| OpenPages is back with a major release of IntelligentPorts. A strong encryption library is also ready. Its a DLL interface to Microsoft Cryptography. It now makes it easy to use public/private key based strong encryption in all the projects :). A surprise client/server application is on the way. Few free hours on sundays and free project hosted on sourceforge.net. Whatelse you need to rock in a corrupt country. By the way Encryption is better then corruption :). |
|
| Warning: Some products of OpenPages (Scripts/softwares) use strong encryption. Use of strong encryption over public networks may be illegal in your country. Please check your local laws for details. |
|
|
New Release...Openpages.info released "Solid FTP 4.1". It is a multithreaded even more solid version. Supports both Active and Passive file transfers. It has built-in Resume Supported Downloader/Uploader (Active and Passive modes). You can start download/upload of several files while you continue to browse through your ftp site. Now you will never need a commercial FTP client. Download it here | Openpages.info released "Intelligent Ports 1.0 (Beta)". Use this software to open server side TCP/UDP Intelligent (proxy) ports and map them to any local or remote IP/Port. You can apply RuleSets to Intelligent (Proxy) ports to Block specific IP Ranges, To delay connection for specic IP ranges, Limit maximum number of simultaneous connections per IP and apply this limitation to specific IP ranges. Limit the total number of connections to each Intelligent proxy port. Download it here |
| Important: Installation setup of "SSH2 Spider 1.0" and "LinuxSysInfo 1.0 (Beta)" is fixed to make it compatible on all Windows based operating systems. Those of you who were not able to run these applications can try now and it should work fine. | |
| Openpages.info released "SSH2 Spider 1.0". It is a Windows based Application which can create unlimited SSH2 based secure tunnels and port forwardings using remote OpenSSH (or any SSH2) server(s). This application is specially designed for Gateways Servers to setup secure LAN to LAN or LAN to WAN, SSH2 encrypted tunnels. But home users can also use it to secure their smtp, pop, ftp, telnet, http, or other communication. You can dynamically create new tunnels and can close existing tunnels. For security reasons it do not open an SSH console as most of other SSH2 tunneling applications do. Download it here | |
| Openpages.info released "LinuxSysInfo 1.0 (Beta)". LinuxSysInfo is a Windows based Application which can be used to retrieve and examine the information from remote linux servers (i.e load/uptime/kernel/hardware/processes/top/logedin users/login logs/firewall/disks/system/network/connections). It also include a simple SSH2 command line console. It use SSH2 protocol to do the secure communication with remote Linux server. It is tested with Fedora Core, Gentoo, Debian, Centos. It is recommended but not necessary to use root level login with this application. Download it here | |
| "Process and port Analyzer 2.0 (for windows)" is available now. New features include a light weight but very powerfull packet sniffer and packet viewer. It is tested on windows XP Pro (SP2) and Windows 2003 Server. Download it here | |
| "Process and Port Analyzer" has become a "must have" for every windows 2003 dedicated server. Get it here . |
| Linux Emergency Procedures |
|
Unusual MRTG Patterns ? Mysterious outgoing Spam ? Missing log files ? It can be anything from a simple php/cgi exploit up to a sever takeover attempt Get rid of remotely loged in users "who" command will list loged in users. "ps -aux | grep sshd" This will list PIDs of users loged in with ssh. "kill -9 PID" Get rid of a user Get rid of suspecious active listeners lsof -i | grep "LISTEN" , It will show Active listeners with their ports. If you are not using APACHE SUEXEC then any active listeners under user Apache, httpd, nobody other then port 80 and 443 are suspecious. 'ls -al /proc/PID/cwd' will show you the path to home directory of executeale of that process 'ls -al /proc/PID/exe' will show you the full path and name of executeable which is causing that process Find Executeable files. "find /tmp -perm 755 -type f" "find /var/tmp -perm 755 -type f" "find /usr/tmp -perm 755 -type f" RootKit ??? Remember rootkit itself is not the backdoor which was used to invade your server. Rootkit is a way invader use to keep his/her presence in your system without letting you know. Since kernel 2.6 no longer support the export of sys_call_table in LKM (Linux kernel modules) So All LKM based rootkits which work around the stealing of sys_calls to hide processes and rewrite commands, No longer work. So if you are on kernel 2.6 then you have less to worry about but on older kernels Once you suspect a machine has been the victim of a Rootkit attack, you can do several things to verify this. The simplest is to try du, ls, ps, and netstat with the -/ option. If any of them accept this option, then Rootkit has been installed. |