Dr.Web® anti-virus for Linux (GUI based)

Dr.Web Security Suite for Unix Appliance and  Dr.Web® anti-virus for Linux (GUI based) is a group of modular solutions that can be installed on appliances running Unix-family (Linux/FreeBSD/Solaris(x86) operating systems. The solutions work as a corporate Internet-gateway – a proxy-server used to provide access to the Internet to intranet users.

Depending on your licensing scheme and the set of selected plugins solutions of Dr.Web Security Suite for Unix Appliance can perform the following tasks:
process incoming and outdoing mail and filter out viruses and spam;
scan http and ftp traffic for viruses;
detect and remove any malicious objects;
parse e-mails and analyze each component of a message;
filter e-mail according to white and black lists;
process correctly archived files of most known formats including multi-volume and self-extracting (SFX) archives;
notify recipients or other selected users on results of scanning using templates ensuring that provided information is easy to read
collect statistics regarding all activities of the system;
protect its own plug-ins against failures.
Benefits
Dr.Web means its own technologies and anti-virus laboratory
Dr.Web anti-virus technology has been developed since 1992 and is owned by Doctor Web.
here are few anti-virus vendors in the world with their own technologies for detecting and curing malware, a virus monitoring service and an analytical laboratory. It provides a rapid response to latest threats and allows solving any problems of customers in a few hours.

Large enterprise network experience
Dr.Web solutions for small and medium-sized companies and large corporate networks with dozens of thousands of computers have been developed and improved since 1992. The State Duma of Russia, its Defense and Foreign ministries FSB (Federal Security Service) and many other enterprises, educational institutions and research departments trust anti-virus solutions from Doctor Web.

Openness of the solutions
As usual, Doctor Web makes its contribution to development of open source anti-virus products. Solutions included in Dr.Web Security Suite for Unix Appliance have an unlimited potential for expanding their functionality. Virtually any user with a sufficient skill can implement a desired feature using the source code and the SDK supplied with the software.

Exceptional scalability
Dr.Web Security Suite for Unix Appliance can perfectly suite needs of a small company with just one e-mail server and meet the unlimited e-mail filtering requirements of transnational telecoms or Internet service providers, Its efficiency, flexibility of settings and capability of filtering huge volumes of e-mail traffic “on-the-fly” can comply even with highest demands.

Optimal configuration
Configuration of servers with preinstalled Dr.Web Security Suite for Unix Appliance is the result of thorough optimization. Solutions match requirements of a customer perfectly. Flexible licensing system allows a company to pay only for functionality it is going to use. A server based on Dr.Web Security Suite for Unix Appliance is a high-performance solution at a best price.

Reliable protection
State-of-the art technologies ensure high-speed scan of traffic that doesn’t after Internet access speed and runs unnoticed by users. The solutions feature latest Dr.Web technologies that sheilf user machines from malware and spam. Automatic updating system allows maintaining a high level of security.

High productivity and stable operation
Multi-thread scan feature enables Dr.Web Security Suite for Unix Appliance processing simultaneously large amounts of data. Well-designed modular structure makes it impossible for an attacker to disable a solution. Well-known low system requirements of Dr.Web products allow running them on any server hardware.

Easy installation
Dr.Web Security Suite for Unix Appliance fully complies with the “plug and play” principle making installation and maintenance extremely easy even for an inexperienced user. The installation procedure was designed to exclude any possible configuration errors by staff and reduces time of deployment to several minutes. Installation of an appliance doesn’t affect configuration of computers in a corporate network.

Flexible configuration and easy administration
Dr.Web Security Suite for Unix Appliance allows implementing any protection scheme tailored to the security policy of your company. The solutions have flexible configuration system so virtually any required set of rules can be created by a system administrator. All actions related to the network security are logged. The logged data can be used to analyze network health and pinpoint vulnerabilities. The convenient user alert system that issues virus warnings and notifies a user upon loading of a web-page containing malicious code will assist you in conforming to the security policy of your company.

Frequent updating
An add-on to the Dr.Web virus database is released when new entries are added as often as several times per hour. Hot add-ons are released immediately after a new threat has been analyzed. The global virus monitoring network delivers latest samples of viruses from all over the world. Users retrieve updates from several servers located on different parts of the globe.

Read the rest of this entry »

Dr.Web LiveCD !

Dr.Web LiveCD is a software product that features a standard Dr.Web scanner.

Dr.Web LiveCD is an anti-virus emergency aid disk that would restore a system that became non-operational due to activities of malware and help copy important information to a removable data-storage device or to another computer. If a workstation or a server running Windows\Unix won’t boot from a hard drive, Dr.Web LiveCD will clean a system of suspicious and malicious files and will also try to cure infected objects

How does it work?

1. Download the image of Dr.Web LiveCD.
2. Wirte the image to a CD or DVD. If you use Nero Burning ROM you need to do the following:
   • Insert a blank CD/DVD into your CD/DVD drive
   • Click on the “File” menu and select “Open”
   • Browse through the folders to the location of the image file and select it.
   • Press the “Burn” button and wait while the file is being written to the disk
3. Make sure that the CD/DVD drive or any other device with Dr.Web LiveCD is set as the first boot device.
4. As loading starts a dialogue window will prompt you to choose between the standard and safe mode.

   

5. Use arrow keys to select a desired mode and press [Enter]:
   • In order to use the scanner with the GUI choose Dr.Web LiveCD (Default)
   • If you’d like to start the scanner using the command line (console) select Dr.Web LiveCD (Safe Mode)
   • Choose Start Local HDD, if you want to boot from the hard drive instead of Dr.Web LiveCD
   • Select Testing Memory to launch the Memtest86+ utility
6. If Dr.Web LiveCD (Default) is selected, all available disk drives will be detected automatically. The operating system will also try to connect to the local network if available.

   

7. When the system is loaded, check disks or folders you want to scan and press Start

   

8. You can also contact the support service of Doctor Web if you need extra help. Fill out a support-request form on the web site of the company
9. The Midnight Commander file manager is used to work with files you need to copy to a safe location
10. If the operating system failed to configure access to your network, you can do it manually using Networks Configure Manager. Start->Settings->Networks Configure manager

    

For more information about Dr.Web LiveCD read the Dr.Web LiveCD user manual

Download Dr.Web LiveCD

BlueProximity in Ubuntu !{Exclusive}

This software helps you add a little more security to your desktop. It does so by detecting one of your bluetooth devices, most likely your mobile phone, and keeping track of its distance. If you move away from your computer and the distance is above a certain level (no measurement in meters is possible) for a given time, it automatically locks your desktop (or starts any other shell command you want).

Once away your computer awaits its master back – if you are nearer than a given level for a set time your computer unlocks magically without any interaction (or starts any other shell command you want).

I’ve been using blueproximity for a while now and recommend it to anyone that is sick of typing passwords all day… I started using it after getting sick of typing my password all day long. The work day consisted of 1) login 2) need more coffee, ctrl-alt-l 3) get coffee 4) repeat. Setup and configuration is fairly straightforward:

BlueProximity is availible in the Ubuntu repositories, and is very easy to install and set up:

sudo aptitude install blueproximity

Before you run BlueProximity for the first time, make sure your Bluetooth is set up on your computer, and you have paired your cellphone with your desktop.  You can find general Bluetooth options under System > Preferences > Bluetooth.

When you’re ready to run BlueProximity, you can find it under Applications > Accessories > BlueProximity.  BlueProximity runs in the background, and displays a small icon in the taskbar to show its status.  Click on the icon to configure its settings.

In the “Bluetooth Device” tab, you can choose the cellphone or device to pair with and monitor.

• If you don’t see your cellphone in the list, press “Scan for Devices”.  Make sure your cellphone’s bluetooth is on and discoverable.
• When your device shows up, you can click on it and press “Use Selected Device”.
• You can also select the “RFCOMM Channel”, although the default channel, 7, worked for me.  If you have trouble, you may try “Scan channels on device”.

In the next tab, “Proximity Details”, you set the distance and times to lock and unlock your computer.

• The distance is a numeric value between 0-255 which is a rough range of how far your cellphone is from your computer.  It doesn’t correspond to any specific unit of measure, so you’ll need to test it out to get a feeling for it.
• At the bottom of the tab, “Measured atm” displays the current distance, as well as the minimum and maximum distances that have been detected.  You can use this as a guide.
• The duration corresponds to the number of seconds your cellphone needs to be outside of the distance before your computer will lock.  You may need to use some trial and error to find the right value.
• The “Unlocking” options operate just like the “Locking” options, but opposite.  When your phone is detected within the specified distance for the complete duration, your computer will unlock.

The final preferences tab, “Locking”, controls how BlueProximity will lock and unlock your computer.  It has options for the exact commands which will be invoked, as well as logging options.  Basically, BlueProximity will call gnome-screensaver-command to control the screensaver– turning it on and off appropriately.  For this to work though, you will also need to set up a screensaver.

To check your screensaver settings, go to System > Preferences > Screensaver.

• In the left pane, choose a screensaver to use.  I prefer ElectricSheep.
• The option “Activate screensaver when computer is idle” doesn’t apply to BlueProximity, and BlueProximity will work even without it checked.  This refers to whether you want your screensaver to also turn on after a given period.
• Similarly, the option “Lock screen when screensaver is active” refers to the normal screensaver timeout, and won’t affect BlueProximity.

Once you’ve got BlueProximity and your screensaver configured, everything should be ready to go!  Simply walk away from your computer and watch it automatically fade into your screensaver.  Walk back, and the desktop should automatically wake up.

It’s a pretty fun toy, although not the most useful.  However, for those like myself who tend to walk away from the computer without locking it, you can feel a little better when you have your cellphone in your pocket.

You could also configure what commands to run other then the defaults via the “Locking” tab. Enjoy!

How to install Ubuntu multimedia codecs

How to install all multimedia codecs in ubuntu

and kubuntu

very easy

Ubuntu Linux [1] is a Debian-based, desktop Linux distribution whose name
means “humanity to others.” The philosophy behind this GNU/Linux
distribution and the great selection of packages make you feel good that
you’re using it. The lack of multimedia support, however, leaves your
digital media desires unsated.

in the terminal :

sudo apt-get install ubuntu-restricted-extras

have fun

Create your own distro with Product Creator

Once again, we are going to talk about Kiwi.

Kiwi is an Imaging System, a part of the greater openSUSE Build Service, a complex, omnipotent imaging/virtualization solution that allows you to create any which kind of operating system images, fully customizable and deployable in a vast range of formats, based on your own installation, the vanilla openSUSE or any other Linux distribution.

Kiwi can achieve these tasks using XML templates, as it is geared toward power users who like automation and scripting. However, Kiwi also supports work by the means of much simpler, much friendlier GUI frontends called Image Creator and Product Creator.

Donwload PDF version of this document
The YaST Product Creator is suitable for creating the following types of images:

• Custom installation media
• Add-on products
• Live ISO images
• USB stick images
• Xen images
• Virtual disk boot images

The YaST Product Creator has some limitations:

• Creates only images for the installed architecture
• Creates images only from sources added with the YaST Installation Sources module or from newly created add-on products
• Does not support creation of bootable add-on product images

The YaST Product Creator provides configurations for all types of images. These configurations can be used as a good base for most situations. If you need a special configuration and are not familiar with the add-on configuration or editing and creating a KIWI configuration, see Creating Add-ons and en.opensuse.org/KIWI

Install Guest Additions for a better VirtualBox experience

In my default setup of Windows XP, on my particular Ubuntu 9.04 box, the installation of Windows XP rendered a perfectly usable desktop with 32 bit colors in 800×600 resolution. This resolution, of course, is not ideal for some situations (such as Full Screen mode). In order to get a higher resolution, along with other features, you have to install Guest Additions. This is a simple process that can be done quickly and yields a much better user experience than the default. So…let’s get to the installation.

Figure 1

Before you attempt to do the installation of the guest additions you have to have your virtual machine up and running. Once that VM is running you will see three menu entries at the top of the window: Machine, Devices, and Help. You want to click on the Devices entry and then click the Install Guest Additions entry (see Figure 1).

What you will see is a warning message instructing you that the Guest Additions CD image could not be found. Fear not, this is normal. Click Yes in order to download the image and then Download to confirm. You will see a progress bar at the bottom left of your VM window.

When that download has finished you will be asked if you want to Mount the image. Click the Mount button to reveal the Sun xVM setup wizard. Click Next in the welcome screen which will take you to the license agreement window. Click the I Agree button (and read the license if you feel so inclined.)

Figure 2

What you are now doing is a fairly straightforward Windows application-like installation. The only “gotcha” during installation will be a warning that the software did not pass the Windows Logo testing. Ignore this warning and click Continue Anyway. Your screen will flicker for a second – don’t worry.

You will see this warning another time when it attempts to install software for the pointing devices.

After that warning the installation will complete and, in typical Windows fashion, you will be required to reboot your virtual machine. Do this. When the reboot completes you will find your virtual machine much easier to work with. Now:

• You no longer have to capture the mouse pointer.
• You can set your resolution to a much higher level.
• You can now copy and paste between guest and host operating systems.
• You can run Windows in seamless mode.

Seamless mode

Figure 3

Seamless mode is a very interesting trick. What this does is take the elements of Windows out of the VM window and layer them on top of your Linux desktop.

As you can see, in Figure 3, with seamless mode activated all Windows applications have their own window. So in this instance Internet Explorer appears to be running on Linux by itself. And the Windows task bar is resting nicely on top of the GNOME panel.

You toggle between seamless and non-seamless mode by pressing the Hot Key and the “L” key. The default Hot Key is the right Ctrl key.

Final thoughts

This is truly some exciting work. With the help of VirtualBox you can, effectively, have your cake and eat it too (as the saying goes.) Work with Windows applications inside of Linux without needing the help of Wine.

Install And Use Metasploit Framework 3.2 on Linux {Exclusive}

Metasploit is an application that is used to research the security in your network. The Administrators can test their networks that is made by them. What Their network is found the weakness or not. Many exploit type and payload Who can be used on Metasploit. You are able to use Metasploit on Linux operating system

1. Download metasploit here
2. copy metasploit file to root or home directory
3. open the terminal
   $ cd /
$ sudo su
# tar xzfv framework-3.2
# cd framework-3.2
4. in directory framework-3.2, there is 2 selection using metasploit
   • ./msfconsole using metasploit console mode
     # cd /
# cd framework-3.2
# ./msfconsole
   • ./msfweb using metasploit web mode
     
# cd /
# cd framework-3.2
# ./msfweb
Using metasploit on web mode, you have to open your mozilla and go to url http://127.0.0.1:55555/, if your status is offline, please select file | select Work Offline on your Mozilla Firefox.
   • have fun

10 More Hacking and Security Software Tools for Linux

I noticed that our list of hacking and security software tools for Linux was not enough so I figured out that I should add some more. But before anything else, thank you to those who commented the last time and shared their favorite hacking programs. –I’ve included some of those that you’ve mentioned on this new list for others to know about.

Now without any more delay, here’s our latest compilation of hacking and security tools for Linux:

* Ettercap

Ettercap is a console-based network sniffer/interceptor/logger that is capable of intercepting traffic on a network segment, capturing passwords, and conducting active eavesdropping against a number of common protocols. Ettercap supports active and passive dissection of many protocols (including ciphered ones) and provides many features for network and host analysis. Ettercap also has the ability to actively or passively find other poisoners on the LAN.

* Nikto

Nikto is a web server scanner that is known to perform comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. It performs generic and server type specific checks. It also captures and prints any cookies received.

* OpenSSH

OpenSSH is a Free and Open Source version of the SSH connectivity tools providing encrypted communication sessions over a computer network. It encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions.

* Aircrack-ng

Aircrack-ng is a wireless tool and password cracker. It is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs.

* Tripwire

Tripwire is a security and data integrity tool that is useful for monitoring and alerting on specific file change(s) on a range of systems. Used with system files on a regular basis, Tripwire can notify system administrators of corrupted or tampered files, so damage control measures can be taken in a timely manner.

* Metasploit Framework

Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their online exploit-building demo.

* THC Hydra

THC (The Hacker’s Choice) Hydra uses a dictionary attack to test for weak or simple passwords on one or many remote hosts running a variety of different services. It was designed as a proof-of-concept utility to demonstrate the ease of cracking poorly chosen passwords. It can perform rapid dictionary attacks against more then 30 protocols, including telnet, ftp, http, https, smb, several databases, and much more.

* Dsniff

Dsniff is suite of powerful network auditing and penetration-testing tools and utilities that includes code to parse many different application protocols and extract interesting information. The information that can be obtained from this sniff application are: usernames and passwords, web pages being visited, contents of email, etc.

* RainbowCrack

RainbowCrack is a password hash cracker that makes use of a large-scale time-memory trade-off. It differs from “conventional” brute force crackers in that it uses large pre-computed tables called rainbow tables to reduce the length of time needed to crack a password drastically.

* rkhunter

rkhunter scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online database, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD.

Installing new templates in OpenOffice 3

I do a lot of writing. I also create presentations on occasion. Naturally, being an open source/Linux advocate, I use OpenOffice for all of my needs. One area where OpenOffice might consider a little less than user-friendly is the adding new templates for your use. Once you understand how this is done you will think differently about this. But until you know the secret it might take a while to figure this one out.

With the upgrade to OpenOffice 3 a new feature was added – Extensions. Extension enable you to extend the functionality of OpenOffice. Fortunately it is possible to find plenty of templates that are rolled into an extension. Let’s take a look at how this is done.

Before you do anything with the Extension Manager you need to locate some templates. The official OpenOffice Template site doesn’t really have a large selection of templates. Your best bet is to do a search for the type of template you are looking for (Writer, Impress, Calc, etc). Once you find them if the extension is .oxt it is an extension file. If that’s the case, you’re in luck, you can install this with the Extension Manager. I found probably the best collection of Impress Templates, called Modern Impress Templates.

If you open up the main OpenOffice window (this is done by issuing the command openoffice.org or opening the OpenOffice.org menu entry from your desktop. When this window opens you will notice a Tools menu. Within the Tools menu there is an entry called Extension Manager. Click on that to open up this tool.

Figure 1

From within the Extension Manager (see Figure 1) click on the Add button to open the Add Window. Navigate to where you saved the extension file, select the file, and click Open.

In some cases you might have to agree to a license. If that’s the case, read the EULA and then click Accept. Once you have done this the extension is installed. You will see the new extension listed in the Extension Manager.

You can also add templates by clicking the Templates button in the main OpenOffice window. When you click that a template chooser opens where you can click a “Get more templates online” link. Click that to open a new Firefox window on the official OpenOffice templates page. Here you can search and download specific templates. These templates will open up in their respective tool. Once that template is open click on the File menu where you will see a Templates submenu. From within the Templates submenu click on Save to open up the Tempates organizer. Give this template a name and click Save. Now when you want to use this template again go back to that Templates submenu, and click on the Organize entry. When the organizer opens double click on the My Templates folder to reveal the template you saved.

Using your templates

Figure 2

After your templates are installed go back to the main OpenOffice window and click on the Impress button and the New wizard will start (see Figure 2). Now you should see far more templates to choose from than the default.

Final thoughts

Although OpenOffice 3 ships with a poor selection of templates to choose from, extending this selection is as simple as adding an extension.  And don’t forget, you can also create your own templates in Openoffice.

Set your hostname in Linux

If you are an administrator then you know what a hostname is. If you are not an administrator then you should know the hostname of a computer is the name which a network attached device is known. Unless you have manually changed your hostname, or set it up during installation, your hostname will most likely be “localhost.localdomain”.

Hostnames are most often used for administrative habits. In other words hostnames will show up in some scanning applications, can be used for name to IP address resolution, and much more. But to make this useful you will have to manually set your hostname on your Linux machine. This article will show you just how to do that.

Find your hostname

The most common means to find your host name is to open up a terminal window and enter the command:

hostname

If you have not set your hostname, more than likely you will see returned:

localhost.localdomain

A quick and easy way to spot if you have not changed your hostname is to check when you open up your terminal window. At your bash prompt you will see something like:

[jlwallen@localhost ~]$

As you can see a portion of the hostname (everything preceding the first “.”) will be used in your prompt. In the example you see above you see “localhost” which should tell you the hostname has not been changed.

Temporarily changing your hostname

You can temporarily change your hostname by issuing a single command. You have to issue this command either using sudo or as the root user. To make this change you will use the same command you used to find out your hostname, only you will include the new hostname to the command. Say you want to change your hostname to “willow”. To make this change temporarily issue the command:

hostname willow

Now issue the command hostname which should report back:

willow

This change will last until you reboot your machine.

Permanently changing your hostname

How you permanently change your hostname will depending upon which distribution you use. We’ll examine making this change on both a Ubuntu system and a Fedora system. First Ubuntu.

On a Ubuntu system there is a file called /etc/hostname. The contents of this file will have a single line containing the hostname of your machine. Open up this file in your favorite editor, delete the default hostname, add your desired hostname, and save the file. To make this chang take effect issue the command:

/etc/init.d/hostname.sh start

This hostname will remain intact upon reboot.

Now to change your hostname in Fedora. This is taken care of in the /etc/sysconfig/network file. The default contents of this file will look like:

NETWORKING=yes
HOSTNAME=localhost.localdomain

Erase the “localhost.localdomain” portion and change that to reflect the hostname you want. Once you have made this change save the file. Once you have made this change issue the following command (as the root user):

/etc/rc.d/rc.sysinit

For the change to take effect.

Final thoughts

With your hostname changed applications like Lanmap will now be easier to use because machines will have unique names. This change will also make administering your systems easier because you will have set machine hostnames to reflect either the user of the machine or the machines’ job.