vi4nn4network: junho 2016

sábado, 25 de junho de 2016

HOW TO CHECK AVAILABLE SERVICE WITH HPING3 - SWEEP FURTIVELY

set:

hping3 --syn -c 1 -p 80 vi4nn4network.blogspot.com

set --syn to receive destinet answer
set -c 1 to define how many packet that you want received
set -p 80 to define the port
set the site that you want test

when you request with the parameter set --syn you must wait the answer syn ACK, that answer that the service is available on your destiny.

After the command run see the target flags=SA = SYN ACK

That is when the service is available.

If you start the command see the target flags=RA = RESET ACK

That is when the service is not available.

POSSIBLE ANSWER WHEN YOU START THE SWEEP FURTIVELY:

flags = RA (close)

flags = SA (open)

RST-ACK -->close

SYN-ACK -->open

ACK = Acknowledgement

SYN = Synchronize

sexta-feira, 24 de junho de 2016

HOW TO CHECK RANSOMWARE VERSION

Access this page and upload the image with message and sample of ranwomware:
https://id-ransomware.malwarehunterteam.com/

Currently Identified Ransomware - 06/08/16

777
7ev3n
8lock8
Alpha
AutoLocky
AxCrypter
BadBlock
BankAccountSummary
BitCryptor
BitMessage
Black Shades
Blocatto
Booyah
Brazilian Ransomware
BuyUnlockCode
Cerber
Chimera
CoinVault
Coverton
CryFile
Crypren
Crypt0L0cker
CryptoDefense
CryptoFortress
CryptoHasYou
CryptoHitman
CryptoJoker
CryptoMix
CryptoTorLocker
CryptoWall 2.0
CryptoWall 3.0
CryptoWall 4.0
CryptXXX
CryptXXX 2.0
CryptXXX 3.0
CrySiS
CTB-Locker
DMA Locker
DMA Locker 3.0
DMA Locker 4.0
ECLR Ransomware
Encryptor RaaS
Enigma
GhostCrypt
Gomasom
Herbst
Hi Buddy!
HydraCrypt
Jigsaw
JobCrypter
JuicyLemon
KeRanger
KEYHolder
KimcilWare
Kriptovo
KryptoLocker
LeChiffre
Locky
Lortok
Magic
Maktub Locker
MireWare
Mischa
Mobef
NanoLocker
Nemucod
Nemucod-7z
ODCODC
OMG! Ransomcrypt
PadCrypt
PClock
PowerWare
Protected Ransomware
Radamant
Radamant v2.1
RemindMe
Rokku
Russian EDA2
Samas
Sanction
Shade
Shujin
SNSLocker
Sport
SuperCrypt
Surprise
TeslaCrypt 0.x
TeslaCrypt 2.x
TeslaCrypt 3.0
TeslaCrypt 4.0
Troldesh
TrueCrypter
UmbreCrypt
VaultCrypt
WonderCrypter
Xorist
Xort
zCrypt
Zyklon

sábado, 18 de junho de 2016

HOW TO AUDIT YOUR LINUX SERVER

download the file http://www.2shared.com/file/Nbq8UJU6/lynis-211tar.html
tar -xvzf lynis-2.1.1.tar.gz

now on the computer that you want start the audit, do that:

./lynis audit system

and wait the results.

HTOP ALTERNATIVES

apt-get install glances

sexta-feira, 17 de junho de 2016

HOW TO LIST USERS OF GROUP ON LINUX

#cat /etc/group
will available to see all group of system.
# apt-get install members
will available possibility to list every user from the group.

For see the users from the group set group name and after members
#members nogroup
sync nobody sshd

HOW TO SOLVE - UBUNTU HOST (SERVER OR WORKSTATION ) NOT RESOLVING LAN HOSTNAMES

Even setting up the server name on file /etc/resolv.conf the issue not solved ,
However was Necessary change this information on file:
vi /etc/nsswitch.conf
from: hosts: files mdns4_minimal [ NOTFOUND = return] dns

for:

#hosts : mdns4_minimal files [ NOTFOUND = return] dns
hosts: files mdns4_minimal dns [ NOTFOUND = return] mdns4

Obs . Normally in most cases the issue is fixed change the file /etc/resolv.conf add the
name server of your local network or add hostname/FQDN/ip on / etc / hosts , However have cases that is not efficient, and this tip solved all my problems .

quinta-feira, 2 de junho de 2016

HOW TO CONFIGURE SYSLOG SERVER ON FORTIGATE 5.0.7

Server # config log syslogd setting
Server (setting) # set status enable (enable logging to a remote syslog server).
Server (setting) # set facility local0 (identifies the source of the log message to syslog).
Server (setting) # set server (the IP address of the syslog server).
Server (setting) # end