Security

Exploiting IIS via HTMLEncode (MS08-006)

https://strikecenter.bpointsys.com/articles/2008/02/13/exploiting-iis-via-htmlencode-ms08-006 interesting patch analisys article, shows how to dig up vulns from patches

md5 reverse lookup

http://md5.crysm.net/ useful for simple things; some cool links

Red Hat Magazine | Tips from an RHCE: Visualizing audit logs with mkbar

http://www.redhatmagazine.com/2008/01/22/tips-from-an-rhce-visualizing-audit-logs-with-mkbar/ how to get pretty graph from log/audit

Compiling SELinux Policy

http://www.startcom.org/docs/en/SELinux%20Guide%20StartCom%20Enterprise%20Linux%204.0.x/rhlcommon-chapter-0018.html how to compile / reload SELinux policy

example banner provided by the DoJ (from NIST publication)

http://csrc.nist.gov/publications/nistbul/csl93-03.txt sample security banner for ssh/telnet logins, etc

[NSA] Guide to the Secure Configuration of Red Hat Enterprise Linux 5

http://www.nsa.gov/snac/downloads_redhat.cfm?MenuID=scg10.3.1.1 published by NSA …

Light Blue Touchpaper » Blog Archive » Google as a password cracker

http://www.lightbluetouchpaper.org/2007/11/16/google-as-a-password-cracker/ cracking md5’s by a google search – very smart!

Debian Administration :: Filtering P2P network traffic with ipp2p

http://www.debian-administration.org/articles/562 experimental netfilter module ipp2p for P2P trafiic

The World's Biggest Botnets

http://www.darkreading.com/document.asp?doc_id=138610&print=true informative

blog gnist org - Holliday cracking

http://blog.gnist.org/article.php?story=HollidayCracking how to investigate rooted linux box