Linux - Introduction by Andy Sayler and how to patch your for heartbleed

Algo extra para los usuarios de Linux.

Patch your WHM/cPanel machine for heartbleed

Remenda tu WHM/cPanel del Heartbleed

April 8, 2014 — Leave a comment

You’ve certainly heard about Heartbleed by now. If not, you can read more about this vulnerability at Heartbleed.com. Continue reading this post to find out if you’re vulnerable, and how to patch your server.

Once you understand it, you’ll want to patch your system. If you’re running Centos 5, you don’t need to worry because it doesn’t have the version of OpenSSL that is vulnerable.

If you’re running Centos 6, read on and patch.

1. Run this test to see if you’re patched:

1	rpm -q --changelog openssl-1.0.1e-16.el6_5.7.x86_64 | grep -B 1 CVE-2014-0160

If you see the following output, you’re patched (skip to #3):

1 2 3

root@linuxbrigade.com [~]# rpm -q --changelog openssl-1.0.1e-16.el6_5.7.x86_64 | grep -B 1 CVE-2014-0160 * Mon Apr 07 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-16.7 - fix CVE-2014-0160 - information disclosure in TLS heartbeat extension

2. If you didn’t see the output above stating you are already patched, run ‘yum update’ to install the patch:

1	yum update

You’ll see some things scroll by, but noticeably this package in particular:

1 2	openssl-1.0.1e-16.el6_5.7.x86_64.rpm                                                                                                               openssl-devel-1.0.1e-16.el6_5.7.x86_64.rpm

You can run that command from #1 if you like to ensure things went well.

3. Reboot the server (this is probably a good time to take advantage of any kernel updates that may have installed as well!)

4. If you’d like to test from the outside, you can use this test:
http://filippo.io/Heartbleed/

5. You’re done.. move on to the next server.

En Maracucho.

Remenda tu WHM/cPanel del Heartbleed

Seguro ya sabes del Hearbleed, si crees que la maquina es vulnerable al Heartbleed, has lo sigiente.

Si la cpu esta corriendo con Centos 5 no tiene problema, no hay vulnerabilidad en la version del OpenSSL

Sirve es para el Centos 6

1. Rueda esta prueba para ver si estas seguro

1	rpm -q --changelog openssl-1.0.1e-16.el6_5.7.x86_64 | grep -B 1 CVE-2014-0160

Si ves lo siguiente, salta hasta el paso #3

1 2 3

root@linuxbrigade.com [~]# rpm -q --changelog openssl-1.0.1e-16.el6_5.7.x86_64 | grep -B 1 CVE-2014-0160 * Mon Apr 07 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-16.7 - fix CVE-2014-0160 - information disclosure in TLS heartbeat extension

2. Si no, rueda el 'yum update para instalar el parcheo

1	yum update

Veras algo, pero observa este en particular

1 2	openssl-1.0.1e-16.el6_5.7.x86_64.rpm                                                                                                               openssl-devel-1.0.1e-16.el6_5.7.x86_64.rpm

Puedes rodar el comando del #1 si quieres asegurarte de que todo ha ido bien.

3. Apaga y prende el servidor (esto es posiblemente una buena accion ya que ademas pueden instalarse los updates nuevos, necesarios siempre) 

4. Si quieres probarlo desde otra fuente, una fuente de afuera, prueba esta pagina:

http://filippo.io/Heartbleed

5. Estais listo...muevete al proximo servidor.

Kipkay website (Kipduino and more hacks)

http://kipkay.com

Kipkay es una pagina de hack entre otras cosas que se basa en eso, hacks, dandole a todos algunos datos y tutoriales sobre los hacks.

Kipduino


Es el Hazlo-Tu-Mismo Arduino, que ya de por si es como una interface entre la computadora, y la funcion que uno quiera hacer, determinando los componentes puestos en la interface, el arduino. El Kipduino es como un Arduino pero hecho de cero, por uno mismo, he hay la diferencia y el reto.

SPY HACKS!



En Español: Se trata de un aparato que conectando algunos cables al carro u otra fuente de energia(pilas) uno puede ver donde a estado la persona o importante, saber si te estan investigando.

ahora, esto es comercial, lo que dice que no es nada comparado con lo que hay para los gobiernos o los que pagen bastante para ver lo que haces, pero por ahora, uno puede saber donde el hijo o hija de uno se lleva el carro y vainas asi.


Este es la paranoia total para el que este siendo investigado, el hack hace que de ese tanque, se le sace la camara y sea esta puesta en otro lugar, donde no se vea nada, a simple vista, pero escondida este y vean lo que pase en un cuarto u oficina.

Internet Relay Chat - zero (Prelude)

The IRC Prelude

By David Caraballo (DC-itsme) and Joseph Lo (Jolo)

The original version of this page is at <http://www.irchelp.org/irchelp/new2irc.html>

---

What is IRC, and how does it work?

IRC (Internet Relay Chat) provides a way of communicating in real time with people from all over the world. It consists of various separate networks (or “nets”) of IRC servers, machines that allow users to connect to IRC. The largest nets are EFnet (the original IRC net, often having more than 32,000 people at once), Undernet, IRCnet, DALnet, and NewNet.

Generally, the user (such as you) runs a program (called a “client”) to connect to a server on one of the IRC nets. The server relays information to and from other servers on the same net. Recommended clients:

• UNIX/Linux Clients
  • irssi - terminal-mode client
  • xchat - X11 (graphical) client
• Windows Clients
  • mIRC
• Macintosh clients
  Be sure to read the documentation for your client!
  Once connected to an IRC server on an IRC network, you will usually join one or more “channels” and converse with others there. On EFnet, there often are more than 12,000channels, each devoted to a different topic. Conversations may be public (where everyone in a channel can see what you type) or private (messages between only two people, who may or may not be on the same channel). IRC is not a “game”, and I highly recommend you treat people you meet on IRC with the same courtesy as if you were talking in person or on the phone, or there may be serious consequences.

---

Some details

Channel names usually begin with a #, as in #irchelp . The same channels are shared among all IRC servers on the same net, so you do not have to be on the same IRC server as your friends. (There are also channels with names beginning with a & instead of a #. These channels are not shared by all servers on the net but exist locally on that server only.)

Each user is known on IRC by a “nick”, such as smartgal or FunGuy. To avoid conflicts with other users, it is best to use a nick that is not too common, e.g., “john” is a poor choice. On some nets, nicks do not belong to anyone, nor do channels. This can lead to conflict, so, if you feel strongly about ownership of such things, you may prefer networks with “services” likeUndernet, DALnet, or other smaller networks.

Channels are run by channel operators, or just “ops” for short, who can control the channel by choosing who may join (by “banning” some users), who must leave (by “kicking” them out), and even who may speak (by making the channel “moderated”)! Channel ops have complete control over their channel, and their decisions are final. If you are banned from a channel, send a /msg to a channel op and ask nicely to be let in (see the /who command in the next section to learn how to find ops). If they ignore you or /who gives no response because the channel is in secret mode (+s), just go somewhere else where you are more welcome.

IRC servers are run by IRC admins and by IRC operators, or “IRC ops”. IRC ops manage the servers themselves and, on EFnet and many other networks, do not get involved in personal disputes, channel takeovers, restoring lost ops, etc. They are not “IRC cops.”

---

Talking, and entering commands

Commands and text are typed in the same place. By default, commands begin with the character / . If you have a graphical client such as mIRC for Windows, many commands can be executed by clicking on icons with the mouse pointer. It is, however, highly recommended that you learn to type in the basic IRC commands first. When entering commands, pay close attention to spacing and capitalization. The basic commands work on all the good clients.

Some examples are given below. In these, suppose your nick is “yournick”, and that you are on the channel #coolness.

Your friend “MaryN” is in #coolness with you, and your friend “Tomm” is on IRC but is not on a channel with you. You can apply these examples in general by substituting the relevant nick or channel names.

What you type, What happens

/join #coolness

• You join the channel #coolness.

/who #coolness

• Gives some info on users in the channel.

@ = channel op, while * means IRC op.

hello everyone

• Everyone on #coolness sees hello everyone. (You need not type in your own nick.)

/me is a pink bunny

• Everyone in #coolness sees * yournick is a pink bunny

/leave #coolness

• You leave the channel.

/whois Tomm

• You get some info about Tomm or whatever nickname you entered.

/whois yournick

• This is some info others see about you.

/nick newnick

• Changes your nick to “newnick”

/msg Tomm hi there.

• Only Tomm sees your message (you don’t need to be on the same channel for this to work).

/ping #coolness

• Gives information on the delay (round-trip) between you and everybody on.

Coolness

/ping Tomm

• Gives information on the delay (round-trip) between you and just Tomm.

/dcc chat MaryN

• This sends MaryN a request for a dcc chat session. MaryN types /dcc chat yournick to complete the connection. DCC chat is faster (lag free) and more secure than /msg.

/msg =MaryN Hi there!

• Once a DCC connection has been established, use the /msg =nick message format to exchange messages (note the = sign). DCC does not go through servers, so it are unaffected by server lag, net splits, etc.

/help

• This works in many clients. Try it!

/quit good night!

• You quit IRC completely, with the parting comment so that others see “*** Signoff: yournick (good night!)”.

NOTE: When you are not in a named channel, lines not beginning with a / have no effect, and many commands work differently or fail to work altogether.

---

Where to go

You can learn a lot by joining a channel and just listening and talking for a while. For starters, try these channels: #new2irc, #newuser, #newbies, or #chat.

For help with the mIRC client, try joining #new2mirc or #mirchelp. For help with general IRC questions, join #irchelp.

To form your own channel with the name #mychannel (if #mychannel does not already exist), type /join #mychannel. The channel is created and you are automatically made an op.

---

Some smileys and jargon

:-) is a smiley face, tilt your head to the left to see it. Likewise, :-( is a frown. ;-) is a wink. :~~( is crying, while :-P is someone sticking their tongue out. :-P ~~ is drooling. (-: a lefty’s smile, etc. There are hundreds of these faces.

Here are some common acronyms used in IRC:

brb =  be right back                     bbiaf = be back in a flash

bbl =  be back later                     ttfn = ta ta for now

lol =  laughing out loud                 j/k = just kidding

np  =  no problem                        imho = in my humble op

ire  =  hi again, as in 're hi'           wb = welcome back

 wtf =  what the f--k                     rtfm = read the f--king manual

rotfl = rolling on the floor laughing

---

Some advice

• Etiquette Typing in all caps, LIKE THIS, is considered “shouting” and should be avoided. Likewise, do not repeat yourself or otherwise “flood” the channel with many lines of text at once. Be sure to use correct terminology, e.g., “channel”, not “chat room”, and “nick”, not “handle”.

While in a channel, follow the lead of the channel ops there. If you antagonize them, you may be “kicked” off the channel forcibly and possibly “banned” from returning. On the other hand, some channel ops are power-hungry and may kick or ban for no good reason. If this happens, or if someone on a channel is bothering you, simply leave the channel — there are thousands of others.

• Registration On many networks. services exist for the registration of nicknames and/or channels. These services vary greatly between networks, but are useually mentioned in the server’s message of the day (MOTD) which is shown when you first connect. You can show the MOTD again at any time by typing /motd in most clients.

THe network’s home page will also detail any services offered on that network.

Nickname registration allows you to “own” a nickname, and prevent others from using it on that network. Consequently, if you try to use a nickname that someone else already has reserved on such a network, you will recieve a warning message from the network, and after a few seconds, your nickname will be changed or your will be disconnected. In the event that this happens, simply change your nickname until you find one that’s not taken. Consult the MOTD or network homepage for details if you want to register your nickname.

• Disconnected by /list? If you get disconnected when using the /list command, try switching servers, or else recent channel lists are available on the WWW athttp://www.irchelp.org/irchelp/chanlist/.

• Harrassment and attacks If someone starts harassing or flooding you, leave the channel or use the /ignore command. For more details, mIRC users see our flood protection page, ircIIusers type /help ignore. It is a good idea to set your user mode to +i (invisible) to avoid unsolicited messages and harrassment — if you are “invisible” generally only users on a channel with you can determine what nick you are using.

If somebody else is crashing or disconnecting you, see our Denial of Service or “Nuke” Attacks page. You can also log and report abuse when it violates server rules, which you can read by typing /motd.

---

More detailed help

For further information about these issues, as well as about other commands, visit the web site <http://www.irchelp.org. There you can find many help files, such as:

• IRC Primer
• FAQ (Frequently Asked Questions) for alt.irc newsgroup
• IRC tutorial
  At that web site you will also find more advanced information for specific IRC clients, including:
• ircII client and ircII scripts.
• Mac clients
• mIRC client for Windows
  Looking for other clients? The most comprehensive source of clients is at the Undernet FTP archive or Undernet WWW archive. The clients are organized into groups like Windows, Macintosh, DOS, Amiga, Java, etc.
  The mIRC client also has excellent built-in help files written by Tjerk Vonck (mirc@dds.nl). Select Ircintro.hlp from the Help menu.

---

A word of warning

• IRC scripts are sets of commands that your client will run. Many otherwise good scripts have been hacked so that if you load them, you can seriously compromise your security (someone can get into your account, delete all of your files, read your mail, etc.). There are also evildoers who try to send people viruses and other bad things. Just like in real life, don’t accept anything from a stranger. There have been many incidents of this type, not just a few. Do not ever run a script unless you know what each line does, not even if it is given to you by a friend, as your friend may not have the expertise to detect well-hidden “trojans”.
• 
  

• Automatic DCC get is a very bad idea! Once it is on, you are susceptible to dangers ranging from disconnection from your server to giving someone else control of your computer. Quite a few people have run into serious problems because of the DCC autoget setting.

Special thanks to FreeSoft, prysm, hershey, turtle, Ariell, and other #irchelp helpers on EFnet for their many helpful suggestions.

Now that you’ve read this beginner’s guide, get on IRC and enjoy! Or if you are interested in learning more, check out the many documents on the #IRChelp home page.

All documents © irchelp.org or original authors 2012 

Baked with PieCrust 1.0.0-dev.

List of Internet Relay Chat commands

From Wikipedia, the free encyclopedia

This is a list of all Internet Relay Chat commands from RFC 1459, RFC 2812, and extensions added to major IRC daemons. Most IRC clients require commands to be preceded by a slash ("/"). Angle brackets ("<" and ">") denote what's placed in the encapsulated field, not a literal part of the command. Arguments encapsulated in square brackets ("[" and "]") are optional and override the command's defaults.