FIREFOX Extension – gTRANSLATE

Translating a webpage or word is a bit of a shlep.I use(d) Babelfish for all my translating - if you scroll down you will spot the babelfish page translator right at the bottom of the side bar.

Babelfish is very useful and I haven’t really tried anything else until now – Google translation services have always been there and gTranslate makes use of this service very efficiently. You can translate any text in a webpage just by selecting and right-clicking over it.

Get gTRANSLATE here (Direct Download 23KB) – and if you are still using IE all I can say is – Try FIREFOX (Direct download 4.88 MB) I’ve been using FIREFOX for a year and it’s not going to be easy to convert me back to IE !!!

GMAIL DRIVE UPDATED

GMail Drive creates a virtual file system on top of your Google GMail account and enables you to save and retrieve files stored on your GMail account directly from inside Windows Explorer. GMail Drive literally adds a new drive to your computer under the My Computer folder, where you can create new folders, copy and drag'n'drop files to.

I’ve been using the old version for quite some time and it had a couple of hiccups. It had some enumerating issues, login failures and no drive content after enumeration. After a couple of logins, uploads and downloads it feels like the fixes have been done proper and it operates smoother.

Get more info here and if you want to give it a bash download it here ( Direct download 135 KB )

W32Mytob almost caught me out !

I received a strange but believable email disguised with our company domain.

The first email was a bit strange. Email from: admin@mydomain.com subject: “You have successfully updated your password “came with a zipped .doc (ytytytyt .doc) attachment and I thought nothing of it.

Then came the second email : support@mydomain.com subject: ” WARNING MESSAGE: YOUR SERVICES NEAR TO BE CLOSED.” with a zipped .exe attachment. Once again I ignored it and I didn’t execute the zipped .exe(ytytytyt .exe) thinking that it might be a virus.

Then the third email : info@mydomain.com subject: ” You have successfully updated your password” and it had a zipped .scr(ytytytyt .scr) attachment.

Now as you can see this is pretty nifty and very believable, and it sends an email with a rather convincing message.So convincing that one of our staff members decided to double click the last mentioned .scr file. - EISH !

W32Mytob in action :
W32.Mytob.PJ@mm is a mass-mailing worm that opens a back door and lowers security settings on the compromised computer. If your antivirus haven’t been updated for this specific virus then you will most definitely be a recipient of one of the above mentioned emails.

Two ways to check if the PC is infected :
W32.Mytob attempts to end a whole list of processes.Some affected pc’s won’t be able to open the registry from run and when an attempt is made to open task manager it is automatically closed.

The removal is pretty simple :

1. Stop the mailing process - disable the affected user account on the mail server
2. If the user runs XP: enable the windows firewall
3. Download the Symantec removal tool and follow the virus removal instructions to ensure that W32Mytob have been removed successfully.

After my virus update (AVG and ClamWin) W32.Mytob was detected successfully and it removed the attachments from the affected emails.

As long as you don’t execute one of those zipped files you’ll be safe.

Top 15 security tools – Via Darknet

1.Nmap

Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source
Download NMap

2. Nessus Remote Security Scanner

Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.
Download Nessus

3.John the Ripper

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.
Download John the ripper

4.Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).
Download Nikto

5.SuperScan

Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan.
Download Superscan

6.Pof

P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:

- machines that connect to your box (SYN mode), machines you connect to (SYN+ACK mode),machine you cannot connect to (RST+ mode), machines whose communications you can observe.
Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.
Download POF

7. Ethereal

Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here. Windows binaries available here.
Download Ethereal

8. Yersinia

Yersinia is a network tool designed to take advantage of some weakeness in different Layer 2 protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, the following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP).
Download yersinia

9. Eraser

Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is Free software and its source code is released under GNU General Public License.
Download eraser

10. PuTTY

PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. A must have for any h4×0r wanting to telnet or SSH from Windows without having to use the crappy default MS command line clients.
Download Putty

11. LCP

Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute force session distribution, Hashes computing.
Download LCP

12. Cain & Abel

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.
Download Cain & Abel

13. Kismet

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
Download KISMET

14.Netstumbler

NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
Verify that your network is set up the way you intended.
Find locations with poor coverage in your WLAN.
Detect other networks that may be causing interference on your network.
Detect unauthorized “rogue” access points in your workplace.
Help aim directional antennas for long-haul WLAN links.
Use it recreationally for WarDriving.
Download Netstumbler

15. HPING

hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features.
Download HPING

Google and AJAXAMP - making life easier.

After killing some time on the web I stumbled across 2 useful applications/free services offered-Google calendar and AjaxAMP v3.0. I played around with both and I recommend them.

Google calendar:

There’s no question about Google’s abilities to take over the web. Google calendar justifies that in all ways. It took sometime for calendar to finally make it’s appearance, but there is truth in the old saying – good things comes to those who wait.

It’s got all the standard features of all calendar apps out there and more:

Possibility to share the calendars, synchronization with Outlook, integration with Gmail and a clean interface.

AjaxAMP v3.0 - nifty Web 2.0 plugin for Winamp :

AjaxAMP allows you to access Winamp over the network using a web browser and control it or stream music to or from it.

Using AjaxAMP you can:

• Listen to your music from anywhere using a web browser.
• Control Winamp from anywhere using a web browser.
• Cause your music to play on a remote computer.
• Use one computer to stream music from a 2nd computer to a 3rd computer.
• Search and stream your entire music collection ridiculously fast.

Once installed, AjaxAMP runs silently as a lightweight web server inside Winamp. Using AJAX (Asynchronous JavaScript and XML) techniques, it creates a web interface for Winamp which duplicates the actual Winamp interface inside a Web browser. Just point your browser to the computer's IP address at port 5151 and you can control Winamp! For example, install the plugin then point a web browser to http://127.0.0.1:5151 to begin controlling Winamp on your own computer. AjaxAMP has its own Media Library which allows you to browse, search, and sort through your music and to drag-and-drop folders or music files onto the play list.

Download links:

WIN2K / WIN XP installer.exe (445kb Direct download )
WIN2K / WIN XP installer zipped (410kb Direct download)
Overview of fixes and enhancements