Friday, September 20, 2013

the attack of the bots

It looks like bots botnets? are alive and thriving

also why are they all using  shitty          microsoft outlook addresses?

Avatar of Richard Killough Richard Killough exoticbelfry83ma861@outlook.com 055409 Country (Unknown Country?) (XX)
City (Unknown City?)
IP 151.237.186.197
Avatar of Roberto Nagle Roberto Nagle charlesrastle@gmail.com 062009 Country (Unknown Country?) (XX)
City (Unknown City?)
IP 111.118.212.210
Avatar of Fredrick Corley Fredrick Corley successfulprais8579@outlook.com 1037 Country TURKEY (TR)
City (Unknown city)
IP 217.195.202.71
Avatar of Elinor Vergara Elinor Vergara unsightlyoomph62x99f@outlook.com 2733 Country TURKEY (TR)
City (Unknown city)
IP 217.195.202.71
Avatar of Violet Jeter Violet Jeter successfulharbi3kr98@outlook.com 04135 Country (Unknown Country?) (XX)
City (Unknown City?)
IP 173.232.107.159
Avatar of Rosalina Sterling Rosalina Sterling educatednip99dv222@outlook.com 084844 Country UNITED STATES (US)
City (Unknown city)
IP 66.219.22.106
Avatar of Teresita York Teresita York ugliestbullet546201@outlook.com 033 Country TURKEY (TR)
City (Unknown city)
IP 217.195.202.71
Avatar of Zara Goldhar Zara Goldhar tangybanister85ky380@outlook.com 507 Country (Unknown Country?) (XX)
City (Unknown City?)
IP 151.237.186.238

Tuesday, September 17, 2013

facebook spam or malware link masquarading as whatsapp

Amazing Now What's App On PC Also

What's App On PC virus link? hxxp://tinyurl.com/mx5j4rb  <
Try It Now
Now You Can Use What'App On Pc Also By This Usful App No Need To Install

Wednesday, September 11, 2013

Spam mail - Your account was recently accessed from another IP

81.88.50.242 Spam Server Dictionary Attacker
The Project Honey Pot system has detected behavior from the IP address consistent with that of a mail server and dictionary attacker. Below we've reported some other data associated with this IP.
https://www.projecthoneypot.org/ip_81.88.50.242



Delivered-To:


Return-Path:
Received: from hostingsmtp.register.it (hostingsmtp01.register.it. [81.88.50.242])
     
Received-SPF: nobody@opus39.register.it designates 81.88.50.242

 smtp.mail=nobody@opus39.register.it

Received: from unknown (HELO opus39.register.it)

Received: (from nobody@localhost)

To:
Subject: Google Alerts
From:


Your account was recently accessed from another IP: 184.148.53.86 Please Click Here to update your account.

Sunday, September 8, 2013

installing bastille linux security tool

all that glitters is not gold

The Tripwire binaries are located in /usr/sbin and the database is located in /var/lib/tripwire. It is strongly advised that these locations be stored on write-protected media (e.g. mounted RO floppy). See /usr/share/doc/tripwire/README.Debian for details.

Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI

CAcert.org                                                   CT,,
CAcert.org Class 3                                           CT,,



/usr/sbin/bastille: line 173: [: too many arguments
WARNING: /usr/bin/perl cannot find Perl module Tk.
         The above module(s) is/are required to correctly display
         the Bastille User Interface.  If you are unable to find a
         pre-compiled module for your OS, they can be found at:
           http://www.cpan.org/modules/01modules.index.html
         If you installed the modules in another installation of
         perl besides the one listed in the error message, you may
         override Bastille's search path by setting the
         $CORRECT_PERL_PATH environment variable to the directory
         that the desired perl binary is located in.
         If you don't want to use the default X11 interface then
         run 'bastille -c'. For more information on available interfaces
         see bastille(1m) or run 'bastille -h'


sudo apt-get install perl-tk


[*] Could not find kmsgsd, edit /etc/psad/psad.conf at /usr/sbin/psad line 10653.
 * Unable to start the daemon
 * Starting Port Scan Attack Detector psad                               [fail]
invoke-rc.d: initscript psad, action "start" failed.
dpkg: error processing psad (--configure):
 subprocess installed post-installation script returned error exit status 1
Setting up perl-tk (1:804.030-1) ...
Errors were encountered while processing:
 psad
E: Sub-process /usr/bin/dpkg returned an error code (1)


What is PSAD?
PSAD is a collection of three lightweight system daemons (two main daemons and one helper daemon) that run on Linux machines and analyze #iptables log messages to detect port scans and other suspicious traffic. A typical deployment is to run psad on the iptables firewall where it #has #the fastest access to log data.
http://www.backtrack-linux.org/wiki/index.php/PSAD_Install


sudo dpkg -C
The following packages are only half configured, probably due to problems
configuring them the first time.  The configuration should be retried using
dpkg --configure or the configure menu option in dselect:
 psad                 Port Scan Attack Detector



sudo dpkg --configure psad
Setting up psad (2.2.1-1) ...
[*] Could not find kmsgsd, edit /etc/psad/psad.conf at /usr/sbin/psad line 10653.
 * Unable to start the daemon
 * Starting Port Scan Attack Detector psad                               [fail]
invoke-rc.d: initscript psad, action "start" failed.
dpkg: error processing psad (--configure):
 subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
 psad

sudo bastille
/usr/sbin/bastille: line 173: [: too many arguments
defined(%hash) is deprecated at /usr/lib/Bastille/HP_API.pm line 100.
(Maybe you should just omit the defined()?)
defined(%hash) is deprecated at /usr/lib/Bastille/API.pm line 1286.
(Maybe you should just omit the defined()?)
ERROR:   System is not running a stable Debian GNU/Linux version. Setting to 5.0.
NOTE: Valid display found; defaulting to Tk (X) interface.
NOTE: Using Tk user interface module.
NOTE: Only displaying questions relevant to the current configuration.

Copyright (C) 1999-2002 Jay Beale
Copyright (C) 1999-2001 Peter Watkins
Copyright (C) 2000 Paul L. Allen
Copyright (C) 2001-2003 Hewlett-Packard Development Company, L.P.
Bastille is free software; you are welcome to redistribute it under
certain conditions.  See the 'COPYING' file in your distribution for terms.

DISCLAIMER.  Use of Bastille can help optimize system security, but does not
guarantee system security. Information about security obtained through use of
Bastille is provided on an AS-IS basis only and is subject to change without
notice. Customer acknowledges they are responsible for their system's security.
TO THE EXTENT ALLOWED BY LOCAL LAW, Bastille (SOFTWARE) IS PROVIDED TO YOU
AS IS WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
EXPRESS OR IMPLIED.  JAY BEALE, THE BASTILLE DEVELOPERS, AND THEIR SUPPLIERS
DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
Some countries, states and provinces do not allow exclusions of implied
warranties or conditions, so the above exclusion may not apply to you. You may
have other rights that vary from country to country, state to state, or province
to province.  EXCEPT TO THE EXTENT PROHIBITED BY LOCAL LAW, IN NO EVENT WILL
JAY BEALE, THE BASTILLE DEVELOPERS, OR THEIR SUBSIDIARIES, AFFILIATES OR
SUPPLIERS BE LIABLE FOR DIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL OR OTHER
DAMAGES (INCLUDING LOST PROFIT, LOST DATA, OR DOWNTIME COSTS), ARISING OUT OF
THE USE, INABILITY TO USE, OR THE RESULTS OF USE OF THE SOFTWARE, WHETHER BASED
IN WARRANTY, CONTRACT, TORT OR OTHER LEGAL THEORY, AND WHETHER OR NOT ADVISED
OF THE POSSIBILITY OF SUCH DAMAGES. Your use of the Software is entirely at your
own risk. Should the Software prove defective, you assume the entire cost of all
service, repair or correction. Some countries, states and provinces do not allow
the exclusion or limitation of liability for incidental or consequential
damages, so the above limitation may not apply to you.

You must accept the terms of this disclaimer to use
Bastille.  Type "accept" (without quotes) within 5
minutes to accept the terms of the above disclaimer
> accept
This disclaimer will not appear again on this machine.
To suppress the disclaimer on other machines, use Bastille's
-n flag (example: bastille -n).
NOTE: Bastille is scanning the system configuration...
NOTE: This appears to be your first interactive run -- creating a new
del

tiger Failed to execute child process "su-to-root" (No such file or directory)

tiger Failed to execute child process "su-to-root" (No such file or directory)

I believe you need to install the 'menu' package to get that program.

Code:
sudo apt-get install menu
http://ubuntuforums.org/showthread.php?t=969568

etting up psad (2.2.1-1) ...
[*] Could not find kmsgsd, edit /etc/psad/psad.conf at /usr/sbin/psad line 10653.
 * Unable to start the daemon
 * Starting Port Scan Attack Detector psad                               [fail]
invoke-rc.d: initscript psad, action "start" failed.
https://bugs.launchpad.net/ubuntu/+source/psad/+bug/434709
dpkg: error processing psad (--configure):
 subprocess installed post-installation script returned error exit status 1
Setting up menu (2.1.46ubuntu1) ...
Processing triggers for menu ...
Errors were encountered while processing:
 psad
E: Sub-process /usr/bin/dpkg returned an error code (1)


About to execute /usr/sbin/tiger.
This command needs root privileges to be executed.
Using sudo...
Enter delltechie password at prompt.
[sudo] password for xcdf:
Tiger UN*X security checking system
   Developed by Texas A&M University, 1994
   Updated by the Advanced Research Corporation, 1999-2002
   Further updated by Javier Fernandez-Sanguino, 2001-2010
   Contributions by Francisco Manuel Garcia Claramonte, 2009-2010
   Covered by the GNU General Public License (GPL)

Filesystem 'fuse.gvfsd-fuse' used by 'gvfsd-fuse' is not recognised as a valid filesystem

When Gnome is running Tiger sends periodically e-mails containing:
--CONFIG-- [con010c] Filesystem 'fuse.gvfsd-fuse' used by 'gvfsd-fuse' is not recognised as a valid filesystem






Bogus chrome certificate

Builtin Object Token:Bogus kuix.de
Token:Bogus Global Trustee
http://kuix.de/

http://www.wired.com/threatlevel/2011/03/comodo-compromise/
https://www.schneier.com/blog/archives/2011/03/comodo_group_is.html
https://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html

According to the Internet Storm Center SANS, the targets included Microsoft's login.live.com, Google's mail.google.com, www.google.com, login.yahoo.com (3 certificates), login.skype.com, addons.mozilla.com, and "Global Trustee."
http://cyberwarzone.com/cyberwarfare_blogs/stolen-usertrust-certificates


the worst part is there is no option in chrome/chromium to remove or test these certificates