Nenad Vijatov » Security

Ubuntu Pentest Edition

Nenad Vijatov — Fri, 15 Jan 2010 11:41:00 +0000

netinfinity release Ubuntu Pentest Edition …
“Ubuntu pentest edition is primarily designed as a complete system (everyday usage – office, internet etc..) and can be used in pentesting purposes, which is a big advantage because you do not need to have a dual boot or use a virtual machine to run the system for pentest.”
Try it … link.

Security Researcher Acknowledgments for Microsoft Online Services

Nenad Vijatov — Tue, 01 Sep 2009 06:40:32 +0000

… for July and August.
Thanks to Microsoft Security Response Center.

Security Researcher Acknowledgment

Nenad Vijatov — Thu, 16 Jul 2009 13:18:23 +0000

… for June 2009.

http://technet.microsoft.com/en-us/security/cc308589.aspx

Security Researcher Acknowledgments for Microsoft Online Services

Nenad Vijatov — Thu, 04 Jun 2009 07:38:50 +0000

I got Acknowledgment for Security Researcher fourth time this year … Great me!

Security Researcher Acknowledgments for Microsoft Online Services

Nenad Vijatov — Mon, 06 Apr 2009 11:20:59 +0000

Third time in a row …
http://technet.microsoft.com/en-us/security/cc308589.aspx

Pwn2Own 2009

Nenad Vijatov — Sat, 21 Mar 2009 23:11:07 +0000

This years Pwn2Own uncover 4 new never seen before critical vulnerabilities affecting the IE8, Safari and FireFox.
More about this contest you can read at DVLabs Blog.

Analysis of Conficker

Nenad Vijatov — Tue, 10 Mar 2009 12:02:45 +0000

Guys from the SRI International were made really good analysis on the currently most active Virus/Worm, Conficker, also known as Downup, Downadup and Kido.

Analysis can be found at http://mtc.sri.com/Conficker/.

Security Researcher Acknowledgment – second time in a row

Nenad Vijatov — Fri, 06 Mar 2009 14:16:57 +0000

… and now I am very proud of myself because my name is the second time in a row appear on this page Security Researcher Acknowledgments for Microsoft Online Services. Hope to see you soon again!

Security Researcher Acknowledgments for Microsoft Online Services

Nenad Vijatov — Tue, 10 Feb 2009 08:05:58 +0000

I am very proud to inform you that I’m on Security Researcher Acknowledgments for Microsoft Online Services for January 2009.
I will continue my research in hope that i will be on this prestigious list again!

Password protect single user mode

Nenad Vijatov — Mon, 25 Feb 2008 13:59:00 +0000

You forget your root password and get locked out of your own box. What do you do? Typically, you would reboot into single user mode and change the password there.

When booting into single user mode you will not be prompted for the root password. This is something every attacker knows and prays on once he has gained physical access to you box. So what do you do?
Firstly, a good sys admin knows not to forget the root password. Login in as root is never a good idea so using sudo is always advised.
This still leaves the single user mode vulnerable, to secure it you will have to append the following line “su:S:wait:/sbin/sulogin” to your “/etc/inittab” file.
Now, every time you boot into single user mode you will be prompted for the root password.

# password protect single user mode
su:S:wait:/sbin/sulogin

PS: Always remember you password, if you can’t then write in down in a safe place.