rsnapshot: Auto Version Controlled Backup for Unix/Linux/Mac/BSD…

Red Had Enterprise Linux (RHEL) 6. I missed the ease of configuration and all the free tools that people smarter than me have created.

[fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”]

Systems that can take advantage of Rsnapshot

Systems that can take advantage of Rsnapshot

I would like to do a fast post on rsnapshot. I have seen ssh and rsnapshot scheduled in cron to automate backups of OSX to a Linux server. Since we didn’t want the wireless to slow down we only used the physical MAC address of the MAC. What makes rsnapshot so great is that it will wok on so many systems that are out there (Ubuntu, Debian GNU/Linux, Red Hat Linux, Fedora Linux, SuSE Linux, Gentoo Linux, Slackware Linux, FreeBSD, OpenBSD, NetBSD, Solaris, Mac OS X, and even IRIX) .

For now I’m using it for personal automated backups to my external hard drive. There are plenty of other advanced options and examples on the Internet. I just wanted to get out a fast an easy example.

  1. First – find and install rsnapshot. for Red Hat this was
    $ sudo yum install rsnapshot
    (rsynch is a dependancy that should already be installed).
  2. After install if you do not have this file /etc/rsnapshot.conf. Use the command:
    $ sudo cp /etc/rsnapshot.conf.default /etc/rsnapshot.conf
  3. Edit rsnapshot.conf – The defaults I changed from the default configuration file are below. These options allow me to back up everything in /etc/ and /home/. Backups kept will be twice a day, 7 days a week, 4 weeks, 12 months and 5 years (change this as you see fit).  Most important is that switch to make sure that the mount point will not be created and wrote to locally if the disk is not attached.
    1. WHERE TO PLACE BACKUPS
      # All snapshots will be stored under this root directory.
      #
      snapshot_root   /media/myexternal/rsnapshot/
    2. DO NOT CREATE IF DISK IS NOT CREATED
      # If no_create_root is enabled, rsnapshot will not automatically create the
      # snapshot_root directory. This is particularly useful if you are backing
      # up to removable media, such as a FireWire or USB drive.
      #
      no_create_root 1
    3. INTERVALS (make sure this is tabbed – do NOT use spaces)
      #########################################
      #           BACKUP INTERVALS            #
      # Must be unique and in ascending order #
      # i.e. hourly, daily, weekly, etc.      #
      #########################################
      interval        hourly  12
      interval        daily   7
      interval        weekly  4
      interval        monthly 12
      interval        yearly  5
       
  4. Time to configure cron. Most people will tell you to create your jobs using $ crontab e
    I prefer to use the root crontab using $ sudo vim /etc/crontab shown below:

    0 */12 * * * root /usr/bin/rsnapshot hourly # Every 12 hours
    30 23 * * * toot /usr/bin/rsnapshot daily   # Daily at 11:30PM
    20 2 * * 0 root /usr/bin/rsnapshot weekly   # Sunday at 2:20AM
    10 5 1 * * root /usr/bin/rsnapshot monthly  # First day of the month at 5:10AM
    01 8 1 1 * root /usr/bin/rsnapshot yearly   # January 1st at 8:01AM
     
  5. Test It – Following these steps you should have the basic setup needed to run rsnapshot on your personal computer to an external hard drive or usb. Just one last thing to do. Make sure that your hard drive is plugged in and  run:
    $ sudo rsnapshot -V hourly
    rsnapshot should give you plenty of verbose information as it creates your first hourly backup inside the location you specified. If there is a issue with the lock file, remove the lock file and try again.

Still stuck?

There are many other helpful documents out there  start with the rsnapshot how to:
http://www.rsnapshot.org/howto/1.2/rsnapshot-HOWTO.en.html#installation

If you want to learn how to do remote backup and use OSX? try this article:
http://blog.philippmetzler.com/?p=138

As I said in the beginning of this article, this was a fastpost and not meant to cove everything about rsnapshot. It took longer to write this article than it did to set up rsnapshot.
Good Luck – Adam M. Erickson

 

 [/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

Linux: Compiz Grid Plugin

After working on a few projects in windows, I finally moved my primary workstation back to Linux (RHEL 6.6).

Out of the box everything worked fine, only one thing was missing, the ability to place a window were I needed it. In Windows 7  you can drag a full screen window to the left or right side of the screen and Win-7 will auto-re-size to that side but only half of the screen. Moving the window to the top of the screen makes the window full screen again.

Sadly, this option is not an available default in Linux. You can drag a window to a different desktop, you can double click the header of a window to have it maximize to full screen or back to default size. I wanted some sort of ability that Win-7 had.

SOLUTION – Compiz

Compiz Grid gives you 9 options to place your window using your numeric key pad and unlike Win-7, this will work on multiple monitor setups for each monitor. That means you can have 18 small windows quickly placed in dual monitor mode! Windows only allows the far left side of the left monitor and the far right side of the right monitor.

You cannot move the window with your mouse because that would kill the ability to drag a window to another workspace (don’t worry, Linux has plenty or work-a-rounds but I’m happy with this solution). If you already have compiz installed to do the “cool” cube thing that Windows users ask to see. Then you are already ahead of the game and depending on the version of Gnome you have, this should work flawlessly. I am only going to go into details for how to do this for RHEL 6.6 with Gnome 2.28.2 but with a few pointers from your favorite LUG (Linux User Group), you should be able to do this from the command line interface (CLI) with no problem using zypper, apt-get, yum, yast or even using a GUI software installer.

There is 2 additional packages for  that need to be installed in order for this to work.
You may have to enable 3rd part packages in order to get these.

$sudo yum install :
  1. compiz-fusion.x86_64 0.8.2-8.el6
  2. compiz-fusion-extras.x86_64 0.8.2-6.el6

These are the 64 bit versions “x86” with out the “_64” is for 32 bit systems.

Once packages are installed:Grid for CCSM

  1.  open the Compiz Configuration Settings Manager (CCSM)
  2. Scroll to the bottom
  3. Enable Grid as seen in this picture

Now give any window focus and hit these combination of keys.

The numbers must be from the numeric keypad!

  •  Ctrl+Alt+7 (window goes to top left corner)
  •  Ctrl+Alt+8 (window goes to fills top or 1/3rd center)
  •  Ctrl+Alt+9 (window goes to files top right corner)
  •  Ctrl+Alt+4 (window goes to fills left side)
  • Ctrl+Alt+5 (maximize window)
  • Ctrl+Alt+6 (window goes fills right)
  •  Ctrl+Alt+1 (window goes to bottom left corner)
  • Ctrl+Alt+2 (window goes to fills bottom or 1/3rd center)
  •  Ctrl+Alt+3 (window goes to bottom right corner)

Press the same keys more than once in a row on the same window to get different sizing options. Basically the same directions in a game that you might be playing using the numeric keypad and it does not matter if number locks is on or not.

Thank you and good luck – Adam M. Erickson

Expect – For more remote work, automation, & CI

If you ever have a situation were you want to run scripts automatically this will help.
You can even time the events through cron or CI (continual integration) software like Hudson/Jenkins.
Let me introduce you to a new command I was not aware of until this year.

It is called Expect.expect

Expect can be installed like any other package in a Linux environment.

  • $ sudo yum install expect
  • $ sudo apt-get install expect

Here is an example of what created inside Jenkins to run after a build as an shell script.

Instead of #!/usr/bin/bash

Use:hudson

#!/usr/bin/expect
set prompt "$ "
spawn ssh -t user@remote.server
set timeout 30
expect {
timeout {
puts "Connection timed out"
exit 1
}
"yes/no" {
send "yes\r"
exp_continue
}
"assword:" {
send -- "job00ibm\r"
exp_continue
}
"$prompt" {
send "cd ~/test/\r"
}
}

Now, as long as you have Internet, the correct username, remote server, and password. You should of just created a script the will SSH into a remote server and accept the RSA fingerprint. Or you just created a script that tells you the connection timed out.
Don’t alter this part of the script much because you want to be able to re-use and if there is not a yes/no at the prompt it will continue to expect assword:.
You can get change the last command to anything you want. I added that part because you remotes into a server for no reason?

Add this to the script and it will send the command to find anything with a certain name in it to be removed from the current directory.
expect {
"$prompt" {
send "find . -name '*filename*' -type f -print0 |xargs -0 rm -f\r"
}
}

Add this to the script to find files of a certain name and copy to a new location. You should be able to use modified times in the find switch if that helps.
expect {
"$prompt" {
send "find . -name 'coke*' -type f | xargs -n1 -i cp {} /data02/home/ibmcorp/12180-us-mcrtest1/upload/\r"
}
}

Add this to the script to run a script in the current directory.
expect {
"$prompt" {
send ". name.sh\r"
}

Does your script prompt for anything? Expect can enter the reply for you.
}
expect {
"the expected promt" {
send -- "the reply\r"
}
}

Some things need to e escaped like these ampersands. It is not way to find out what all needs to be escaped but you can figure that through trial and error, intuition, or because of how smart you are.
expect {
":" {
send "me\@a-erickson.com\r"
}
}

That’s my real address if you want to reach me.

All done running your script? Don’t forget to exit your connection.
expect {
"$ " {
send "exit\r"
}
}remote

  Have fun work remotely 🙂

Force Jenkins to connect to remote sites.

Problem:

  1. You created an awesome script on Linux that builds your application that will automatically upload to another server via sftp or ssh.
  2. You want to go a step further and have Jenkins run the same script.
  3. Every time Jenkins runs the script it fails.
  4. You Curse Jenkins/Hudson and start pricing Atlassian tools instead.

One possible reasons could be because you have already accepted the RSA fingerprint.

The authenticity of host ‘216.64.211.4 (216.64.211.4)’ can’t be established.CLI Root
RSA key fingerprint is 2c:78:0d:08:b7:06:ac:1a:be:5f:9a:4e:37:06:8f:53.
Are you sure you want to continue connecting (yes/no)?

You cannot get through to a remote sight for upload using Jenkins because even with Jenkins using your credentials, Jenkins still needs to accept the RSA Fingerprint to proceed.

Answer:

You need to have sudo rights
There is a user switch in sudo that will allow you to ssh as jenkins.

$ sudo  -u jenkins username@server

Manually accept the RSA fingerprint key.
Now test the script in Jenkins again. It should work unless there are other rights and directory paths that you need to work out.

JenkinsRemember:

Jenkins is a user with his own user directory. My Jenkin’s user directory was /var/lib/jenkins/
If you want to have Jenkins run a script, make sure it is in Jenkins directory.

Don’t name any of your Jenkin Items with spaces.
The Items you create are made into a directory inside Jenkin’s ~/workspaces/item-name

I am not a Linux expert, I am not certified in Linux. I have been using Linux systems for over 10 years now and love coming up with solutions using Open Source Software.

Develope a Web Based CMS Using PHP

Download this File Here

Abstract
The Content Management System (CMS) is a web based application using a Linux Server,
Apache Web-server, MySQL Database, and PHP Programming Language (LAMP). The
objective of managing users, and information in any given network environment can only be
hindered by the creativity of an information technology professional and not by technology. The
main objective of this thesis is to develop the early development steps of a LAMP software bundleCMS. By creating the
building blocks for developing, and taking into consideration basic methods for creating the core
platform of a CMS for further development. All information gathered, and experience gained will
assist with developing and offering my own personal e-commerce business solutions in the future
and to obtain additional business and practical knowledge in an open source software and ecommerce.
Continue reading

Enhance VIM

While VI has been used for years, in current Linus & iOS systems a lot of people have resorted to using Vim.

There are a lot of tricks to Vim that can make it easier to use. Some may not be active by default and I wanted a chance to introduce some of them to you. One in general that I have found very useful.

set background=dark

Lets start by making sure that you have the packaged “vim-enhanced” installed on your system. Use one of these steps from a terminal prompt to install it.

Mint/Ubuntu (Debian) sudo apt-get install vim-enhanced

Fedora (redhat, centOS) sudo yum -y install vim-enhanced

OpenSuse (Suse) sudo zypper install  vim-enhanced 

If one of these does not work or your operating systems is different, there are several other options for installing packages. Try the GUI option as well.

The best way to modify settings in Vim is to have the .vimrc file (Vim Run Command file) in your home directory.

cp etc/vimrc  ~/.vimrc

Open the file,

vim ~/.vimrc

From here you can fix all sorts of text editor effects in Vim.

Just remove the ” from the comment in order to use it.

The one that made a difference for me was.

set background=dark

This is a GREAT setting if you are working in Vim and have a dark background.

It will change what you see from this:

Vim background not set.

“set background=dark

To this:

Vim

set background=dark

set background=dark

Making it very easy to see commenting, now there are several ways to change the config file and in the last image you can read some of the ones in the file we copied (cp) over.

Besides being able to read things better know I also like it when the cursor is in t he same place from the last time I was in the file. Another on on the top of the list is the ability to scroll the cursor with me mouse.

Play around with the file, you can always delete it and start from the beginning again if you mess it up to bad.[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

BackTrack Open-Source Penetration Testing Tools

BackTrack for Open-Source Penetration Testing

BackTrack The purpose of this research paper is to research information on the open source tool BackTrack that is used for several network security testing and information systems security testing through various means, and focusing on penetration tools found in BackTrack. BackTrack has hundreds of very complex set of tools and only a few set in the penetration testing section will be covered. Definition of what penetration testing is, and how it can be accomplished using available tools in the BackTrack is discussed. And some of the more common tools are listed with brief explanations about what they do. The topic of why open source software is a great place to start when considering penetration tools is also covered. The only part about ethic that will be covered is the fact that if you attempt to use Backtrack against anyone without there permission it is unethical and depending on the test, it is most likely illegal also.

Backtrack

BackTrack is a Linux distribution that was created from a mix between WHAX and Max Moser’s Auditor Security Collection. Both distributions focused on penetration testing. WHAX had more features and Auditor was more of a stable system.

Auditor had a good Graphical User Interface (GUI) with over 300 tools for trouble shooting, and strengthening network and information systems. Because of the user friendliness of the operating system, it created a better usable environment for penetration testing that lead to the creation of the BackTrack security testing distribution named after the search algorithm backtracking (BackTrack, n.d.).

WHAX gets its name from a combination of White-Hat and SLAX, it was distribution for security tasks. WHAX grew out of from Whoppix (White Hat Knoppox), part of the Knoppix distribution and was a distribution that was based on security. When Whoppix changed parent distributions from Knoppix to SLAX, the name WHAX was created to reflect the change. WHAX made it possible to do penetration testing and verify security measures of a network for computers located in multiple different locations (BackTrack, n.d.).

Backtrack was first released to the public in the beginning of 2007. Compared to the other security penetration testing toolkits available, it was a major advancement. Since 2007, Backtrack’s releases have become a standard, as a penetration toolkit throughout the world. SANS, FBI, and the National Institute for Science and Technology (NIST), have either referenced BackTrack or have used the distribution (BackTrack, n.d.). Currently BackTrack is on release version 5, packaged with the very popular distribution known as Ubuntu GNU/Linux. Possibly one of the best additional features in Backtrack 5 is the ability to go into stealth mode, where no visible network traffic is generated. Additionally users have the option during download to choose 32 or 64-bit installation with either the KDE or Gnome graphical environment. Backtack can also be installed on a bootable USB thumb drive, instead of a bootable DVD. The drive can keep changes as it is moved from one computer to the next and is easier to conceal than a bootable disk.

Open Source Software

Software is open sourced when it is free to redistribute, the source code is redistributed with it as well as in compiled mode. There are several variants of the open source licensing contract that can be reviewed at opensource.org (http://www.opensource.org/licenses/category). Some of the more widely known open source licenses cover the GNU(Graphic environment of sever Linux desktops), Mozilla (Firefox, Thunderbird), MIT, BSD (like Unix), and Eclipse (Eclipse IDE). The open source licensing was created to make the source code of a program readily available to anyone that requests it. By making the source code available for anyone to access it help in developing stable software because the whole community is able to create changes and redistribute there own version of the software. Open source software protects the original author of the software, does not discriminate in anyway on how it can be used, cannot be specific to a product or software, cannot restrict other software and has to be technology neutral (open source, n.d.).

Because of the lack of dependency on software vendors, open source software allows the software to transform and morph into potentially anything the users and developers need the software to do. It gives users the freedom to use it when they want, how they want and on their own terms.

The advantages of having source code that is open spreads not just to software that is being attacked, but also covers most vulnerability assessment scanners. Vulnerability assessment scanners lie penetration testing, intentionally look for vulnerabilities in configured systems. A Network Computing evaluation found that the best scanner (which, among other things, found the most legitimate vulnerabilities) was Nessus, an open source scanner (Forristal, 2001). Since Nessus version 3 it is now a closed source version.

Penetration Testing

Part of vulnerability assessment of an information systems or network security assessment involves analysis that is easily and often accomplished through the use of penetration testing. By having security system administrators preform controlled attacks on a system or network to try and either compromise or disrupt their systems by exploiting as many documented vulnerabilities as possible. Penetration testing is usually performed on a network from outside a network from a hacker’s point of view. If you fail to look at your own system from an attackers view point, you are failing to maintain readiness standards. The best tools to use are the same tools that are available to the hacker community (Whitman & Mattord, 2005, p. 67).

“There are a number of common problems also. People tend to complete a security test and then believe that they are secure, and do not need to do another test for a prolonged time. People lock systems down prior to test and as soon as test is complete the systems are opened up again” (Would your system survive, 2002). When considering using these tools in the real world it is also important that you get the proper legal paperwork out of the way so that you are not committing any felonies by accident. Let customers know about the attacks and preferably what IP addresses will be used, also an agreed time window that you are allowed to test a corporations security (Would your system survive, 2002).

Hackers that hack for a monetary value, usually do so because of the lack of money. The best way for a hacker to begin is with the same free open source tools that are available to everyone, and that is just another reason why Backtrack has grown in popularity.

Available Tools

There are several tools in Backtrack. Some tools are to review networks by using network sniffers and file integrity checkers. Analyze and identify targets by using application security testing, vulnerability scanning, wireless scanning and network port/service identifiers. Other tools that are used in BackTrack are for finding vulnerable targets with tools that crack passwords, test remote access and use penetration testing.

Additional tools that do not pertain to penetration testing that Backtrack also offers covers privilege escalation, maintaining access, reverse engineering, Radio Frequency Identification (RFID) tools, stress testing, forensics, reporting tools, network services, and other miscellaneous tools. For this research paper we will identify some of the more commonly used penetration tools that come with Backtrack. Most of the tools in Backtrack are available for individual use on most common operation systems. The purpose of using Backtrack is to have a common distribution for communities to come together and learn how to use them in a same environment. Backtrack’s ability to be free, and run strait from removable media like a USB, or DVD allows and run on almost any computer also gives it a ease of use that cannot be found with closed source non-free operating systems. Some of the more common tools used for penetration testing on Backtrack are listed below:

Metasploit:

• Of all the penetration tools that have the ability to be used as a weapon,, Metaspliot would have to be at the top of the list. Metasploit combines several of the listed penetration testing software into one tool that can be utilized by black or white hats. While it was designed to audit a networs security, it can just as easily be used to launch real attacks on a defenseless network. It was first launched in 2003 before ever being packaged and developed as part of the BackTrack distribution to find network exploits (Bradbury, 2010, para 1).

• Armitage is a GUI extension of Metasploit that allows the ease of use of Metasploit to help security analyst work with Metasploit (Armitage, n.d.).

Nmap

• According to Kaven, (2003) “Nmap lets you perform stealthy half-open TCP SYN (synchronization) scans to emulate what a hacker using that type of scan might see”, and “bypass your firewalls and intrusion detection systems. You can enhance both scanning methods by using fragmentation scanning, a technique that splits the TCP header over several packets, making it harder for packet filters to detect a hacker’s intentions”.

• When connected to a service database, Nmap can attempt to figure out the version and type of communication going through a port and by using something called O/S fingerprinting can all determine the type of operating system that is running on the remote system through any port that is open.

Wireshark

• Like most penetration applications Wireshark is known for running on any operation platform available: Linux, Windows, Mac and BSD. Wireshark allows you to examine data from a live network or from a capture file on disk.

• It is so such a robust platform that the SANS institute offers a self paced course to full comprehend what can be done with Wireshark. “Intrusion Detection In-Depth,” www.sans.org/training/description.php?mid=43.

Driftnet

• As described in the Driftnet manual, it is a horrific invasion of privacy and shouldn’t be used by anyone, anywhere. It takes tcp packets and assembles then into the pictures that are being viewed by the user. While it is classified as penetration software, the only information that a hacker could possibly take, or use are limited (driftnet, n.d.).

• Driftnet also can capture MPEG audio data from the network and play it (driftnet, n.d.). Once Backtrack is installed all you have to do is type, man driftnet, from a command prompt to read the manual yourself. From a Linux command prompt this will work on most software packages that are non-graphical.

NTOP

• Started out as a Unix tool like most of the penetration tools in Backtrack but sice then has been exported to Windows, Macs, BSD, and Linux. It is a network probe that shows network usage in a way similar to what the command top does to view computer usage of memory and processes, except with internet traffic (ntop, n.d.).

• Besides sorting traffic by network protocols it can also identify e-mail addresses of employees through a GUI dashboard to see who is on the network and what kind of information is being sent (Dubie, 2007).

Ettercap

• Man in Middle Attacts – Ettercap works by putting the network interface into promiscuous mode and by Arp poisoning the target machines. Then unleash various attacks on the victims. Ettercap has plugin support so that the features can be extended by adding new plugins (Mati, 2003).

• Password that an be collected by Ettercap, include: TELNET, FTP, POP, IMAP, rlogin, SSH1, ICQ, SMB, MySQL, HTTP, NNTP, X11, Napster, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC, LDAP, NFS, SNMP, Half-Life, Quake 3, MSN, YMSG (Mati, 2003). Newer internet applications like Facebook, Google+ and Twitter can also be compromised.

Kismet

• Not only is Kismet a wireless network detector and intrusion detection application, it can also help hacker attack a 802.11 network to take control of a browsers cache, to poison it with false information in order to serve false web pages or steal a persons data at a later time using JavaScript files. (Messmer, 2010)

SinFP

• A application that allows for the active and passive OS fingerprinting or a remote computer. It is capable of surpassing the limitations fo nmap but can also detect computers inside a network that is using a Network Address Translation (NAT) protocol. SinFP can usually guess the O/S on the remote side through one open TCP port and usually with only one to three tests done on the port (SinFP, n.d.).

SMB Sniffer

• Part of the combination of Metasploit packages, it is an application that is also useful when conducting penetration testing. SMB Sniffers allow hackers to capture files communicated within a LAN by SMB protocol.

Dsniff

• Is capable of capturing passwords from several different protocols while they are being used. “A hacker can use Dsniff to “read all of your e-mail, watch all of your instant messages and even synchronize his browser with yours so that it displays the Web pages you visit as you visit them” (.

Conclusion

BackTrack can be considered an all in one tool for penetration testing and network monitoring. While it is a pretty extensive set of tools for a security information systems manager to use, it is also necessary to look into other tools to test the security of your systems also. While open source security tool’s are abound, and you can take advantage of all of them, and avoid paying fees for commercial products, there are several additional tools that are available also. Because information security is such a vast field of study, it is important to not rely on just one set of tools and to research and test other methods to discover and/or remove security vulnerabilities.

Another set of free open source tools that can be utilized is on another Linux distribution called Knoppix STD. There is some several of the same tools on Knoppix STD that are on Backtrack, but it also has some tools that are not that can be used to work on cryptography, computer forensic and other sniffing tools.

All the tools discussed were created for use in a Unix or Linux based operating system. A lot of the tools have been ported to other operation systems, including Windows systems, to allow anyone to download the tools independent of what O/S that is being used and learn how to ethically or unethically hack a system.

Good luck with any future penetration testing you do, please make sure that it is ethical hacking (white hat), because if caught, the fines for hacking could leave in in prison for a long time, and you may be forbidden to even touch a computer again. Even if it doesn’t seem that the punishment fits the crime, even the simplest attacks for no monetary gain can leave you in a heap of trouble. Currently in the U.S. there are no crimes against scanning but attempt it at you own risk.

References

Armitage – Metasploit Free Management GUI. (n.d.) Retrieved from http://www.commonexploits.com/?p=243

BackTrack. (n.d.). In Remote Exploit. Retrieved. from http://www.remote-exploit.org/?page_id=160

Bradbury, D.. (2010). Hands-on with Metasploit Express. Network Security, 2010(7), 7-11. Retrieved October 16, 2011, from ABI/INFORM Global. (Document ID: 2106533531).

Driftnet(1) – Linux man page. (n.d.) Retrieved from http://linux.die.net/man/1/driftnet

Dubie, D.. (2007, October). Free tools ease IT management. Network World, 24(39), 32. Retrieved October 16, 2011, from ABI/INFORM Global. (Document ID: 1521955171).

Forristal, Jeff, and Greg Shipley. January 8, 2001. Vulnerability Assessment Scanners. Network Computing. http://www.nwc.com/1201/1201f1b1.html

Mati Aharoni. (2003). EtterCap – ARP Spoofing And Beyond. Retrieved from http://www.securitypronews.com/securitypronews-24-20030623EtterCapARPSpoofingandBeyond.html

Messmer, E.. (2010, February). IE browser, iPhones exposed at Black Hat. Network World, 27(3), 14. Retrieved October 16, 2011, from ABI/INFORM Global. (Document ID: 1966410851).

Nicholas Petreley. (2002, October). Two sides to every dsniff story. Computerworld, 36(42), 34. Retrieved October 16, 2011, from ABI/INFORM Global. (Document ID: 210363951).

Ntop. (n.d.). Retrieved from www.ntop.org

Oliver Kaven. (2003, December). Nmap ; Nmap (free download) is a sophisticated port scanner with versions available for Linux, Unix, and Windows platforms. [fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][review of the PC Magazine, 22(23), 127. Retrieved October 16, 2011, from ABI/INFORM Trade & Industry. (Document ID: 480376901).

Open Source. (n.d.) The Open Source Definition. Open Source Initiative. Retrieved from http://www.opensource.org/docs/osd

SinFP – a Perl module to do active and passive OS fingerprinting. (n.d.). Retrieved from http://www.gomor.org/bin/view/Sinfp/DocOverview

SMB File Sniffer. (n.d.). Retrieved from http://www.microolap.com/products/network/smbfilesniffer/

Whitman, M. E., & Mattord, H. J. (2005). Principles of information security (3rd ed.). Boston: Thomson Course Technology.

World Bank Aids Tanzania to Improve Quality of Statistical Data and Information. (2011, March 26). The Pak Banker. Retrieved April 17, 2011, from ABI/INFORM Global. (Document ID: 2302228461).

Would your system survive a tiger attack? (2002, August 29). Sunday Business Post. Retrieved October 16, 2011, from ABI/INFORM Dateline. (Document ID: 2171602031).

[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]