"The mind of a Mad Tech!"

In light of today’s Linkedin.com’s account compromise (All 6.5 million of them) I figured it would a good day to show how easy it us to create a hash of any of your passwords. Sure there are websites out there that can do this for you however there’s no promise that they aren’t saving those passwords and sure even though you may not be providing a username or email address with those passwords it’s usually better to be safe than sorry.You must have access to a Linux server to do this, so you can SSH or console into one.

Ok so with that out of the way this is how you do it.

1. Log into the Linux server via SSH or console (direct / local access)

2. You’re going to use the following syntax, echo -n “password” | sha1sum. Basically you are saying to show me my hash (Sha1sum) for the password (“password”) that I’ve provided. Make sure you change the “password” with your actual password.

3. The result will be a hash that is similar to the following; d2841a2cc80e25a02349261d748ef96f9de329ad. A Sha1sum is 40 characters so that’s how many the result will be. And no, Sha1 has not been cracked as of yet.

4. Make sure you run a “history -c” to clear the echo command from your history.

That’s it! Show your friends, show your family. And you’ve just learned yet another security trick to add to your knowledge!

Let’s face it, giving out your root password to your Linux server isn’t very smart or security minded. Still there are many of us who provide our root user and before we know it, we’re either looking at a compromise or a permissions issue or worse. Though it doesn’t need to be this way. No… We can create a new user and give them root access or we can edit the abilities of this user.

How does one do this you ask? Simple. In this instance, we’ll setup a new user to have root access, but this works out as we can add the user to the sudoers file, meaning we know who we are giving access to. Heck, you may want to do this for your main user and disable the root user for security reasons, but that’s your call.

Any how, on to the fun stuff!

1. First we need to login to the server, so don’t disable the root user yet, and create a new user. For this example, I’ll make a new user called madtech. So we SSH into the server and type the following;

“useradd madtech”

2. Next we need to add a password for the user, to do this we need to type the following;

“passwd madtech”

It will then ask for us to enter the password and then again to confirm the password.

3. Now that we created the user, we need to edit the sudoers file. Take note we don’t want to edit this with or standard text editors.. no, thats bad. We need to use visudo. Visudo should already be installed on the server. So what we need to do now is goto the following line;

What is BFD (Brute Force Detection)?

BFD is a modular shell script for parsing applicable logs and checking for authentication failures. There is not much complexity or detail to BFD yet and likewise it is very straight-forward in its installation, configuration and usage. The reason behind BFD is very simple; the fact there is little to no authentication and brute force auditing programs in the linux community that work in conjunction with a firewall or real-time facility to place bans. BFD is available at: http://www.rfxnetworks.com/bfd.php

This guide will show you how to install and configure BFD to protect your system from brute force hack attempts.

Requirements:
- You MUST have APF Firewall Installed before installing BFD – it works with APF and requires some APF files to operate.
- Root SSH access to your server

Lets begin!
Login to your server through SSH and su to the root user.

1. cd /root/downloads or another temporary folder where you store your files.

2. wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz

3. tar -xvzf bfd-current.tar.gz

4. cd bfd-0.2

5. Run the install file: ./install.sh
You will receive a message saying it has been installed

.: BFD installed
Install path: /usr/local/bfd
Config path: /usr/local/bfd/conf.bfd
Executable path: /usr/local/sbin/bfd

6. Lets edit the configuration file: pico /usr/local/bfd/conf.bfd

7. Enable brute force hack attempt alerts:
Find: ALERT_USR=”0″ CHANGE TO: ALERT_USR=”1″

Find: EMAIL_USR=”root” CHANGE TO: EMAIL_USR=”[email protected]”

Save the changes: Ctrl+X then Y

8. Prevent locking yourself out!
pico -w /usr/local/bfd/ignore.hosts and add your own trusted IPs
Eg: 192.168.1.1

Save the changes: Ctrl+X then Y

BFD uses APF’ cli insert feature
and as such will override any allow_hosts.rules entries users have in-place.
So be sure to add your trusted ip addresses to the ignore file to prevent
locking yourself out.

9. Run the program!
/usr/local/sbin/bfd -s

Avg, in my mind, is perhaps of the the best Antivirus software packages currently available for the windows platform. On top of that, AVG also offers a free edition of their Antivirus suite, although some features are not present (of course, it’s a free version).

• Basic protection only (comprehensive protection is available with AVG Internet Security)
• Limited languages (multiple languages are available with any paid product)
• No technical support (available with any paid product)
• No server protection (available with Network Editions)
• Not for commercial use (legal license available with any paid product)

That’s it, not to bad for an Antivirus solution that works. You can download the software and get more information regarding this by going to the AVG’s website – Here!

F-Secure Online Virus Scanner (version 3.3) is a free service. Use it to find out if your computer is infected, and disinfect your computer if needed. The product will automatically download the necessary components and virus definition databases as it is started. Useful for finding spyware, malware rootkits, and viruses.