Tuesday, January 29, 2008

Obfuscated python

http://www.p-nand-q.com/python/obfuscated_python.html
Posted by at No comments:
Labels:

Monday, January 21, 2008

portbunny is out!

another port scanner, written in C, wrapped in python
check this out! http://www.recurity-labs.com/portbunny/portbunny.html
Posted by at No comments:
Labels:

Wednesday, January 02, 2008

ClamAV setup

Download location (HTTP):

http://www.clamav.net/

Installation of Clamav


First is to add a dedicated group and user for the clamav daemons and
environment.

groupadd -g 40 clamav
useradd -c "CLAMAV Owner" -m -d /var/lib/clamav -g clamav -u 40 -s
/bin/bash clamav

Notes
. all the others daemons (clamsmtpd and freshclam) and scripts will be
running under the same account: clamav.
This account needs a valid shell and home directory for executing a
shell-script when a virus is found.
. the number 40 for the groupidnr and useridnr is arbitraty. You can
choose one suitable for you.

With the new account create an environment:


cd /var/lib/clamav
mkdir {bin,db,log,run,template,tmp}
chown -R clamav:clamav /var/lib/clamav
chmod 700 /var/lib/clamav

Configuring, compiling and installing the software. Note I use a one
directory: /var/lib/clamav.

./configure --prefix=/usr \
--sysconfdir=/etc \
--localstatdir=/var \
--libexecdir=/usr/sbin \
--disable-clamuko \
--with-user=clamav \
--with-group=clamav \
--with-dbdir=/var/lib/clamav/db
make
make install

Clamd, clamscan, clamdscan and freshclam are all part of this package.
I only use clamd and freshclam.
The daemons clamd and freshclam are installed in /usr/sbin, and the
configurationfiles clamav.conf and freshclam.conf are in /etc.
A database with signatures of virusses is installed in
/var/lib/clamav/db, which is an old version. It will be updated as soon
as the freshclam daemon is running.

Configuration of Clamav


The configurationfile of the clamd-daemon is /etc/clamd.conf. The
settings I use are:
(only the most important are shown)


# Example
LogFile /var/lib/clamav/log/clamd.log
#LogFileUnlock
LogTime
LogSyslog
#PidFile

TemporaryDirectory /var/lib/clamav/tmp
DatabaseDirectory /var/lib/clamav/db
LocalSocket /var/lib/clamav/run/clamd.sock
FixStaleSocket
#TCPSocket

User Clamav

ScanPE
ScanOLE2
ScanMail
ScanHTML
#ScanArchive
ScanRAR

Posted by at No comments:
Subscribe to: Posts (Atom)