Remember the paperless office? By now we were supposed to be handling all of our documents digitally, and saving trees by using computers to handle everything electronically. If you’d like to make backup copies of ephemeral content without printing it out, turn your Linux box into a PDF generation device for your entire network.
What sort of things might you want to save as PDFs? When you buy stuff online, virtually every site provides a receipt, which you may want later if the order email is lost or if you need to send in a receipt for expense reports. However, you may not want to print all of them out just to keep them around, and Firefox only supports writing to PostScript, rather than PDF.

What you’ll need is a Linux box with the Common UNIX Printing System (CUPS) and the CUPS-PDF driver. I set this up on Ubuntu Feisty, but it should work on any Linux distro with CUPS and the CUPS-PDF driver.
Continue Reading…

Here is p0f “sales pitch” from it’s website.

What is p0f v2?

P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:

- machines that connect to your box (SYN mode),
- machines you connect to (SYN+ACK mode),
- machine you cannot connect to (RST+ mode),
- machines whose communications you can observe.

P0f can also do many other tricks, and can detect or measure the following:

- firewall presence, NAT use (useful for policy enforcement),
- existence of a load balancer setup,
- the distance to the remote system and its uptime,
- other guy’s network hookup (DSL, OC3, avian carriers) and his ISP.

All this even when the device in question is behind an overzealous packet firewall, when our favourite active scanner can’t do much. P0f does not generate ANY additional network traffic, direct or indirect. No name lookups, no mysterious probes, no ARIN queries, nothing. How? It’s simple: magic. Find out more here.

—————————————–

Personally I don’t think p0f is as good as ettercap and fingerprinting tools. But it does work, sometimes…

In my personal test it couldn’t identify most website server ie, google.com, yahoo.com, microsoft.com, and such. It did work on couple of them which I have posted here:

In linux you have to be root to run it. I used the commands “p0f -A -r”

For other options as ussual type “man p0f” or just read the readme files.

Continue Reading…

Nikto Homepage: http://www.cirt.net/code/nikto.shtml

Description: Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3300 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

Nikto is not designed as an overly stealthy tool. It will test a web server in the shortest timespan possible, and it’s fairly obvious in log files. However, there is support for LibWhisker’s anti-IDS methods in case you want to give it a try (or test your IDS system).

Under Ubuntu First I will download and install it from the repositories:

Continue Reading…

What is JanusVM?
JanusVM is software that allows you to surf the Internet without oppression or censorship, while protecting your privacy, security, and identity. It has advanced filtering capabilities for modifying web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. JanusVM was designed to used on Microsoft Windows (2000/XP/2003) and Linux. (Source)

You need to download and install VirtualBox which you can download free from their website : http://www.virtualbox.org/wiki/Downloads

You can also use VMware player which is also free and run the the preconfigured VirtualMachine download of JanusVM. You can use the Live ISO version of JanusVM with VMware too but you need the commersial server version of VMware for that.

For this Experiment we will use the VirtualBox and Live ISO version of JanusVM under Windows 2003 environment.

First we install VirtualBox:

Continue Reading…