Another cyberwar/protest against the Malaysian Government stories taken from The Star Online:

- The www.malaysia.gov.my portal targeted for attack at 3.30am today by a foreign-based hacker group has been offline since midnight. Several other Malaysian Government websites are also offline.

Speculation is rife on blogs and Twitter, the micro-blogging site, with some believing that the hacker group that calls itself Anonymous has launched a distributed denial-of-service attack on the websites.

Others, however, seem equally sure that local authorities have unplugged the servers of these sites, either in an attempt to spoil Anonymous’ plan, or to buy more time for website security to be upgraded before putting the sites back online.

Securitynewsdaily.com posted that the malaysia.gov.my website became unresponsive around midnight, most likely due to a denial-of-service attack.

This method of attack involves bombarding the website with an ever increasing amount of requests that it eventually becomes unable to handle all the queries and crashes.

On Twitter, some said they don’t believe it was due to plug-pulling, while others stated that it was. One person tweeted that he received e-mail messages advising him to switch off servers, but did not provide more details when contacted through Twitter.

The other government websites that were offline include www.parlimen.gov.my, www.rmp.gov.my (Royal Malaysian Police),www.treasury.gov.my (Ministry of Finance), and www.mocat.gov.my(Ministry of Culture, Arts and Tourism). But the Parliament, Treasury and Police websites came back up before 9am.

Among the unaffected are the websites belonging to the Ministry of Defence, Department of Islamic Development, the Election Commission, and Tourism Malaysia.

Anonymous had threatened to hack the malaysia.gov.my portal to protest against the Malaysian Government’s censorship of the Internet, movies and TV shows. And because Malaysia had banned and called for the blocking of 10 filesharing sites. These sites were among the most visited by Malaysians to illegally download movies. -

Command-line:

find your_path_location -exec grep  name_to_find {} \; -print

Bash script:

#!/bin/sh

find $1 -exec grep $2 {} \; -print > /write_logs/to &

and run your script:

./filename.sh location name

Thats all! Happy hunting

The same result for Nessus 4.01

HITBSecConf2009 – Malaysia will also see a new and improved version of our highly popular team-based hacking competition known as Capture The Flag. First developed and presented at Defcon in the US, the idea behind a CTF competition is to allow for teams of three to hack into prepared servers running in order to retrieve marked files or flags on these target machines. Participants will also be required to defend their systems from attack. Teams will be judged on both their defensive as well as the offensive game play.

We believe HITBSecConf is an ideal platform for leading network security vendors to not only meet with some of the leading network security specialists but to also showcase their own technology and solutions with the public as well.

Venue:
Crowne Plaza Mutiara Kuala Lumpur,
Jalan Sultan Ismail,
50250 Kuala Lumpur

Technical Training – DAY 1 and DAY 2
Date: 5th and 6th October 2009
Time: 0900 – 1800
TECH TRAINING 1 – Web Application (in)Security
TECH TRAINING 2 – The Art of Network Based Forensics – Going Beyond Packet Data
TECH TRAINING 3 – The Exploit Laboratory 4.0
TECH TRAINING 4 – The Security of ASEAN Locks (CLOSED DOOR SESSION FOR .GOV / LAW ENFORCEMENT ONLY)
TECH TRAINING 5 – Forensic Acquisition and Analysis (*NEW*)

Conference DAY 1 and DAY 2
Date: 7th and 8th October 2009
Time: 0900 – 1800
Triple Track Conference
HITB Labs
Capture The Flag (CTF)
Lock Picking Village
HAM Radio Village

For more details please visit HITBSecConf 2009

# wget http://mirror.mcs.anl.gov/openssh/portable/openssh-5.2p1.tar.gz

Check your md5/sha1

(md5sum : ada79c7328a8551bdf55c95e631e7dad)

(sha1sum : 8273a0237db98179fbdc412207ff8eb14ff3d6de)

Next, prepare to build and install the RPM. Disable the building of GUI components in the spec file. We don’t need these on a server:

# tar zxvf openssh-5.2p1.tar.gz
# cp openssh-5.2p1/contrib/redhat/openssh.spec /usr/src/redhat/SPECS/
# cp openssh-5.2p1.tar.gz /usr/src/redhat/SOURCES/
# cd /usr/src/redhat/SPECS
# perl -i.bak -pe ‘s/^(%define no_(gnome|x11)_askpass)\s+0$/$1 1/’ openssh.spec
# rpmbuild -bb openssh.spec
# cd /usr/src/redhat/RPMS/`uname -i`
# ls -l
-rw-r–r– 1 root root 275808 Feb 27 08:08 openssh-5.2p1-1.x86_64.rpm
-rw-r–r– 1 root root 439875 Feb 27 08:08 openssh-clients-5.2p1-1.x86_64.rpm
-rw-r–r– 1 root root 277714 Feb 27 08:08 openssh-server-5.2p1-1.x86_64.rpm
# rpm -Uvh openssh*rpm
Preparing… ########################################### [100%]
1:openssh ########################################### [ 33%]
2:openssh-clients ########################################### [ 67%]
3:openssh-server ########################################### [100%]

# service sshd restart

Check the sshd version you are running by typing:

telnet [host] [port]

Security researchers at Milw0rm warn that the Kloxo (formerly Lxadmin) web hosting platform from LxLabs contains 24 security vulnerabilities and exploits. The flaws include SQL injection vulnerabilities and flaws that create a way for hackers to gain file access to files hosted on a vulnerable system.

Source: http://www.channelregister.co.uk/2009/06/09/lxlabs_funder_death/

Date:30th May 2009

Location: Sri Putramas 2 Domain Hall