Posts by Banny

  • basic ubuntu backup script

    I was looking for a backup script and come across....


    Code
    sudo su
cd /
tar cvpzf ububackup.tgz --exclude=/ububackup.tgz --exclude=/proc --exclude=/lost+found --exclude=/sys –-exclude=/mnt /


    im sure this can be improved but if you want a cheap and cheerful backup script this will do the job (dont forget to actually copy the ububackup.tgz from your server)

  • ExploitShield

    ExploitShield appears to live up to its name


    A brand-new security program looks like it puts a bullet in the head of many major software exploits, a complicated feat that could turn the world of computer security on its ear.


    A new company called ZeroVulnerabilityLabs says that it has solved the Gordian knot of exploits, slicing through the complicated, Hydra-headed problem with a single stroke from a software weapon it calls ExploitShield.
    Available exclusively today from Download.com, the first ExploitShield Browser Edition beta (download) appears to stop all manner of exploits, from those affecting browsers directly to browser plug-ins like PDF readers, Flash, and Java, to Microsoft Office components, to a handful of media players. The potential for raising the level of computer security here is huge, as a vast number of threats are actually mutations of malware, sold in kits like BlackHole, exploiting the same security holes in the same security programs.


    The Windows-only ExploitShield is freeware for individuals and non-profits, part of ZeroVulnerabilityLabs' attempt to prove that the technology is so important that it's worth giving away. The company is working on a licensed version for businesses, although they don't have a timeline for its release yet.
    Software exploits have long been a thorny software problem, hard to prevent because of source code complexity. For some notorious software, such as Java, Flash, and QuickTime, it can sometimes seem as though two exploits crop up for each one that gets patched. A panacea that cures all exploits, even ones that have yet to be used to breach a program, sounds too good to be true. Several Windows security suites have promised to block browser exploits, with Kasper***'s 2013 Automatic Exploit Prevention feature to be among the strongest offered, but that will set you back $60 retail.



    In terms of features, ZeroVulnerabilityLabs plans on following in the footsteps of other free security programs that offer a paid upgrade. The free version of ExploitShield includes protection against drive-by downloads only, a powerful protection tool, as well as protection against attacks based on document file formats and media file formats. The company hopes to attracts businesses to the corporate upgrade by offering those features, and protection against DLL memory injection attacks, shield management for network deployment, quarantine management, and a centralized reporting portal.


    ExploitShield is Silicon Valley's ZeroVulnerabilityLabs' first release. It's been in development for the past 12 months, according to its two co-founders, both of whom are experienced security researchers. Pedro Bustamante has more than 20 years' experience as a security researcher; the other co-founder is David Sanchez Lavado, a former employee of the security firm S21Sec and Panda Security, and ZeroVulnerabilityLabs' Chief Technical Officer.


    "Ninety-five percent of successful exploits are Java- or PDF-based," said Bustamante in a meeting at CNET's San Francisco offices last June. "ExploitShield protects against exploit-delivered malicious payload," he said. "It's vulnerability-agnostic."
    Because of the potentially implications of a freeware exploit-blocker that protects most major software, CNET insisted on permission from ZeroVulnerabilityLabs to hand off ExploitShield to independent experts to evaluate its efficacy.
    eremiah Grossman, Chief Technical Officer of WhiteHat Security, said in an e-mail to CNET requesting comment on ExploitShield that the software offered a "concept and value proposition" that "sounds pretty good, especially in a corporate environment."
    "There are a ton of important and unanswered questions here, but that's a good thing. This could be a strong emerging player that establishes a niche market. I'll be watching them for sure," he said.
    Bustamante was reticent to explain how ExploitShield works, but did offer some insight in an e-mail. "It is not blacklisting, not whitelisting, and not sandboxing. We call it 'application shielding,' and it's basically a pro-active way of preventing vulnerability exploits. It blocks 100 percent of the exploits it protects against, 100 percent of the time. I think it's a new type of security software category, i.e., 'anti-exploits'," he said.
    ZeroVulnerabilityLabs is making some heady claims with ExploitShield that so far appear to be supported by my everyday use of the software. Bustamante said in a subsequent e-mail to CNET that, "this is not an intrusive security technology like antivirus, whitelisting, or sandboxing. It is completely transparent to the user, install-and-forget."


    Bustamante explained that currently known exploit methods against Microsoft's EMET and 32-bit based ASLR, such as ROP and anti-anti-ROP exploits, are blocked by ExploitShield.
    At least on the counts of performance and stability, I have not noticed any appreciable differences in browser behavior. Bustamante did caution, however, that since ExploitShield is in beta, those problems could still crop up.
    Adam J. O'Donnell, Chief Architect for the Cloud Technology Group at Sourcefire, said that the community of security experts will be curious about how ExploitShield works. "Once the thing is put up for download, everyone will be reversing it," he wrote to CNET in an e-mail earlier this week, after looking at ExploitShield. He also vouched for Bustamante's reputation, no small matter in the world of computer security.


    Grossman agreed that ExploitShield could have far-reaching implications. "If this works as advertised, [it] sounds like they could have something very special here. The concept and value proposition sounds pretty good, especially in a corporate environment," he said.


    "Ninety-five percent of successful exploits are Java- or PDF-based," said Bustamante in a meeting at CNET's San Francisco offices last June. "ExploitShield protects against exploit-delivered malicious payload," he said. "It's vulnerability-agnostic."


    Because of the potentially implications of a freeware exploit-blocker that protects most major software, CNET insisted on permission from ZeroVulnerabilityLabs to hand off ExploitShield to independent experts to evaluate its efficacy.


    Source -

    Code
    http://download.cnet.com/8301-2007_4-57521983-12/exploitshield-appears-to-live-up-to-its-name/?tag=rb_content;main


    Browser Edition Beta attached for convenience

  • Cache-ex wait time - what is the best setting for sly uk??

    I don't know what the optimal settings are, suppose that depends on the caid of the cache you are exchanging, but the point of it being available in cache is so that it doesn't have read the card and should be quicker than reading it from the card, that's one of the points of using cache exchanges.

  • Which Oscam?

    You don't want to go above 7470 (unless the memory leak issue has been resolved now?)


    and for the dm500 you want the power pc version (or ppc, which is just an abbreviation).

  • [Warning] New Java flaw could hit 1 billion users

    New Java flaw could hit 1 billion users


    Source

    Code
    http://news.cnet.com/8301-1009_3-57520532-83/new-java-flaw-could-hit-1-billion-users/?tag=nl.e757&s_cid=e757


    A new Java vulnerability has surfaced that apparently affects all Java runtimes and therefore puts close to a billion users at risk.


    It's just a proof of concept for now, but a newly revealed Java vulnerability could have very widespread repercussions.
    Security research company Security Explorations has issued a description of a new critical security flaw in Java SE 5 build 1.5.0_22-b03, Java SE 6 build 1.6.0_35-b10, and the latest Java SE 7 build 1.7.0_07-b10. This error is caused by a discrepancy with how the Java virtual machine handles defined data types (a type-safety error) and in doing so violates a fundamental security constraint in the Java runtime, allowing a complete bypass of the Java sandbox.


    Security Explorations conducted tests on a fully patched Windows 7 machine, and was able to exploit the bug using the Java plugin in the latest versions of most popular browsers (Internet Explorer, Firefox, Chrome, Safari, and Opera). While the error was only tested on Windows 7 32-bit, being in Java means it is not limited to the Windows platform and will affect anyone with Java installed on their systems, be it Windows, Linux, Mac, or Solaris.
    Adam Gowdiak, CEO of Security Explorations, said in a blog post that Oracle has been alerted to the matter and that the company needs to pay attention:


    In an interview with ComputerWorld, Gowdiak explained that this is a new flaw in Java that has persisted even after Oracle's most recent patch, and when exploited would allow an attacker to use a malicious Java applet to install programs, or read and change data on the system with the privileges of the current user.


    Gowdiak also stresses that this is a zero-day flaw; however, zero-day means the flaw is used in active exploits on the same day of its findings (giving developers "zero days" to issue a patch), but there is no mention of an active exploit for this bug, and Gowdiak's descriptions of it both on the Security Explorations' blog and in ComputerWorld's interview suggest it is more of a proof-of-concept at its current state.
    So far Oracle has been provided with a technical overview of the bug and example code outlining the flaw, but has not yet acted upon it. It unfortunately is not yet known when Oracle might do so. While for the most recent zero-day vulnerability Oracle broke its quarterly update schedule to address the problem, this action was the first such steps taken and it is possible the company may fall back to its quarterly schedule and issue an update in just less than a month on October 16.
    While this bug is more widespread than other recently found Java exploits, so far there is no concrete evidence of it being used in any malware exploits; however, it does stress the importance of reducing the number of active runtimes (code execution environments) on your system. If you do not need Java, then you might be best off uninstalling or disabling it. If you are unsure whether or not you need Java, then you might also remove it and then only reinstall it if any of your activities prompt you for a Java runtime requirement.