Tampilkan postingan dengan label Secuirty Software. Tampilkan semua postingan
Tampilkan postingan dengan label Secuirty Software. Tampilkan semua postingan

Minggu, 24 Juni 2012

Billing Setting Hotspot Mikrotik Router Integration

Billing Setting Hotspot Mikrotik Router integration is easy, after the install mikrotik correctly, run the application "Winbox Loader" so that you can configure the Mikrotik Router from the Windows Desktop to easily and quickly without having to memorize the command line Mikrotik. After double-click the Winbox application will appear as follows:
 After that click on the sign ... it will display the MAC address Mikrotik was active in this double-click the Mac Address 00:0 B: CD: 64: D9: 22 and enter the user admin and default password is blank and click "Connect"
 IP ==> Address ListClick the plus sign | + | then on the "Address" then input the desired number eg IP 192.168.1.110/24 (slash 24 means later will automatically fill in the Network and Broadcast). Then in the "Interface" select ether1 where ether1 to be connected to the modem / ISP.
 IP ==> Route ListClick the plus sign | + | then on the "Gateway" fill your Gateway IP, eg 192.168.1.1 Then click "OK"
 New TerminalThen the console will appear as follows, and then do a ping to your Internet Gateway, type ping 192.168.1.1 If this works then it will look like the picture below and that means a network of Mikrotik to the Gateway / Modem has been connected with the normal.
 Interface ==> Interface ListThis is to see the interface or the Ethernet card which is active (to connect to the network) is in position "Tx" and "Rx" will display traffic xxx bps. In case this is ether1 is connected to a LAN network
 IP ==> DNSThen click the "Settings" in the "Primary DNS" and enter 202.134.1.10 DNS1 eg on the "Secondary DNS" and enter 202.134.0.155 DNS2 eg if after clicking "OK"
 New TerminalPerform testing ping out to the internet is such to google.com by typing ping google.com if results like this then you already connect internet connection.
 IP ==> == Hotspot> Hotspot SetupIn the "Hotspot Interface" ether select which one to be made in to a hotspot, in this case and if there is ether3 wireless wireless antenna you choose. Then click "Next"
 In the "Local Address of Network" is your Hotspot Gateway, then click "Next"
 In the "Address Pool of Network" is a DHCP IP Range that will be provided to the user hotspot. You can specify what IP range like in this case is from 10.5.50.2 s / d 10.5.50.254 then click "Next"
 In the "Select Certificate" select "none" then click "Next"
 In the "IP Address of SMTP Server" leave it blank and click "Next"
 In the "DNS Servers" has been filled properly and control your company can click on the "Next"
 In the "DNS Name" leave it blank and click "Next"
 Then just click "Next"
 When finished it will display the following dialog box then click "OK"
 Then continue with the configuration to connect to the Hotspot Mikrotik Hotspot Billing software as follows:IP ==> Hotspot ==> Server Profiles ==> hsprof1 (2x click)From the tab "General" tab to move to "Login" and then remove the check mark (uncheck) the "Cookies" then click "Apply"
 Then move to the tab "Radius" and remove the check mark (uncheck) the "Use RADIUS" then click "Apply" then click "OK"
 RadiusClick the plus sign | + | and on the General tab check the hotspot service later in the "Address" enter the IP Address Billing Hotspot radius server (Linux PC) and "Secret" secret id eg 123 457 890 fill as you fill in Linux, then if finished click "OK"
 In order for User Login Page Hotspot Billing Hotspot login page appears as shown below
 IP ==> == HotSpot> Walled GardenClick the plus sign | + | and the position of "Action = allow" select "Dst. Address "enter the IP number Hotspot Billing server, eg 192.168.1.10 then click" OK "
 If you upload your finished files into mikrotik already in the configuration by Team Hotspot Billing softwareThe next step for Hotspot Billing is integrated with Mikrotik Router, you have to login to the Billing Hotspot Manager. Enter a username, password and Security Code to the right as shown below.
 After a successful entry into the Hotspot Billing Manager, entered Preference Menu ==> Setting Service ==> Choose / var / www / html / config.client.php then click "Edit" and when finished click "Save"$ IpServer = "192.168.1.2"; ==> insert a Hotspot Billing Server IP number$ IpMikrotik = "192.168.1.10"; ==> enter the IP Router Mikrotik$ UserMikrotik = "admin"; ==> insert a user name Mikrotik Router$ PassMikrotik = "admin"; ==> insert a password Mikrotik Router
 If you can not be saved into the Konsole as root on Linux and type the command chmod 775 / var / www / html / config.client.phpLogin Preference ==> Service Settings ==> Select the / etc / raddb / clients.conf then click "Edit" pull the scroll to the bottom line and add the following four lines of command and when finished click "Save"client 192.168.1.2 ==> fill in the IP Router Mikrotiksecret = 123457890 ==> insert a RADIUS secret fit in Mikrotikshortname = mikrotik ==> fill in the name of the label 'mikrotik'
 Login Preference ==> Service Settings ==> Select the / etc / raddb / naslist then click "Edit"
 If you can not be saved into the Konsole as root on Linux and type the command chmod 775 / etc / raddb / naslist
Diposkan oleh di Tidak ada komentar:
Label: , , ,

Rabu, 18 April 2012

Anti malicious websites

The Chinese government wants all personal computers sold in the country must have software that can block dangerous situ-site.

 Site blocking software is intended to cover the sites, especially pornography. This rule is an effort to protect the younger generation of content that is considered harmful

Software called "Green Dam Youth Escort" will block access to sites banned by the government by plugging it into the database. The developed software company Jinhui Computer System Engineering Co. in cooperation with the Beijing Dazheng Human Language Technology Academy Co. Ministry of Industry and Information Technology Ministry of China has decided to take this step on May 19 last, but until now the policy is not yet implemented the Chinese government.
Diposkan oleh di Tidak ada komentar:
Label: ,

Senin, 11 Oktober 2010

7 Tips for Keeping Passwords

Passwords are secret codes that must be protected. Many negative things can happen when your password leak into the hands of others. Learn 7 tips to keep it brief.

1. Not Using Default Password
The default password is the password that we can be the first time. This default password should indeed be quickly replaced because of very vulnerable. The reason, the default password can be easily searched on google search, even there are listed the name of a machine, type and default password with a magnificent plastered on some website creators vendors.

Sometimes administrators fear of forgetting to change-change the default password, so that an intruder can take over the system with default passwords.

Wearing 2.Tidak Password Hint
Sometimes we are afraid to forget the password that was our entry into the system / account, so we need to create a reminder if we forget the password. Now this is called password reminder Hint, if we create a password hint question with this then we can quickly recall these forgotten passwords.

Likewise with the hackers, they'll experiment with us to guess the password in the password hint questions, over time the password will be predictable, if the questions listed in the password hint can be answered by the penebak password.

Writing 3.Tidak Password
Owners are often afraid to forget your password with the password has been entered, so the owner would write different passwords user id and password into other media such as a notebook, notepad, Stickies (mac), password folders, books, mobile phones and other.

It is also quite vulnerable to leaking. Why vulnerable? Because if the various equipment is lost, then all information about a user id and password are sooner or later will be known by the thief equipments / gadgets are missing.

4.Menggunakan a Strong Password
Owner passwords often using a short password only, if it could be shorter than 3 characters then the user will give a short password. Fortunately this time the system provides a minimum password length of 6 characters and a maximum of 254 characters. The longer a password the stronger it will be the password security.

Strong passwords can be created with a combination of numbers and letters and even a variety of other characters. Some admins are currently using a password that is long enough, coupled with encryption such as PGP key and others, so it is quite difficult to guess password.

5.Sering Change Password
Owners should periodically change your password for authentication password, the more frequent password changes, the better, because the more difficult the penebak password hacking account / your system. Changes to the password depends on the owner, could be a week, a month, three months, and others. Originally the owner does not forget the password that was changed earlier.

6.Tidak Using Same Password on Multiple Accounts
Owners often forget and sometimes passwords frequently enough to create an account, so they each create a new account menggunakanuser the same id and password are the same, this is very vulnerable and dangerous. Because these passwords through a single account, all accounts will be taken olehhacker it.

7. Using Password Management
To help recall the various passwords and various accounts, we are often very difficult, but not to worry because it has many current applications to help organize our passwords. This application can be downloaded for free from the internet and paid, so that regardless of our account and whatever we can with the password easy to remember and re-opened, of course, to open it with an encryption method as well.
Diposkan oleh di Tidak ada komentar:
Label: ,

Senin, 28 Juni 2010

The Oracle RDBMS

Because we'll be talking about the Oracle RDBMS in depth in later sections, we'll simply cover a few of the more important details here. One of the major differences between Oracle running on Windows and Oracle running on UNIX-based platforms is the number of processes that combine to create the actual RDBMS. On Windows there is simply the oracle.exe process, but on UNIX platforms there are multiple processes each responsible for some part of functionality. Using ps we can list these processes:

$ ps -ef | grep oracle
 oracle  17749     1  0 11:26:13 ?        0:00 ora_pmon_orasidsol
 oracle  10109     1  0   Sep 18 ?        0:01 /u01/oracle/product/9.2.0/bin/tnslsnr listener920 -inherit
 oracle  17757     1  0 11:26:16 ?        0:01 ora_smon_orasidsol
 oracle  17759     1  0 11:26:17 ?        0:00 ora_reco_orasidsol
 oracle  17751     1  0 11:26:15 ?        0:01 ora_dbw0_orasidsol
 oracle  17753     1  0 11:26:16 ?        0:01 ora_lgwr_orasidsol 
 oracle  17755     1  0 11:26:16 ?        0:05 ora_ckpt_orasidsol
 oracle  17762     1  0 11:30:59 ?        1:34 oracleorasidsol (LOCAL=NO)

Each RDBMS process has the name of the database SID appended to it—in this case orasidsol. The following list looks at each process and discusses what each does.

  • The PMON process. This is the Process Monitor process and its job is to check if any of the other processes fail, and perform housekeeping tasks if one does such as free handles and so on.

  • The SMON process. This is the System Monitor process and it is responsible for crash recovery if a database instance crashes.

  • The RECO process. This is the Distributed Transaction Recovery process and handles any unresolved transactions.

  • The DBWR process. This is the Database Writer process. There may be many such processes running. From the preceding ps listing we can see only one—numbered 0.

  • The LGWR process. This is the Log Writer process and is responsible for handling redo logs.

  • The CKPT process. This is the Checkpoint process and every so often it nudges the Database Writer process to flush its buffers.

All of these background processes are present on Windows, too; they're just all rolled up into the main oracle.exe process.

The oracleorasidsol process is what is termed the shadow or server process. It is actually this process that the client interacts with. Information about processes and sessions is stored in the V$PROCESS and V$SESSION tables in SYS schema.

chapter 2 (2)

The Database Hacker's Handbook: Defending Database Servers
by David Litchfield et al.
John Wiley & Sons © 2005
Diposkan oleh di Tidak ada komentar:
Label: ,

Examining the Oracle Architecture

Chapter 2 (1)

We begin this chapter by examining the physical layout of the database, such as the Oracle processes and how they interact with the network. We move on to examining authentication and authorization and then move to the logical layout of the database.

Oracle Processes and Oracle on the Network

This section describes the major components of Oracle and their interaction with the network. We begin with perhaps the most crucial network-facing component, the TNS Listener.

The Oracle TNS Listener

The TNS Listener is the hub of all communications in Oracle. "TNS" stands for Transparent Network Substrate and this is the protocol that Oracle uses to communicate between client and server. The TNS protocol is described on the Ethereal web site at http://www.ethereal.com/docs/dfref/t/tns.html.

The TNS Listener responds to a number of commands such as "version," "status," and "services," and when a database server is first started, it registers with the TNS Listener using the service_register_NSGR command. This lets the TNS Listener know that the database server is ready to accept connections. Incidentally, although the service_register_NSGR command is intended to be used locally the command can be sent over the network. In the past there have been denial of service issues with this command that can kill the TNS Listener.

When a client wishes to access the database server, the client connects first to the Listener. The Listener replies back with a TCP port that the client should connect to. The client connects to this port and then authenticates to the database server. If, however, the database has been configured in MTS, or Multi Threaded Server, mode then no port is assigned as such and communication with the database server takes place over the same TCP port that the Listener is listening on. The TNS Listener usually listens on TCP port 1521 but, depending upon the version of Oracle and what applications have been installed this port may be different, for example 1526. Regardless, the TNS Listener can be configured to listen on any TCP port.

The TNS Listener is also integral to PL/SQL and external procedures that we'll talk about later. Essentially when a PL/SQL procedure calls an external procedure, the RDBMS connects to the Listener, and the Listener launches a program called extproc to which the RDBMS connects. Extproc loads the library and executes the required function. As you'll see later this can be abused by attackers to run commands without a user ID or password.

If the XML Database is enabled—and it is by default in Oracle 9 and later—the TNS Listener holds open TCP port 2100 and 8080. The former allows querying of XML data over the FTP protocol and the latter over HTTP. The Listener proxies traffic on these ports to the RDBMS.

In versions of Oracle prior to 10g, the TNS Listener could be administered remotely. What makes this particularly dangerous is the fact that by default the Listener is installed without a password so it is possible for anyone to administer the Listener. A password should be set to help secure the system. The Listener Control Utility, lsnrctl, is the tool used to manage the Listener. Using this tool it's possible, among other things, to query the Listener for registered database services and retrieve status information: 

C:\oracle\ora92\bin>lsnrctl
LSNRCTL for 32-bit Windows: Version 9.2.0.1.0 - Production on 10-OCT-2004 17:31:49
Copyright (c) 1991, 2002, Oracle Corporation.  All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> set current_listener 10.1.1.1
Current Listener is 192.168.0.34
LSNRCTL> status
Connecting to (DESCRIPTION=(CONNECT_DATA=(SID=*)(SERVICE_NAME=10.1.1.1))
(ADDRESS=(PROTOCOL=TCP)(HOST=10.1.1.1)(PORT=1521)))
STATUS of the LISTENER
------------------------
Alias                     LISTENER
Version                   TNSLSNR for 32-bit Windows: Version 9.2.0.1.0 - Production
Start Date                10-OCT-2004 16:12:50
Uptime                    0 days 1 hr. 19 min. 23 sec
Trace Level               off
Security                  ON
SNMP                      OFF
Listener Parameter File   C:\oracle\ora92\network\admin\listener.ora
Listener Log File         C:\oracle\ora92\network\log\listener.log
Listening Endpoints Summary...
 (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(PIPENAME=\\.\pipe\EXTPROC0ipc)))
 (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=GLADIUS)(PORT=1521)))
 (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=GLADIUS)(PORT=8080))
(Presentation=HTTP)(Session=RAW))
 (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=GLADIUS)(PORT=2100))
(Presentation=FTP)(Session=RAW))
Services Summary...
Service "ORAXP" has 1 instance(s).
 Instance "ORAXP", status UNKNOWN, has 1 handler(s) for this service...
Service "PLSExtProc" has 1 instance(s).
 Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "oraxp.ngssoftware.com" has 1 instance(s).
 Instance "oraxp", status READY, has 1 handler(s) for this service...
Service "oraxpXDB.ngssoftware.com" has 1 instance(s).
 Instance "oraxp", status READY, has 1 handler(s) for this service...
The command completed successfully
LSNRCTL>

As you can see this leaks all kinds of useful information. As an interesting aside, if the Listener receives an invalid TNS packet, it will reply with a packet similar to 

IP Header
     Length and version: 0x45
     Type of service: 0x00
     Total length: 94
     Identifier: 61557
     Flags: 0x4000
     TTL: 128
     Protocol: 6 (TCP)
     Checksum: 0x884c
     Source IP: 10.1.1.1
     Dest IP: 10.1.1.2
TCP Header
     Source port: 1521
     Dest port: 3100
     Sequence: 2627528132
     ack: 759427443
     Header length: 0x50
     Flags: 0x18 (ACK PSH )
     Window Size: 17450
     Checksum: 0xe1e8
     Urgent Pointer: 0
Raw Data
     00 36 00 00 04 00 00 00 22 00 00 2a 28 44 45 53  ( 6      "  *(DES)
     43 52 49 50 54 49 4f 4e 3d 28 45 52 52 3d 31 31  (CRIPTION=(ERR=11)
     35 33 29 28 56 53 4e 4e 55 4d 3d 31 35 31 30 30  (53)(VSNNUM=15100)
     30 30 36 35 29 29                                                   (0065)))

Looking at the value of VSNNUM, 151000065 in this case, we can derive the version of the server. When 151000065 is converted into hex we begin to see it better: 9001401. This equates to Oracle version 9.0.1.4.1. The following code can be used to query this information: 

/************************************
/ Compile from a command line
/
/ C:\>cl /TC oraver.c /link wsock32.lib
/
*/
#include 
#include 
#include 
 
int GetOracleVersion(void);
int StartWinsock(void);
struct hostent *he;
struct sockaddr_in s_sa;
int ListenerPort=1521;
char host[260]="";
unsigned char TNSPacket[200]=
"\x00\x46\x00\x00\x01\x00\x00\x00\x01\x37\x01\x2C\x00\x00\x08\x00"
"\x7F\xFF\x86\x0E\x00\x00\x01\x00\x00\x0C\x00\x3A\x00\x00\x07\xF8"
"\x0C\x0C\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0A\x4C\x00\x00"
"\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00";
 
int main(int argc, char *argv[])
{
     unsigned int err=0;
     if(argc == 1)
     {
           printf("\n\t*** OraVer ***");
           printf("\n\n\tGets the Oracle version number.");
           printf("\n\n\tC:\\>%s host [port]",argv[0]);
           printf("\n\n\tDavid Litchfield\n\tdavidl@ngssoftware.com\n\t22th April 2003\n");
           return 0;
     }
     strncpy(host,argv[1],256);
     if(argc == 3)
           ListenerPort = atoi(argv[2]);
     err = StartWinsock();
     if(err==0)
           printf("Error starting Winsock.\n");
     else
           GetOracleVersion();
     WSACleanup();
     return 0;
}           
 
int StartWinsock()
{
     int err=0;
     unsigned int addr;
     WORD wVersionRequested;
     WSADATA wsaData;
     wVersionRequested = MAKEWORD( 2, 0 );
     err = WSAStartup( wVersionRequested, &wsaData );
     if ( err != 0 )
           return 0;
    
     if ( LOBYTE( wsaData.wVersion ) != 2 || HIBYTE( wsaData.wVersion ) != 0 )
           return 0;
    
     s_sa.sin_addr.s_addr=INADDR_ANY;
     s_sa.sin_family=AF_INET;
     if (isalpha(host[0]))
     {
             he = gethostbyname(host);
           if(he == NULL)
           {
                 printf("Failed to look up %s\n",host);
                 return 0;
           }
           memcpy(&s_sa.sin_addr,he->h_addr,he->h_length);
     }
     else
     {
           addr = inet_addr(host);
           memcpy(&s_sa.sin_addr,&addr,4);
     }
     return 1;
}
 
int GetOracleVersion(void)
{
    
     unsigned char resp[200]="";
     unsigned char ver[8]="";
     unsigned char h=0,l=0,p=0,q=0;
     int snd=0,rcv=0,count=0;
     SOCKET cli_sock;
     char *ptr = NULL;
 
     cli_sock=socket(AF_INET,SOCK_STREAM,0);
     if (cli_sock==INVALID_SOCKET)
               return printf("\nFailed to create the socket.\n");
    
     s_sa.sin_port=htons((unsigned short)ListenerPort);
     if (connect(cli_sock,(LPSOCKADDR)&s_sa,sizeof(s_sa))==SOCKET_ERROR)
     {
           printf("\nFailed to connect to the Listener.\n");
           goto The_End;
     }
     snd=send(cli_sock, TNSPacket , 0x3A , 0);
     snd=send(cli_sock, "NGSSoftware\x00" , 12 , 0);
     rcv = recv(cli_sock,resp,196,0);
     if(rcv == SOCKET_ERROR)
     {
           printf("\nThere was a receive error.\n");
           goto The_End;
     }
     while(count < rcv)
     {
           if(resp[count]==0x00)
                 resp[count]=0x20;
           count++;
     }
    
     ptr = strstr(resp,"(VSNNUM=");
     if(!ptr)
     {
           printf("\nFailed to get the version.\n");
           goto The_End;
     }
     ptr = ptr + 8;
     count = atoi(ptr);
     count = count << 4;
     memmove(ver,&count,4);
     h = ver[3] >> 4;
     l = ver[3] << 4;
     l = l >> 4;
     p = ver[1] >> 4;
     q = ver[0] >> 4;
     printf("\nVersion of Oracle is %d.%d.%d.%d.%d\n",h,l,ver[2],p,q);
The_End:
     closesocket(cli_sock);
     return 0;
}

The Database Hacker's Handbook: Defending Database Servers
by David Litchfield et al.
John Wiley & Sons © 2005

Diposkan oleh di Tidak ada komentar:
Label: ,

Jumat, 18 Juni 2010

Which Database Is the Most Secure?

All of the databases we cover in this volume have had serious security flaws at some point. Oracle has published 69 security alerts on its "critical patch updates and security alerts" page—though some of these alerts relate to a large number of vulnerabilities, with patch 68 alone accounting for somewhere between 50 and 100 individual bugs. Depending on which repository you search, Microsoft SQL Server and its associated components have been subject to something like 36 serious security issues—though again, some of these patches relate to multiple bugs. According to the ICAT metabase, DB2 has had around 20 published security issues—although the authors of this book have recently worked with IBM to fix a further 13 issues. MySQL has had around 25 issues; Sybase ASE is something of a dark horse with a mere 2 published vulnerabilities. PostgreSQL has had about a dozen. Informix has had about half a dozen, depending on whose count you use.

The problem is that comparing these figures is almost entirely pointless. Different databases receive different levels of scrutiny from security researchers. To date, Microsoft SQL Server and Oracle have probably received the most, which accounts for the large number of issues documented for each of those databases. Some databases have been around for many years, and others are relatively recent. Different databases have different kinds of flaws; some databases are not vulnerable to whole classes of problems that might plague others. Even defining "database" is problematic. Oracle bundles an entire application environment with its database server, with many samples and pre-built applications. Should these applications be considered a part of the database? Is Microsoft's MSDE a different database than SQL Server? They are certainly used in different ways and have a number of differing components, but they were both subject to the UDP Resolution Service bug that was the basis for the "Slammer" worm.

Even if we were able to determine some weighted metric that accounted for age, stability, scrutiny, scope, and severity of published vulnerabilities, we would still be considering only "patchable" issues, rather than the inherent security features provided by the database. Is it fair to directly compare the comprehensive audit capabilities of Oracle with the rather more limited capabilities of MySQL, for instance? Should a database that supports securable views be considered "more secure" than a database that doesn't implement that abstraction? By default, PostgreSQL is possibly the most security-aware database available—but you can't connect to it over the network unless you explicitly enable that functionality. Should we take default configurations into account? The list of criteria is almost endless, and drawing any firm conclusions from it is extremely dangerous.

Ultimately, the more you know about a system, the better you will be able to secure it—up to a limit imposed by the features of that system. It isn't true to say, however, that the system with the most features is the most secure because the more functionality a system has, the more target surface there is for an attacker to abuse. The point of this book is to demonstrate the strengths and weaknesses of the various database systems we're discussing, not—most emphatically not—to determine which is the "most secure."

In the end, the most secure database is the one that you know the most about.

source :

The Database Hacker's Handbook: Defending Database Servers
by David Litchfield et al.
John Wiley & Sons © 2005
Diposkan oleh di Tidak ada komentar:
Label: ,
Langganan: Postingan (Atom)