Get a list of all the installed packages / applications in Ubunto or Debian Linux with
dpkg –get-selections
You can get the contents of one package with
dpkg -L php5-gd
Google Experiments / Alternatives
Everyone knows the default Google queries, you get your URL’s, keywords and the headline of the pages in the result-query. It doesn’t stop there …
Google has some new features to improve the “search experience”. You can view your results on a timeline, map or in context of other information types. Take a look at Alternate views for search results and prepare yourself to spend a couple of hours of “ohwh”s.
Russell Coker : redirecting output from a running process
Occasionnly you have a process that’s been running for a while and you decide that it’s time to log out. Of course, you’ve forgotten to use screen so when you log out, the process dies. The post by Rusell Coker shows that it is still possible to redirect the output of a running process. The process for doing so involves looking up the file handles used by the process (in /proc//fd) and then run gdb. … Read more.
Authentication bypass in embedded devices
There is a very interesting post by Adrian Pastor about authentication bypass.
He talks about the well known vulnerability in the Linksys WRT54G router where the page that contains the different settings is password protected but the page that does the actual processing of the data (for the Linksys, a CGI script) was not protected at all.
Security Twits
An interesting post by Jennifer Leggio on Security Twits (Security folks using Twitter).
Enabling the dag wiers repository on centos
Dag Wiers provides an excellent repository for Red Hat flavored Linux systems. Adding them to CentOS 5 is easy.
First download the “rpmforge-release”-rpm. For CentOS 5, I choosed rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm. The rpm’s are available at http://dag.wieers.com/rpm/packages/rpmforge-release/. Then install the rpm.
cd /tmp wget http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm rpm -ivh rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
Spam Honeypots
The Project Honeypot allows for everyone who is hosting a website to create a mini honeypot to trap spammers. I’ve configured mine to run at this site at “coast.php”.
It is a “poor-man” honeypot but can still offer useful results. Watch for my future writeups on how to create honeypots with Bind, Apache and Postfix.
Differences of tcpdump linux / openbsd
One of the nicer options of tcpdump under Linux is the -C (that is a capital C). This allows you to write the captured traffic to a file and have the file rotated at a given size. According to the man-pages :
-C Before writing a raw packet to a savefile, check whether the file is currently larger than file_size and, if so, close the current savefile and open a new one. Savefiles after the … Read more.
CAPTCHA security Hotmail.com / Live.com bypassed
An article from Websense shows how new bots are able to bypass the CAPTCHA security that prevents spammers from creating large number of accounts.
According to Websense the three main advantages for spammers to target this CAPTCHA are:
the Microsoft domain is unlikely to be blacklisted they are free to sign up it may be hard to keep track of them as there are millions of users worldwide using the service.
.
The same … Read more.
mysql error “ERROR 1030: Got error 134 from table handler”
If you try to insert or select data from a table and you get an error message from mysql that says
ERROR 1030: Got error 134 from table handler
then you have repair the table.
