ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
aptitude hold itcl3 itk3 iwidgets4 tcl8.3 tclx8.3 tclshThis seems to work in preventing aptitude from upgrading those packages, but it doesn't prevent Update Manager from upgrading them. To prevent this, you can do the following.
aptitude -y install wajig
wajig hold itcl3 itk3 iwidgets4 tcl8.3 tclx8.3 tclshIf you've already run Update Manager and Sguil is currently broken, do the following to revert to the required versions.
aptitude remove tcl8.5 itcl3 tk8.5 itk3 iwidgets4
wget http://mirrors.kernel.org/ubuntu/pool/universe/i/itcl3/ itk3_3.2.1-3.1_i386.deb
wget http://mirrors.kernel.org/ubuntu/pool/universe/i/itcl3/ itcl3_3.2.1-3.1_i386.deb
wget http://mirrors.kernel.org/ubuntu/pool/universe/t/tclx8. 3/tclx8.3_8.3.5-6_i386.deb
dpkg -i *.deb
aptitude -y install iwidgets4If all went well, Sguil should launch correctly with no errors and Update Manager should be prevented from breaking Sguil again.
"CrypTool is a free, open-source e-learning application, used worldwide in the implementation and analysis of cryptographic algorithms. It supports both contemporary teaching methods at schools and universities as well as awareness training for employees and civil servants. "
-- http://www.cryptool.com/
Please join us at the Greater Augusta ISSA Q4 meeting on Thursday, October 28. This is our last public meeting of 2010! I will be presenting "Security Onion: Intrusion Detection for your Network in Minutes". Security Onion is a project that I've been working on for the past few years. Its goal is to provide a pre-configured Intrusion Detection environment that can be downloaded for free and put to use in your network in less than an hour. It's based on Xubuntu 10.04 and contains Snort, Suricata, Sguil, Xplico, Vortex IDS, Bro IDS, Chaosreader, driftnet, hping3, scapy, Wireshark, and many other tools. Come see what Security Onion can do for you!
What: The Greater Augusta ISSA 2010 Q4 Public meeting: Doug Burks presents "Security Onion: Intrusion Detection for your Network in Minutes"
How: This is a FREE public meeting. Please confirm your reservation by sending an email to reservations@augusta.issa.org
When: Thursday October 28 9:00 - 11:00 AM
Where:
University Hall room 242
Augusta State University
2500 Walton Way
Augusta, GA 30904
http://www.aug.edu/public_relations/pr_map_campus.htm
On the morning of the presentation, don't forget to swing by the ASU Public Safety office to get a visitor pass for the parking lot. The Public Safety office is in the back corner of the campus. You can see it at the bottom-left of this map:
http://www.aug.edu/public_relations/asumap/images/PARKINGMAP1008PR.jpg
Speaker Bio
Doug Burks has over 10 years experience in Information Security. He has a Bachelor's degree in Computer Science and also holds the GSE, GPEN, GCIA Gold, GSEC, and CISSP certifications. Doug has worked in many organizations over the years, including government facilities, chemical plants, and the media industry. He excels at providing secure solutions for any environment using a budget of any size. Doug is the author of Security Onion Live (http://code.google.com/p/security-onion/ ), a free bootable DVD that contains many security tools. You can read more about Doug by visiting his blog athttp://securityonion.blogspot.com/.
The Greater Augusta ISSA is extremely excited to welcome Rob Lee this quarter! Rob Lee is the Curriculum Lead for Digital Forensic Training at the SANS Institute and is also a Director in MANDIANT’s Professional Services group. Please join us for this educational training opportunity.
What: The Greater Augusta ISSA 2010 Q3 Public meeting: Rob Lee presents the Mandiant M-Trends Report on APT (Advanced Persistent Threat)
How: This is a FREE public meeting. Please confirm your reservation by sending an email to reservations@augusta.issa.org
When: Thursday August 12 9:00 AM - 11:00 AM
Where:
University Hall Room UH-170
Augusta State University
2500 Walton Way
Augusta, GA 30904
http://www.aug.edu/public_relations/pr_map_campus.htm
On the morning of the presentation, don't forget to swing by the ASU Public Safety office to get a visitor pass for the parking lot. The Public Safety office is in the back corner of the campus. You can see it at the bottom-left of this map:
http://www.aug.edu/public_relations/asumap/images/PARKINGMAP1008PR.jpg
State of the Hack: M-Trends- The Advanced Persistent Threat
In early 2010, MANDIANT released its inaugural M-Trends report. This first report focused on our years of experience responding to computer security incidents perpetrated by the Advanced Persistent Threat (APT). The "straight from the battlefield" presentation provides case studies detailing the most recent computer security incidents MANDIANT has responded to involving the APT. During this presentation we detail the main points of the report through anonymous, in-depth case studies of attacks against commercial, government, and defense industrial base organizations. We demonstrate how the attackers gain access, how they behave once inside the victim network and the impact on the organizations. And, because understanding the problem is only half the battle, we wrap up with remediation recommendations that really work.
Robert Lee
Rob Lee is a Director in MANDIANT’s Professional Services group. Mr. Lee has more than 14 years of experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response. He served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on information operations. Later, he was a member of the Air Force Office of Special Investigations where he conducted computer crime investigations, incident response, and computer forensics. Prior to joining MANDIANT, Mr. Lee worked directly with a variety of government agencies in the law enforcement, U.S. Department of Defense, and intelligence communities as the technical lead for a vulnerability discovery and exploit development team, lead for a cyber forensics branch, and lead for a computer forensic and security software development team. A graduate of the U.S. Air Force Academy, Mr. Lee also holds a Masters in Business Administration from Georgetown University. In 2009 he was awarded the Digital Forensic Examiner of the Year from the Forensic 4Cast Awards. Mr. Lee is co-author of the bestselling book Know Your Enemy, (2nd Edition). He is also a co-author of MANDIANT’s Threat intelligence report - M-Trends: The Advanced Persistent Threat.
tail -n0 -f /var/log/secure | grep --line-buffered "user" | while read line; do echo $line | mail myemail@example.com -s "Found"; done