I had a CD-RW drive but being a struggling computer security researcher I had no money for blank cd-recordables. What follows is how I managed to install various operating systems on my computer (1 hard drive) without having to burn to a CD the ISO and then boot from that.
Continue ReadingNetwork / Computer Security Articles (2)
Changing Any Password On XP
This quick tutorial will show you the steps to change and reset any user password on a windows computer, and also show you how to protect your computer from people doing this to you!
Continue ReadingApache Variable Fun in htaccess
Server and Environment Variables are used by The Apache HTTP Server by provides a mechanism for storing information. This information can be used to control various operations such as logging or access control.
Continue Readinghtaccess HTTPS / SSL Tips, Tricks, and Hacks
Apache has the best SSL/HTTPS support and can be controlled by the httpd.conf file or other HTTPD server configuration file. This htaccess tutorial has htaccess example code to make it easy to secure and use HTTPS and SSL with Apache.
Continue ReadingSecurity with Apache htaccess Tutorial
Apache Security tips and tricks for securing Apache Web Servers using htaccess, httpd.conf, and other built-in techniques to thwart attackers. This really should be required reading for any Apache admin or user because these little tricks are so easy to do.
Continue ReadingApache Authentication in htaccess
How to password-protect, Allow or Deny a visitor based on a condition. If you are having trouble getting htaccess-based password protection to work see: Troubleshooting htaccess Authentication: Getting it to work
Continue Reading
htaccess rewrite, Mod_rewrite tricks
htaccess Mod_Rewrite Tips and Tricks is as glamorous as it sounds! htaccess rewrite mod_rewrite is just possibly one of the most useful Apache modules and features. The ability to rewrite requests internally as well as externally is extremely powerful.
Continue Readinghtaccess rewrite, htaccess
Comprehensive .htaccess example file with advanced examples in 1 htaccess sample skeleton .htaccess file with the very best apache htaccess examples… Updated frequently based on detailed info from the Apache htaccess tutorial.
Continue ReadingCOMPUTER SECURITY TOOLBOX
List of mainly obscure security software geared more for the master pentester. These are mostly for unix, bsd, and mac and many are difficult to install and setup (require custom servers, inside access points, obscure libraries). Only programs that output data are included, so no actual exploits or anything. Most of these output extremely useful albeit extremely technical information.
Continue ReadingControl htaccess Basic Authentication with PHP and mod_rewrite
Control htaccess Basic Authentication with PHP and mod_rewrite
Continue ReadingServe Alternate Content based on Time
Time-dependant rewriting uses mod_rewrite and apache server time variables to display different files depending on the time, while the URL stays the same. An often requested implementation of this is to display a different home page or image depending on if its morning, noon, or night.
Security Enhancing with htaccess
Securing Subdirectories using unique apache htaccess solutions.
Continue ReadingHTTP Packet Capturing to debug Apache
This article is a quick and easy HowTo detailing the use of Wireshark or another network sniffing program to debug your Apache .htaccess or httpd.conf files.
Continue ReadingPort Redirector
can you please suggest me any tiny and good port redirector
for linux and unix like oses ?
so that when I connect to the box to a given port it redirects my connection
to another box and port that I can chose ?
thanx a lot
Tracking Spam and email
Tracking Spam and email with free online tools
Continue ReadingRacing the Windows XP ACL demon
Both of these pcs were behind a hardware/software firewall, and so each had their own host names, we’ll say PEPSI and COKE, and they were both on a private network on the same subnet, so each belonged to a domain called MARKETING.
Continue ReadingTop 5 Vulnerability Port Scanners
Asked some hackers and Computer Security gurus to list their 5 favorite Vulnerability/Port Scanners. Here are the results.
Continue ReadingVulnerability Scanners Review
A few months back I did some intense testing of all the best vulnerability scanners out there.. I had a couple unix boxes hooked up, as well as some windows machines, and figured I could add clients to a “once-a-week” scanning contract. So naturally, I wanted to use the scanner that was the best for [...]
Continue ReadingArp Packet Hacking
Part deux of Want to know how to really hack?
Question: can i arp poison a MAC which is not in my LAN or Network?
What about double-encapsulation? Like embedding the arp within something else..
I’d study the wire capture for awhile and use tools like isic and hping3 to see what types of rules are in [...]
LFT traceroute tool
LFT: The alternative traceroute and whois tools for network (reverse) engineers.
LFT, short for Layer Four Traceroute, is a sort of ‘traceroute’ that often works much faster (than the commonly-used Van Jacobson method) and goes through many configurations of packet-filters (firewalls). More importantly, LFT implements numerous other features including AS number lookups through several reliable sources, [...]
Continue ReadingApache SSL in htaccess examples
Apache SSL examples in htaccess files
Any htaccess rewrite examples should always begin with
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
Fixing double-login problem and making sure authorization usernames/passwords are not sent in cleartext unencrypted.
Additional https/ssl information
SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "google.com"
ErrorDocument 403 https://google.com
This code is really, really nice because it fixes multiple issues with almost every other SSL redirect technique in [...]
Continue Reading