Install chkrootkit To install chrootkit, SSH into server and login as root. At command prompt type: cd /root/ At command prompt type: wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz At command prompt type: tar xvzf chkrootkit.tar.gz At command prompt type: cd chkrootkit-0.47 At command prompt type: make sense To run chkrootkit At command prompt type: /root/chkrootkit-0.47/chkrootkit Make sure you run [...]

Click to continue →

nmap localhost (checks listening ports) lsof -i :1980 (checks what running on that port) kill -15 (kills what’s running on that port) —-check open ports—- check for open ports: ‘netstat -a’

Click to continue →

service iptables start service iptables stop service iptables restart

Click to continue →

iframe / gariben hack find and removers. iframe / gariben is a script kiddie code added usually via a cracked password or hidden mysql code added to a vulnerable script. I usually refreshes the web page to some sort of web page that downloads a virus. 1. find /home/username \( -name “*.php” -o -name “*.html” [...]

Click to continue →

Remove any old versions: rm -fv csf.tgz Download and install: wget http://www.configserver.com/free/csf.tgz tar -xzf csf.tgz cd csf sh install.sh To disable run this from root: sh disable_apf_bfd.sh To update from root run this: /usr/sbin/csf -u To flush all blocks run this: /usr/sbin/csf -f Usage: /usr/sbin/csf [option] [value] Option Meaning -h, –help Show this message -l, [...]

Click to continue →

Cracker: n. One who breaks security on a system. Coined ca. 1985 by hackers in defense against journalistic misuse of hacker (q.v., sense 8). An earlier attempt to establish worm in this sense around 1981–82 on Usenet was largely a failure. Use of both these neologisms reflects a strong revulsion against the theft and vandalism [...]

Click to continue →

What Is a Hacker? The Jargon File contains a bunch of definitions of the term ‘hacker’, most having to do with technical adeptness and a delight in solving problems and overcoming limits. If you want to know how to become a hacker, though, only two are really relevant. There is a community, a shared culture, [...]

Click to continue →

Script kiddies are the worse kinds of crackers, primarily because there are so many of them and most of them are unskilled. It is one thing to be cracked when you have put in all the correct patches, have a tested firewall, and run advanced intrusion detection actively on multiple levels. It is another when [...]

Click to continue →

To remove a rule or ip: Find rule grep 68.188.73.13 /etc/sysconfig/iptables Delete rule (must be exact) iptables -D INPUT -s 202.100.85.0/24 -j DROP You can whitelist a ip to bypass any blocks and after restarting iptables you can find alist of rules here: /etc/sys-config/iptables

Click to continue →

In a windowless underground computer lab in California, young men are busy cooking up viruses, spam and other plagues of the computer age. Grant Joy runs a program that surreptitiously records every keystroke on his machine, including user names, passwords, and credit-card numbers. And Thomas Fynan floods a bulletin board with huge messages from fake [...]

Click to continue →