installing Virtual box on Backtrack 5 or ubuntu

Posted by シロ on

assalamu’alaikum..

bg pnguna2 backtrack 5 n ubuntu,kl korg nk pakai windows lam ubuntu or bt5,korg leh pakai command ni..command ni 100% leh pakai..ak dpt dr sorg kawn kt US rsenye..charles..die yg ajr ak n ak xnk lokek ilmu tuk share kn kt cni..korg leh la cb.. :)
———————————————————————————————————————————————————-

root@bt # prepare-kernel-sources

root@bt # cd /usr/src/linux

root@bt # cp -rf include/generated/* include/linux/

root@bt # echo deb http://download.virtualbox.org/virtualbox/debian lucid contrib non-free >> /etc/apt/sources.list

root@bt # wget -q http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc -O- | sudo apt-key add -

root@bt # apt-get update

root@bt # apt-cache search virtualbox

root@bt # apt-get install virtualbox-4.0

 

———————————————————————————————————————————————————-

Officials confirm, Stuxnet was a US-Israel Creation

Posted by シロ on

We have met the creator of Stuxnet, and the creator is us…

US, Israel and European officials confirm that Stuxnet was part of an ever increasing program of computer attacks against Iran to slow or stop it’s nuclear ambitions.

According to an article on the New York Times:

From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.

Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet.

Really no shocker here, most assumed that it was US and Israel backed. Now we know for sure. According to The Register, members of Israel’s ultra cool Unit 8200 and our cyber ninjas at the NSA worked together to create the cyberweapon Stuxnet.

The Times article hints that the cyber attacks were intended to slow down Iran’s progress on obtaining nuclear weapons and satiate Israel so they would not perform a physical strike, leading to an un-stabilized Middle East.

But what one has to ask, if they knew the attacks would only delay Iran from obtaining nukes, why do this at all? They seemed to be determined to obtain nuclear weapons. What would be gained by delaying them another year or so?

I am curious if this is why key members of Iran’s nuclear program are being and have been assassinated. Knowing that Stuxnet was only a temporary fix, someone (apparently Israel) is taking further steps to hamstring Iran’s nuclear ambitions.

Move over Stuxnet, Say Hello to the new Cyberweapon: “Flame”

Posted by シロ on


(Screenshot of Iran CERT warning for “Flame” Malware)

Yesterday Iran’s Computer Emergency Response Team released a warning about a new modular malware that resembled Stuxnet and Duqu. Dubbed “Flame”, the new cyberweapon is causing quite a stir in the media with it’s “advanced features and complexity”.

But looking at the malware’s features disclosed by Iran’s CERT team, it doesn’t seem very game stopping:

  • Distribution via removable medias
  • Distribution through local networks
  • Network sniffing, detecting network resources and collecting lists of vulnerable passwords
  • Scanning the disk of infected system looking for specific extensions and contents
  • Creating series of user’s screen captures when some specific processes or windows are active
  • Using the infected system’s attached microphone to record the environment sounds
  • Transferring saved data to control servers
  • Using more than 10 domains as C&C servers
  • Establishment of secure connection with C&C servers through SSH and HTTPS protocols
  • Bypassing tens of known antiviruses, anti malware and other security software
  • Capable of infecting Windows Xp, Vista and 7 operating systems
  • Infecting large scale local networks

All of these “threats” have been seen before. I especially liked the “bypassing tens of known anti-viruses…” line.

But there are several features that do set “Flame” apart from the pack. First of all the malware is very large, a whopping 20MB. Also, it contains several files and seems to be able to attack using swappable modules. But there is more.

According to an article on The Register, Flame has the following features:

  • It has been active for at least 2 years, but possibly 5-8 years
  • Contains exploits for known and fixed vulnerabilities
  • Uses open source libraries
  • Uses a SQLlite database
  • Uses some Scripts written in Lua (of Angry Birds fame)

All the big name security companies that have analyzed it seem to agree that with it’s complexity, it was most likely written by a Nation State and not individuals or small groups.

The malware could have been created by Israel (and possibly the US) as many of the countries that have detected infection would be logical targets for them.

As according to Symantec:

Initial telemetry indicates that the targets of this threat are located primarily in Palestinian West Bank, Hungary, Iran, and Lebanon. Other targets include Russia, Austria, Hong Kong, and the United Arab Emirates. The industry sectors or affiliations of individuals targeted are currently unclear.”

I am not sure of it’s “CyberWeapon” title, as it seems to be an information gatherer. Definitely worth keeping an eye on, but as with “APT” and “Stuxnet”, I am sure the media will beat this topic to death.

 

p/s: Credit to http://cyberarms.wordpress.com

Mapping Network Drive in OSX

Posted by シロ on

Instructions

1 – 
Click on the “Finder” icon in the dock at the bottom of the screen.

2 – 
Open the “Go” menu at the top of the screen and choose the “Connect to Server” option.

3 – 
Enter the address of the network drive that you want to map in the text field at the top of the pop-up window. If you plan to map this network drive on a regular basis, you can click on the plus symbol to add it to your list of favorite servers.

4 – 
Press the “Connect” button to initiate a session with the specified server.

5 – 
Enter your domain, username and password in the appropriate fields and then click “OK” to log in to the server.

6
 - Double-click on the network drive icon that appears on your desktop to access the shared folder through the Finder application