Infi-Zeal's Blog

Offensive Security , the creators of Swiss army knife for Security researchers, Penetration testers and Hackers have finally released the much awaited and most powerful version of  Kali Linux 2.0 . Kali Linux 2.0 (Codename ‘Kali Sana’) , an open-source penetration testing platform brings hundreds of Penetration Testing, Forensics, Hacking and Reverse Engineering tools together into a Debian-based Linux distribution. Kali Linux 2.0 offers a redesigned user interface for streamlined work experience, along with a new multi-level menus and tool categories options. Kali Linux 2.0 is now a rolling distribution, means users will receive tools and core system updates frequently. Kali Linux 2.0 Features: Runs on Linux kernel 4.0,  use full Gnome 3 Desktop instead of gnome-fallback,  improved hardware and wireless driver coverage,  support for a variety of Desktop Environments,  updated desktop environment and tools,  Featuring new c...

  Linux terminal is one of the coolest tools I’ve ever come across Note: I’ve tested these steps on Ubuntu 12.04 and Fedora 16. Security certificate Before proceeding, we need Gmail’s security certificate on our system. Why? Gmail sends encrypted data over SSL (Secure Sockets Layer) for security; this certificate is necessary for encryption of data. Ideally, you should have the file Equifax_Secure_CA.crt under /usr/share/ca-certificates/mozilla/ . If you do, you’re ready to move on. SSL Certificate We want to connect to Google securely which means you'll need the latest SSL certificates. To get those, use the openssl client onyour machine. Run: openssl s_client -connect imap.gmail.com:993 -showcerts which should show two blocks of ----- BEGIN CERTIFICATE ----- ... ----- END CERTIFICATE ----- in the output. You'll want to take each block (including the BEGIN/END CERTIFICATE lines), and put each of them into their own file. I put the first one ...

 fork bomb is a denial-of-service attack whereby a process continually replicates itself to deplete available system resources. It can be prevented by limiting user processes.  Limiting user processes is important for running a stable system. To limit user process just add user name or group or all users to /etc/security/limits.conf file and impose process limitations. Understanding /etc/security/limits.conf file <domain> can be: an user name a group name, with @group syntax the wildcard *, for default entry the wildcard %, can be also used with %group syntax, for maxlogin limit <type> can have the two values: "soft" for enforcing the soft limits "hard" for enforcing hard limits <item> can be one of the following: core - limits the core file size (KB) <value> can be one of the following: core - limits the core file size (KB) data - max data size (KB) fsize - maximum filesize (KB) ...

Due to their nature, fork bombs can be difficult to stop once started. Stopping a fork bomb from reproducing further requires the termination of all running copies, which can be difficult to achieve. One problem faced is that a separate program to terminate the fork bomb cannot execute if the process table is fully saturated. The second major problem is that in the time taken between finding the processes to terminate and actually terminating them, more may have been created. Some fork bombs can be stopped relatively easily. Consider the shell fork bomb: : (){ : | : & } ;: By replacing the function identifier and re-indenting, the code reads: bomb () { bomb | bomb & } ; bomb The fork bomb in this case is a recursive function that runs in the background, thanks to the ampersand operator. This ensures that the child process does not die and keeps forking new copies of the function, consuming system resources. One important "featur...

The concept behind a fork bomb — the processes continually replicate themselves, potentially causing a denial of service C an you explain the following bash code or bash fork() bomb? :(){ :|:& };: The fork bomb is a form of denial-of-service (DoS) attack against a Linux based system. It makes use of the fork operation. :(){ :|:& };: is nothing but a bash function. This function get executed recursively. It is often used by sys admin to test user process limitations. Linux process limits can be configured via /etc/security/limits.conf and PAM. Once a successful fork bomb has been activated in a system it may not be possible to resume normal operation without rebooting the system as the only solution to a fork bomb is to destroy all instances of it. WARNING! These examples may crash your computer if executed. Understanding :(){ :|:& };: fork() bomb code :() - Defined the function called : . This function accepts no arguments. The syntax for bash fu...

New Kernel Vulnerabilities in Ubuntu 11.04 Canonical announced last evening, April 12th, in a security notice, that a new Linux kernel update for its Ubuntu 11.04 (Natty Narwhal) operating system is now available, fixing four security vulnerabilities discovered in the Linux kernel packages by various developers.    These are the three kernel vulnerabilities found in the kernel packages for Ubuntu 11.04: CVE-2011-4347 , CVE-2012-0045 , CVE-2012-1097 , and CVE-2012-1146 . As usual, you can click on each one to see how it affects your system, or go here for in-depth descriptions. The security flaws can be fixed if you upgrade your system(s) to the  linux-image-2.6.38-14 (2.6.38-14.58)  package(s). To apply the update, run the Update Manager application. Note: Don't forget to reboot your computer after the upgrade! ATTENTION:   Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall and recompile a...

                                 POWER OF LINUX(1)   This part of the  guide shows you how to scan for infected files by booting into SystemRescueCD and running ClamAV , a virus checker. SystemRescueCD constitutes a Swiss army knife of Linux based tools for system recovery. ClamAV is one of the useful tools that it includes in a preconfigured, ready to run state. It is possible to boot from SystemRescueCD, mount a Windows partition and then scan it for virus infected files. As you don't have to boot the infected system, this approach offers some advantages over that of running a Windows-based tool. Boot into the SystemRescueCD desktop in the normal way by accepting the default options and then typing “wizard” when prompted. Once you're at the desktop, open a command line terminal. The first thing to do is to start the ClamVA demon b...

Comparison between Gnome 2 & Gnome 3 Desktops and Window Juggling GNOME 2's desktop has such a long tradition that little needs to be said about it. Its desktop was a place where you could add launchers for applications, files, or locations. Its windows could be minimized or maximized, and opened somewhere between these two extremes. The main problem was the non-intelligent placement of new windows, which required a Show Desktop applet on the panel as a panic button. For better or worse, GNOME 3 is a complete rethinking of the desktop. By default, no launchers of any sort are allowed on it. Except for apps like Empathy, whose windows require very little space, everything is open maximized, with no indicator like the windows list to suggest what other else might be buried beneath the active application. If you are a user with the least tendency to multi-task, this arrangement quickly leads to chaos on the desktop. GNOME 3's solution? A depiction of the open appli...

Gnome 2 vs Gnome 3 Users who choose between GNOME 2 and GNOME 3 are rarely making that decision on a purely rational basis. In my experience, users of GNOME 2 are often choosing what they know, while users of GNOME 3 are technophiles who enjoy anything that is new. Neither is likely to go over the two generations of GNOME feature by feature. In many cases, the choice seems made before login. But what happens when the two desktop environments are compared in general features? I'm a fan of neither GNOME 2 nor GNOME 3 , but I decided to find out. I spent the day with the two desktop environments open side by side, looked at the desktop components in both, and tried to pick a winner in each basic category based on efficiency, ease of use, and the availability of choices for users. The effort wasn't always easy. Neither being new nor being traditional was enough in many cases. Frankly, the switch from GNOME 2 to GNOME 3 often looked like an exchange of one set of short...

Dream Studio 11.10 Dick MacInnis proudly announced on, February 24th, the immediate availability for download of the Dream Studio 11.10 operating system. Being based on the Ubuntu 11.10 (Oneiric Ocelot) operating system, the brand-new Dream Studio 11.10 distribution has lots of new features and a beautified Unity-based desktop. Dream Studio 11.10 is known for features like multi-user and real-time PulseAudio-integrated audio through JACK, the Cinelerra video editor, photography applications, lots of various video and audio effects, and fonts, as well as many utilities. " DickMacInnis.com is proud to announce the official release of Dream Studio 11.10. This exciting new version of Dream Studio (dream.dickmacinnis.com) has all the features that have made past releases one of the most successful multimedia software packages out there, " " Not only that, but this latest version of Dream Studio also included hundreds of bug fixes and the following new features ...

Softpedia is proud to introduce a new Linux distribution, called Comice OS, on  February 7th,  which is actually a redesigned version of the Pear OS Linux.  Remember  Pear OS   ? It's that Mac OS looking (see screenshots below) Ubuntu-based operating system introduced last year on our Linux section. Well, it looks like David Tavares, the developer of Pear OS, prepares these days a revamped version of his Linux operating system, under the name of Comice OS. Comice OS 4 will be built on top of the GNOME 3 interface, powered by Comice Shell, which is a modification of GNOME Shell to look exactly like a Mac OS desktop. It provides two views: Mission Control to view running apss and Launchpad to see installed apps. Wait, that's not all! Comice OS 4 will be powered by Linux kernel 3.2 and GNOME 3.2.1. Will contain drivers for wireless networks and popular graphics cards, like Nvidia, ATI/AMD and Intel. One of the most highlighted apps of Comice OS will be of...

Have a taste of Linux on Windows We believe that everyone who considers themselves a computer enthusiast should have at least some experience with a Linux environment, but it can be daunting to just jump into the deep end of a completely unfamiliar operating system. One way to get your feet wet is with Cygwin, a free program that provides you with a Unix-like command line, without having to leave Windows. Cygwin is not a Unix emulator (it cannot run native Unix programs, although it does contain the tools needed to compile and run a program from source code), but it does have a wide array of optional packages that let you use most of the tools and utilities that you would commonly use in Unix, in Windows. In this guide, we’ll show you how to get Cygwin set up, the basics of how to navigate a Unix file system, and how to find more information as you need it. 1. Install Cygwin To get started with Cygwin, go to   www.cygwin.com   and click the link that says “Install or updat...