Monthly Archives: June 2011

Squid + Squidguard Words Restriction

Squid, an Open Source proxy server is really good proxy server i think, since its free, yet it can serve us enough basic and middle needs of proxy server. Mostly, proxy server is used to limit amount of bandwidth that users can reach, by using proxy server we can distribute bandwidth fairly between user. it can also serve caching service. any request and response through that proxy will be saved as in certain amount of cache size. it then, help us to give faster access, because we don’t need to download all the element of web pages directly from the source, instead we can access the cached pages on our proxy server.

squid logo

Combination from Squid and Squidguard can works even better. Some instances and educational institutions use it to help blocking unwanted internet access completely and in a good way. In my college for example, it use squid as transparent proxy. All web access will be diverted to this proxy, while squidguard is there to block unwanted web address. At first some methods can be done to bypass this Squid + Squidguard resctriction, for example we can use proxy that available in many websites. But last time i tried it can be used again and any website address i entered through the proxy directed to warning page from squid proxy.

Then i find out that it is the use of Squidguard. by visiting documentation section in its website i find regular expression configuration. using this regular expression configuration, we can detect any words and restrict it. the admin must have found common characteristic of web proxy provider that will convert any address entered into “some.php” string passed into our browser. all the admin needs is just to set this regular expression matched with the string.

Well, since the method i use to bypass proxy is really easy method, i can hope for hard way to block it too. gonna find other way to bypass it though. hope this information can help you to understand how squid and squidguard work. 🙂

Step by Step Backtrack Methodology

I found interesting book about backtrack and how the term penetration testing described. it is far beyond my imagination though. Here, the term penetration testing comes with words auditor, security auditor. Pentester can also become security auditor that has great responsibility to a system.

In those book i found backtrack methodology. it is actually step by step action taken by security editor in doing his penetration testing using backtrack.

those step divided into :
1. Target Scope
2. Gathering Information
3. Target Discovery
4. Enumerating Target
5. Vulnerability Mapping
6. Social Networking
7. Exploiting target
8. Privilege Escalation
9. Maintaining Access
10. Document and Reporting

Each of those processes can be done with all backtrack tools available on fresh installation of backtrack OS.
Well, i haven’t done any practical action yet actually. So later i will come up with it.

Nessus installation on Backtrack 5

Nessus is vulnerability scanner that has web-based interface. You can use it to improve your backtrack funcionalities.

1. Install from apt-get
# apt-get install nessus

2. Follow the instruction displayed (add user). this user will be the administrator user, you can add other type of user later
# /opt/nessus/sbin/nessus-adduser

3. Register to to get your activation code. if you have received it, run this command
# /opt/nessus/bin/nessus-fetch –register

4. if this procces doesnt run well, it may be caused by wrong proxy configuration. setting proxy configuration on nessus-fetch.rc will solve it

5. Upgrade your nessus
# apt-get upgrade nessus

6. Run nessus daemon
# /etc/init.d/nessusd start

7. Open your browser and enter https://localhost:8834/
you may login to nessus now.

Setting Static IP Address in Ubuntu / Backtrack

As laptop user, we may find that we usually connect to the internet using wifi, modem, or lan cable in public rooms, we usually get an IP address from dhcp, so that we dont need to configure manually our interface address. In some occasion, for example if we want to set our ubuntu to work as a server or to be kept in permanent place we need to set its IP address to static IP.

it can be done by modifiing /etc/network/interfaces file.
for default configuration this will display these lines
(eth0 for lan card
wlan0 for wirelesscard)

auto eth0
iface eth0 inet dhcp

by basic understanding for TCP/IP
u can change it to static configuration by doing this step :
1. Edit /etc/network/interfaces file

#rootbt: nano /etc/network/interfaces

2. Change the default example to these lines

auto eth0
iface eth0 inet static

3. Save edited file by pressing Ctrl+O
4. Restart Network just to make it sure it works
#rootbt: ifconfig eth0 down
#rootbt: ifconfig eth0 up
#rootbt: /etc/init.d/networking restart

its just example, u need to change all the number according to your own setting, ask your system administrator if you dont have any information about IP address allocation on your workplace.

How Network Switch Work

Switch is one of many networking hardware that is usually used, but as a customer we rarely see it. It is system administrator’s job to maintain this thing works well as infrastructure support. When we see wireless access point, or see LAN cables, and if we try to follow where the cable ends, we usually will meet this thing. A Box with some RJ-45 slots available, and some indicator lamps on.

Switch, generally works in layer 2, or Data Link Layer, has main function to connect some computers and enable each computer to communicate each other by sending frames. Our internet day today, works with protocol called TCP/IP, rely on this thing to build safer networks. Unlike hub, switch sends each packet to specific destination, so that other destination can not know/see/hear this frame. Using configured switch we can also build virtual lan, or simply lan based on ports. These two things are some major advantages of switch over hub.

To do this “send to specific destination”, swich has built in table that stored “port name” and “specific address” for each port. for example
1 port 1 : freds computer
2 port 2 : brian computer

We can explain how swicth work in this way :

1. first time swicth received frame, it first records the sender address and stored its address and the port in it. then swicth will forward this frame by flooding all ports except the port where the frame came.
2. swicth will wait for the respond from computer with the destination address. when it responds the frame. switch will records the responding computer address and the port where the respond comes.
3. when there is another packet from and to known address and port (has been stored).
it will use the table to send the frame to its special direction
4. if the address hasnt been stored it will do step 1.

How to Connect Wifi Using Command Line on Ubuntu/Backtrack

Instead of using GUI version of network manager (Wicd) we can use our command line to connect Wifi in backtrack / ubuntu. Here is the step :

1. Turn on your wireless card, (usually done by specific button).
2. Open terminal. enter command iwconfig.
bt# iwconfig
this is the example output

lo        no wireless extensions.

eth0      no wireless extensions.

wlan0     Iunassociated  ESSID:off/any
          Mode:Managed  Channel=0  Access Point: 00:00:00:00:00:00
          Bit Rate=0 kb/s   Tx-Power:off
          Retry:on   RTS thr:off   Fragment thr:off
          Power Management:off
          Link Quality:0  Signal level:0  Noise level:0
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

it shows you that your wireless device’s name is wlan0

4. Do a scan
bt# iwlist wlan0 scan

5. Select ESSID dan enter its key
bt# iwconfig wlan0 essid ESSIDNAME key s:password

this will only work for wifi with WEP
for working with access point with WPA we need wpa-supplicant
read this article to read further:

from those link i got this post

How to connect to a wireless network from the Ubuntu command line using a WPA/WPA2 Personal key.
For this to work.. you need to have WPA-Supplicant installed … Ubuntu comes with WPA-Supplicant installed by default.
if not present, install it using this command: sudo apt-get install wpasupplicant
Ubuntu doesn’t use a root password by default …so we need to use the sudo command here.

Now we need to create 2 files: + wireless-wpa.conf using the vi command. For those who are not familiar with vi , I will guide you through this.

OK ..lets start: first we gonna create the
type: sudo vi
press the “i” button ones and insert text below.

#shut down interface
ifconfig $iface down

#set ad-hoc/management of wireless device
iwconfig $iface mode Managed

#enable interface
ifconfig $iface up

#stop any persistent wireless wpa2 sessions
killall wpa_supplicant

#apply WPA/WPA2 personal settings to device
wpa_supplicant -B -Dwext -i $iface -c ./wireless-wpa.conf -dd

#obtain an IP address
dhclient $iface

Now we need to save this file and quit vi…. press “esc” button ones … then type.. :wq ( you need to type the : also )
Thats done … now we gonna make the wireless-wpa.conf

type: sudo vi wireless-wpa.conf
press the “i” button ones and insert text below.

# config file using WPA/WPA2-PSK Personal key.



Now we need to save this file and quit vi…. press “esc” button ones … then type.. :wq ( you need to type the : also )
That’s also done … now we need to set the permissions for these 2 files.

sudo chmod 755
sudo chmod 644 wireless-wpa.conf

Make sure you put these 2 files in the same directory anywhere you like…else it will not work.
Run the following command to make a connection to your wireless Router/Accespoint/
sudo ./

That’s all …. have fun!

from long example above i conclude that using GUI version of network manager will help us a lot.

source :

Backtrack 5 with Desktop Application

Backtrack is generally ubuntu with various penetration-testing software and security software installed inside. It is linux distribution that focused for security testing needed, so at your fresh install you will not find any desktop application software installed. nah, becaus of this you will not able use this software to please you with standard application such as mp3 player, file reader, etc.

here some software needed to be installed after you fresh installation.
1. Internet browser : For KDE there is Konkueror installed, but u can install other internet browser such as firefox and google chrome. after u connect the internet using wicd network manager, just use apt-get to install those software
apt-get install firefox
apt-get install chromium-browser

2. Music Player : Thera some options such as amarok, banshee, and vlc player. but unfortunately (in my case) backtrack 5 can’t play mp3 file. you can solved this problem by installing gxine with all its dependencies.

here is the command :

sudo apt-get install gstreamer0.10-pitfdll gstreamer0.10-ffmpeg gstreamer0.10-plugins-bad gstreamer0.10-plugins-bad-multiverse gstreamer0.10-plugins-ugly gstreamer0.10-plugins-ugly-multiverse gxine libxine-main1 libxine-extracodecs ogle ogle-gui

i get it from

3. Video player : After u do the command above, any video file (must be) can be played with gxine or other software.

4. Pdf reader : thera some pdf reader avaliable such as : document viewer and xpdf, i think evince works better.
apt-get install evince
apt-get install kpdf

5. Text editor : u can use nano (shell) as text editor but gedit should give you better view.
apt-get install gedit

6. When i tried to open .chm file i find error occured, the software can not properly view the .chm file as it is. then i find out from google to use kchmviewer. kchmviewer is good .chm viewer for ubuntu.
[php]apt-get install kchmviewer[/php]

other software, u can easily choose it from package manager.

Nmap Basic in Backtrack 5

backtrack has its nmap installed inside, the use of nmap it to scan other computer ports. it is the part of penetration testing. after we know what ports opened and what application possibly installed on computer, we can go further by trying to attack the application.

nmap logo

nmap basic, taken from

nmap has some basic options :
1. -sT : TCP Connect, using method connect(), we can determine wheter the port opened or not, but it is easily to detect by firewall/intrusion detection software.
2. -sS : SYN stealth scan, using syn to begin connection then sending rst to stop initiation connection, so that no connection will be made. it results in harder detection.
3. -sF, -sN, -sX : FIN, NULL, Xmass Tree Scan. FIN will send Fin Flag, Null will set no flag and Xmass Tree sets the FIN, URG and PUSH flags. It is used to avoid system detection.
4. -sP : Ping Scan , scan with ping command to determine whether the target online or not
5. -sU : UDP Scan , scan port with UDP packet.
6. -sO : IP Protocol Scan, scan port using ip raw packet.
7. -sI : Idle Scanning, more advanced scanning mode
8. -sV : Version Detection,
9. -sA : ACK Scan,
10. -sW, -sR, -sL : Window Scan, RPC Scan, List Scan,

using those basic options we can determine the ports opened in target.
example command

1 open terminal
2 enter the command
nmap -sS 127.0.01

so it will look like this

#rootbt: nmap -sS
Host is up (0.0021s latency).
Not shown: 991 closed ports
21/tcp open ftp
22/tcp open ssh
80/tcp open http
139/tcp open netbios-ssn
143/tcp open imap
445/tcp open microsoft-ds
3306/tcp open mysql
10000/tcp open snet-sensor-mgmt

Nmap done: 1 IP address (1 host up) scanned in 7.06 seconds