Category Security

File Carving Software

File carving is the process of reassembling computer files from fragments in the absence of filesystem metadata. The carving process makes use of knowledge of common file structures, information contained in files, and heuristics regarding how filesystems fragment data. Fusing…

detect flashback mac

F-Secure  has created a free tool that automates the detection and removal of the widespread Flashback Mac OS X malware. How to use the tools: 1) Download FlashbackRemoval.zip to the Mac machine you want to scan. 2) Double-click the zip package to unzip it in the…

detect mac flashback

to detect the mac flashback virus (courtesy of cnet.com) How does it work? The Flashback malware injects code into applications (specifically Web browsers) that will be executed when they run, and which then send screenshots and other personal information to…

ossec clear database

To delete all currently stored alerts and related data in the ossec database execute these commands in MySQL Editor: truncate table alert; truncate table data; Bash Script: #!/usr/local/bin/bash # #Stop ossec, remove old alerts, start ossec echo “stopping ossec” /var/ossec/bin/ossec-control…

Install OSSEC local on Ubuntu

  Download files wget wget Check the MD5 or SAH1 to make sure they are legit (Don’t skip!!) md5sum ossec-hids-latest.tar.gz cat ossec-hids-latest_sum.txt Extract the files from the tar tar zxvf ossec-hids-latest.tar.gz Cd into the directory and run the…