Skip to main content

Posts

Showing posts from 2015

Scan of the Month 15

See the original challenge here:
http://old.honeynet.org/scans/scan15/The Challenge
On 15 March. 2001, a Linux honeypot was successfully compromised, a rootkit was downloaded to the / partition and then deleted from the system. Your mission is to find and recover the deleted rootkit. If you are not sure where to begin on conducting this forensic analysis and recover the rootkit, we highly reccommend you start with the Forensic Challenge. The steps you will have to follow for the rootkit recovery are similar to the steps discussed there. We have posted only the / partion for download to keep this challenge simple. The compressed image is 13MB,(honeynet.tar.gz) MD5=0dff8fb9fe022ea80d8f1a4e4ae33e21. Once you have downloaded, untarred, and unzipped the partition image, it will be 255 MB and the checksum should be MD5=5a8ebf5725b15e563c825be85f2f852e.

Show step by step how you identify and recover the deleted rootkit from the / partition.
What files make up the deleted rootkit?"

The prep…

WordPress installation on Linux

Before starting the installation of WordPress I make sure you have added all the elements of LAMP. It is important to check and double check that your PHP module is actually working. The best way to verify this is to create a webpage with a small example code.

You can find more information about installation of LAMP from my previous posts:
Installing LAMP:http://runningwithcodes.blogspot.fi/2013/09/installing-lamp.html
Warming up with LAMP:http://runningwithcodes.blogspot.fi/2015/09/my-studies-with-linux-continue-and-our.html

Creating a MySql Database
mysql -u root -p


CREATE DATABASE wpcarola;

CREATE USER wpcarola@localhost IDENTIFIED BY 'verydifficultpassword';

I created a new database + user and configured the password.

GRANT ALL PRIVILEGES ON wpcarola.* to wpcarola@localhost IDENTIFIED BY 'verydifficultpassword';
Gave all privileges on this user.

FLUSH PRIVILEGES;
Reloaded the privaledges from the possible grant tables in the database.

EXIT
And finally exit the database.



D…

Configuring settings for Apache2 virtual server

In this post I will show how to configure the basic settings for apache2 based virtual server and guide a website to appear in the desired address in local computer.

Setting up Apache
sudo apt-get updateI ran the update.
sudo apt-get install apache2Installed Apache.

sudo a2enmod userdir Enabled userdir

sudo service apache2 restart
and restarted the module.

I tested the functionality by writing "localhost" on my address bar and got "it works!"-page.
Creating a webpage
mkdir public_html
mkdir carolwenn.com
nano index.html


I created public_html on my home directory, entered and added a new folder for my virtual server (carolwenn.com). Finally I made my index.html page with the following code:

<!doctype html>
<html>
<head>
              <title>carolwenn.com</title>
              <meta charset="utf-8" />
</head>
<body>
               <h1>Carola's homepage</h1>
               <p>Welcome to carolwenn.com<…

Metapackages

This assingment was performed following the instractions written by our teacher Tero Karvinen
(http://terokarvinen.com/2011/create-deb-metapackage-in-5-minutes) &
(http://terokarvinen.com/2011/update-all-your-computers-with-a-deb-repository)

Creating a metapackage My goal was to create a packge that would install my favorite softwares. As a fan of digital art I chose to go with Inkscape and digiKam.

sudo apt-get update
sudo apt-get install equivs
I ran the update and installed Equivs so I would be able to create my package
equivs-control carolas-artpack.cfg

nano carolas-artpack.cfg
I created the source file and edited it by remowing the commends (#) where they wouldnt be needed. This is the outfit of my first metapackage (version 0.1):



Building and installation
After this was done I still needed to build the packge.
equivs-build carolas-artpack.cfg
The package was created succesfully in my desktop where I would let it be temporary.



sudo apt-get install gdebi
sudo gdebi -n carolas-art…

Monitoring data with Munin and stressing the system

This installation was performed following the instractions by Tero Karvinen (http://terokarvinen.com/2011/munin-monitors-your-ubuntu-linux-one-step-install).

Installing Munin
sudo apt-get update
First things first. By running the command I received the latest packages and ensured the correct functionality of programs.

sudo apt-get -y install munin
'sudo software-properties-gnome'
I gave the installation command for Munin and enabled universe repository so I could actually run it. At this stage Mumin should be already monitoring the system.

firefox /var/cache/munin/www/index.html
After entering Munin's location via Firefox I chose to view information of disk space usage. Naturally there was no data yet - Munin updates itself every 5-10 minutes.


Stressing the system
sudo apt-get install iotop
I installed iotop which is a program specified gathering information of the processes stressing a computer.

sudo apt-get -y install stress
stress
After installing and running the program'…

Creating a Bootable USB for Kali Linux

If you are interested to see my documentation about making a bootable USB for Xubuntu please click here!

This USB was made by using the latest version of Xubuntu (the 14.04 release).

Downloading Kali Linux 
23.13. After navigating to https://www.kali.org/ I chose the version that would suit me the best and started downloading the ISO image for 64-Bit system.


USB imaging
22.40. I followed the guide offered by kali.org and used the commandsudo fdisk -lwithout plugging the USB yet. I needed to pay attention to the path of Device Boot (/dev/sdb1). After this I inserted USB and ran the same command again. Now I could see how the name of Device Boot had changed to sdc1. This would be my USB to use.

22.50 It only took a while to format the dd code correctly as the base was already given on Kali's web page. After running the correct command for the first time I got an error message "'/dev/sdc1': Permission denied". In these kind of situations I tend to ask sudo for help an…

Warming up with LAMP

My studies with Linux continue and our first assignment was executing an old exam from the basic course (Työasemat ja tietoverkot, Linux).

I chose this exam from beginning of spring in 2012. http://terokarvinen.com/2012/linux-koe-tyoasemat-ja-tietoverkot-25
This exercise was made by using Xubuntu's 14.04 version.

Installing Apache
sudo apt-get update
First things first. I wanted to have the latest packages available.
sudo apt-get install apache2
I changed the location to user's directory and restarted Apache.
After the installation I tested if Apache is running by writing localhost to the web browser's address bar. "It works!" -page appeared.

Installing MySql
sudo apt-get install mysql-server After a moment the console asked me to define root's new password. I did this and continued the installation.
sudo apt-get install phpmyadmin Now when I had mySql I could connect it with phpmyadmin. In package configuration I selected Apache2. 
The installation was successfu…