Wednesday, February 16, 2005

Coming Very Soon Internet Explorer 7.0

Microsoft Chairman Bill Gates announced the release of IE 7 (Beta) by Summer. It will be secure and less succeptible to Spywares is what the Big Software giant says.

Whatever but i guess it will be worth a shot.

Here is an extract from the story on yahoo! news which can be accessed via here

Version 7.0 of IE will work on systems running Windows XP (news - web sites) Service Pack 2, and will be specifically designed to leverage the many security features already found in SP2. Gates said that there are now more than 170 million copies of Windows XP SP2 distributed globally. He added that Microsoft will continue to offer its Windows AntiSpyware software for free (a beta version is available at—featured on the home page), after many observers had speculated that Microsoft would charge for it.

What do you say would you sway back to IE from firefox.Keep the mails and comments coming in :)


Monday, February 14, 2005

Tools & Traps…Do Not Run Configure or Make as Root

This is specially to my people who are Sys admin and who have a bad habbit which i too had compile programs while logged in as root.

Here is an example of how a smart hacker used this to exploit systems :

You may have noticed that the process shown for compiling Nessus doesnt run either configure or make as the root user. An important concept in security is the principle of Least Privilege, which dictates that you give any program (or user) only what privilege it actually requires to do its task. This decreases the damage that a hostile or compromised program (or user) can do.
As is the case when compiling most UNIX programs, these two compilation commands dont require root privilege to runthey simply compile the software. Only the make install step actually requires root privilege, as it needs to install software outside of the users home directory. We use su, the UNIX switch-user command, to use root privilege only when necessary.

This might seem like an academic point, but it was vitally important when an attacker compromised a major distribution server for the massively popular tool tcpdump. The attacker didnt actually Trojan the tcpdump code; instead, he modified the configure script. The configure script installed a Trojan, which sent a shell back to the attacker whenever an administrator compiled the code on a system. Administrators who ran the configure script as root gave the attacker root access on their system, while every other administrator only gave the attacker access as a normal user. You can read more about this incident at:

Its also worth noting that users who check PGP signatures of any software, source or otherwise that they download seldom are caught by Trojaned software.

So they idea is to alwayz do make install as root.


Sunday, February 06, 2005

Configuring Dynamic DNS in Redhat Linux 8/9 OR A small How-to on DDNS

Hey to All on a Lazy Sunday AfterNoon,

Just before i hit out on the roads with my friends , lemme write something useful and as i promised last time i would be writting on Dynamic DNS services and it is very easy to configure as easy as it is on Windows Server.

WIth the Dynamic DNS service you can update the name for windows clients ... and the advantages are many fold.

Starting below is how you do it :

Step 1 :

First make sure you have the necessary RPMs installed:

# rpm -qa egrep "^bind^dhcp"

Which should show you have the following three RPMs installed:


Step 2 :

If you Dunn have the above packages no sweat . It is not very difficult to install them.

  • Get them from the Redhat 8/9 CD's from which you did the installation

  • If you have apt/yum installed use it as :
    #apt-get install bind and so on for the other packages

The other and more tedious way to be do it from the source or download an RPM and do a
#rpm -ivh <>

Step 3 :

Assuming that you have dhcpd and bind installed properly lets go on with the configration reqd and i am assuming the name of the domain that i am making as and IP block as /16

Starting with dhcp server here is the part of /etc/dhcpd.conf that needs to be tweaked.

# Turn on Dynamic DNS:
ddns-update-style interim;
ddns-updates on;

# Don't allow clients to update DNS, make the server do it
# based on the hostname passed by the DHCP client:
deny client-updates;
allow unknown-clients;

# Configure the client's DNS settings:
option domain-name "";
option domain-name-servers;

Starting with dhcp server here is the part of /etc/named.conf that needs to be tweaked.

zone "" in {
type master;
file "";
allow-update { localhost; };

zone "" IN {
type master;
file "192.168.0.rev";
allow-update { localhost; };

include "/etc/rndc.key";

Step 4 :

Generate a sha1 MD5 key on the localhost for rdnc to work.

Below is how will you put the key :

key "rndckey" {
algorithm hmac-md5;
secret "loFiocFzppGDq0OuFGDTFbSLNKpYjwjlhOZrkBVlNEozEIerNWDhcjeNOtZe";

Step 5 :

This needs to be added to the file /var/ for the DDNS updates to be done :

; This file will be automatically updated when a DHCP assigns an address
$TTL 600 ; 10 minutes

This needs to be added to the file /var/192.168.0.rev for the DDNS updates to be done :

; This file will be automatically updated when DHCP issues an address
$TTL 600 ; 10 minutes

These lines are to be put at the end of the respective files as mentioned.

Step 6 :

Last but not the least reload the DNS and the DHCP server and also what i assumed in the above config is that the DNS and the DHCP server are on the same machine. If not you need to tweak the /etc/named.conf and /etc/rdnc.conf to get it working. Feel free to Message me in case you need to know more on it.

Now i am off to Coffee though a lill early :D

Till Then Take Care

Hey to All from a to be Engineer

Hey Friends ,

Dunn be shocked this is the same Nitin and i finished my Engineering 2 yrs back, my cousin Abhinav Sethi from Pune (BVPCoe) Bharti VidyaPeeth College of Engineering has come over for the weekend and was telling me all his final year escapades. It was fun to hear his escapades as i did a lot more during my engineering days.

So just struck me to ask him to put it in his own words and he jumped on the idea . Hes scribbled something which i am posting below :

Hey friends (uuh..... engineers)
This is Abhinav Sethi, doing my final year of my engineering from Pune the place to be for students.....and as all Engineers ,well I myself (along with many people are) surprised how I am about to completed it in 4 yrs.....
For me engineering has always been fun not for studies and technical stuff
But just to hang out with friends...Who is to blame ...I guess thats the whole system except US :D (Thats the way Engineers put it).
We never have hard time fooling our project guide because she doesnt t know anything.
Whenever she asks for details and designed components, we have the perfect answer......
The company doesnt t allow us to release the notes to college...Anyways things have changed since I have come in final year. Most of us have been placed. Its been a record placements this time in our college. Ihave realized engineers are in demand in every field .May be because we can manage anything in life. I hope u know what I mean., studying for a night and just going for exams, preparing seminars in 2 days.....and story goes on. I have afriend with decent academics and topping all the aptitude tests with great communication skills but not being placed...not sure what companies are looking for. Now really not sure, what to do....No problems I am an engineer I can bear anything in life. So whenever I get down in life I think I am an engineer and just move on. I can safely say its a privilege to be an ENGINEER .Thankfully I have been placed now, againsome people cannot believe it. Now when its gonna end I am sure Ill have good memories of it. Now looking forward to next part of my life. But I am sure all you engineers cannot forget the college days, speciallythe submission ones where one would not sleep for 3 days in a row and even then journals would be thrown to your face. I think I still love it.
The next phase ,hopefully ,will be totally different...needs to be done with more responsibility and dedication, So I think I am totally prepared for linux and servers to be better part of my life than gals. wow its gonna be a goofy journey. WellI wish best of luck to everyone starting their professional life..

This would make a diff only to engineers and pls mail me on what you think and do we all feel the same after leaving college and full time into our professional lives.


Friday, February 04, 2005

Linux just isn't user-friendly when it comes to viruses. You have to work to find and run them

Running Windows viruses with Wine

A nice article on the newsforge website on trying out below mentioned Windows Virii in Wine

The Viruses tested are :

You can read more on it and check out the resultshere


Amazing advertisement which features Gandhi

Amazing advertisement which features Gandhi by an Italian telecom company. View the ad.