Social Icons

Thursday, January 31, 2013

DAEDALUS : Monitor Cyber-Attacks Realtime 3D way


1.    Whether it is the Die Hard ver 4.0 movie scene or Mission impossible recent one or any hi tech cyber movie....we have have all seen the mega sized dark halls equipped with gigantic screen displaying all sorts of real time ridiculous hacker related information and monitoring tracks of the enemy or the protagonist....so how good or effective or even real are these in the real sense....can some thing like these seen and shown over years on the silver screen be REAL....yesss...first watch this video and then read few points as bought out below :


2.   A company in Japan named NICT just unveiled a system dubbed Daedalus that will revolutionize the way companies and even countries can monitor cyber-attacks in full real time 3D representation.The key features about this is bought out as below :

- Daedalus is not only a way to monitor cyber-attacks from outside, but also what’s going on inside it. 

- So if someone receives an email with a virus for example, the system can quickly identify the IP address that is currently spreading it and shut it down immediately.

- The NICT recently gave a demonstration and tracked 190,000 IP addresses in real-time  

- Daedalus can monitor multiple entities at once and get notified, once again, via 3D graphical representation when a cyber-attack occurs. 

- This is not only when it happens, but instantly where it happens and who the attacker is.

3.      So when the objective is envisaged on a higher scale....ie the complete global internet monitoring.....will this be the start to control spam(90% of mails exchanged on the web is spam)....or will this be able to control cyber attacks across.....well not a bad start to a start whose objective is MISSION IMPOSSIBLE type...another thing that may have come to your mind is about the name...of all what does Daedalus mean?...well in Greek mythology, Daedalus means "Clever Worker"

4.  Debriefed from http://www.bitrebels.com/technology/daedalus-3d-cyber-attack-alert-system/ and http://www.nict.go.jp/

Saturday, January 19, 2013

SOLVED: VLC installation Issues : FEDORA 18

1.      After installation of the spherical cow Fedora 18 64 bit on my machine,there was this popping message while i tried installing the VLC media player :


GPG key retrieval failed: [Errno 14] Could not open/read file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-free-fedora-18-x86_64


(CLICK TO ENLARGE)

2.    But this could be solved as shown below :

su -c 'yum localinstall --nogpgcheck http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-18.noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-18.noarch.rpm'

and now do 

yum install vlc


Thursday, January 17, 2013

Like in PATCO case,DO OUR BANKS GUARANTEE CYBER SECURE ACCOUNTS ?

1.   Suppose you have a SBI or HDFC or ICICI Bank or any bank account and you keep doing your regular transactions via their internet banking services like you pay your electricity bills or your mobile or phone bills etc.So ALL is WELL till every thing is going as expected.But then one day you realize that there were transactions that happened without your knowledge or worse some money gets siphoned off without your permission.....Now a journey starts......wherein the account holder will keep expediting with bank of what happened,why it happened,when will he get his money back???? and on the other hand bank will keep trying to prove that it is you or the account holder who acted irresponsible in his transactions and thus became the victim....the typical tu tu....mein mein.....

2.    Keeping this typical story in the background,now just think that did u ever make a attempt to know of what bank standards are maintained in respect of IT Security infrastructure....does bank conduct third party audits seriously?..... in fact the list to know answers to all these questionnaire pertaining to IT security issues of the bank will end up getting complex which would go beyond the understanding level of a typical user...so the simple question is WHO GUARANTEES A SECURE IT INFRASTRUCTURE for a BANK?...is it the bank itself that says " I am secure " or some one else has some authority or some standard that guarantees security....ie Can your savings bank account ever be guaranteed for being HACK FREE?Although the immediate answer in the current setup is sadly "NO"...but there is good news here....for this u need to read this article on " PATCO FRAUD CASE DISPUTE "

3. Brief of this good news goes like this in a Short ppt



How to install Flash Player on Fedora 18@64 bit?

I am singling out the commands only to be run as root ie su -

rpm -ivh http://linuxdownload.adobe.com/adobe-release/adobe-release-x86_64-1.0-1.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux

yum check-update
yum install flash-plugin nspluginwrapper alsa-plugins-pulseaudio libcurl

Thank you http://www.if-not-true-then-false.com/2010/install-adobe-flash-player-10-on-fedora-centos-red-hat-rhel/

How to install VLC in FEDORA 18 ?

On the same lines as I installed Chrome :

su - 

cd /etc/yum.repos.d/

wget http://pkgrepo.linuxtech.net/el6/release/linuxtech.repo

yum install vlc

How to find if latest kernel version is running on my Linux system?

Simply type in these commands and the result in both the cases should match.....


rpm -qa kernel |sort |tail -n 1

uname -r

Note: If you got kernel update or run older kernel than newest installed then reboot:

reboot

Output of each commands version numbers above should match....for example in my case the out put is shown as below :

[duqu@localhost ~]$ rpm -qa kernel |sort |tail -n 1
kernel-3.6.10-4.fc18.x86_64
[duqu@localhost ~]$ uname -r
3.6.10-4.fc18.x86_64

SCREEN SHOT BELOW :



How to install Chrome browser in Fedora 18 ?

1.   It actually became confusing after few forums that I went to made me to "vi" etc of the repo file but then I came across a good one at http://www.if-not-true-then-false.com/2010/install-chromium-on-fedora-using-yum/ that made my fed 18 machine experience Chrome
 
Login to root and command the prompt as follows :

[root@localhost ~]# cd /etc/yum.repos.d/

[root@localhost yum.repos.d]# wget http://repos.fedorapeople.org/repos/spot/chromium/fedora-chromium-stable.repo

[root@localhost yum.repos.d]# yum install chromium

thats it....the Chrome is ready to run....

Tuesday, January 15, 2013

Upgrading Fedora 17 to Fedora 18

1.   Like me so many of you would have been waiting for the final release of Fedora 18 spherical cow...but at the same time when u see it released u have so many links to move around on how to upgrade from 17 to 18 but u keep ending up with previous one....i went through the same for past hour...:-)

2.  The only set of commands Fedora 17(only) users need to put in are these :
Reach the Root first with the password ie 


su -
*******(ur password)
su -c 'rpm --import https://fedoraproject.org/static/DE7F38BD.txt'


su -c 'setenforce Permissive'

su -c 'yum update yum'

su -c 'yum clean all'

su -c 'yum --releasever=18 --disableplugin=presto distro-sync'

su -c 'rpm --rebuilddb', or rpm -qa will not work due to a upgrade of rpm

3.   For me the upgrade is around 1.6 G as seen in the screen shot below :


4.   Mine is upgrading on way....another few hours should be ok....:-) all the best for your upgrade

Saturday, January 12, 2013

Apple Needs a Doctor : Bitten by JAVA - 2

1.    The Flashback fiasco,as discussed in brief here, was the catalyst for one of the most meaningful decisions Apple made in order to beef up OS X security ie Removing JAVA. "Flashback both led to Apple removing Java from their default installs, and prompted them to release a dedicated cleanup tool," security researcher (and former security engineer for Obama for America) Ben Hagen told Ars. "When an OS vendor releases a dedicated cleanup tool, you know things are bad.The removal of Java was a very Interesting decision and de facto statement by Apple. Java on user systems has become a notorious vector for exploitation; with new, remotely executable vulnerabilities coming out several times last year," Hagen said. "Removing Java both simplifies Apple’s position and provides a safer default state for its users."[Source : http://arstechnica.com/].

2.    Another key decision taken by apple apart from disowning JAVA was endevor to signed security model for apps ie restrict the origin of third-party apps installed on the system, therefore protecting the user from inadvertently installing apps from malicious or unknown sources.Called Gatekeeper, this feature required Apple's developer ecosystem to either sign their apps with a registered certificate—holding them at a higher level of responsibility for when things go haywire—or selling their wares through the Mac App Store and giving Apple its 30 percent cut. [Source : http://arstechnica.com/].

3.   Java is a veri popular program and is used by millions of users worldwide in Windows, Mac and Linux operating systems and in mobile and television devices. It is this popularity that has made it a favorite target of the hackers.So today when we cannot surf without enabling JAVA.....apples decision is indeed a tough step....for those of you who do not realise the importance of JAVA...just try surfing the web disabling JAVA scripts in your browser...u will be surprised you will be prompted at every step to ensure a successful loading of most of the web pages....In fact the U.S. Department of Homeland Security advised computer users to temporarily disable or uninstall Oracle Corp's Java software, stating that a serious flaw in the software could make the system vulnerable to hacking.The warning came in an advisory posted on the department’s website amid the escalating fears and warnings from the net security experts about a flaw in Java Runtime Environment (JRE) 7 and earlier versions that allows the hackers to install malicious software and malware on computers.The vulnerability is so dangerous that the Department of Homeland Security's Computer Emergency Readiness Team urged the people to stop using the software immediately to mitigate damage.Source : [http://www.ibtimes.com/]

4.   So...did u just start thinking of disabling JAVA?????

Apple Needs a Doctor : Bitten by JAVA - 1


1.   The year last ie 2012 was full of various security OS issue like it has always been over years...but one landmark news that made waves was the flashback malware that hit APPLE's Mac that has been long promoted as a safer OS amongst other peer competitors.But as always SIZE DOES MATTER..so as APPLE and market share grew, it became more proner. Dr  Web said that an estimated 600,000 Macs were as of April 2012 infected as a result of users unknowingly installing the FlashBack malware.So before I move ahead...here's a simple FAQ compiled to understand more about FLASHBACK :

What exactly is Flashback?

-  Flashback is a form of malware designed to grab passwords and other information from users 
-  Spread through Web browser and other applications such as Skype. 
-  The user typically mistakes it for a legitimate browser plug-in while visiting a malicious Web site. 
-  At this point, the software installs code designed to gather personal information and send it back to remote servers. 

Apple needs a DOCTOR


When did it first appear?

-  End of September 2011
-  Pretending to be an installer for Adobe's Flash the malware evolved to target the Java runtime on OS X, where users visiting malicious sites would then be prompted to install it on their machine in order to view Web content. 

What has Apple done about it?

-  Apple has its own malware scanner built into OS X called XProtect. 
-  Since Flashback's launch, the security tool has been updated twice.
-  A more recent version of the malware, however, got around XProtect by executing its files through Java. 
-  Apple closed off the malware's main entry point with a Java update on April 3, and has since released a removal tool as part of a subsequent Java update.

How do I tell if I have it?

-  Right now the easiest way to tell if your computer has been infected is to head to security firm F-Secure and download its Flashback detection and removal software. 


Malicious Shortened URLs : Rising Threat

1.     Internet today is all but a minefield of boogies,traps and malware.....every day so many threats are born....though most of them die but still a huge percent of them survive the security walls and become stronger by time as they are able to remain live and acvtive.In recent times shortened URLs have become popular amongst users (including me...:-) to conserve the typing space like in microblogging sites viz twitter etc.So typically a naive(???),prone user who submits his long URL to a site to get a shortened URL receives a second,specially coded shortened URL that redirects to the original URL.So here lies the weak hole that is most of the times exploitable by the attacker...because the actual destination URL is hidden in it....so going by the looks...there is nothing to worry...but it is the redirection that is a cause of worry...it may be right or may be redirecting to a malicious link....!!!!so when some one uses a free URL shortener ,he does not have control over that shortened link. And, should something happen to the provider of that URL shortener, then he risks redirecting ALL of shortened links elsewhere!!!

2.  We all know that clicking links is pretty tempting....so it is just a matter of one redirected malicious link click that makes the difference....so whats the solution????...actually companies like Facebook,Gmail, SBI, Paypal ,twitter etc are offering users the option of persistent SSL encryption and authentication across all the pages of their services including the login and all accessible pages.....but this does not stand good for all...for these sites also..it is optional to vide the settings for accessing....

Friday, January 04, 2013

FEDORA 18 RELEASE DATE : 08 Jan 2013

Hi guys....a very HAPPY NEW YEAR 2013 to you.....and for those of you like me who are waiting to upgrade ur Beefy Miracle to Fedora 18 Spherical Cow..u need to wait a few more days till 8 January 2013... that's the release date scheduled now..hope that stands by the time!!!