To find the actual port multiply the fifth octet by 256 and then add
the sixth octet to the total. Thus in the example below the port number
is ( (14*256) + 178), or 3762. A quick check with netstat should confirm
this information.

PORT 192,168,150,80,14,178

Para evitar que el named responda a peticiones DNS que no son de los
dominios que gestiona hay que añadir al named.conf:

allow-recursion {
127.0.0.1;
};

O las ips a las que si se les permita hacer esto (en caso de que sea un ISP, o
necesario por cualquier otra razon

http://www.dvd-cloner.com/nero-img.html

Seleccionar "all" y dejar las opciones por defecto:

Data Mode 1, Raw data sin marcar, block size 2048
Image header y trailer size a 0
scrambled y swapped sin marcar

Please inform any corrections.

exim-2.053

+----------------------------------------------------------------------+
| Daemon start | exim -bd -q1h |
|-------------------------+--------------------------------------------|
| Daemon termination | kill -TERM `cat /var/run/exim.pid` |
|-------------------------+--------------------------------------------|
| Daemon is for | receive, queue management |
|-------------------------+--------------------------------------------|
| Concurrency control | remote_max_parallel = in |
| | /usr/local/etc/exim/configure |
|-------------------------+--------------------------------------------|
| Message submission | exim -f SDR RCPT |
|-------------------------+--------------------------------------------|
| Logging | /var/log/exim_mainlog |
|-------------------------+--------------------------------------------|
| Outgoing queue | /var/spool/exim/input/* |
|-------------------------+--------------------------------------------|
| Listing of queued | exim -bp |
| messages | |
|-------------------------+--------------------------------------------|
| Force queue processing | exim -q |
|-------------------------+--------------------------------------------|
| Location of aliases | /etc/aliases |
|-------------------------+--------------------------------------------|
| Reconstruction of alias | not required |
| db | |
+----------------------------------------------------------------------+

postfix beta-19990122-pl01

+----------------------------------------------------------------------+
| Daemon start | /usr/local/postfix/bin/postfix start |
|-------------------------+--------------------------------------------|
| Daemon termination | /usr/local/postfix/bin/postfix stop |
|-------------------------+--------------------------------------------|
| Daemon is for | receive, send, queue management |
|-------------------------+--------------------------------------------|
| Concurrency control | 'smtp' line in /etc/postfix/master.cf |
|-------------------------+--------------------------------------------|
| Message submission | /usr/local/postfix/bin/sendmail -f SDR |
| | RCPT |
|-------------------------+--------------------------------------------|
| Logging | /var/log/maillog (syslog) |
|-------------------------+--------------------------------------------|
| Outgoing queue | /var/spool/postfix/deferred/* |
|-------------------------+--------------------------------------------|
| Listing of queued | /usr/local/postfix/bin/sendmail -bp |
| messages | |
|-------------------------+--------------------------------------------|
| Force queue processing | /usr/local/postfix/bin/sendmail -q |
|-------------------------+--------------------------------------------|
| Location of aliases | /etc/aliases (see /etc/postfix/main.cf) |
|-------------------------+--------------------------------------------|
| Reconstruction of alias | /usr/local/postfix/bin/postalias |
| db | |
+----------------------------------------------------------------------+

Configurations can be seen with /usr/local/postfix/bin/postconf

qmail-1.03

+----------------------------------------------------------------------+
| Daemon start | /var/qmail/boot/home |
|---------------------+------------------------------------------------|
| Daemon termination | kill -TERM 'PID of qmail-send' |
|---------------------+------------------------------------------------|
| Daemon is for | receive, send, queue management (qmail-smtpd |
| | required for receiving) |
|---------------------+------------------------------------------------|
| Concurrency control | just numerics in |
| | /var/qmail/control/concurrencyremote |
|---------------------+------------------------------------------------|
| Message submission | /var/qmail/bin/qmail-inject -fSND RCPT |
|---------------------+------------------------------------------------|
| Logging | /var/log/maillog (via syslog) |
|---------------------+------------------------------------------------|
| Outgoing queue | /var/qmail/queue/remote/* |
|---------------------+------------------------------------------------|
| Listing of queued | /var/qmail/bin/sendmail -bp ; |
| messages | /var/qmail/bin/qmail-qstat |
|---------------------+------------------------------------------------|
| Force queue | kill -ALRM 'PID of qmail-send' |
| processing | |
|---------------------+------------------------------------------------|
| Location of aliases | var/qmail/alias/.qmail-* |
|---------------------+------------------------------------------------|
| Reconstruction of | not required (without fastforward) |
| alias db | |
+----------------------------------------------------------------------+

sendmail-8.9.3

+----------------------------------------------------------------------+
| Daemon start | /usr/sbin/sendmail -bd -q1h |
|----------------------------+-----------------------------------------|
| Daemon termination | kill -TERM `head -1 |
| | /var/run/sendmail.pid` |
|----------------------------+-----------------------------------------|
| Daemon is for | receive, queue management (not for |
| | send) |
|----------------------------+-----------------------------------------|
| Concurrency control | ----------------------------------- |
|----------------------------+-----------------------------------------|
| Message submission | /usr/sbin/sendmail -fSDR RCPT |
|----------------------------+-----------------------------------------|
| Logging | /var/log/maillog (syslog) |
|----------------------------+-----------------------------------------|
| Outgoing queue | /var/spool/mqueue/ |
|----------------------------+-----------------------------------------|
| Listing of queued messages | /usr/sbin/sendmail -bp ; mailq |
|----------------------------+-----------------------------------------|
| Force queue processing | /usr/sbin/sendmail -q |
|----------------------------+-----------------------------------------|
| Location of aliases | /etc/aliases (see /etc/sendmail.cf) |
|----------------------------+-----------------------------------------|
| Reconstruction of alias db | /usr/sbin/sendmail -bi ; newaliases |
+----------------------------------------------------------------------+

zmailer-2.99.50s11

+----------------------------------------------------------------------+
| Daemon start | zmailer |
|---------------------+------------------------------------------------|
| Daemon termination | zmailer stop |
|---------------------+------------------------------------------------|
| Daemon is for | receive, send, queue management |
|---------------------+------------------------------------------------|
| Concurrency control | maxchannel of smtp/* in |
| | /usr/local/zmailer/scheduler.conf |
|---------------------+------------------------------------------------|
| Message submission | /usr/local/zmailer/bin/sendmail -f SDR RCPT |
|---------------------+------------------------------------------------|
| Logging | /var/log/mail/smtp |
|---------------------+------------------------------------------------|
| Outgoing queue | /var/spool/postoffice/queue/* |
|---------------------+------------------------------------------------|
| Listing of queued | /usr/local/zmailer/bin/mailq |
| messages | |
| Message submission | /usr/sbin/sendmail -fSDR RCPT |
|----------------------------+-----------------------------------------|
| Logging | /var/log/maillog (syslog) |
|----------------------------+-----------------------------------------|
| Outgoing queue | /var/spool/mqueue/ |
|----------------------------+-----------------------------------------|
| Listing of queued messages | /usr/sbin/sendmail -bp ; mailq |
|----------------------------+-----------------------------------------|
| Force queue processing | /usr/sbin/sendmail -q |
|----------------------------+-----------------------------------------|
| Location of aliases | /etc/aliases (see /etc/sendmail.cf) |
|----------------------------+-----------------------------------------|
| Reconstruction of alias db | /usr/sbin/sendmail -bi ; newaliases |
+----------------------------------------------------------------------+

zmailer-2.99.50s11

+----------------------------------------------------------------------+
| Daemon start | zmailer |
|---------------------+------------------------------------------------|
| Daemon termination | zmailer stop |
|---------------------+------------------------------------------------|
| Daemon is for | receive, send, queue management |
|---------------------+------------------------------------------------|
| Concurrency control | maxchannel of smtp/* in |
| | /usr/local/zmailer/scheduler.conf |
|---------------------+------------------------------------------------|
| Message submission | /usr/local/zmailer/bin/sendmail -f SDR RCPT |
|---------------------+------------------------------------------------|
| Logging | /var/log/mail/smtp |
|---------------------+------------------------------------------------|
| Outgoing queue | /var/spool/postoffice/queue/* |
|---------------------+------------------------------------------------|
| Listing of queued | /usr/local/zmailer/bin/mailq |
| messages | |
|---------------------+------------------------------------------------|
| Force queue | zmailer resubmit |
| processing | |
|---------------------+------------------------------------------------|
| Location of aliases | /usr/local/zmailer/db/aliases (:include: must |
| | be quoted with "") |
|---------------------+------------------------------------------------|
| Reconstruction of | /usr/local/zmailer/bin/newaliases |
| alias db | |
+----------------------------------------------------------------------+

----------------------------------------------------------------------

Copyright by Kyoto Motonori (motonori@wide.ad.jp)

Para imprimir una ' en awk tan facil como:
"'\''"

Ejemplo:

echo aa bb cc | awk '{ print $1"'\''"$3}'

$ cat /cygwin.bat
@echo off
C:
chdir C:\cygwin\bin
set DISPLAY=:0
rxvt -sl 9999 -rv -e bash --login -i

-----
thx pci =)

dig @nameserver version.bind txt chaos

awk '/INFECTED/ { print $8}' /var/log/maillog.1 | \
sed -e 's,(\(.*\))\,,\1,' | sort | uniq -c | sort -nr

Otra opicion:
-------------------------------------------------------------------

valerts=/var/mail/virtual/unsec.net/virusalert
var1=`grep "Subject: VIRUS" $valerts | sed -e 's,.*(\(.*\)).*,\1,g' \
| sort | uniq -c| sort -nr`
var2=`grep -A1 'The message WAS NOT delivered to' $valerts | \
grep -e '^<.*:$' | sed -e 's,<\(.*\)>:,\1,' \
| sort | uniq -c | sort -nr`
var3=`echo "$var1" | awk '{ print $1 }' | tr '\n' '+' | sed -e s,.$,,`
var4=$(( $var3 ))
echo " "
echo ".:[ Estadisticas generales ]:."
echo "------------------------------"
echo "Numero total de mails infectados: $var4"
echo " "
echo ".:[ Virus encontrados ]:."
echo "-------------------------"
echo "$var1"
echo " "
echo ".:[ Recipientes con mas virus ]:."
echo "---------------------------------"
echo "$var2"

Esta son mis settings para configurar el putty: putty.settings.reg. Claramente, el mejor
cliente de ssh.

Esta va a peticion ;)

Para cambiar la version del bind y no mostarar la verdedara
se utiliza "version" dentro de "options" del archivo
named.conf, como el siguiente ejemplo:

options {
version "Smile!, you re logged!";
........
};

Probando mod_security, he tratado de cambiar la cabecera
"Server" de mi apache, pero me daba el siguiente error:

SecServerSignature: not enough space to copy new signature

El casque este, es simplemente por que tengo activado la
la propia directiva de apache para que no muestre la version:

ServerTokens Prod

Simplemente no usandola... el tema empieza a rular

Si estas tratando de sincronizar tu palm con el portatil
y te da un error al marcar la opcion de infrarojos
en el hotsync (mandandote a leer //Helpnotes//IR_Readme.txt)
algo asi como: "Error accessing the IR Port. See the
//Helpnotes//IR_Readme.txt for more information", tiene facil
solucion:

- Panel de control
- Wireless link
- En la pestaña de Wireless Link desmarcar la opcion:
"Use wireless link to transfer images from a digital
camera to your computer".
(En castellano no se como lo pondra)
- Una vez hecho esto, rearrancar el hotsync y arreando.

No olvidar marcar en la pda que vais a usar irda!

teoricamente son correctas en un log de apache:

perl -ne 'print if /^(\S+) (\S+) (\S+) \[(.+)\] \"(.+)\" (\S+) (\S+) \"(.*)\" \"(.*)\"/' file

Y carril

Se edita un nuevo servicio en por ejemplo el archivo: /etc/xinet.d/redirect

service [PUERTO LOCAL]
{
disable = no
bind = [NUESTRA IP LOCAL]
flags = REUSE
socket_type = stream
wait = no
user = root
redirect = [HOST REMOTO] [PORT REMOTO]
log_on_failure += USERID
}

Toolbar para Internet Explorer de microsoft.

http://www.microsoft.com/downloads/details.aspx?familyid=[...]

Esta bastante currada...

Para instalar sin procmail:
The following assumes you are wanting to use SpamAssassin directly and without
the use of Amavisd.
To get Postfix piping all mail recieved into SpamAssassin for tagging and
sending on to the recipient follow these steps.

As root, create a file at /usr/bin called "postfixfilter", it should contain
the following:
#!/bin/bash
/usr/bin/spamc | /usr/sbin/sendmail -i "$@"
exit $?
Make it executable with "chmod 755 /usr/bin/postfixfilter".
Create a user called "spamfilter" with a home directory and shell.
Make spamfilter the owner of postfixfilter "chown spamfilter
/usr/bin/postfixfilter".
Edit the Services and Interfaces to non-Postfix software sections as follows:
Under the Services section locate the smtp line like this one:
smtp inet n - n - - smtpd

Directly below it CREATE this line, making sure to add the whitespace before
the -o:
-o content_filter=spamfilter:

Under the Interfaces to non-Postfix software section CREATE the following two
lines, making sure to add the whitespace before the flags:
spamfilter unix - n n - - pipe
flags=Rq user=spamfilter argv=/usr/bin/postfixfilter -f ${sender} -- ${recipient}
Use "postfix reload" to make Postfix use the changes. Send a test spam message
to yourself from an outside source and verify that its working.

Para poder tener un "screen" dentro de otro, y no liar
las teclas de ctrl-A-a en el cambio de ventanas, es posible
iniciar uno de los screen con una combinacion distinta:

screen -e\^Ee

De esta forma, el screen arrancado con esos parametros, usara
control-E-e en vez del control-A-a que es el definido por defecto.

Comandos necesarios para cambiar el "banner" de ssh. Lo que se muestra cuando
alguien hace un telnet al puerto del servicio.
(No confundir con la directiva "Banner" del archivo de configuracion de sshd,
que muestra un msg de bienvenida/aviso cuando alguien conecta usando un cliente
de ssh).

mkdir /tmp/openssh; cd /tmp/openssh
apt-get source ssh
cd directorio-ssh
sed -e 's,SSH_VERSION :=.*,SSH_VERSION := OpenSSH_3,'<debian/rules>debian/rules.tmp
mv debian/rules.tmp debian/rules
chmod +x debian/rules
dpkg-buildpackage -b -us -uc
cd ..
dpkg -i ssh...deb

Si se a?aden las siguientes cadenas a un servidor con soporte
PHP, se obtienen los creditos. (ego++)

?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
Muestra el logo de PHP

?=PHPE9568F35-D428-11d2-A769-00AA001ACF42
Muestra el logo de Zend.

?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
Muestra una imagen (varia segun la version)

?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
Muestra los creditos de los programadores (como cuando
me pasaba los monkey island)

Ejemplo:
http://www.php.net/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000

Para deshabilitarlo, basta con poner a Off en el php.ini el parametro "expose"

Del php.ini:

--------
; It is no security
; threat in any way, but it makes it possible to determine whether you
; use PHP on your server or not.
-------

Thx croulder -

Los comandos necesarios son:

mkdir -p /var/lib/named/etc
mkdir /var/lib/named/dev
mkdir -p /var/lib/named/var/cache/bind
mkdir /var/lib/named/var/run
mv /etc/bind /var/lib/named/etc
ln -s /var/lib/named/etc/bind /etc/bind
cp /etc/localtime /var/lib/named/etc
mknod /var/lib/named/dev/null c 1 3
mknod /var/lib/named/dev/random c 1 8
mknod /var/lib/named/dev/log c 21 5
chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random
chown bind:bind /var/lib/named
chown -R bind:bind /var/lib/named/etc/bind /var/lib/named/var/*
chmod 700 /var/lib/named

Luego... a?adir en /etc/bind/named.conf.options

pid-file "/var/run/named.pid";
statistics-file "/var/run/named.stats";

Editar /etc/default/bind9 (o /etc/init.d/bind9), la variable
OPTIONS tiene que contener "-u bind -t /var/lib/named" y modificar
todas las rutas que apunten a /var/run/bind/run por /var/run

Editar /etc/init.d/sysklogd y a?adir en la variable OPTIONS
"-a /var/lib/named/dev/log"

Si se usa el sistema de logs del POST pasado, a?adir estos comandos:

mkdir -p /var/lib/named/var/log/named
touch /var/lib/named/var/log/named/dns_logs
touch /var/lib/named/var/log/named/dns_warnings
ln -s /var/lib/named/var/log/named/ /var/log/named
chown bind:bind -R /var/lib/named/var/log/named
chmod o-r -R /var/lib/named/var/log/named

Una posible solucion puede ser:

head -c 45 /dev/urandom | uuencode -m - | sed -e \
's,.*\([0-9]\).*,\1,' -e '1d;n;$d'

Tener en cuenta que si en 45bytes de urandom no aparece un numero, no funciona

Actualiacion: Mon Jun 20 11:29:08 CEST 2005
Buenas chavalote!

A ver si pones comentarios en tu blog ;)

echo $RANDOM en bash ;)
--
Luis Peralta / jaxp
http://spisa.act.uji.es/~peralta/
------------

Like you, I love Firefox for many reasons, including popup blocking. So
over the last few weeks I.ve been surprised to see occasional popups.

It turns out that some clever people figured out that you could launch
popups from Flash, getting around the Firefox default settings.

Fortunately, you can get around it:

1. Type about:config into the Firefox location bar.
2. Right-click on the page and select New and then Integer.
3. Name it privacy.popups.disable_from_plugins
4. Set the value to 2.

The possible values are:

* 0: Allow all popups from plugins.
* 1: Allow popups, but limit them to dom.popup_maximum.
* 2: Block popups from plugins.
* 3: Block popups from plugins, even on whitelisted sites.

From:
http://www.petebevin.com/archives/2005/03/10/firefox_popups.html

Despues de jugar con el "share network access", del accesotelefono a redes y de los interfaz, el openvpn sera incapaz de a?adirlas rutas que necesita para llegar al otro lado. Para que todo vuelva a funcionar correctamente, es necesario queno se comparta ninguna acceso. (-sic-)

En vez de ir probando de uno en uno para ver si funcionan o no,
estupido script al canto:

#!/bin/bash
if [ -z $1 ]; then echo "./$0 " && exit 0; fi
for proxy in `cat $1 |awk '{print $1}'`; do
export http_proxy="http://$proxy"
h=`/usr/bin/time -f "\n%e" -o /dev/stdout -- wget -T 5 -q -O - -t 1 http://www.google.com`
t=`echo "$h"|tail -1`
if [[ $h == *\<title\>Google\</title\>* ]]; then
echo "Proxy up!: $proxy ($t secs)";
fi
done

Basta que te pase una vez, para que tengas que apuntarlo.

El problema viene cuando quieres meter IFS a \n, lo que en bash
seria algo asi como:

export IFS=$'\n' (con comilla simple, para que no parta por "n")

En ksh se realiza de esta forma tan fea, que con la de bash, no tira:

export IFS="
"

Para mantener un registro de las peticiones que hacen
a nuestro DNS yo tengo configurado lo siguiente en
mi named.conf:

logging {
channel warning
{
file "/var/log/named/dns_warnings" versions 3 size 100k;
severity warning;
print-category yes;
print-severity yes;
print-time yes;
};

channel general_dns
{
file "/var/log/named/dns_logs" versions 3 size 100k;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category lame-servers { null; };
category default { warning; };
category queries { general_dns; };

};

Evidentemente los directorios tienen que tener permiso para el usuario
que ejecuta el named.

Title: Cerberus Helpdesk multiple vulnerabilities.
Severity: Medium
Affected: cerberus-gui (2.649), support-center (2.649<->3.2.0pr2)
Problem type: remote

Description:
-------------------------------------------------------------------------------

Cerberus Helpdesk is a WebGroup Media helpdesk suite based in php enviroment.
Official webpage: http://www.cerberusweb.com/

Details:
-------------------------------------------------------------------------------

support-center:
*******************************

SQL injection in attachment_send.php (line 112):
You can download files from other users or use blind sql injection attacks:
Example url:
.../support-center/cerberus-support-center/attachment_send.php?file_id=N [SQL] &thread_id=1
CODE:
$sql = "SELECT part_content FROM thread_attachments_parts WHERE file_id = $file_id";

XSS:
http://server/support-center/index.php?mod_id=2&kb_ask=%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E

cerberus-gui (parser-related):
*******************************

There are few sql injections if XML is malicious generated:

SQL injections in email_parser.php:

Function: "is_queue_address" (line: 1397) doesn.t check properly the "$addy" value.
CODE:
$sql = sprintf("SELECT q.queue_name, q.queue_mode, q.queue_email_display_name, ".
"qa.queue_addresses_id, qa.queue_id, qa.queue_address, ".
"qa.queue_domain, q.queue_prefix, q.queue_response_open, ".
"q.queue_send_open, q.queue_response_gated ".
"FROM queue_addresses qa ".
"LEFT JOIN queue q USING (queue_id) ".
"WHERE LOWER(qa.queue_address) = '%s' ".
"AND LOWER(qa.queue_domain) = '%s'",
strtolower($mailbox),
strtolower($domain)

Function: "is_banned_address" (line: 752) doesn.t check "$address" properly.
CODE:
SELECT a.address_banned FROM address a WHERE a.address_address = '".$address."'";

Function: "is_admin_address" (line 1532) you can bypass this function using, as an email address, the following query: "'OR'u.user_superuser'='1'--".
Example of result of this query:
SELECT u.user_id FROM user u WHERE u.user_email != '' AND u.user_email = '' OR u.user_superuser = '1'
CODE:
SELECT u.user_id FROM user u WHERE u.user_email != '' AND u.user_email = '$address'";

SQL injection in structs.php:
Function: "cer_email_address_struct" (line: 167) doesn.t check the following query.
CODE:
$sql = "SELECT a.address_id,a.address_banned FROM address a WHERE a.address_address = '" . $a_address . "'";

cerberus-gui:
*******************************

SQL injection in cer_KnowledgebaseHandler.class.php:
Function: "_load_article_details" (line 270), you can fetch "superuser" md5 password with blind sql injection.
Example URL:
/cerberus-gui/knowledgebase.php?mode=view_entry&root=2&sid=c7bb6a0d5f83d61d75053c85c14af247&kbid=4 [SQL]
CODE:
$sql = "SELECT k.kb_id, k.kb_entry_date, k.kb_public, k.kb_category_id, k.kb_keywords, kp.kb_problem_summary, kp.kb_problem_text, kp.kb_problem_text_is_html, " .
" ks.kb_solution_text, ks.kb_solution_text_is_html, kc.kb_category_name, u.user_login As entry_user, k.kb_avg_rating, k.kb_rating_votes " .
" FROM knowledgebase k LEFT JOIN knowledgebase_problem kp ON (kp.kb_id=k.kb_id) LEFT JOIN knowledgebase_solution ks on (ks.kb_id=k.kb_id) ".
" LEFT JOIN knowledgebase_categories kc ON (kc.kb_category_id=k.kb_category_id) LEFT JOIN user u ON (k.kb_entry_user=u.user_id) " .
" WHERE k.kb_id = " . $kbid;


SQL injection in "addresses_export.php":
Example URL:
POST: /cerberus-gui/addresses_export.php
sid=c61ce82aa50569705dd774c33644446c&queues%5B%5D=[SQL]&delimiter=comma&file_type=screen&form_submit=x
CODE:
$sql = "SELECT DISTINCT a.address_address FROM ticket t LEFT JOIN thread th ON (t.min_thread_id=th.thread_id)
LEFT JOIN address a ON (th.thread_address_id=a.address_id) WHERE t.ticket_queue_id IN ($queues) ORDER BY a.address_address ASC;";

SQL injection in "display.php". "$thread" is not checked
CODE:
$sql = "SELECT th.thread_address_id, a.address_address FROM thread th LEFT JOIN address a ON (th.thread_address_id = a.address_id) ".
"WHERE th.thread_id = " . $thread;

SQL injection in "display_ticket_thread.php" (line 52).
Example URL:
/cerberus-gui/display_ticket_thread.php?type=comment&sid=a640d024f84be01320aacb0ec6c87d74&ticket=[SQL]
CODE:
$sql = "SELECT t.ticket_id, t.ticket_subject, t.ticket_status, t.ticket_date, t.ticket_assigned_to_id, t.ticket_queue_id, t.ticket_priority, th.thread_address_id, ad.address_address, t.queue_addresses_id, q.queue_name " .
"FROM ticket t, thread th, address ad, queue q " .
"WHERE t.ticket_queue_id IN ($u_qids) AND th.ticket_id = t.ticket_id AND t.ticket_queue_id = q.queue_id AND th.thread_address_id = ad.address_id AND t.ticket_id = " . $ticket . " GROUP BY th.thread_id LIMIT 0,1";

Solution:
-------------------------------------------------------------------------------
Not available, maybe changing every "$cerberus_db->query($sql)" to "$cerberus_db->escape($sql)".

History:
-------------------------------------------------------------------------------
15-20/Nov/2005 --- Bugs discovered
11/Dec/2005 --- The Author has been notified .
19/Dec/2005 --- Full disclosure

http://osi.oracle.com/CollaborationSuite9041/doc/install/ports.htm

21 Oracle Files - FTP (default value)
110 Oracle Email - POP
119 Oracle Email - NNTP
139 Oracle Files - SMB
389 LDAP (Oracle Internet Directory)
548 Oracle Files - AFP
563 Oracle Email NNTP- SSL
636 Oracle Internet Directory- SSL
995 Oracle Email POP- SSL
1521 Oracle Workflow - TNS
1748 Oracle Enterprise Manager Intelligent Agent
1754 Oracle Enterprise Manager Intelligent Agent
1808 Oracle Enterprise Manager Intelligent Agent
1809 Oracle Enterprise Manager Intelligent Agent
1810 Oracle Enterprise Manager Application Server Service
1811 Oracle Enterprise Manager Application Server Service
1950 Oracle9iAS Reports Services SQL*Net
2049 Oracle Files - NFS (default value)
2070 Oracle9iAS Syndication Server (OSS); To access OSS
3001 Oracle9iAS Containers for J2EE - AJP
3101 Oracle9iAS Containers for J2EE - RMI
3201 Oracle9iAS Containers for J2EE - JMS
3301 Oracle9iAS Containers for J2EE HTTP Listener
4000 Oracle9iAS Web Cache Administration Port
4001 Oracle9iAS Web Cache Invalidation Port
4002 Oracle9iAS Web Cache Statistics
4031 Oracle Internet Directory SSL
4032 Oracle Internet Directory non-SSL
4443 Oracle HTTP Server- SSL, Oracle HTTP Server Listen- SSL, Oracle9iAS Web Cache Listen- SSL
4444 Oracle HTTP Server Listen- SSL if Oracle9iAS Web Cache is installed and configured
5000 Oracle9iAS Single Sign-On
5100 Oracle Email
5730 Oracle Calendar
5731 Oracle Calendar
5732 Oracle Calendar
5734 Oracle Calendar server manager
6003 Oracle HTTP Server- Oracle Notification Service Request Port
6100 Oracle HTTP Server- Oracle Notification Service Local Port
6200 Oracle HTTP Server- Oracle Notification Service Remote Port
6666 Oracle9iAS Clickstream Collector Agent
6675 Oracle9iAS Clickstream Collector Server
6676 Oracle9iAS Clickstream Execution Engine
7000 Oracle HTTP Server Java Object Cache
7771 Oracle Management Server
7772 Oracle Management Server
7773 Oracle Management Server
7777 Oracle HTTP Server- non-SSL, Oracle HTTP Server Listen- non-SSL, Oracle9iAS Web Cache Listen-non-SSL
7778 Oracle HTTP Server Listen- non-SSL if Oracle9iAS Web Cache is installed and configured
8007 Oracle HTTP Server JServ Servlet Engine
4444 Oracle HTTP Server Listen- SSL if Oracle9iAS Web Cache is installed and configured
5000 Oracle9iAS Single Sign-On
5100 Oracle Email
5730 Oracle Calendar
5731 Oracle Calendar
5732 Oracle Calendar
5734 Oracle Calendar server manager
6003 Oracle HTTP Server- Oracle Notification Service Request Port
6100 Oracle HTTP Server- Oracle Notification Service Local Port
6200 Oracle HTTP Server- Oracle Notification Service Remote Port
6666 Oracle9iAS Clickstream Collector Agent
6675 Oracle9iAS Clickstream Collector Server
6676 Oracle9iAS Clickstream Execution Engine
7000 Oracle HTTP Server Java Object Cache
7771 Oracle Management Server
7772 Oracle Management Server
7773 Oracle Management Server
7777 Oracle HTTP Server- non-SSL, Oracle HTTP Server Listen- non-SSL, Oracle9iAS Web Cache Listen-non-SSL
7778 Oracle HTTP Server Listen- non-SSL if Oracle9iAS Web Cache is installed and configured
8007 Oracle HTTP Server JServ Servlet Engine
9000 Oracle9iAS Wireless PIM Notification Dispatcher
14000 Oracle9iAS Reports Services Visigenics - CORBA
16001 IIOP
53000 range Oracle Files Domain Controller and Nodes
53000 range Oracle Files Main Node
53000 range Oracle Files HTTP Node

En la ejecucion de un CGI que esta en el cgi-bin

Posibles causas:

* No tiene bien puesta la cabecera tipica de #!/bin/sh #!/usr/bin/perl ...
* dos2unix es tu amigo (aka tr -d '\015')

Otra cosa interesante que me he encontrado hoy es fingerprint en bind9:

The BIND 9.1.0beta releases and now BIND 9.1.0 include another hard coded
chaos record called "authors". So now even if an admin changes or
suppresses their version reply string, a remote user can still determine
whether the server is running BIND 9.x. With the recent discovery of the
tsig bug in BIND there will probably be a huge rise in version
queries. Some attackers may remove ambiguity by skipping servers that
reply to authors.bind (inferring that it's bind 9.1.0 and not vulnerable).

% dig ns.example.com authors.bind chaos txt

or

% nslookup -q=txt -class=CHAOS authors.bind. ns.example.com
Server: ns.example.com
Address: 23.23.23.23

authors.bind text = "Bob Halley"
authors.bind text = "Mark Andrews"
authors.bind text = "James Brister"
authors.bind text = "Michael Graff"
authors.bind text = "David Lawrence"
authors.bind text = "Michael Sawyer"
authors.bind text = "Brian Wellington"
authors.bind text = "Andreas Gustafsson"

The following Snort signature will detect these probes:
alert UDP $EXTERNAL any -> $INTERNAL 53 (msg: "IDS480/named-probe-authors";
content: "|07|authors|04|bind"; depth: 32; offset: 12; nocase;)
http://whitehats.com/info/IDS480

Max

http://archives.neohapsis.com/archives/bugtraq/2001-01/0491.html

Obtencion de informacion mediante ntp:

echo -ne '\x16\x02\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00' | nc -u hora.rediris.es 123


o

ntpq -c rv hora.rediris.es

dab: pci
dab: como hago en sed que me borre una linea
dab: y 2 que vienen debajo
Pci: eh?
dab: en sed
dab: quiero matchear una linea
dab: y borrar esa linea y dos que la suceden
Pci: cat /etc/passwd |sed -n '/^andres.*$/{N;N;d;};p'
Pci: dab: con eso borro a andres y a los dos user de debajo

Para limpiar el HIVE del registro, en concreto el CURRRENT_USER, funciona como servicio:
http://www.microsoft.com/downloads/details.aspx?FamilyID=1B286E6D-8912-4E18-B570-42470E2F3582&displaylang=en

PowerToys interesantes en Microsoft:
http://www.microsoft.com/spain/windowsxp/downloads/powertoys/xppowertoys.mspx

En concreto merecen la pena: TweakUI: para optimizar parámetros del XP SP1 o superior, TaskSwitch: para añadir un thumbnail cuando se hace Alt-Tab, Deskman: Virtual Desktops al puro estilo de Linux

El archivo .cue tiene que contener correctamente el directorio del archivo .BIN.

Comandito en consola:
$ drutil -drive internal burn -noverify -eject Imagen.cue

1) Insert Disk 1 of Tiger Install Disk (you don't have to boot from it)
2) Double click DVD icon to open Finder window
3) Scroll down window till you find "Optional Installs" package.
4) Double click on this and follow install till you get to "Installation Type"
5) Select "Applications" and under it you'll find "X11"
6) Select it and follow the rest...

jchuzi

Más alla del Cover Designer de Nero, existe MediaFace de Neato: http://www.neato.com/Detail.aspx?SID=1. Bastante más completo y con opciones muy interesantes.

You need to use the "option domain-name" parameter, a la:

Don't forget the quote marks around the search domains, and the semi-colon
at the end of the option line.

http://linux.derkeiler.com/Mailing-Lists/RedHat/2005-06/0242.html

Lo tipico es conocer spybot y hijackthis...
De un mail de forensic-es:

Puedes utilizar tal como recomiendo en la NNL 32
http://nnlnews.com/32.php
http://www.whatsrunning.net/whatsrunning/main.aspx

Carlos Tori
www.wedoit.com.ar

http://www.acc.umu.se/~bosse/filedisk-14.zip

FileDisk is a virtual disk driver for Windows NT/2000/XP that uses one or more files to emulate physical disks. A console application is included that let you dynamically mount and unmount
files. An example of use for this driver is if you have made plans spending the weekend writing
an RAID driver for NT but find you are short of disks. FileDisk can also use CD-images.

Latest news: Works on Windows XP, FileDisk images can be stored on network drives, support for CD-images, support for UNC paths, support for sparse files.

FileDisk can use sparse files as disk images. A sparse file is a file were suficiently large
blocks of zeros isn't allocated disk space. You can create sparse files with the tool
mksparse.zip. To see how much disk space a file actually uses right click on the file and
choose properties. If you for example creates a sparse file of 4GB, mounts it in FileDisk and
formats it to NTFS, it will only take up 24MB on disk but looks like a normal disk of 4GB.

Pequeño script para genear un archivo RSS con los directorios que se van creando dentro un glftpd. Para que funcione hace falta que sea llamado desde el project-zs-ng, en concreto, habria que modificar el zsconfig.h a estos valores:

#define enable_complete_script TRUE
#define complete_script "/bin/glftpd2rss.sh"

Otra opción es modificandolo un poco, se puede ejecutar con un cscript propio del glftpd, cada vez que se llame a "MKD".

Basicamente genera entradas con el nombre del directorio y su tamaño.

Ya que el glftpd se ejecuta enjaulado, requiere que el directorio donde se genera el RSS (y copian los archivos NFO) este visible desde el propio DocumentRoot del servidor web. Algo que se puede hacer mediante un mound --bind o un link.

Download: glftpd2rss.sh

De:http://www.3gspain.org/foros/showthread.php?t=6114&page=4

Por fin eh encontrado la SOLUCION para que mi telefono acepte mi tarjeta, me explico: Tengo un movil N70 Vodafone ,cuando quise liberalo utilizando el cable DKU-5 y de software BB5. que ocurrio? pues como a muchos me fallo en el proceso y despues la famosa frase "sp data is corrupted" (la odio, menudo susto me dio). Bueno despues de esto no aceptaba la tarjeta y casi me cago por que el movil tiene una semana y ya me estaba imaginadome en la tienda inventandome una excusa para que colara( que no iba a colar por que estan cansados de este tipo de problemas). Consulte muchos foros lo intente todo (este tambien por supuesto), y no me sirvio de nada, horas rompiendome la cabeza para nada, pero en una pagina de internet ( http://www.oobonioo.com/modules.php?...=article&sid=3 )ley algo que me hizo pensar que igual la solucion era no dejar pensar al telefono a la hora de utilizar el bb5, entonces lo que hice fue (con tarjeta sim y todo), conectar el cable al telefono abrir el programa, apagar el telefono, volver a encenderlo y tan pronto como encendio la luz blanca darle a " WR backup " y "sorpresa" mi tarjeta volvio a FUNCIONAR.

Como no me puedo estar quieto, al final intente liberar el movil siguiendo todos los pasos con el bb5 pero con un unico detalle, para conseguir el log hice lo mismo apague-encendi, y para meter el codigo con la opcion SP Unlock apague-encendi, y premio, movil desbloqueado, eso si lo hice sin cerrar nunca el programa bb5.

El truco está en dar al boton primero del software y luego encender el movil, y todo solucionado.