8/27/2011

WikiCFP

WikiCFP is a useful wiki site that collates CFP.

However am a bit disappointed that it does not automatically track to the following year for the same events, e.g. once a conference is over and the dates for the following year announced, it should link to the following years conference details, instead of manually searching for it.

There is also an iPhone Application called WikiCFP that links to the site. Although functional, the application is not very intuitive, for the relatively high price of the application I was expecting more out of it, e.g. calendar integration, etc.

Runtime on notebooks

Got an Apple MacBook Pro towards the start of the year. Issue was that closing the lid only puts the machine in stand by mode which still consumes power, so I wasn't getting as long a runtime as I would on my old HP nx6120 with a travel battery.

A Google search led me to Todd Huss's[2] page below. This identified the pmset[1] command as being quite useful. I followed the instructions and now have the MacBook hibernating when I close the lid. Since then I have been asked by a number of colleagues about this, so thought I better document it here.

I rebuilt the old HP nx6120 to run Ubuntu 10.04 LTS. Again noticed that I wasn't getting reasonable runtime, instead of the usual 8-10 hrs, I only got around 3-4hrs. A discussion with a colleague led me to Linux Laptop Tools. Again some "Googling" led to the Ubuntu power management[3] which seemed to increase the runtime.

References

  1. http://en.wikipedia.org/wiki/Pmset
  2. http://gabrito.com/post/hibernate-with-the-macbook-pro
  3. https://wiki.ubuntu.com/PowerManagement

8/26/2011

securingSCADA.info

The securingSCADA.info site was launched earlier this year, it now boasts the wiki, that is slowly being populated with resource information on penetration testing, security compliance, etc.

It's targeted towards individuals and organisations from academia and industry working in relation to SCADA, smart grid and related security areas. Of course everyone is welcome to sign up and contribute as the site is driven to providing security through collaboration.

The site is located at http://www.securingscada.info

8/24/2011

Installing joomscan on Ubuntu 10.04 LTS

OWASP Joomla! Security Scanner that "detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site." However it appears to have been neglected, but is promised to be updated soon.

  1. cd /opt
  2. sudo apt-get install -y libtest-www-mechanize-perl
  3. svn co https://joomscan.svn.sourceforge.net/svnroot/joomscan joomscan
  4. cd joomscan
  5. chmod 755 trunk/joomscan.pl
  6. trunk/joomscan.pl update

8/23/2011

Installing Metasploit 4.0.0 on Ubuntu 10.04 LTS

Installing metasploit is quite easy. I have documented the installation instructions that I used below, however its just as simple to follow the more comprehensive instructions from the Rapid7/Metasploit site[1] (https://community.rapid7.com/docs/DOC-1296).



  1. sudo apt-get install -y ruby libopenssl-ruby libyaml-ruby libdl-ruby libiconv-ruby libreadline-ruby irb ri rubygems
  2. wget http://updates.metasploit.com/data/releases/framework-4.0.0.tar.bz2
  3. sudo mkdir /opt/metasploit4
  4. sudo bunzip framework-4.0.0.tar.bz2
  5. sudo tar xvf framework-4.0.0.tar
  6. sudo mv msf3 /opt/metasploit4
  7. sudo chown -R root:root /opt/metasploit4/msf3
  8. sudo ln -s /opt/metasploit4/msf3/msf* /usr/local/bin
  9. cd /opt/metasploit4/msf3
  10. sudo svn update
  11. sudo crontab -e -u root # Enter "1 * * * * * /usr/bin/svn update  /opt/metasploit4/msf3/ >> /var/log/msf3update.log 2>&1"
  12. sudo apt-get install -y mysql-server
  13. sudo apt-get install -y rubygems libmysqlclient-dev
  14. sudo apt-get install -y ruby-dev
  15. sudo gem install mysql


References:
  1. https://community.rapid7.com/docs/DOC-1296