Thursday, October 29, 2009

Tracing Hackers

To trace hackers you need the following tools:
netstat
tracert ;[ip or hostname]

To find out the hackers ip you can use the netstat command in windows cmd.
netstat -an displays all incoming/outgoing connections
[protocol-your ip:port incoming ip:port status]
netstat -a will display same information, but not in numerical form.

connections to ports higer than 49000 are very suspicious. 1023-49000 are less suspicious but might be dangerous.

before giving netstat command it suggested to close all browsers, msn and other applications that use internet. this way the number of connections is smaller and malicious connections are more easily found.

Once you have found the suspicious ip that is connected to high nr port, you can trace it by using tracert (trace route)
tracert 192.168.99.3 will list all machines that are between your computer and target ip.

usually this list contains the hackers ISP.

if you need to get some more info about some e-mail address(that may have sent you some trojans) you can use the site http://samspade.org/;

http://forums.techarena.in/guides-tutorials/443453.htm
Posted by at No comments:

Friday, October 9, 2009

MySQL devel tools for zabbix etc

apt-get install libghc6-hsql-mysql-deve
Posted by at No comments:

Monday, October 5, 2009

RMI Protokoll

RMI - Remote Method Invocation.

RMI kasutab ise "Object Serialization" ja "HTTP" protokolli.

RMI edastab andmeid Stream´ides.
kõik Stream´id on paaris. Igal sisend steramil on üks vastav väljund stream.

Väljund stream koosneb transpordi päisest ning sellele järgnevatest sõnumitest.
Üheks peamiseks RMI kliendiks on JVM(java virtual machine).
Üldisemalt on RMI kliendiks ükskõik milline protsess, mis kasutab funktsiooni välja kutsumiseks rmi´d.
--------------------------------------------
Out:
Header Messages
HttpMessage

Header:
0x4a 0x52 0x4d 0x49 Version Protocol

Version:
0x00 0x01

Protocol:
StreamProtocol
SingleOpProtocol
MultiplexProtocol

StreamProtocol:
0x4b

SingleOpProtocol:
0x4c

MultiplexProtocol:
0x4d

Messages:
Message
Messages Message
--------------------------------------------
*http://crpit.com/confpapers/CRPITV26Lu.pdf
http://java.sun.com/j2se/1.3/docs/guide/rmi/spec/rmi-protocol3.html
*http://www.javacoffeebreak.com/articles/javarmi/javarmi.html

Protokolli skeemid


Posted by at No comments:

Võrgurakendused

Senised teadminsed võrgurakendustest.

Konkreetsetest võrgurakendustest tean vähe.
olen paigaldanud failiserverit,mailiserverit,apachet,DNS serverit.

Rohkem võrgurakendusi pole paigaldanud, kuna pole vajadust olnud.
Posted by at No comments:
Subscribe to: Posts (Atom)