Showing posts sorted by date for query Linux. Sort by relevance Show all posts
Showing posts sorted by date for query Linux. Sort by relevance Show all posts

Red Hat Enterprise Linux 7 Beta Arrives! Download Now And You Can Win $500

Posted by Avik Sarkar On 12/20/2013 12:55:00 am

Red Hat Enterprise Linux (RHEL) 7 Arrived With Expanded Container Support, Performance Profiles, XFS As the Default Filesystem & Many More. 
We have just spent a less than a month time after the release of Red Hat Enterprise Linux 6.5 made available globally, yet again the American multinational software company, leading the world for open-source software has announced the availability of a first public beta release of Red Hat Enterprise Linux (RHEL) version 7. Based on Fedora 19 and the upstream Linux 3.10 kernel, Red Hat Enterprise Linux 7 will provide users with powerful new capabilities that streamline and automate installation and deployment, simplify management, and enhance ease-of-use, all while delivering the stability that enterprises have come to expect from Red Hat. This further solidifies Red Hat Enterprise Linux's place as the world's leading Linux platform and a standard for the enterprise of the future. Whether rolling out new applications, virtualizing environments or scaling the business with cloud, Red Hat Enterprise Linux 7 delivers the keystone to IT success. The beta release of Red Hat Enterprise Linux 7 adds value to new and existing IT projects across industries by adding key capabilities to improve critical but often cumbersome IT tasks like virtualization and storage while offering a clear pathway to the open hybrid cloudIn their official Red Hat Enterprise Linux YouTube channel, Red Hat posted a short video where you can hear what the team at Red Hat has to say about the next-generation of the world’s leading Linux platform.

Red Hat Enterprise Linux 7 Beta showcases hundreds of new features and enhancements, including: 
  • Linux Containers - Enabling applications to be created and deployed in isolated environments with allocated resources and permissions.
  • Performance Management – Using built in tools, you can optimize performance out-of-the-box.
  • Physical and Hosted In-place Upgrades - In-place upgrades for common server deployment types are now supported. Additionally, virtual machine migration from a Red Hat Enterprise Linux 6 host to a Red Hat Enterprise Linux 7 host is possible, without virtual machine modification or downtime.
  • File Systems – File systems continue to be a major focus of development and innovation.
    • XFS is now the default file system, supporting file systems up to 500TB
    • ext4 file systems are now supported to 50TB and include block sizes up to 1MB
    • btrfs file systems are now available to test
  • Networking – Enhanced networking configuration and operation. Added support for some of the latest networking standards, including:
    • 40Gb Ethernet support
    • Improved channel bonding
    • TCP performance improvements
    • Low latency socket poll support
  • Storage – Expanded support for enterprise level storage arrays. Improved scalable storage stack for deployments that are less disk intensive. Improved storage management for heterogeneous storage environments.
  • Windows Interoperability – Bridge Windows™ and Linux infrastructure by integrating SAMBA 4.1 with existing Microsoft Active Directory domains. Or, deploy Red Hat Enterprise Linux Identity Management in a parallel trust zone with Active Directory.
  • Subsystem Management – Simplified configuration and administration with uniform management tools for networking, storage, file systems, performance, identities and security. Leveraging the OpenLMI framework, enables use of scripts and APIs to automate management.
To know deeply about the hot features and enhancement of RHEL 7 beta 1, click hereI am quite sure that, after going through with the above description, all of you are very much excited to grab this brand new beta of RHEL 7. Like the previous beta release, this time also The Red Hat Enterprise Linux 7 beta has been made available to Red Hat customers, partners, and members of the public. For further information and to access the beta click here. Last but not least, with this release Red Hat also calls for an very interesting competition, where you can participate & win $500 while telling Red Hat, what interests you most in RHEL 7 beta. So what are you waiting for, lets download RHEL 7 and explore it. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Android 4.4 'KitKat' -The More Compatible, Intelligent and Simple Android Ever

Posted by Avik Sarkar On 12/07/2013 12:33:00 am

Android 4.4 'KitKat' All You Need to Know-The More Compatible, Intelligent and Simple Android Ever 

Earlier we have discussed several times on android- which is one of the world's most popular and widely used operating system based on Linux kernel, mainly designed for smartphones and tablet computers. Since last four years we have got various flavor of android among them 2.2 (Froyo), 2.3.3–2.3.7 (Gingerbread), 3.2 (Honeycomb), 4.0.3–4.0.4 (Ice Cream Sandwich) & 4.1.x-4.3.x (Jelly Bean) successfully drawn public attention and gained popularity. After the success of Jelly Bean, now Google has introduced Android 4.4 nicknamed 'KitKat.' Official website of android explained the reason of this nomenclature -'as everyone finds chocolate so tempting, we decided to name the next version of Android after one of our favorite chocolate treats, the KitKat®!' Immediately after this release android 4.4 is vogue as with this version of android Google improved performance and memory usage, makes this version more compatible than ever; you can easily try KitKat on your older smartphones. Now lets illuminate android 4.4 briefly-

Introduction:-
Readers, I will introduce a simple way the new features of the version of android, "The KitKat" Accompanies the more intelligent and simple search for Android, says the official Google blog, and more importantly, Should Have compatibility with older devices. This means more people que can have access to the innovations than other Android updates.

Performance and improved use of memory:-
Many of the major changes are the KitKat under the hood. The overall performance should improve, especially in relation to RAM. The Android developers site says "KitKat streamlines all the key components to reduce memory consumption", so even older smartphones running Android 4.4 will be faster and more responsive - even with 512MB of RAM. The multitasking should work better and you can switch applications without lock your smartphone.

Simpler and more powerful: (Google Now)
The Google Now gained much prominence in KitKat, with quick, more cards, and more features without using their hands. Not too can wake up your smartphone to start a search and take a picture saying only "OK Google Now"? It's like Google Glass, but on your smartphone.
The Google Now will also gain space on your homescreen, if you want (and you can slide left to right to find it), and Google will add more cards to make your smartphone smarter automatically suferindo things based on your interests , location, and more.

Support SMS, location sharing, and animated GIFs in Hangouts:-
Google announced this week that Hangouts will turn the main messaging app - is text messaging, video calls and instant. If you hate having your conversations scattered in several different apps, with KitKat you need only Hangouts, which replaces the old Mail app.
The use of location sharing can be very convenient when you're meeting a friend and wants to tell exactly where it is.
Finally, if you like to put emojis in messages, are present in many new keyboard Google.

Improvements in NFC, Cloud Printing and File Management:-
The KitKat also includes improvements that developers can now use apps to improve their apps. Regarding the NFC, it may automatically take you to the right app when you touch your device into a payment terminal. Printer manufacturers can develop served to send print files from Android to your printer. And the new framework for access to storage provides a consistent way to access files stored in other facilities in other apps (eg, open or save files in Dropbox or Box when you're in the browser).
In short, I will whole heartily agree with Google while saying -KitKat 4.4 is Smart, simple, and truly yours To know more about Android 4.4 'KitKat' click here

While concluding this article, I on behalf of Team VOGH, want to thank our new guest editor Mr. Rafael Souza, for sharing his view and extensive thought on android 4.4. Rafael we love you. 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Red Hat Inc Announced The General Availability Red Hat Enterprise Linux (RHEL) 6.5

Posted by Avik Sarkar On 11/30/2013 03:32:00 am

Red Hat Inc Announced The General Availability Red Hat Enterprise Linux (RHEL) 6.5 

The RHEL 6x series get another important update as Red Hat Inc, the world's leading provider of open source solutions announced the general availability of Red Hat Enterprise Linux 6.5, the latest version of Red Hat Enterprise Linux 6. According to the official press release of Red Hat -RHEL 6.5 expands Red Hat’s vision of providing an enterprise platform that has the stability to free IT to take on major infrastructure challenges and the flexibility to handle future requirements, with an extensive partner and support ecosystem. 
Red Hat Enterprise Linux 6.5 is mainly designed for those who build and manage large, complex IT projects, especially enterprises that require an open hybrid cloud. From security and networking to virtualization, Red Hat Enterprise Linux 6.5 provides the capabilities needed to manage these environments, such as tools that aid in quickly tuning the system to run SAP applications based on published best practices from SAP.“Red Hat Enterprise Linux 6.5 provides the innovation expected from the industry’s leading enterprise Linux operating system while also delivering a mature platform for business operations, be it standardizing operating environments or supporting critical applications. The newest version of Red Hat Enterprise Linux 6 forms the building blocks of the entire Red Hat portfolio, including OpenShift and OpenStack, making it a perfect foundation for enterprises looking to explore the open hybrid cloud.”-said Jim Totton, vice president and general manager of Red Hat Inc. Now lets take a closer look to the main highlights of RHEL 6.5 : 

Securing the Next-Generation Enterprise
Red Hat Enterprise Linux 6.5 continues the push for integrated security functionality that combines ease-of-use and up-to-date security standards into the platform. The addition of a centralized certificate trust store enables standardized certificate access for security services. Also included are tools that meet leading security standards, including OpenSCAP 2.1, which implements the National Institute of Standards and Technology’s (NIST’s) Security Content Automation Protocol (SCAP) 1.2 standard. With these additions, Red Hat Enterprise Linux 6 provides a secure platform upon which to build mission-critical services and applications.

Networking – When Every (Micro)Second Matters
In the financial services and trading-related industries, application latency is measured in microseconds, not seconds. Now, the latest version of Red Hat Enterprise Linux 6 fully supports sub-microsecond clock accuracy over the local area network (LAN) using the Precision Time Protocol (PTP). Precision time synchronization is a key enabler for delivering better performance for high-speed, low latency applications. Red Hat Enterprise Linux 6.5 can now be used to track time on trading transactions, improving time stamp accuracy on archived data or precisely synchronizing time locally or globally. Thanks to other networking enhancements in Red Hat Enterprise Linux 6.5, system administrators now have a more comprehensive view of network activity. These new capabilities enable sysadmins to inspect IGMP (Internet Group Management Protocol) data to list multicast router ports, multicast groups with active subscribers and their associated interfaces, all of which are important to many modern networking scenarios, including streaming media.

Virtualization Enhancements
Red Hat Enterprise Linux 6.5 continues Red Hat’s commitment to improving the overall virtualization experience and includes several improvements that make it a compelling choice for running in virtualized environments. Sysadmins can now dynamically enable or disable virtual processors (vCPUs) in active guests, making it an ideal choice for elastic workloads. The handling of memory intensive applications as Red Hat Enterprise Linux guests has also been improved, with configurations supported for up to 4TB of memory on the Kernel-based Virtual Machine (KVM) hypervisor. The KVM hypervisor also integrates with GlusterFS volumes to provide direct access to the distributed storage platform, improving performance when accessing Red Hat Storage or GlusterFS volumes. Finally, guest drivers have been updated to improve performance of Red Hat Enterprise Linux 6.5 running as a guest on supported third-party hypervisors.

Evolving Ease-of-Use, Storage, and More
As application deployment options grow, portability becomes increasingly important. Red Hat Enterprise Linux 6.5 enables customers to deploy application images in containers created using Docker in their environment of choice: physical, virtual, or cloud. Docker is an open source project to package and run lightweight, self-sufficient containers; containers save developers time by eliminating integration and infrastructure design tasks. Red Hat Enterprise Linux 6.5 stays current with the advancements in Solid-State Drive (SSD) controller interface, introducing support for NVM Express (NVMe)-based SSDs. The NVMe specification aims to standardize the interface for PCIe-based SSDs and its inclusion in Red Hat Enterprise Linux 6.5 positions the platform to support an expanding range of future NVMe-based devices.

Improvements have also been added to improve enterprise storage scalability within Red Hat Enterprise Linux 6.5. It is now possible to configure more than 255 LUNs connected to a single iSCSI target. In addition, control and recovery from SAN for iSCSI and Fibre Channel has been enhanced, and updates to the kexec/kdump mechanism now make it possible to create debug (dump) files on systems configured with very large memory (e.g. 6TB).

Red Hat Enterprise Linux 6.5 makes it easier to track and manage subscription consumption across the enterprise, integrating subscription tracking into existing business workflow. Usability enhancements include support for remote access to Windows clients and servers that use a newer version of the RDP protocol, including Windows 7 and 8 desktops and Windows Server 2012

To Download Red Hat Enterprise Linux 6.5 Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Linux Mint 16 "Petra" Released With Choice of MATE or Cinnamon

Posted by Avik Sarkar On 11/17/2013 06:29:00 pm

Linux Mint 16 "Petra" Released With Choice of MATE or Cinnamon

Earlier we have talked many times on Linux Mint, it is one of most modern, elegant and comfortable operating system based on Ubuntu or Debian which is both powerful and easy to use. The Linux Mint project has started  in 2006, since then the consistent effort of it's developers and contributors has made Linux Mint the 4th most widely used home operating system behind Microsoft Windows, Apple Mac OS and Canonical's Ubuntu. As promised from beginning the mint team used to release their new version in every six months. The last we got was Linux Mint 15 'Olivia'. Again also the team proudly to announced the release of Linux Mint 16 code named "Petra". There's been quite a lot of anticipation for the next version of Linux Mint, and as expected the result is indeed satisfactory. According to the official blog of Linux Mint- "Petra" took 6 months of incremental development on top of stable and reliable technologies. This new release comes with updated software and brings refinements and new features to make your desktop even more comfortable to use. This new release comes with updated software and brings refinements and new features to make your desktop even more comfortable to use." One of the more interesting updates of the release is version 2.0 of Cinnamon (a fork of GNOME Shell), with a large number of new features: "Cinnamon 2.0 represents 5 months of development and 856 commits from 28 developers. It features a lot of bug fixes but also brand new features and many improvements." Lets look at the new features at a glance:

New features in Linux Mint 16 MATE:-
  • Login Screen
  • USB Stick support
  • Performance improvements
  • Software Manager
  • System Improvements
  • Artwork Improvements
  • Main Components 


For a complete overview and to see screenshots of the new features Linux Mint 16 click here. The Linux Mint site has a list of new features separately for both MATE and Cinnamon. Make sure to read the “Release Notes” to be aware of important info or known issues related to this release. So dear friends what are you waiting for! lets download Mint 16 and explore it. 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Hackers Exploiting Old Ruby on Rails Vulnerability To Compromise Web Servers & Create Botnet

Posted by Avik Sarkar On 6/03/2013 09:06:00 pm

Hackers Exploiting Old Ruby on Rails Vulnerability (CVE-2013-0156) To Compromise Web Servers & Create IRC Botnet
A critical vulnerability on Ruby on Rails spotted in January this year which was deemed “critical” at the same time yet again found in the wild. The vulnerability known as CVE-2013-0156 that affected versions 3.0.20 and 2.3.16 again rises it's hand. Though a security patch was released by the Rails developers. But as we all know that many server administrator used to be unaware of these events have not patched their systems. As a result hackers and cyber criminals are actively exploiting a critical vulnerability in the Ruby on Rails Web application development framework in order to compromise Web servers and create a dangerous botnet. This major security issue was first discovered by a security consultant Mr. Jeff Jarmoc of research firm Matasano Security. In his blog Jarmoc said "It’s pretty surprising that it’s taken this long to surface in the wild, but less surprising that people are still running vulnerable installations of Rails. It also appears to be affecting some web hosts." According to his blog post -the exploit that's currently being used by attackers adds a custom cron job -- a scheduled task on Linux machines that executes a sequence of commands. Those commands download a malicious C source file from a remote server, compile it locally and execute it. The resulting malware is a bot that connects to an IRC (Internet Relay Chat) server and joins a predefined channel where it waits for commands from the attackers. A pre-compiled version of the malware is also downloaded in case the compilation procedure fails on the compromised systems.
"Functionality is limited, but includes the ability to download and execute files as commanded, as well as changing servers," Jarmoc said. "There's no authentication performed, so an enterprising individual could hijack these bots fairly easily by joining the IRC server and issuing the appropriate commands." But the matter of relief is that Jarmoc concluded while saying "this is a pretty straightforward skiddy exploit of a vulnerability that has been publicly known, and warned about, for months."

But still administrators who have not yet patched their Rails version should immediately should update the Ruby on Rails installations on their servers to at least versions 3.2.11, 3.1.10, 3.0.19 or 2.3.15 which contain the patch for this vulnerability. However, the best course of action is probably to update to the latest available Rails versions, depending on the branch used, since other critical vulnerabilities have been addressed since then. 

Brief About RoR:- Ruby on Rails is a popular framework for developing Web applications based on the Ruby programming language and is used by major websites including Hulu, GroupOn, GitHub and Scribd.







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Debian Linux 7.0 Code Named 'Wheezy' Released & Available For Download

Posted by Avik Sarkar On 5/09/2013 04:30:00 pm

Debian Linux 7.0 Code Named 'Wheezy' Released & Added  Multiarch Support, Several Specific Tools

Once it was one of the most popular Linux distribution which have drawn the maximum attention, yes you are right I am talking about none other than Debian Linux. Now a days the craze of this flavor has became little fade but as the foundation for other, more popular Linux distributions, such as Mint, Ubuntu and few Pen Testing Distro, still the value of Debian exist. So the up-gradation and new release of this Linux flavor is  still very much important. And today I will talk about the new release of Debian Linux version 7.0 code named 'Wheezy'. After many months of constant development, the developers at Debian project proudly announced the general availability of the next version of this major Linux which is Debian 7.0 aka 'Wheezy'. According to the release note This new version of Debian includes various interesting features such as multiarch support, several specific tools to deploy private clouds, an improved installer, and a complete set of multimedia codecs and front-ends which remove the need for third-party repositories. Multiarch support, one of the main release goals for Wheezy, will allow Debian users to install packages from multiple architectures on the same machine. This means that you can now, for the first time, install both 32- and 64-bit software on the same machine and have all the relevant dependencies correctly resolved, automatically. The installation process has been greatly improved: Debian can now be installed using software speech, above all by visually impaired people who do not use a Braille device. Thanks to the combined efforts of a huge number of translators, the installation system is available in 73 languages, and more than a dozen of them are available for speech synthesis too. In addition, for the first time, Debian supports installation and booting using UEFI for new 64-bit PCs (amd64), although there is no support for Secure Boot yet. 

This Release Includes Numerous Updated Software Packages, Such as:-
  • Apache 2.2.22
  • Asterisk 1.8.13.1
  • GIMP 2.8.2
  • An updated version of the GNOME desktop environment 3.4
  • GNU Compiler Collection 4.7.2
  • Icedove 10 (an unbranded version of Mozilla Thunderbird)
  • Iceweasel 10 (an unbranded version of Mozilla Firefox)
  • KDE Plasma Workspaces and KDE Applications 4.8.4
  • kFreeBSD kernel 8.3 and 9.0
  • LibreOffice 3.5.4
  • Linux 3.2
  • MySQL 5.5.30
  • Nagios 3.4.1
  • OpenJDK 6b27 and 7u3
  • Perl 5.14.2
  • PHP 5.4.4
  • PostgreSQL 9.1
  • Python 2.7.3 and 3.2.3
  • Samba 3.6.6
  • Tomcat 6.0.35 and 7.0.28
  • Xen Hypervisor 4.1.4
  • The Xfce 4.8 desktop environment
  • X.Org 7.7

Along with these more than other 36,000 ready-to-use software packages, built from nearly 17,500 source packages also included in Debian Linux 7.0. So after reading all those cool features, what you are waiting for lets download the installation image via bittorrent (the recommended method), jigdo, or HTTP




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Linux/Cdorked.A: One of The Most Sophisticated Apache Backdoor Targets Millions of Websites

Posted by Avik Sarkar On 5/05/2013 03:11:00 pm

Linux/Cdorked.A: One of The Most Sophisticated Apache Backdoor Targets Millions of Websites to Serve Blackhole Exploit

ESET one of the world renowned security firm headquartered in Bratislava have figured out what it called a malicious cyber rampage targeting millions of cPanel-based servers. Since last few months security experts have been tracking server level compromises that have been utilizing malicious Apache modules to inject malware into websites and  redirecting some of its requests to the infamous Blackhole Exploit packs. On cPanel-based servers, instead of adding modules or modifying the Apache configuration, the attackers started to replace the Apache binary (httpd) with a malicious one. This new backdoor is very sophisticated and this new malware has been dubbed "Linux/Cdorked.A." Several analysis reveals that it is a sophisticated and stealthy backdoor meant to drive traffic to malicious websites. According to the official blog post of ESET - Linux/Cdorked.A is one of the most sophisticated Apache backdoor's we have seen so far. The backdoor leaves no traces of compromised hosts on the hard drive other than its modified httpd binary, thereby complicating forensics analysis. All of the information related to the backdoor is stored in shared memory. The configuration is pushed by the attacker through obfuscated HTTP requests that aren't logged in normal Apache logs. This means that no command and control information is stored anywhere on the system.
This malicious cyber rampage was first detected by another security firm named 'Sucuri' and later ESET published a detailed analysis of the issue. But still there are thoughtful matter as already thousands of websites get infected. The attack is particularly dangerous as Apache web servers are among the most well-known and widely-used in the world and are used by numerous companies. This means that a successful security breach can affect numerous different businesses across a diverse range of industries.
As this malware also known as Linux/Cdorked.A has already been spotted in the wild, so on behalf of cyber media, we urge all the concern system administrator, security analyst to take care of the above issue while to checking their servers and verify that they are not affected by this threat. Detailed instructions to perform this check are provided in the ESET blog.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

PostgreSQL Fixed “Persistent Denial-of-Service” Vulnerability (CVE-2013-1899)

Posted by Avik Sarkar On 4/11/2013 01:44:00 am

PostgreSQL Fixed 'High-Exposure Security Vulnerability' Causing Denial-of-Service Attack (CVE-2013-1899)

Security researcher's have yet again figured out a serious security hole in one of most widely used object-relational database management system, PostgreSQL also known as Postgres. While manipulating the loophole an attacker can easily corrupt files and in some cases, can execute malicious code on underlying servers causing "persistent denial-of-service" attack. By corrupting the files an attacker can cause database server to crash and refuse to reboot. Affected servers could only be restarted by removing garbage text from the files or by restoring them from a backup. Versions 9.0, 9.1, and 9.2 are all vulnerable. As soon as this vulnerability get spotted, the developers at PostgreSQL immediately  released updates while addressing a "high-exposure security vulnerability in versions 9.0 and later." The updates are available for 9.0, 9.1, and 9.2 branches, as well as 8.4. This updates also allow PostgreSQL to be built using Microsoft Visual Studio 2012. According to developers: "A major security issue fixed in this release, CVE-2013-1899, makes it possible for a connection request containing a database name that begins with "-" to be crafted that can damage or destroy files within a server's data directory. Anyone with access to the port the PostgreSQL server listens on can initiate this request. This issue was discovered by Mitsumasa Kondo and Kyotaro Horiguchi of NTT Open Source Software Center." In addition to fixes for one major security issue, the updates also include four more minor security fixes, as well as fixes for other, non-security-related issues. 

Some of these fixes include:
  • A security vulnerability that made contrib/pgcrypto-generated strings too easy to guess;
  • A vulnerability that would allow unprivileged users to interfere with backups;
  • Security issues involving the OS X and Linux installers;
  • Vaious issues with GiST indices;
  • An issue related to crash recovery; and
  • Memory and buffer leaks, among others.

The complete list of fixes and enhancements in each version can be found on the PostgreSQL release notes archive page. Also the patched PostgreSQL 9.2.4, 9.1.9, 9.0.13, and 8.4.17 are available now at download  page. While talking about this fix, we would like to remind you that, late in last year another security vulnerability hit PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and 8.3.20. The security holes associated with libxml2 and libxslt. Along with that a vulnerability in the built-in XML functionality, and a vulnerability in the XSLT functionality supplied by the optional XML2 extension. 



-Source (Campus Technology & The-H)








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Jadavpur University Official Website is Vulnerable to Sql Injection

Posted by Avik Sarkar On 3/31/2013 03:20:00 pm

Jadavpur University Official Website is Vulnerable to Sql Injection 

An ethical hacker from India named Chirag Singh have figured out serious loopholes in the official website of Jadavpur University -one of the most renowned and prestigious university of India. Chirag find blind Sql injection vulnerability which can be exploited by malicious purpose in order to harm the website and gain access. From the vulnerability report submitted by the hacker, it has been found that the web-server of Jadavpur University is using Red Hat Enterprise Linux 5 (Tikanga) where the web application technologies are Apache 2.2.3 and PHP 5.1.6; along with the back-end database is PostgreSQL. The hackers also managed to dump 11 database with more than 215 tables as shown in the picture below 

This issue has already been reported to the concern person and the webmaster of Jadavpur University, and due to security and privacy we are not exposing and mention the vulnerable link and dumped database.







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'Kali Linux' The Most Advanced & Stable Penetration Testing Distribution

Posted by Avik Sarkar On 3/15/2013 12:49:00 am

From The Makers of BackTrack We Got 'Kali Linux' The Most AdvancedStable Penetration Testing Distribution 

Fans of world famous penetration testing distribution 'BackTrack' can now taste another flavor as the developer at BackTrack and Offensive Security has introduced a new Linux distribution targets enterprise security, offering a suite of helpful tools for rigorous testing calling it "Kali Linux." In the official release note Offensive-Security claimed that Kali Linux is the most advanced, robust, and stable penetration testing distribution to date. From that note we also came to know that this new distribution is a product of seven years long knowledge and experience which make Kali Linux the “next generation” penetration testing distribution. Now lets look at the main features of Kali Linux at a glance: 

Kali Linux Features:-

Kali is a complete re-build of BackTrack Linux, adhering completely to Debian development standards. All-new infrastructure has been put in place, all tools were reviewed and packaged, and we use Git for our VCS.
  • More than 300 penetration testing tools: After reviewing every tool that was included in BackTrack, we eliminated a great number of tools that either did not work or had other tools available that provided similar functionality.
  • Free and always will be: Kali Linux, like its predecessor, is completely free and always will be. You will never, ever have to pay for Kali Linux.
  • Open source Git tree: We are huge proponents of open source software and ourdevelopment tree is available for all to see and all sources are available for those who wish to tweak and rebuild packages.
  • FHS compliant: Kali has been developed to adhere to the Filesystem Hierarchy Standard, allowing all Linux users to easily locate binaries, support files, libraries, etc.
  • Vast wireless device support: We have built Kali Linux to support as many wireless devices as we possibly can, allowing it to run properly on a wide variety of hardware and making it compatible with numerous USB and other wireless devices.
  • Custom kernel patched for injection: As penetration testers, the development team often needs to do wireless assessments so our kernel has the latest injection patches included.
  • Secure development environment: The Kali Linux team is made up of a small group of trusted individuals who can only commit packages and interact with the repositories while using multiple secure protocols.
  • GPG signed packages and repos: All Kali packages are signed by each individual developer when they are built and committed and the repositories subsequently sign the packages as well.
  • Multi-language: Although pentesting tools tend to be written in English, we have ensured that Kali has true multilingual support, allowing more users to operate in their native language and locate the tools they need for the job.
  • Completely customizable: We completely understand that not everyone will agree with our design decisions so we have made it as easy as possible for our more adventurous users tocustomize Kali Linux to their liking, all the way down to the kernel.
  • ARMEL and ARMHF support: Since ARM-based systems are becoming more and more prevalent and inexpensive, we knew that Kali’s ARM support would need to be as robust as we could manage, resulting in working installations for both ARMEL and ARMHF systems. Kali Linux has ARM repositories integrated with the mainline distribution so tools for ARM will be updated in conjunction with the rest of the distribution. Kali is currently available for the following ARM devices:
Kali is specifically tailored to penetration testing and therefore, all documentation on this site assumes prior knowledge of the Linux operating system. For more information, I would like to request you to visit the official website of Kali Linux. 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'Indian OS' DRDO Introducing It's Own Operating System to Harden Cyber Security

Posted by Avik Sarkar On 12/25/2012 02:12:00 am

'Indian OS' DRDO Introducing It's Own Operating System to Harden Cyber Security 

On the 3rd Worldwide Cyber security Summit, Telecom and IT Minister of India, Kapil Sibal said the Indian Government will invest $200 million in coming 4 years. This high tech plan of Indian govt in now getting executed, as Defence Research and Development Organisation (DRDO) along-with other premier institutes is developing India's own operating system (OS), which is likely to be ready in next three years. One of the key purpose of developing this operating system named "Indian OS" to enhance cyber security and strengthen the cyber and digital fence of India. In September the Prime Minister of India Dr. Manmohan Singh  said the government is working on a robust cyber security structure, and this project of introducing the own and secure OS can be calculated as one of the very major part of that very robust cyber security system. 
Speaking to newsmen on sidelines of NAVCOM-2012', two-day international conference on Navigation and Communication that began here, Saraswat, Scientific Adviser to Defence Minister, said, "We have already started a major programme and are one-and-half-years into that programme. It (Indian OS) is a major effort requiring large number of software engineers working together." In his speech the Director-General of DRDO said "One of the major elements of cyber security is having our own operating system because today we are dependent on all OS systems which are imported whether it is based on Windows, Linux which is likely to be having malicious worms/things and hence it is essential that we have our own OS" 
He also said that 150 engineers were working across the country on creating Indian OS, and added it will take at least three more years for getting the Indian OS ready.

So, till that time being, we have to keep patience and wait. We the Team VOGH congratulates DRDO for making such a fruitful Operating System (Indian OS). We strongly believe that day by day the cyber fence of India will be safer and secure. Along with this, the Indian OS will definitely strengthen the nation's cyber security. 


 -Source (TOI)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Red Hat Enterprise Linux 6.4 Beta Released & Available For Download

Posted by Avik Sarkar On 12/08/2012 05:56:00 pm

Red Hat Enterprise Linux 6.4 Beta Released & Available For Download 

Red Hat the global leader in open source solutions released another update of its enterprise Linux (RHEL Version 6). Since Red Hat Enterprise Linux has been released, we have got several updates, including three beta release and three final release (RHEL 6.1RHEL 6.2RHEL 6.3). Now the American software company added another beta, that is RHEL 6.4 and made it available for its customers. The beta release includes a broad set of updates to the existing feature set and provides rich new functionality in the areas of identity management, file system, virtualization, and storage as well as productivity tools. In their release note the RHEL Team said that -through collaboration with partners, customers and the open source community, we are committed to delivering technology that is tested and stable – including in the beta phase of development. Red Hat Enterprise Linux 6.4 demonstrates this commitment and has been designed for optimized performance, stability and flexibility to cater to today’s diverse workloads running in physical, virtual and cloud environments.

Key New Features & Enhancement :-
  • Identity Management
System Security Services Daemon (SSSD) enhancements improve the interoperability experience with [Microsoft Active Directory] by providing centralized identity access control for Linux/Unix clients in a heterogeneous environment.

  • File system
pNFS (Parallel NFS) client (file layout only) remains in technology preview, however now delivers performance improvements with the addition of Direct I/O for faster data access. This drives particular performance benefits for I/O intensive use cases including database workloads.

  • Virtualization
Red Hat Enterprise Linux 6 now includes the Microsoft Hyper-V Linux drivers, which were recently accepted by the upstream Linux community, improving the overall performance of Red Hat Enterprise Linux 6 as a guest on Microsoft Hyper-V.
Installation support for VMware and Microsoft Hyper-V para-virtualization drivers. This new feature enhances the user deployment experience of Red Hat Enterprise Linux as a guest in either of these virtualization environments.
In this release, KVM virtualization virtio-scsi support, a new industry storage architecture, provides industry leading storage stack scalability.

  • Management
The use of swap functionality over NFS enables more efficient read/write tradeoffs between local system memory and remote disks. This capability increases performance in very large, disk-less server farms seen in ISP and Web hosting environments.
Enhancement in c-groups delivers the ability to migrate multi-threaded applications without errors.
Optimized perf tool for the latest Intel processors

  • Storage
New system log features identify mapping from block device name to physical device identifier – allowing an administrator to easily locate specific devices as needed.

  • Productivity Tools
Microsoft interoperability improvements with Microsoft Exchange and calendar support in Evolution. Productivity functions, such as calendar support with alarm notification and meeting scheduling is improved.
Customers such as animation studios and graphic design houses now have support for the newer Wacom tablets.


Through this next beta release of Red Hat Enterprise Linux 6, Red Hat team is proud to deliver the highest quality open source enterprise platform. To download the beta release of Red Hat Enterprise Linux 6.4 click Here




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'Dockster' A New Mac Malware Targeting Apple Users Found on Dalai Lama Related Website

Posted by Avik Sarkar On 12/05/2012 07:33:00 pm

'Dockster' A New Mac Malware Targeting Apple Users Found on Dalai Lama Related Website

Researcher at F-Secure blog has identified that A new piece of malicious software targeted at Apple users has been found on a website dedicated to the Dalai Lama. According to blog post by F-Secure -the website related to Dalai Lama is fully compromised and is pushing new Mac malware, called Dockster, using a Java-based exploit. Dockster tries to infect computers by exploiting a vulnerability in Java, CVE-2012-0507. The vulnerability is the same one used by the Flashback malware, which first appeared around September 2011 and infected as many as 600,000 computers via a drive-by download. Flashback was used to fraudulently click on advertisements in order to generate illicit revenue in a type of scam known as click fraud. Apple patched the vulnerability in Java in early April and then undertook a series of steps to remove the frequently targeted application from Macs. Apple stopped bundling Java in the 10.7 version of its Lion operation system, which continued with the company's Mountain Lion release. In October, Apple removed older Java browser plug-ins in a software update.
But still the matter of relief is that current versions of OS X are not vulnerable; users who have disabled the Java browser plug-in are also not vulnerable. F-Secure researcher Sean Sullivan said Dockster is “a basic backdoor with file download and keylogger capabilities.” Meanwhile F-Secure’s Sullivan, also said that the Dalai Lama’s site is also serving a Windows-based exploit for CVE-2012-4681, the Agent.AXMO Trojan. The Trojan exploits a Java vulnerability that allows remote code execution using a malicious applet that is capable of bypassing the Java SecurityManager. 

Please Note That: The gyalwarinpoche.com site doesn't seem to be as "official" as dalailama.com

While talking about Mac malware, then you must remember that earlier also Mac users faced such attacks when mac Trojan OSX.SabPub was spreading through Java exploits In 2011 we have also seen OSX/Revir-B trojan was installed behind a PDF, and giving hackers remote access to MAC computers, not only Revier-B also Linux Tsunami trojan Called "Kaiten"targeted Mac OS users in 2011. Also another malware named "Devil Robber" which was also make MAC users victim while stealing their personal information. In the very decent past we have seen a trojan named 'BackDoor.Wirenet.1'  apparently providing its masters with a backdoor into infected systems. It is also capable of stealing passwords stored in browsers like ChromeChromium,Firefox and Opera. For any kind of cyber updates and infose news, stay tuned with VOGH.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Nmap 6.25 Released! With 85 New Scripts, Windows 8 Enhancements & Better Performance

Posted by Avik Sarkar On 12/05/2012 07:33:00 pm

Nmap 6.25 Released! With 85 New Scripts, Windows 8 Enhancements & Better Performance

Gordon Lyon also known as Fyodor, the author of world's most popular security scanner 'Nmap' announced another update. Almost after five months we got this new version that is Nmap 6.25. This release of Nmap  contains hundreds of improvements, including 85 new NSE scripts, nearly 1,000 new OS and service detection fingerprints, performance enhancements such as the new kqueue and poll I/O engines, better IPv6 traceroute support, Windows 8 improvements, and much more!  It also includes the work of five Google Summer of Code interns who worked full time with Nmap mentors during the summer. 

Here are the most important change since 6.01:
  • Integrated all of your IPv4 OS fingerprint submissions since January (more than 3,000 of them).  Added 373 fingerprints, bringing the new total to 3,946.  Additions include Linux 3.6, Windows 8, Windows Server 2012, Mac OS X 10.8, and a ton of new WAPs, printers, routers, and other devices--including our first IP-enabled doorbell! Many existing fingerprints were improved.
  • Integrated all of your service/version detection fingerprints submitted since January (more than 1,500)!  Our signature count jumped by more than 400 to 8,645.  We now detect 897 protocols, from extremely popular ones like http, ssh, smtp and imap to the more obscure airdroid, gopher-proxy, and enemyterritory. 
  • Integrated your latest IPv6 OS submissions and corrections. We're still low on IPv6 fingerprints, so please scan any IPv6 systems you own or administer and submit them to http://nmap.org/submit/.  Both new fingerprints (if Nmap doesn't find a good match) and corrections (if Nmap guesses wrong) are useful.
  • Enabled support for IPv6 traceroute using UDP, SCTP, and IPProto(Next Header) probes. 
  • Scripts can now return a structured name-value table so that results are query-able from XML output. Scripts can return a string as before, or a table, or a table and a string. In this last case, the table will go to XML output and the string will go to screen output. See http://nmap.org/book/nse-api.html#nse-structured-output 
  • [Nsock] Added new poll and kqueue I/O engines for improved performance on Windows and BSD-based systems including Mac OS X. These are in addition to the epoll engine (used on Linux) and the classic select engine fallback for other system.  
  • [Ncat] Added support for Unix domain sockets. The new -U and --unixsock options activate this mode.  These provide compatibility with Hobbit's original Netcat. 
  • Moved some Windows dependencies, including OpenSSL, libsvn, and the vcredist files, into a new public Subversion directory /nmap-mswin32-aux and moved it out of the source tarball. This reduces the compressed tarball size from 22 MB to 8 MB and similarly reduces the bandwidth and storage required for an svn checkout.
  • [NSE] Replaced old RPC grinder (RPC enumeration, performed as part of version detection when a port seems to run a SunRPC service) with a faster and easier to maintain NSE-based implementation. This also allowed us to remove the crufty old pos_scan scan engine. 




For additional information and to know the full change log of this release click Here. To download Namp 6.25 (Source Code & Binary Packages) for Windows, Linux, Mac, Unix & few other OS click Here






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search