How to install Nessus on Backtrack 4

Things has not changed much in the previous versions, of both BackTrack (except it's now Ubuntu) and Nessus. However, it is always good to post something here so that I can refer back to it when I need to.

What you will need is to Download Nessus via:
http://www.nessus.org/download/

The version I get now is 4.2.2. You probably want the GUI as well, which I am not very sure if it is still supported since the version is still at 4.0.2:
http://www.nessus.org/download/index.php?product=NessusClient

In your BackTrack, open a command prompt (or shell) and run:
dpkg -i
for both the Server and the Client (if you want the GUI).

For Nessus Server, the following steps are required:

1. 1. Make the certificates
   
   

   /opt/nessus/sbin/nessus-mkcert

2. Register the scanner in order to download update
   

   /opt/nessus/bin/nessus-fetch –register XXXX-XXXX-XXXX-XXXX-XXXX

   Nessus will fetch the update once it finish register. Btw, I presumed you know how this works, if not, you can refer to: http://www.nessus.org/register/

3. Create a Nessus User
   

   
   /opt/nessus/sbin/nessus-adduser
   
   

4. Start Nessus Server
   

   
   /etc/init.d/nessusd start
   
   

5. Start Nessus Client
   
   

   Backtrack -> Internet -> NessusClient or from CLI: /opt/nessus/bin/NessusClient

That's all to it.

Apple refuses to fix Safari on OSX even after it had been fixed for 2 years on Windows

Source:
http://www.networkworld.com/news/2010/052510-two-years-later-apple-still.html?source=nww_rss

Still remember the carpet bombing attack on Safari? Well, it is still not fix on OSX simply because Apple did not find a way to exploit it. Bottom line, the file is saved automatically on OSX in the download directory, but it is still not yet possible to exploit it (yet).

Guess this will be a ticking timebomb. As soon as a remote binary execution exploit is found for OSX. That will either be the day some guy get famous because of this combine attack or the day that many Mac get compromised.

Well, remember that you heard this first from me. And do not come banging my wall when it happen. It ISNT me!

Power Supply Calculator

Asus has a Power Calculator that never seem to work for me:
http://support.asus.com/PowerSupplyCalculator/PowerSupplyCalculator_right.aspx

It is probably designed for a very old version of IE or something.
But what I want to introduce is this:
http://www.extreme.outervision.com/PSUEngine

This page has a good inventory to take into consideration all type of CPU, Graphics card etc. It is always good to calculate how much you need before you go ahead to buy your PSU.

IBM free thumbdrive comes free with malware!

Yes, the title says what happened, except it is not ONE, but TWO malware which were detectable since 2007.

IBM security. What do you think of them now?

Read about it:
http://www.networkworld.com/news/2010/052110-ibm-red-faced-after-handing-out.html?source=NWWNLE_nlt_security_2010-05-24

8 Steps to remove a generic malware

Here is a link to an article which shows 8 basic steps on the removal of a malware.
http://www.techspot.com/vb/topic58138.html

I guess it is good to have it printed out in case of a rainy day.

Metasploit 3.4.0 Released

After the long wait, Metasploit 3.4.0 is finally released as final. However, if you had been on the trunk branch, you will be able to get 3.4.1-dev by now via svn.

Changes in Metasploit 3.3 to 3.4:
http://www.metasploit.com/redmine/projects/framework/wiki/Release_Notes_34

IE 6 Must Die!

Yes, IE6 is way expired, sour and smells funny by now, but suckers (aka banks) still love it. Why? Because they have developer who can only develop applications that only works in IE6. When challenged , they will bring out the dusty old paper stating the bank supports IE6 which was written years ago. Whose fault? Everyone! And that include you, if you are still using IE6 to access your banking application. In short, IE6 Must Die!

Read more from the IE6 developers:

http://news.cnet.com/8301-30685_3-20004987-264.html

Why many of my friends are in Medical School...

When will you patch?

This was a poll I ran sometimes back to see how fast / slow will the reader patches and here is the results:

《我愛雨夜花》~S.H.E

《愛就對了》 ~ S.H.E

《SHERO》 ~ S.H.E

《你不会》~ S.H.E

Analyzing Malwares Using Microsoft Tools

This article is very technical, but nevertheless shows that even with simple (ok, but not so simple) and free tools from Microsoft, we can begin to do some malware analysis on our own.

http://community.websense.com/blogs/securitylabs/archive/2010/04/29/analyzing-malwares-using-microsoft-tools.aspx

Beware, the Windbg package includes the WDK (which had just been updated and is of Apr 2010 instead of March 2009 as mentioned in the article) is quite big (700MB).

Keyboard Problem in Vmware running Ubuntu 10.04 LTS

It seems that the default keyboard was setup wrongly for use in VMware for the Ubuntu 10.04 release. What actually happens is that at the boot up, the keyboard completely did not work. If this is your problem you are at the right post.

Here is the step by step on how to fix it:
1. At the login screen, click on the little man in circle icon below to enable universal access preferences. Check the first option for a virtual keyboard.
2. For some users, there is just a flash and then nothing happens. If this is the case, simply click on the reboot icon at the bottom to reboot.
3. Once the Virtual Keyboard is up, use it to login.
4. Once inside Ubuntu, the keyboard will work. Open a shell and get to /etc/default. Edit this file with whatever you prefer (pico, nano, vi etc)
5. Find the following right at the end:

XKBMODEL="SKIP"
XKBLAYOUT="us"
XKBVARIANT="U.S. English"
XKBOPTIONS=""

This is where the problem lies. You need to edit it to:

XKBMODEL="pc105"
XKBLAYOUT="us"
XKBVARIANT=""
XKBOPTIONS=""

The "pc105" is the most important line. After which, reboot if you feel like it and the keyboard will work.
6. If you hate the Virtual Keyboard, simple disable it at the login screen.