Usr6

infectat... //deja ai luat ban... oricum daca se uita vreun mod pe aici poate sa stearga si linku pustat aici: http://rstcenter.com/forum/42313-keyscrambler-premium-original-serial-l3o4nn.rst

este infectat

daca sygate iti arata adresa completa "www.rstcenter.com/secret/index.php" at toata stima @devianc3 istealer spammer facut de pr00f http://rstcenter.com/forum/33531-pr00fs-istealer-spammer.rst

@root_prime, nu ai stricat nimic, majoritatea firewall urilor iti arata unde incearca o aplicatie sa se conecteze... daca il configurezi sa faca asta , poate cu ocazia asta vede lumea ca si firewallul e util, nu doar av-ul @garryone, se poate si cu idapro si cu un firewall si multe alte moduri, acesta este unul din ele @sandabot, daca gasesti unu... pm pls acest "tutorial" l-am facut intrucat am fost intrebat pe pm de cativa useri cum se gaseste adresa unde trimite serveru logurile si cred ca aceasta metoda este cea mai simpla pare simplu, poate chiar banal... dar sunt persoane care nu stiu.

presupunem ca suntem in posesia unui server de istealer si dorim sa aflam adresa control panelului (locul unde ajung parolele furate) Aplicatii necesare: 1. Process explorer 2. Server istealer In primul si in primul rand se recomanda folosirea unui pc dedicat pt teste de genu (pc real/ vmware/virtual pc etc ) pentru a ne feri eventualele experiente neplacute. Intrucat serverele de istealer au obiceiul sa dispara imediat dupa ce "isi fac treaba" trebuie sa ne asiguram ca procesul ramane in viata pe toata durata acestei analize Click dr pe procesul in cauza si ii suspendam activitatea odata suspendat procesul ne putem continua analiza linistiti properties... strings... ne intereseaza in special stringurile din memorie, asa ca... urmatorul pas e sa aruncam un ochi prin stringuri dupa siruri de caractere gen "http://" "www" "index.php" ".com" etc and... surprize... acuma... la adresa respectiva ar trebui sa gasim ceva de genu... sau in cazul versiunilor mai vechi... job done.

fisierul este curat, nu face decat sa afiseze 2 linkuri: (neverificate) download:Multiupload.com - upload your files to multiple file hosting sites! password: x9NzR9x Serial Cs: Update: Multiupload.com - upload your files to multiple file hosting sites!

dupa ip la care se conecteaza rat-ul pare strainez cyberit.dyndns.info cyberitftp.dyndns.info L.E @DaLy ala din primul post pus de cyberit85

Features: [+]Crypt almost any exe file. [+]Fully customizable stub. [+]Fix PI 2.3.2 for win 7 option. [+]Uses shellcode version of RunPE. [+]Write target file to stub directly. [+]Every output is unique. [+]support Win OS [XP,Vista,7,8] 32bit & 64bit. [+]no resource or end of file use, bye avira [+]it should be FUD for ever as long as you update decryption function and add some anti-emulator code how to use? 1- open the Crypter and select the files you like to Crypt 2- binder will generate Output.dpr 3- copy Output.dpr to compiler folder 4- click build 5- Output.exe will be generated [+] now you can control the encryption loop, if you file detected , try to crypt again or increase the number of Target file encryption loop (try not to use large number -above 20000- especially if your target file is big) detectie av: crypted: Multi-Engine Antivirus Scanner - Services - NoVirusThanks.org crypted+clone info: Multi-Engine Antivirus Scanner - Services - NoVirusThanks.org in arhiva mai este un programel info clone, util in caz de incepe sa fie detectat download: aHR0cDovL3d3dy5tdWx0aXVwbG9hZC5jb20vU044RktUWERBUA coding:crypter by li0n, iclone by star

-10 GB trafic gratuit/luna lifetime https://accounts.comodo.com/trustconnectfree/management/signup pentru cei care au deja instalat openvpn: comodo.auth username password comodo.crt -----BEGIN CERTIFICATE----- MIIDOjCCAqOgAwIBAgIJAOBc5Qjcdi17MA0GCSqGSIb3DQEBBQUAMHIxCzAJBgNV BAYTAlVBMQ8wDQYDVQQHEwZPZGVzc2ExDzANBgNVBAoTBkNvbW9kbzEMMAoGA1UE CxMDQ1NQMRIwEAYDVQQDEwlDb21vZG8gQ0ExHzAdBgkqhkiG9w0BCQEWEGNzcEBj b21vZG8ub2QudWEwHhcNMDgwNjEyMDc0NjQ4WhcNMTgwNjEwMDc0NjQ4WjByMQsw CQYDVQQGEwJVQTEPMA0GA1UEBxMGT2Rlc3NhMQ8wDQYDVQQKEwZDb21vZG8xDDAK BgNVBAsTA0NTUDESMBAGA1UEAxMJQ29tb2RvIENBMR8wHQYJKoZIhvcNAQkBFhBj c3BAY29tb2RvLm9kLnVhMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt4jsv rOaIbw5+XlJzaBJuS5AGSOaEnbjWBH80M4rOVuSEBOqcyUF3p62Dyt6T1Ni65FTp OTGFagzf0hvn+cnTAWyiJ5787rDhS2++jqePGYEI+DzvjnkpdpTWr/XoshJf/UC9 T8T3ypQf9+OW21gPjh9Savfbp2OXNS4ldZsj5QIDAQABo4HXMIHUMB0GA1UdDgQW BBTIYKQ/qawoKcp6HEhE5YKwxewEVTCBpAYDVR0jBIGcMIGZgBTIYKQ/qawoKcp6 HEhE5YKwxewEVaF2pHQwcjELMAkGA1UEBhMCVUExDzANBgNVBAcTBk9kZXNzYTEP MA0GA1UEChMGQ29tb2RvMQwwCgYDVQQLEwNDU1AxEjAQBgNVBAMTCUNvbW9kbyBD QTEfMB0GCSqGSIb3DQEJARYQY3NwQGNvbW9kby5vZC51YYIJAOBc5Qjcdi17MAwG A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAm8PjrHR6TMYUeIrydNwo5Q2D cz3GNLkXTNruIA3bWVzlfYg2hfbtP+0vOO2TRxxtotTUD++pEiOCt4KwoAW54i1j 9rk/uHHBSHpeRFhl6vnepmbNmxJYW9+DQSGANXx2J5Deg9I5tdIoM+OCrlRYsIur O+8p1P60MLRMg6O7MMM= -----END CERTIFICATE----- comodo.ovpn client dev tap proto tcp remote-random ;<connection> ;remote us2.vpn.comodo.com 443 ;</connection> <connection> remote uk2.vpn.comodo.com 443 ;http-proxy ip port pentru cei care se conecteaza la net prin proxy </connection> resolv-retry infinite auth-user-pass comodo.auth nobind persist-key persist-tun pull remap-usr1 SIGTERM ca comodo.crt ns-cert-type server tls-remote ComodoVPNS mute-replay-warnings mute 2 comp-lzo verb 1 dhcp-option DNS 8.8.8.8 dhcp-option DNS 208.67.220.220 ping 10 ping-restart 60 route-method exe route-delay 2 reneg-sec 0 redirect-gateway def1 bypass-dhcp buline negre: -insereaza pe fiecare pagina web vizitata un baner de 2cm in partea superioara -We have logs of all system connections and will provide them to the proper authorities upon request. speed test: sursa pentru setarile openvpn

si cand te gandesti ca toate datele persoanale ale europenilor sunt stocate de israel... EUR-Lex - - RO "...se consider? c? Statul Israel ofer? un nivel adecvat de protec?ie a datelor cu caracter personal transferate din Uniunea European?..."

“Steganos Safe”, permite crearea unui numar nelimitat de partitii virtuale securizate, folosind tehnologia de criptare 256-bit Advanced Encryption Standard (AES) algorithm, fiecare partitie putand stoca pana la 512 GB de date. “Portable Safe” face acelasi lucru, doar ca foloseste un stick USB, sau un CD\DVD. Puteti cripta orice stick USB sau CD, si introdus in orice alt PC va solicita parola setata anterior pentru a accesa datele stocate. “Private Favorites” cripteaza site-urile adaugate la bookmark in Internet Explorer pentru a nu fi accesate de persoane neutorizate. “File Manager” permite crearea unor fisiere criptate, extragerea continutului din acestea si gestionarea lor intr-un mod corespunzator. “Shredder” sterge definitiv orice fisier pe care nu doriti sa-l mai recuperati vreodata nici dumneavoastra, nici alta persoana ce va accesa PC-ul. Foloseste mai multe tehnologii, printre care DoD 5220.22-M/NISPOM 8-306. “Password Manager” va permite crearea unor liste criptate, ce contin conturi de utilizator, parole, cod-uri PIN, conturi bancare si alte parole si nume de utilizator folosite online sau offline pe respectivul calculator. Celelalte utilitare sunt “E-mail Encryption”, si “Internet Trace Destructor”. Pentru a obtine GRATUIT acest soft, accesati link-ul de mai jos: http://steganos.com/magazine/computerbild/sss12 Introduceti o adresa de e-mail valida si apasati “Abschicken“. Veti primi serialul de inregistrare si link-ul de descarcare prin e-mail. sursa

Romania is a country that many Internet security researchers and various law enforcement agencies equate with cybercrime and have probably had that mind for quite a while now. Even some casual readers of spam news know about Romania’s bad reputation online. The good news is over the years more and more people directly involved cybercrime rings based in Romania have been caught. http://inboxrevenge.wordpress.com/2010/04/11/romania-a-well-known-cybercrime-haven/

este "ceva" bazat pe proiectul omaha de la google [omaha -Software installer and auto-updater for Windows] incearca sa faca un update de aici : http://www.facebook.com/omaha/update.php , dar contul respectiv a fost sters/dezactivat/expirat [The page you requested was not found./ Invalid request] neavand acces la acel update nu pot sa vad mai departe ce face... "google: facebook.com/omaha/update.php"

TCP Connections File Change Detector File API Analizer TCP Connections This little program shows all connections to the PC, the files you create connections and where they are located, can detect the most common trojans (Bifrost, Poison, CyberGate etc ...) see the modules for each process (ability to download DLL). In addition you can use IP Tracer to locate the destination IP address, in case you are infected, see the packages you are sending each connection Characteristics: [+] Show connection [+] Analyze process for Trojans [+] Ability to view the modules for each process [+] IP Tracer [+] Interception of packets with a sniffer File Change Detector It is a powerful application that will detect any changes that occur on the system files, so removal, modification and creation. (Very useful when you open a suspect in a virtual file) File API Analizer It is an application that detects the API used by a file. So far it is capable of detecting up to 60 APIS .. A part also warns you if the file creates connections. Download:Multiupload.com Pass: www.jodedorsoftware.tk Homepage: jodedorsoftware.tk //L.E. TCP Connections 2.0.exe este impachetat cu themida din acest motiv este detectat (VirusTotal Results),dar...este curat

ceva nou... frumos in aparenta e doar un RAT defect(poti crea un server, dar serverul nu se conecteaza) in schimb cand apesi pe x pt a inchide builderu... incepe sa prinda viata... dl.dropbox.com/u/39979054/winupdater.exe server de rat clasic ( posibil dc) ackraizo.no-ip.biz

1 : process explorer 2 : pr00f's iStealer Spammer :http://rstcenter.com/forum/33531-pr00fs-istealer-spammer.rst 2': asta ? http://rstcenter.com/forum/203891-post6.html

client vechi...moda noua... 2 in 1 server istealer :adryano1.hi2.ro/index.php server rat :zander.no-ip.biz

Sistemele militare de armament ce opereaza dronele americane Predator si Reaper au fost infectate cu un virus informatic care inregistreaza tot ce tasteaza pilotii in timpul zborurilor coordonate deasupra Afganistanului si altor zone de conflict.... The virus, first detected nearly two weeks ago by the military’s Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech’s computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military’s most important weapons system. “We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection, one of three that told Danger Room about the virus. “We think it’s benign. But we just don’t know.” Military network security specialists aren’t sure whether the virus and its so-called “keylogger” payload were introduced intentionally or by accident; it may be a common piece of malware that just happened to make its way into these sensitive networks. The specialists don’t know exactly how far the virus has spread. But they’re sure that the infection has hit both classified and unclassified machines at Creech. That raises the possibility, at least, that secret data may have been captured by the keylogger, and then transmitted over the public internet to someone outside the military chain of command. Drones have become America’s tool of choice in both its conventional and shadow wars, allowing U.S. forces to attack targets and spy on its foes without risking American lives. Since President Obama assumed office, a fleet of approximately 30 CIA-directed drones have hit targets in Pakistan more than 230 times; all told, these drones have killed more than 2,000 suspected militants and civilians, according to the Washington Post. More than 150 additional Predator and Reaper drones, under U.S. Air Force control, watch over the fighting in Afghanistan and Iraq. American military drones struck 92 times in Libya between mid-April and late August. And late last month, an American drone killed top terrorist Anwar al-Awlaki — part of an escalating unmanned air assault in the Horn of Africa and southern Arabian peninsula. But despite their widespread use, the drone systems are known to have security flaws. Many Reapers and Predators don’t encrypt the video they transmit to American troops on the ground. In the summer of 2009, U.S. forces discovered “days and days and hours and hours” of the drone footage on the laptops of Iraqi insurgents. A $26 piece of software allowed the militants to capture the video. The lion’s share of U.S. drone missions are flown by Air Force pilots stationed at Creech, a tiny outpost in the barren Nevada desert, 20 miles north of a state prison and adjacent to a one-story casino. In a nondescript building, down a largely unmarked hallway, is a series of rooms, each with a rack of servers and a “ground control station,” or GCS. There, a drone pilot and a sensor operator sit in their flight suits in front of a series of screens. In the pilot’s hand is the joystick, guiding the drone as it soars above Afghanistan, Iraq, or some other battlefield. Some of the GCSs are classified secret, and used for conventional warzone surveillance duty. The GCSs handling more exotic operations are top secret. None of the remote cockpits are supposed to be connected to the public internet. Which means they are supposed to be largely immune to viruses and other network security threats. But time and time again, the so-called “air gaps” between classified and public networks have been bridged, largely through the use of discs and removable drives. In late 2008, for example, the drives helped introduce the agent.btz worm to hundreds of thousands of Defense Department computers. The Pentagon is still disinfecting machines, three years later. Use of the drives is now severely restricted throughout the military. But the base at Creech was one of the exceptions, until the virus hit. Predator and Reaper crews use removable hard drives to load map updates and transport mission videos from one computer to another. The virus is believed to have spread through these removable drives. Drone units at other Air Force bases worldwide have now been ordered to stop their use. In the meantime, technicians at Creech are trying to get the virus off the GCS machines. It has not been easy. At first, they followed removal instructions posted on the website of the Kaspersky security firm. “But the virus kept coming back,” a source familiar with the infection says. Eventually, the technicians had to use a software tool called BCWipe to completely erase the GCS’ internal hard drives. “That meant rebuilding them from scratch” — a time-consuming effort. The Air Force declined to comment directly on the virus. “We generally do not discuss specific vulnerabilities, threats, or responses to our computer networks, since that helps people looking to exploit or attack our systems to refine their approach,” says Lt. Col. Tadd Sholtis, a spokesman for Air Combat Command, which oversees the drones and all other Air Force tactical aircraft. “We invest a lot in protecting and monitoring our systems to counter threats and ensure security, which includes a comprehensive response to viruses, worms, and other malware we discover.” However, insiders say that senior officers at Creech are being briefed daily on the virus. “It’s getting a lot of attention,” the source says. “But no one’s panicking. Yet.” sursa

Link: SynFyre - Hacking Within -->Online Virus Scanner Never send sample to AV Companies? AV Name Status nProtect Clean CAT-QuickHeal Clean McAfee Clean K7AntiVirus Clean TheHacker Clean VirusBuster Clean NOD32 Clean F-Prot Clean Norman Clean ByteHero Clean TrendMicro-HouseCall Clean Avast Clean ClamAV Clean Kaspersky Clean BitDefender Clean ViRobot Clean Emsisoft Clean Comodo Clean F-Secure Clean DrWeb Clean VIPRE Clean AntiVir Clean TrendMicro Clean McAfee-GW-Edition Clean Sophos Clean eTrust-Vet Clean Jiangmin Clean Antiy-AVL Clean Microsoft Clean SUPERAntiSpyware Clean Prevx Clean GData Clean Commtouch Clean AhnLab-V3 Clean VBA32 Clean PCTools Clean Rising Clean Ikarus Clean Fortinet Clean AVG Clean Panda Clean Avast5 Clean *Note : Only registered users will see the AVs detected the sample

The training package includes all necessary files to run a complete lecture for Binary Auditing and Reverse Code Engineering at university. All files are well sorted by topics and with increasing difficulty. You need Windows XP, Windows Vista or Windows 7 to use this training package. The training package does NOT include runnable viruses! Learn the fundamentals of Binary Auditing,Try to solve brain teasing puzzles with our collection of copy protection games.Learn how to find and analyse software vulnerability.Start to analyse your first viruses and malware the safe way. HLL Mapping 1 (NOT for training, only as reference!) 98 HLL Mapping 2 (Start here and convert them to C) 31 Manual Decompilation (Simple exercises) 10 Algorithm Analysis 1 (Simple math exercises) 3 Algorithm Analysis 2 (Simple math exercises) 6 Crash Auditing (more complicated, why crashing?) 10 File Understanding (Simple to hard Reversemes) 31 Copy Protection Auditing (Simple to very hard) 47 Unpacking (Simple exercises) 3 Vulnerability Auditing (Simple to intermediate) 38 Malware Auditing 1 (Simple old .com/.exe exercises) 41 Malware Auditing 2 (Some fakes for analysis) 4 Malware Auditing 3 (Simple win32 analysis) 1 IDA Pro 5.0 (Free) 1 Download: http://www.binary-auditing.com/binary-auditing-training-package.zip parola: fdcd2ff4c2180329053650f3075d39f4

Researchers have discovered a serious weakness in virtually all websites protected by the secure sockets layer protocol that allows attackers to silently decrypt data that's passing between a webserver and an end-user browser. The vulnerability resides in versions 1.0 and earlier of TLS, or transport layer security, the successor to the secure sockets layer technology that serves as the internet's foundation of trust. Although versions 1.1 and 1.2 of TLS aren't susceptible, they remain almost entirely unsupported in browsers and websites alike, making encrypted transactions on PayPal, GMail, and just about every other website vulnerable to eavesdropping by hackers who are able to control the connection between the end user and the website he's visiting. At the Ekoparty security conference in Buenos Aires later this week, researchers Thai Duong and Juliano Rizzo plan to demonstrate proof-of-concept code called BEAST, which is short for Browser Exploit Against SSL/TLS. The stealthy piece of JavaScript works with a network sniffer to decrypt encrypted cookies a targeted website uses to grant access to restricted user accounts. The exploit works even against sites that use HSTS, or HTTP Strict Transport Security, which prevents certain pages from loading unless they're protected by SSL. The demo will decrypt an authentication cookie used to access a PayPal account, Duong said. Two days after this article was first published, Google released a developer version of its Chrome browser designed to thwart the attack. Update here. Like a cryptographic Trojan horse The attack is the latest to expose serious fractures in the system that virtually all online entities use to protect data from being intercepted over insecure networks and to prove their website is authentic rather than an easily counterfeited impostor. Over the past few years, Moxie Marlinspike and other researchers have documented ways of obtaining digital certificates that trick the system into validating sites that can't be trusted. Earlier this month, attackers obtained digital credentials for Google.com and at least a dozen other sites after breaching the security of disgraced certificate authority DigiNotar. The forgeries were then used to spy on people in Iran accessing protected GMail servers. By contrast, Duong and Rizzo say they've figured out a way to defeat SSL by breaking the underlying encryption it uses to prevent sensitive data from being read by people eavesdropping on an address protected by the HTTPs prefix. “BEAST is different than most published attacks against HTTPS,” Duong wrote in an email. “While other attacks focus on the authenticity property of SSL, BEAST attacks the confidentiality of the protocol. As far as we know, BEAST implements the first attack that actually decrypts HTTPS requests.” Duong and Rizzo are the same researchers who last year released a point-and-click tool that exposes encrypted data and executes arbitrary code on websites that use a widely used development framework. The underlying “cryptographic padding oracle” exploited in that attack isn't an issue in their current research. Instead, BEAST carries out what's known as a plaintext-recovery attack that exploits a vulnerability in TLS that has long been regarded as mainly a theoretical weakness. During the encryption process, the protocol scrambles block after block of data using the previous encrypted block. It has long been theorized that attackers can manipulate the process to make educated guesses about the contents of the plaintext blocks. If the attacker's guess is correct, the block cipher will receive the same input for a new block as for an old block, producing an identical ciphertext. At the moment, BEAST requires about two seconds to decrypt each byte of an encrypted cookie. That means authentication cookies of 1,000 to 2,000 characters long will still take a minimum of a half hour for their PayPal attack to work. Nonetheless, the technique poses a threat to millions of websites that use earlier versions of TLS, particularly in light of Duong and Rizzo's claim that this time can be drastically shortened. In an email sent shortly after this article was published, Rizzo said refinements made over the past few days have reduced the time required to under 10 minutes. “BEAST is like a cryptographic Trojan horse – an attacker slips a bit of JavaScript into your browser, and the JavaScript collaborates with a network sniffer to undermine your HTTPS connection,” Trevor Perrin, an independent security researcher, wrote in an email. “If the attack works as quickly and widely as they claim it's a legitimate threat.” Mozilla and OpenSSL: 'It's terrible, isn't it?' Duong and Rizzo said the underlying vulnerability BEAST exploits is present in virtually all applications that use TLS 1.0, making it possible to apply the technique to monitor private communications sent through many instant messenger and Virtual Private Networking programs. Although TLS 1.1 has been available since 2006 and isn't susceptible to BEAST's chosen plaintext attack, virtually all SSL connections rely on the vulnerable TLS 1.0, according to a recent research from security firm Qualys that analyzed the SSL offerings of the top 1 million internet addresses. Chief culprits for the inertia are the Network Security Services package used to implement SSL in Mozilla's Firefox and Google's Chrome browsers, and OpenSSL, an open-source code library that millions of websites use to deploy TLS. In something of a chicken-and-egg impasse, neither toolkit offers recent versions of TLS, presumably because the other one doesn't. “The problem is people will not improve things unless you give them a good reason, and by a good reason I mean an exploit,” said Ivan Ristic, Qualys's director of engineering. “It's terrible, isn't it?” While both Mozilla and the volunteers maintaining OpenSSL have yet to implement TLS 1.2 at all, Microsoft has performed only slightly better. Secure TLS versions are available in its Internet Explorer browser and IIS webserver, but not by default. Opera also makes version 1.2 available but not be default in its browser. Ristic, who presented his findings at the Black Hat security conference in August, has found additional evidence that websites often delay deploying upgrades that fix SSL security holes. His analysis found that as much as 35 percent of websites had yet to patch a separate TLS vulnerability discovered in November 2009 that made it possible to inject text into encrypted traffic passing between two SSL endpoints. Researches said upgrading TLS is proving surprisingly difficult, mostly because almost every fix breaks widely used applications or technologies. A technology recently added to Google Chrome that significantly reduces the time it takes websites to establish encrypted connections with end-user browsers is just one example, said cryptographer Nate Lawson, principal of the Root Labs security consultancy. Duong and Rizzo said there are many more examples. "Actually we have worked with browser and SSL vendors since early May, and every single proposed fix is incompatible with some existing SSL applications," Duong wrote. “What prevents people is that there are too many websites and browsers out there that support only SSL 3.0 and TLS 1.0. If somebody switches his websites completely over to 1.1 or 1.2, he loses a significant part of his customers and vice versa.” ® This article was updated to add details about the amount of time required to decrypt authentication cookies. It was also corrected to reflect the fact that Opera doesn't support TLS 1.2 by default. It was further updated to report the release of a new version of Chrome. page2.html'>sursa

(in acest exemplu este folosit un vps cu CentOS 5.1) Avem nevoie de 2 pachete instalate : ppp si pptpd Instalarea: ppp: yum install ppp pptpd : yum install pptpd Configurarea pptpd.conf nano /etc/pptpd.conf se poate sterge tot ce e pe acolo sa ramana : option /etc/ppp/options.pptpd localip 10.0.0.1 remoteip 10.0.0.10-100 10.0.0.1 este adresa clientului ppp iar 10.0.0.10-100 sunt adresele atribuite userilor Configurarea options.pptpd nano /etc/ppp/options.pptpd name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 require-mppe-128 proxyarp lock nobsdcomp novj novjccomp nologfd ms-dns 8.8.8.8 ms-dns 8.8.4.4 8.8.8.8/8.8.4.4 sunt dns urile google, pot fi schimbate cu cele ale isp ului Configurarea utilizatorilor: nano /etc/ppp/chap-secrets # Secrets for authentication using CHAP # client server secret IP addresses utilizator1 pptpd parola1 * utilizator2 pptpd parola2 * Activarea Ip forwarding: nano /etc/sysctl.conf se schimba net.ipv4.ip_forward = 0 in net.ipv4.ip_forward = 1, activarea schimbarilor: sysctl -p Configurare NAT: iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE Editarea permisiilor iptables: iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT iptables -A INPUT -i eth0 -p gre -j ACCEPT pptp foloseste portul 1723 pentru a stabili conexiunea GRE= Generic Route Encapsulation -pentru a "routa" tot traficul prin serverul pptp iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT Pornirea serverului pptp service pptpd start * pentru probleme legate de MTU (Maximum transmission unit) nano /etc/ppp/ip-up se adauga la penultima linie /sbin/ifconfig $1 mtu valval se inlocuieste cu mtu dorit ex 1024 service pptpd restart surse de inspiratie: 1 2

Introduction To SQL Azure Microsoft® SQL Azure™ is a relational cloud database hosted by Microsoft in the cloud. Windows Azure Security Overview Learn Windows Azure Security by covering the protection included at every layer. Microsoft Virtualization for VMware Professionals – VDI The VDI track provides a deep-dive into VDI planning and solutions. Enhancing Your Business and Career with the Private Cloud This track focuses on how the private cloud can help your business and your IT Pro career. You will learn about cloud business drivers and business pr... Office 365 for the IT Pro - Platform This track provides you an overview of the components that comprise Office 365, including the different licenses available and what’s included with ea... Office 365 for the IT Pro - Exchange Online This track covers an overview of Exchange Online, Administration, Migration, Hybrid environments, and Compliance and Archiving options in Exchange Onl... Office 365 for the IT Pro - Lync Online, SharePoint Online & Deployment This track covers some of the collaborative aspects of Office 365, including Lync and SharePoint online, as well as best practices for an Office 365 m... Microsoft Virtualization for VMware Professionals - The Platform The Platform course offers a deep-dive into the important technologies that contribute to the core virtualization infrastructure. Microsoft Virtualization for VMware Professionals – Management The Management track provides an overview of Microsoft comprehensive management suite, System Center. Planning, Building and Managing a Private Cloud Understand Microsoft’s Private Cloud Offerings and Vision Introduction To Windows Azure link: Microsoft Virtual Academy - Free Microsoft Cloud Technologies Training

Avira va oferi produsul lor de top absolut gratuit tuturor celor care se vor inscrie la promotia Facebook. Nu va fi tragere la sorti, ci oricine participa, castiga! Care sunt regulile? Avira Internet Security 2012 va fi oferit gratuit oricui intra in marea cursa de pe pagina Facebook Avira. Durata licentei va depinde de numarul de fani pe care pagina Avira ii aduna in timpul campaniei. Pentru fiecare 10.000 fani noi, se va adauga o luna la licenta. Daca la final vor fi 120.000 fani noi, fiecare dintre ei va beneficia de licenta gratuita un an de zile. Nu mi se pare o cerinta exagerata pentru a avea gratuit un program in valoare de 40 Euro. Mai mult, veti obtine versiunea 2012, ce va fi lansata in circa o luna de zile. Pentru detalii despre versiunea 2012 si testare gratuita a versiunii Beta, accesati pagina aceasta. Pentru a te inscrie acceseaza pagina urmatoare, accepta accesul aplicatiei Sweepstakes la Facebook si completeaza datele cerute: http://www.facebook.com/avira?sk=app_28134323652 sursa, Sweepstakes Starts September 14, 2011 @ 09:00 am (PDT) | Sweepstakes Ends October 17, 2011 @ 09:00 am (PDT)

"The storefront for this massive botnet is awmproxy.net, which advertises “the fastest anonymous proxies.”" I’ll take a closer look at a Russian individual who appears to have close ties to the TDSS operation. Tuesday’s story got picked up by news-for-nerds site Slashdot, and one of the comments on the piece observed that the storefront for TDSS — awmproxy.net — has a Google Analytics code embedded in the homepage. That code, UA-3816538, is embedded in six other Web sites, including awmproxy.com (a clone of awmproxy.net), according to a lookup at ReverseInternet.com. Using domaintools.com, I was able to find the historical Web site registration records for awmproxy.com (the historical data for awmproxy.net is hidden). Those records show that the domain was registered on Feb. 27, 2008 to an individual in Russia who used the email address fizot@mail.ru. Another Web site with that same Google Analytics code, pornxplayer.com (hostile site), also includes that email address in its historical records. Awmproxy began offering proxies on March 16, 2008. WHOIS records also indicate fizot@mail.ru was used to register fizot.com, a site which is no longer active. The name given by the person who registered fizot.com was Galdziev Chingiz in St. Petersburg, Russia. That same name is on the registration records for fizot.org, but fizot.org lists a different contact email address: xtexgroup@gmail.com. Googling for the fizot@mail.ru address turns up a LiveJournal blog by a user named Fizot who provides a contact email address of xtexcounter@bk.ru. Fizot isn’t the most prolific blogger, but he has 27 journal entries on his page, and discusses everything from life in St. Petersburg to earning millions of dollars. In one entry, Fizot discusses having bought a sports car with a license plate number that includes the Number of the Beast: “666.” It turns out that there is a Youtube.com channel belonging to a user named Fizot who designates the domain name fizot.com as his personal Web site. Fizot has uploaded just four videos since the account was created in July 2007. Among the videos is a short movie uploaded on Oct. 5, 2007, showing a Porsche car with the license plate H666XK [N666HK in the Cyrillic alphabet] zooming away from the camera in a shopping mall parking lot, before turning around and heading back to the filmmaker. A license plate cover beneath the tags indicates the car’s owner is or was a member of the Moscow Porsche Club. Fizot's plates Fizot may only be tangentially connected to those responsible for building and maintaining the TDSS botnet, but it is likely that he and some of his pals in the SPB and RU Auto clubs know the responsible parties. Update, 2:36 p.m. ET: Getting some additional info from helpful readers. That same Google Analytics code is present on the site domenadom.ru, which appears to be a domain name registrar. Also, that same xtexcounter@bk.ru address provided by Fizot at his LiveJournal blog was the email used to register xvpn.ru, a VPN service that advertises “full anonymity on the Net.” Update, 4:54 p.m. ET: It appears that Fizot has deleted nearly all of the posts on his LiveJournal account. I sort of expected he might do that. Here are cached versions of his home page and contact page at LiveJournal. He has also removed all of his Youtube videos, but I made copies of them before I put this story up. Here’s a link to the video that is screenshotted above. In the meantime, Fizot has only one blog entry now at his LiveJournal page, in which he claims to have sold the AWMproxy service long ago. But to whom? Fizot writes: “I have no relation to the draft awmproxy and sold it long ago. Stop writing to me and bother, please contact the author. I am not related to awmproxy project, since I have sold it out long ago. Please, stop writing to me and bothering me. You need to contact the resource owner.” Surse:Rent-a-Bot Networks Tied to TDSS Botnet Who’s Behind the TDSS Botnet? TDSS: http://rstcenter.com/forum/37240-security-experts-warn-new-almost-indestructible-tdl-4-botnet-threat.rst http://rstcenter.com/forum/37120-250-000-usd-cheltuieli-de-infractor-cibernetic-pe-trei-luni.rst