Category: Security

Security Articles

Posted on

Jailbreak available for iPhone 3G/3GS firmware 3.1.3

What’s Spirit?

  • Spirit is an untethered jailbreak for iPad, iPhone, and iPod touch on the latest firmwares.
  • Spirit is not a carrier unlock.
  • If you currently are using a tethered jailbreak, you have to restore to use Spirit. Do not upgrade if you use an unlock on an iPhone 3G or 3GS.

Requirements

  • Any iPad, iPhone, or iPod touch on firmware 3.1.2, 3.1.3, or 3.2.
  • An activated device: one not stuck on the Connect to iTunes or Emergency Call screen.
  • Any version of iTunes 9 (including 9.1.1).
  • Syncing with iTunes before trying this is highly recommended.

Note: On iPad, all this is still sort of beta. Some packages in Cydia, not designed for iPad, might screw up your system and require you to restore. Be careful. (And no, Cydia’s appearance is not final.)

Download for Windows here. Download for Mac here.

Posted on

How do I permanently delete my Facebook account?

To permanently remove and delete your Facebook account click here. Login to Facebook then follow the instructions provided.

Once you have completed the process your account will be deactivated for two weeks before it is finally removed. It is important that you not login to your Facebook account during the two weeks (unless you change your mind regarding the deletion) as a login will automatically re-activate the account.

This is the official Facebook account removal process and will remove all of your photos, comments, messages and other items from your profile.

Posted on

VMware ESXi – Enable SSH

SSH access is not enabled, by default, in VMwae ESXi 4.

To enable SSH:

  1. Go to the ESXi console and press alt+F1, note: you will need to do this on your physical server.
  2. Type: unsupported, press enter.
  3. Enter the root password, press enter.
  4. At the prompt type: “vi /etc/inetd.conf”
  5. Look for the line that starts with “#ssh” (you can search with pressing “/”)
  6. Remove the “#” (press the “x” if the cursor is on the character)
  7. Save “/etc/inetd.conf” by typing “:wq!”
  8. Restart your ESXi server: reboot

Note: If your trying to find the location of your virtual machines do a global find using: #find . -name ‘*.vmdk’

Posted on

Snort Active Alering for Untangle 7.x

Snort Active Alerting allows email alerts to be sent to a pre-defined address in the event that Snort identifies and/or blocks a attack. This is useful in order to identify attacks as they occur rather than waiting for daily report logs.

These instructions are for enabling Snort Active Alerting in Untangle version 7.x and above –

1. Edit /etc/rsyslog.conf with the following:

Under: #### MODULES ####

Add:

$ModLoad ommail

Under: # provides UDP syslog reception, uncomment the following two lines:

#$ModLoad imudp
#$UDPServerRun 514

Under: #### GLOBAL DIRECTIVES ####, add the following action, changing to your information:

Continue reading "Snort Active Alering for Untangle 7.x"

Posted on

Block Skype with Snort

Snort is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide.

Snort is used as the native IDS/IPS in several Unified Thread Management (UTM) security platforms including Astaro and Untangle. The following Snort rule signatures can be used to block Skype traffic at your network perimeter.

Note: When defining rules, the SID (Security ID) must be copied into the Snort SID field and the full rule must be placed in the Signature field. The signature lines may wrap but need to be placed as a single string into the signature field.

Example Snort IPS Rule:

Category: p2p
Signature: tcp $HOME_NET 1024: -> $EXTERNAL_NET 33033 (msg:”Skype client manual login — TCP/33033″; flow:to_server,established; flags:AP,SUFR12; content:”|17 03 01|”; depth:3; sid:1000400; rev:2; )
Name: Skype client manual login — TCP/33033
SID: 1000400
Block: Yes
Log: Yes
Description: Skype client manual login — TCP/33033

Current Skype filtering signatures (March 8th 2010)

Signature 1 - Skype VoIP Initialization

tcp $HOME_NET any -> any any (msg:”P2P CHAT Skype VoIP Initialization”;flow:to_server,established; content:”|8046010301002d0000001000000500000400000a 0000090000640000620000080000030000060100800700c003 0080060040020080040080|”;depth:112;classtype:polic y-violation;sid:1000013; rev:1;) Continue reading “Block Skype with Snort”