Tag Archives: security

security

Security – Detecting malware in Linux.

This tool is provided by R-fx Networks.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
[mythcat@desk ~]$ wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
[mythcat@desk ~]$ tar -xf maldetect-current.tar.gz
[mythcat@desk ~]$ cd maldetect-1.6.4/
[mythcat@desk maldetect-1.6.4]$ su
Password:
[root@desk maldetect-1.6.4]# ./install.sh
Failed to enable unit: Unit file maldet.service does not exist.
Linux Malware Detect v1.6.4
            (C) 2002-2019, R-fx Networks <proj@r-fx.org>
            (C) 2019, Ryan MacDonald <ryan@r-fx.org>
This program may be freely redistributed under the terms of the GNU GPL
 
installation completed to /usr/local/maldetect
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
exec link: /usr/local/sbin/lmd
cron.daily: /etc/cron.daily/maldet
maldet(31046): {sigup} performing signature update check...
maldet(31046): {sigup} local signature set is version 201907043616
maldet(31046): {sigup} new signature set 2019081912001 available
maldet(31046): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
maldet(31046): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
maldet(31046): {sigup} verified md5sum of maldet-sigpack.tgz
maldet(31046): {sigup} unpacked and installed maldet-sigpack.tgz
maldet(31046): {sigup} verified md5sum of maldet-clean.tgz
maldet(31046): {sigup} unpacked and installed maldet-clean.tgz
maldet(31046): {sigup} signature set update completed
maldet(31046): {sigup} 15552 signatures (12740 MD5 | 2035 HEX | 777 YARA | 0 USER)
[root@desk maldetect-1.6.4]# vim /usr/local/maldetect/conf.maldet

Change this row to scan_user_access=1 Now you can run it:

1
[mythcat@desk ~]$ /usr/local/sbin/maldet -a

Security – Fix Data Execution Prevention (DEP).

The tutorial is about Data Execution Prevention (DEP). Note: For Riva installations that use the Novell Windows client and Novell GroupWise client, Data Execution Prevention (DEP) should be disabled. Open a Command Prompt using Run as Administrator and use the commands for enabling or disable the DEP Enable Data Execution Prevention (DEP) completely:

1
C:\Windows\system32>bcdedit.exe /set nx AlwaysOn

Disable… Read More »

Security – What’s the Wow6432Node?

If you see this under Wow6432Node the HKEY_LOCAL_MACHINE\SOFTWARE registry subkey, then is not an error. The operating system uses this key to present a separate view of HKEY_LOCAL_MACHINE\SOFTWARE for 32-bit applications that run on a 64-bit version of Windows. When a 32-bit application queries a value under the HKEY_LOCAL_MACHINE\SOFTWARE\ subkey, the application reads from the… Read More »

Security – Disable blogger’s comments spam.

Comment spam is a term referencing a broad category of spambot or spammer postings which abuse web-based forms to post unsolicited advertisements as comments on forums, blogs, wikis and online guestbooks. see the Wikipedia. Log on to your blogger’s dashboard. Navigate to your blog’s Settings – Comments. On the Comments menu, select Hide to disable… Read More »

Reset your Kaspersky password.

This tutorial is about how to reset your Kaspersky password from your computer. I used Windows 8.1 operating software and Kaspersky Internet Security 2019 the trial version. To reset your password you need to run the regedit command into Safe Mode to change without password. First, use the administrator shell and use this command:

1
msconfig

Read More »