Tuesday, January 20, 2009

Hack In The Box Security Conference 2009 - Dubai

Welcome to the official homepage of HITBSecConf2009 - Dubai. The main aim of the HITBSecConf conference series is to create a truly technical and deep knowledge event in order to allow you to learn first hand on the security threats you face in todays super connected world. The HITBSecConf platform is used to enable the dissemination, discussion and sharing of critical network security information.

Presented by respected members of both the mainstream network security arena as well as the underground or black hat community, our events routinely highlight new and ground-breaking attack and defense methods that have not been seen or discussed in public before. HITBSecConf2009 - Dubai will be our 3rd conference in the UAE and is expected to attract over 200 delegates from the GCC, Europe, North America and the Asia Pacific region. Come and learn from some of the leading experts in the network security arena.

HITBSecConf2009 - Dubai will also see our highly popular attack-only Capture The Flag competition being organized once again. This years contest will also include an additional binary reversing challenge as well! We believe HITBSecConf is an ideal platform for leading network security vendors to not only meet with some of the leading network security specialists but to also showcase their own technology and solutions with the public as well.

Venue: Sheraton Dubai Creek,
Baniyas/Creek Road,
Dubai, UAE

Technical Training - DAY 1 and DAY 2
Date: 20th and 21st April 2009
Time: 0900 - 1700

TECH TRAINING 1 - Web Application Security - Threats and Countermeasures
TECH TRAINING 2 - 802.11 Ninjitsu
TECH TRAINING 3 - The Exploit Laboratory 3.0

Conference DAY 1 and DAY 2
Date: 22nd and 23rd April 2009
Time: 0900 - 1700

Dual Track Conference
Capture The Flag (CTF)

------------------------------------------------------------------------------------------------

EVENT ORGANIZER

TITANIUM SPONSOR
(POST CONFERENCE RECEPTION)

SUPPORTED AND ENDORSED BY




SUPPORTING ORGANIZATIONS







SUPPORTING MEDIA

For more Info Go : http://conference.hitb.org/hitbsecconf2009dubai/

Monday, January 12, 2009

Best Security Live CD Distros

BackTrack

The newest contender on the block of course is BackTrack, which we have spoken about previously. An innovative merge between WHax and Auditor (WHax formely WHoppix).

BackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions Whax and Auditor, combining the best features from both distributions, and paying special attention to small details, this is probably the best version of either distributions to ever come out.

Based on SLAX (Slackware), BackTrack provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customised kernels, etc.

Get BackTrack Here.


Russix

Russix is a Slax based Wireless Live Linux. It has been designed to be light (circa 230Mb) and dedicated purely to wireless auditing. It is not a script kiddy phishing tool and as such, while it will allow you to break a WEP key in 6 key strokes and conduct an "Evil Twin" attack in less than 5!

Project Home Page: http://www.russix.com


Operator

Operator is a very fully featured LiveCD totally oriented around network security (with open source tools of course).

Operator is a complete Linux (Debian) distribution that runs from a single bootable CD and runs entirely in RAM. The Operator contains an extensive set of Open Source network security tools that can be used for monitoring and discovering networks. This virtually can turn any PC into a network security pen-testing device without having to install any software. Operator also contains a set of computer forensic and data recovery tools that can be used to assist you in data retrieval on the local system.

Get Operator Here

PHLAK
PHLAK or [P]rofessional [H]acker’s [L]inux [A]ssault [K]it is a modular live security Linux distribution (a.k.a LiveCD). PHLAK comes with two light gui’s (fluxbox and XFCE4), many security tools, and a spiral notebook full of security documentation. PHLAK is a derivative of Morphix, created by Alex de Landgraaf.

Mainly based around Penetration Testing, PHLAK is a must have for any pro hacker/pen-tester.

Get PHLAK Here (You can find a PHLAK Mirror Here as the page often seems be down).

Auditor

Auditor although now underway merging with WHax is still an excellent choice.

The Auditor security collection is a Live-System based on KNOPPIX. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes. Independent of the hardware in use, the Auditor security collection offers a standardised working environment, so that the build-up of know-how and remote support is made easier.

Get Auditor Here

L.A.S Linux

L.A.S Linux or Local Area Security has been around quite some time aswell, although development has been a bit slow lately it’s still a useful CD to have. It has always aimed to fit on a MiniCD (180MB).

Local Area Security Linux is a ‘Live CD’ distribution with a strong emphasis on security tools and small footprint. We currently have 2 different versions of L.A.S. to fit two specific needs - MAIN and SECSERV. This project is released under the terms of GPL.

Get L.A.S Linux Here

Knoppix-STD

Horrible name I know! But it’s not a sexually trasmitted disease, trust me.

STD is a Linux-based Security Tool. Actually, it is a collection of hundreds if not thousands of open source security tools. It’s a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer. Its sole purpose in life is to put as many security tools at your disposal with as slick an interface as it can.

Get Knoppix-STD Here

Helix

Helix is more on the forensics and incident response side than the networking or pen-testing side. Still a very useful tool to carry.

Helix is a customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD. You can still boot into a customized Linux environment that includes customized linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics.

Get Helix Here

Anonym.OS

Anonym.OS is an OpenBSD 3.8 Live CD with strong tools for anonymizing and encrypting connections. Standard network applications are provided and configured to take advantage of the tor onion routing network.

Project Home Page: http://theory.kaos.to/projects.html

F.I.R.E

A little out of date, but still considered the strongest bootable forensics solution (of the open-source kind). Also has a few pen-testing tools on it.

FIRE is a portable bootable cdrom based distribution with the goal of providing an immediate environment to perform forensic analysis, incident response, data recovery, virus scanning and vulnerability assessment.

Get F.I.R.E Here

nUbuntu

nUbuntu or Network Ubuntu is fairly much a newcomer in the LiveCD arena as Ubuntu, on which it is based, is pretty new itself.

The main goal of nUbuntu is to create a distribution which is derived from the Ubuntu distribution, and add packages related to security testing, and remove unneeded packages, such as Gnome, Openoffice.org, and Evolution. nUbuntu is the result of an idea two people had to create a new distribution for the learning experience.

Get nUbuntu Here

INSERT Rescue Security Toolkit

A strong all around contender with no particular focus on any area (has network analysis, disaster recovery, antivirus, forensics and so-on).

INSERT is a complete, bootable linux system. It comes with a graphical user interface running the fluxbox window manager while still being sufficiently small to fit on a credit card-sized CD-ROM.

The current version is based on Linux kernel 2.6.12.5 and Knoppix 4.0.2

Get INSERT Here

Extra - Knoppix

Remember this is the innovator and pretty much the basis of all these other distros, so check it out and keep a copy on you at all times!

Not strictly a security distro, but definately the most streamlined and smooth LiveCD distribution. The new version (soon to be released - Knoppix 5) has seamless NTFS writing enabled with libntfs+fuse.

KNOPPIX is a bootable CD or DVD with a collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a productive Linux desktop, educational CD, rescue system, or adapted and used as a platform for commercial software product demos. It is not necessary to install anything on a hard disk.

Get Knoppix Here

Other Useful Resources:

SecurityDistros
FrozenTech LiveCD List
DistroWatch

Others to consider (Out of date or very new):

SlackPen
ThePacketMaster
Trinux
WarLinux
Network Security Toolkit
BrutalWare
KCPentrix
Plan-B
PENToo

Tuesday, January 6, 2009

openSUSE 11.1 is Out



The 11.1 release includes a ton of new features and improvements, an improved

desktop experience with GNOME 2.24 and KDE 4.1.3, OpenOffice.org 3.0, YaST
improvements, updated Linux kernel, and much more.

Learn more about the release over on openSUSE News, and then head over to the

openSUSE

download page to grab openSUSE 11.1

Taken From : www.opensuse.org

SQL Injection Prevention

f you have ever taken raw user input and inserted it into a MySQL database
there's a chance that you have left yourself wide open for a security issue
known as SQL Injection. This lesson will teach you how to help prevent
this from happening and help you secure your scripts and MySQL statements.



What is SQL Injection

SQL injection refers to the
act of someone inserting a MySQL statement to be run on your database without
your knowledge. Injection usually occurs when you ask a user for input, like
their name, and instead of a name they give you a MySQL statement that you will
unknowingly run on your database.


SQL Injection Example


Below is a sample string that has been gathered from a normal user and a bad
user trying to use SQL Injection. We asked the users for their login, which will
be used to run a SELECT statement to get their information.



MySQL & PHP Code:




 


Display:




The normal query is no problem, as our MySQL statement will just select
everything from customers that has a username equal to timmy.


However, the injection attack has actually made our query behave
differently than we intended. By using a single quote (') they have ended the
string part of our MySQL query



  • username = ' '


and then added on to our WHERE statement with an OR clause of 1 (always
true).



  • username = ' ' OR 1


This OR clause of 1 will always be true and so every single entry
in the "customers" table would be selected by this statement!


More Serious SQL Injection Attacks


Although the above example displayed a situation where an attacker could
possibly get access to a lot of information they shouldn't have, the attacks can
be a lot worse. For example an attacker could empty out a table by executing a
DELETE statement.



MySQL & PHP Code:




Display:




If you were run this query, then the injected DELETE statement would
completely empty your "customers" table. Now that you know this is a problem,
how can you prevent it?


Injection Prevention - mysql_real_escape_string()


Lucky for you, this problem has been known for a while and PHP has a
specially-made function to prevent these attacks. All you need to do is use the
mouthful of a function mysql_real_escape_string.


What mysql_real_escape_string does is take a string that is going to
be used in a MySQL query and return the same string with all SQL Injection
attempts safely escaped. Basically, it will replace those troublesome quotes(')
a user might enter with a MySQL-safe substitute, an escaped quote \'.


Lets try out this function on our two previous injection attacks and see how
it works.



MySQL & PHP Code:




Display:





 

Notice that those evil quotes have been escaped with a backslash \,
preventing the injection attack. Now all these queries will do is try to find a
username that is just completely ridiculous:



  • Bad: \' OR 1\'

  • Evil: \'; DELETE FROM customers WHERE 1 or username = \'


And I don't think we have to worry about those silly usernames getting access
to our MySQL database. So please do use the handy mysql_real_escape_string()
function to help prevent SQL Injection attacks on your websites. You have no
excuse not to use it after reading this lesson!

 

Subscribe in Bloglines Msn bot last visit powered by MyPagerank.Net Yahoo bot last visit powered by MyPagerank.Net
I heart FeedBurner downtime checker The Ubuntu Counter Project - user number # 31290

 
Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Powered by TadPole
FOG FLAMES