), the leading open source spam-fighting tool, is free, flexible, powerful, highly-regarded, and remarkably effective. The drawback? SpamAssassin's lack of published documentation.
SpamAssassin by Alan Schwartz, is the only published resource devoted to SpamAssassin and how to integrate it effectively into your networks. This clear, concise guide clarifies the installation, configuration, and use of the SpamAssassin spam-checking system (versions 2.63 and 3.0) for Unix system administrators using the Postfix, Sendmail, Exim, or qmail mail servers, helping administrators make the right integration decision for their particular environments.
It covers concrete advice on how to:
  • Customize SpamAssassin's rules, and even create new ones Train SpamAssassin's Bayesian classifier, a statistical engine for detecting spam, to optimize it for the sort of email that you typically receive
  • Block specific addresses, hosts, and domains using third-party blacklists like the one maintained by Spamcop.net.
  • Whitelist known good sources of email, so that messages from clients, coworkers, and friends aren't inadvertently lost.
  • Configure SpamAssassin to work with newer spam-filtering methods such as Hashcash (www.hashcash.org) and Sender Policy Framework (SPF).
Sys admins, network administrators, and ISPs pay for spam with hours of experimentation and tedious junk email management, frayed user tempers, and their sanity. SpamAssassin, together with this essential book, give you the tools you need to take back your organization's inboxes."Detailed, accurate and informative--recommended for spam-filtering beginners and experts alike." --Justin Mason, SpamAssassin development team

Keep Linux up to date. Never reboot

Eliminate disruptive reboots
updating your systems with Ksplice.

With rebootless updates, you can:


      Save time and pain by updating in seconds, while your systems are running.
      Avoid downtime.
      Prevent disastrous security incidents by making it easy to stay up to date.
    Linux distributions require a reboot about once a month to stay
    up to date with important kernel security updates. Ksplice Uptrack
    allows you to apply the same updates published by your Linux
    vendor, without rebooting.

    Reboots required for kernel updates by major Linux distributions