Saturday, July 30, 2011

BackTrack Linux 5

從事資安相關領域的人員應該有聽說過BackTrack這套Linux distro吧? 這套整合針對網路設備與系統偵測的各種資安與壓力測試工具的Linux distro的確替我省去了很多找尋與安裝軟體的時間, 目前BT5有for i386, x86_64與ARM的版本, 於download時可以選擇你偏好的desktop, VM image or ISO.
BT是based on Ubuntu, 所以使用起來沒有太大的難度, 剩下的就是針對各個軟體學習如何使用了.

我常用的hping2, hping3, Nessus, nmap, netcat, tcpreplay, tcpdump, wireshark...等等都有內建於其中, 然而還有更多工具是我沒用過的, BT果然是一套好的distro來測試網路設備或系統漏洞, 但是若拿它來做非法的事情, 可就不是我推薦的了.

RHEL6 Clone distro

除了CentOS外, 目前還有兩套頗受好評的Red Hat clone版 , 分別是Oracle LinuxScientific Linux, 目前這兩套distro都已經release 6.1的clone版本了, 老牌的CentOS目前只有追到6.0.

Sunday, July 24, 2011

Linux Kernel 3.0 has been released!

Linux Kernel 3.0釋出了, 請到www.kernel.org瞧瞧吧! Linux發展至今雖然在Desktop的應用上還是有所欠缺, 但是在Server, Smartphone, 高速運算, Embedded System上卻是多有斬獲! 因此讓我們繼續朝向Linux Kernel 3.0前進吧!

Tuesday, July 12, 2011

How to fix Wireshark no interfaces error on OSX

That's simple, please see it below:
# sudo chown username /dev/bpf*

Monday, July 11, 2011

CentOS 6.0 now available

經過漫長的等待(Since November of 2010),CentOS終於release 6.0了,必需給它一個讚。

The CentOS team is pleased to announce the immediate availability of CentOS-6.0 for i386 and x86_64 Architectures.

CentOS-6.0 is based on the upstream release EL 6.0 and includes
packages from all variants. All upstream repositories have been combined into one, to make it easier for end users to work with.

There are some important changes to this release compared with the previous versions of CentOS and we highly recommend reading this announcement along with the Release Notes.

There are no CD images being released with CentOS-6, however we have some CD variants in the pipeline.

Since upstream has a 6.1 version already released, we will be using a Continous Release repository for 6.0 to bring all 6.1 and post 6.1 security updates to all 6.0 users, till such time as CentOS-6.1 is released itself.

LiveCDs and LiveDVDs for i386 and x86_64 will be released the
next few days. These will bring in the ability to directly install from the live media.

There will also be a minimal install CD, that would bring up a base
machine with just enough content to have a usable platform.

In order to bring back the CentOS-4 Server CD style single iso image, an LWS variant of the main distro will be created.

And now: Have fun.

Saturday, July 09, 2011

How to disable DNS service on dnsmasq

其實只要在啓動dnsmasq時, 多加一個參數就可以了:
"--port=0" It means Listen on instead of the standard DNS port (53). Setting this to zero completely disables DNS function, leaving only DHCP and/or TFTP.


Saturday, July 02, 2011

To configure Squid/WPAD supports IPv6 on RHEL6

首先你必須知道如何在RHEL6下配置IPv6的環境, 你可以參考以下的文章來設定:

至於什麼是WPAD, 以及如何設定WPAD則可參考以下文章:

再來開始設定Squid/WPAD支援IPv6:
1. Prepare: Squid 3.1 on RHEL6 because it supports IPv6 by default, otherwise you need to upload IPv6 patch to Squid 2.x version.

2. Configure IPv6 in Squid 3.1:
In /etc/squid/squid.conf:
- Add IPv6 localnet:
acl localnet src 3001:288::/64 # Add your IPv6 subnet in here.
- Allow localnet:
http_access allow localnet
-Restart Squid:
# /etc/init.d/squid restart; chkconfig squid on

3. Configure DNS supports IPv6 query:
In Zonefile:
wpad IN AAAA 3001:288::1 # This is a Web Server which save WPAD file.
proxy IN AAAA 3001:288::2 # This is a Proxy Server.


4. Configure WPAD file:
function FindProxyForURL(url, host) {

if (host == "localhost" ||
host == "localhost.localdomain" ||
host == "127.0.0.1" || host == "[3001:288::3]" || host == "10.10.2.2" ) {
return "DIRECT";
// Requests to localhost, 3001:288::3, and 10.10.2.2 will not redirect to proxy
}
// All other requests go through the local squid proxy
return "PROXY proxy.example.com:8080; DIRECT";
}
That's all.