Open Source Software Security Tools

QuickLink To Project HoneyPot

2011-11-15T00:00:00.001+08:00

QuickLink which can be use to track and catch malicious web-bots such as spam harveters, form spammers, and blog spammers. Visit http://www.projecthoneypot.org/ for more information.

Farm Unconstitutional

QuickLinks are a quick and easy way for anyone who can post to a website to help trap malicious web spiders. We have found that the best honey pots installed online are the ones with the most in-bound links to them. QuickLinks allow users who may not be server administrators to still participate in Project Honey Pot simply by including a link on the pages they post to or Email.

Archive

http://cikgucyber.blogspot.com/2011/11/quicklink-to-project-honeypot.html

Visit Project Honey Pot

Please Change Your Password For New Format Policy

2011-10-11T04:42:00.001+08:00

Please Change Your Password For New Format Policy

You are require to have a new password thats contain the following :-

Two upper case letters
Two lower case letters
Two numbers
Two special characters (examples: @#$%^&*()_+|~-=\`{}[]:";'<>/)

Your password must contain with minimum of 8 characters

Your password must be changed on at least every 6 months

Your password is easy to be remembered but it is hard to guess.

You want it to be complex enough that it can’t be guessed, yet meaningful enough that you can actually remember it. Use non-words but associate them with a word. Imagine your pet’s name is Buddy, you live on State Street, you’re 15, and you like to stargaze at night. A good password for you would be BudStat15** - A Guide to Facebook Security

References :-

OWASP.my Discussion Group In Facebook

https://www.facebook.com/groups/owaspmy/

Facebook Security Page and download E-book in PDF format A Guide to Facebook Security.

https://www.facebook.com/security

Password Policy

http://en.wikipedia.org/wiki/Password_policy

SANS Institute Password Policy

http://www.sans.org/security-resources/policies/Password_Policy.pdf

Introduction To ICT Security Audit OWASP Day Malaysia 2011

2011-09-21T19:58:00.001+08:00

Introduction To ICT Security Audit OWASP Day Malaysia 2011 by Harisfazillah Jamel or LinuxMalaysia during OWASP Day Malaysia 2011 20 Sept 2011.

Introduction To ICT Security Audit OWASP Day Malaysia 2011

Introduction To ICT Security Audit OWASP Day Malaysia 2011

View more presentations from Harisfazillah Jamel

Introduction To ICT Security Audit OWASP Day Malaysia 2011 - Presentation Transcript

https://www.owasp.org/index.php/OWASP_Day_KL_2011

Agenda ● Objective of The Day ● Identified The Risks ● Who should be involved ● Where To Starts ● What To Audit ● When To Audit ● How To Do It

Objective • Harden Our Servers • In Depth Defense• Find the loophole • Find the zero day

Risk Only one risk – HumanTo Err Is Human

Its our job to find it. :-)

Risks ● Not a latest Patches ● Forget my password ● Allow all, Deny None ● Install everything ● Share anything ● Phishing ● No backup

Not The Latest Patches ● Be alert – http://www.mycert.org.my/en/ – http://www.securityfocus.com/ – http://packetstormsecurity.org/ – http://gcert.mampu.gov.my/ – http://www.cert.org/certcc.html Internet Storm Center – http://isc.sans.edu/ Patches Priority One – http://www.sans.org/top-cyber-security-risks/

Lab One ● Subscribe websites to Google Reader ● http://www.kb.cert.org/vuls/

Forget My Password● We will use easy password ● Password must = Senang nak ingat, susah nak teka.● Dont leak the hash ● Generate MD5 hash – http://md5crack.com/crackmd5.php ● Crack MD5 – http://isc.sans.edu/tools/reversehash.html

Lab Two ● Crack this – password – abc123 – haris – Your own name – Birthday date in numbers – Birthday date in any format

Allow All Deny None ● Any ports outbound open ● Not proxy between LAN and Internet ● Used by BOT to attack and comm with BOSS

Lab Three ● Telnet – Telnet in CMD and Shell – Port 80 GET /index.htm HTTP/1.1 and enter twice – Port 25 helo and quit ● Visit this website – http://www.yougetsignal.com/tools/open-ports/ – http://canyouseeme.org

Install Everything ● To many patches ● To many services ● Only select what you want

Share Everything ● Windows Share permission “every body” – Dont trust your network ● Putting files in web servers – Google BOT nyum-nyum

Lab Four ● Google own name in PDF files – harisfazillah filetype:pdf ● You own IC numbers (with and without -) – Do this on your own

Phishing ● The most used tactic to gain password – Email – Phone

Lab Five ● Track your organisation here – http://www.phishtank.com/ ● You will never know, you are the target.● Defacement Archive – http://www.zone-h.org/archive

BreakJom Minum

Who ? - The Management - ICT - Me Everybody need to be involved

Lab Six ● CIS Security – The Benchmark – http://www.cisecurity.org/

Where To Start ● Any servers that have IP address – Public or Internal – Heavy traffic websites and Email ● LAN – Review firewall and proxy log – SMTP activities – IRC bot activities – HTTP and HTTPS requests – Minitor network traffic

Lab Seven ● Get the bootable CD ● tcpdump ● wireshark ● Any network analysis tools

When To Do It ● A must every 6 months● Any security warning

Contact linuxmalaysia@gmail.com

http://green-osstools.blogspot.com/

Download

http://www.slideshare.net/linuxmalaysia/introduction-to-ict-security-audit-owasp-day-malaysia-2011

http://www.scribd.com/doc/65765561/Introduction-To-ICT-Security-Audit-OWASP-Day-Malaysia-2011

Important: Security Breach on Linux.com, LinuxFoundation.org

2011-09-11T20:28:00.000+08:00

I got this notice when visiting http://www.linuxfoundation.org/ and http://www.linux.com/ websites date and time 11 September 2011 19:58

Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are down for maintenance due to a security breach that was discovered on September 8, 2011. The Linux Foundation made this decision in the interest of extreme caution and security best practices. We believe this breach was connected to the intrusion on kernel.org.

We are in the process of restoring services in a secure manner as quickly as possible. As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and will update this statement when we have more information.

We apologize for the inconvenience. We are taking this matter seriously and appreciate your patience. The Linux Foundation infrastructure houses a variety of services and programs including Linux.com, Open Printing, Linux Mark, Linux Foundation events and others, but does not include the Linux kernel or its code repositories.

Please contact us at info@linuxfoundation.org with questions about this matter.

The Linux Foundation

Email from info@linuxfoundation.org

Important: Security Breach on Linux.com, LinuxFoundation.org

Attention Linux.com and LinuxFoundation.org users,

We are writing you because you have an account on Linux.com, LinuxFoundation.org, or one of the subdomains associated with these domains. On September 8, 2011, we discovered a security breach that may have compromised your username, password, email address and other information you have given to us. We believe this breach was connected to the intrusion on kernel.org.

As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and will update public statements when we have more information.

We have taken all Linux Foundation servers offline to do complete re-installs. Linux Foundation services will be put back up as they become available. We are working around the clock to expedite this process and are working with authorities in the United States and in Europe to assist with the investigation.

The Linux Foundation takes the security of its infrastructure and that of its members extremely seriously and are pursuing all avenues to investigate this attack and prevent future ones. We apologize for this inconvenience and will communicate updates as we have them.

Please contact us at info@linuxfoundation.org with questions about this matter.

The Linux Foundation

My advice to System Administrators from Malaysia, lets join OWASP Malaysia Chapter for ICT security alerts and discussion.

OWASP Malaysia Chapter links :-

OWASP.my Discussion Group In Facebook

http://www.facebook.com/groups/owaspmy/

OWASP Malaysia Twitter

http://www.twitter.com/owasp.my

OWASP Malaysia Local Chapter Facebook Page

http://www.facebook.com/OWASP.Malaysia

OWASP Malaysia Local Chapter official Website

http://www.owasp.my/

OWASP Malaysia Local Chapter Mailing List

https://lists.owasp.org/mailman/listinfo/owasp-Malaysia

Logo OWASP Day Kuala Lumpur Malaysia 2011

2011-08-27T17:45:00.001+08:00

OWASP DAY KL 2011 - Malaysia https://www.owasp.org/index.php/OWASP_Day_KL_2011

Call For Participants OWASP Day Kuala Lumpur Malaysia 2011

2011-08-27T15:31:00.000+08:00

https://www.owasp.org/index.php/OWASP_Day_KL_2011

Click for "Registration Tab" for Call For participants Forms

We have a number of sessions available during the OWASP Day Kuala Lumpur Malaysia, join us for multiple papers presentation for 45 minutes each and training sessions for whole day (8am till 5.30pm).

OWASP Day topics of interest cover the following topics or any other topics that out of ordinary :-

- Web Application Security

- Mobile Application Security

- Cloud Application Security

- Software and Architecture Patterns for Application Security

- Metrics for Application Security

- OWASP Tools and Projects

- Secure Coding Practices (J2EE/.NET)

- Application Security Testing

- New Attacks and Defense

- Other subjects related to OWASP and Application Security

Detail and official schedule, visit the official website :-

https://www.owasp.org/index.php/OWASP_Day_KL_2011

For more information about OWASP Day KL 2011 participants, call for paper and training, you can email to

owaspday @ osdc dot my

About OWASP DAY KL 2011 - Malaysia - The Open Web Application Security Project :-

http://blog.harisfazillah.info/2011/08/owasp-day-kl-2011-malaysia-open-web.html

OWASP Malaysia will host OWASP Day KL 2011 in Kuala Lumpur, Malaysia from Sep. 20 to Sep. 21, 2011 and colloborate with UniKL & OSDCMY.

The events will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Malaysia and around the world for in-depth discussions of cutting-edge application security issues.

The summit will draw participation from major Malaysia and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 200 people are expected to attend the events. exhibition and lunch will be held at the summit, providing sufficient networking opportunities.

UniKL Malaysian Institute of Information Technology (UniKL MIIT)

http://www.unikl.edu.my/

OWASP Malaysia

https://www.owasp.org/index.php/Malaysia

The Open Web Application Security Project (OWASP)

https://www.owasp.org/

Join OWASP.my Discussion Group In Facebook

https://www.facebook.com/groups/owaspmy

OSDC.my

https://www.facebook.com/groups/osdcmalaysia/

Facebook Event Page OWASP Day Malaysia 2011

http://www.facebook.com/event.php?eid=103809379720876

Call For Speakers OWASP Day Kuala Lumpur Malaysia 2011

2011-08-11T22:12:00.005+08:00

Call for speakers OWASP Day Kuala Lumpur Malaysia 2011 official website :-

https://www.owasp.org/index.php/OWASP_Day_KL_2011

Click for "CFP and CFT Tab" for Call For Presenter (CFP) and Call For Trainer (CFT) Forms

We have a number of sessions available during the OWASP Day Kuala Lumpur Malaysia, please feel free to submit multiple papers - presentation length is 45 minutes block and training sessions for whole day (8am till 5.30pm).

OWASP Day topics of interest can cover the following topics or any other topics out of ordinary :-

Web Application Security
Mobile Application Security
Cloud Application Security
Software and Architecture Patterns for Application Security
Metrics for Application Security
OWASP Tools and Projects
Secure Coding Practices (J2EE/.NET)
Application Security Testing
New Attacks and Defense
Other subjects related to OWASP and Application Security

For more information about OWASP Day KL 2011 CFP and CFT, you can email to

owaspday @ osdc dot my

About OWASP DAY KL 2011 - Malaysia - The Open Web Application Security Project :-

http://blog.harisfazillah.info/2011/08/owasp-day-kl-2011-malaysia-open-web.html

Open Web Application Security Project (OWASP) Malaysia Chapter

2011-02-20T10:45:00.000+08:00

Open Web Application Security Project (Owasp) Malaysia Chapter

Open Web Application Security Project (Owasp) is not-for-profit charitable worldwide organization is to focus on improving application security. OWASP mission is to raise awareness about the safety of the web applcation and always free and open to anyone interested in learning more about application security. The public is invited to join OWASP Malaysia Chapter and get a variety of materials and information that are licensed under open source.

For Malaysians, please join the email list OWASP Malaysia Local Chapter

https://lists.owasp.org/mailman/listinfo/OWASP-Malaysia

OWASP Malaysia has Wiki for a variety of information involves activities in Malaysia

http://www.owasp.org/index.php/Malaysia

http://www.owasp.my/

You are invited to join the Facebook OWASP Malaysia Chapter

http://www.facebook.com/OWASP.Malaysia

OWASP Malaysia Chapter has schedule application security workshops, seminars and conferences. Please join the email list Owasp Malaysia Chapter for the latest information and discussion.

The official website of the Open Web Application Security Project (OWASP) International

http://www.owasp.org/

OSSSec First Slide

2011-02-20T10:13:00.003+08:00

G.R.E.E.N

Open Source Security Tools

OWASP Malaysia

www.owasp.my

KL GreenHat

10 Feb 2011

Introduction KL G.R.E.E.N Hat Slide

2011-02-20T09:59:00.000+08:00

This blog base on my slide during KL GreenHat - 10 Feb 2011. Im represent OWASP Malaysia.

--

Open Source Security Tools OWASP Malaysia - KL GreenHat 2011 UniKL