Wednesday, 1 May 2013

Ostinato - Packet/Traffic Generator and Analyzer



Introduction
Ostinato is an open-source, cross-platform network packet crafter/traffic generator and analyzer with a friendly GUI. Craft and send packets of several streams with different protocols at different rates.

Features
Runs on Windows, Linux, BSD and Mac OS X (Will probably run on other platforms also with little or no modification but this hasn't been tested)
Open, edit, replay and save PCAP files
Support for the most common standard protocols
Ethernet/802.3/LLC SNAP
VLAN (with QinQ)
ARP, IPv4, IPv6, IP-in-IP a.k.a IP Tunnelling (6over4, 4over6, 4over4, 6over6)
TCP, UDP, ICMPv4, ICMPv6, IGMP, MLD
Any text based protocol (HTTP, SIP, RTSP, NNTP etc.)
More protocols in the works ...
Modify any field of any protocol (some protocols allow changing packet fields with every packet at run time e.g. changing IP/MAC addresses)
User provided Hex Dump - specify some or all bytes in a packet
User defined script to substitute for an unimplemented protocol (EXPERIMENTAL)
Stack protocols in any arbitrary order
Create and configure multiple streams
Configure stream rates, bursts, no. of packets
Single client can control and configure multiple ports on multiple computers generating traffic
Exclusive control of a port to prevent the OS from sending stray packets provides a controlled testing environment
Statistics Window shows realtime port receive/transmit statistics and rates
Capture packets and view them (needs Wireshark to view the captured packets)
Framework to add new protocol builders easily

Download 

Defending DDoS attacks on Apache webserver the easy way


Defending any server from DDoS is always like , protecting a virgin on a lonely island from 100 rapists. But we have a effective method to stop these brutal f*cking to protect our respective Apache web server.  Here we have one Apache module called Mod_evasive, Mod_evasive is an Apache unit that is intended to boundary the shock of unusual types of attacks like Distributed Denial of Services Attack or may be  brute force on your web site/server. while incorporated with iptables, mod_evasive can set up to even larger attacks. The component detect attack by creating an domestic hash of IP Addresses and URIs, and denying any single IP address from executing request a page more than the allowed times per second, make more than 50 concurrent requests per second on the same child process, make a single request while blacklisted

On any DEBIAN based operating system like Backtrack 5 R2 or Blackbuntu just follow the following command to install it.

$ sudo apt-get install libapache2-mod-evasive

After its installation done , the component  is already enabled and is defending your web server automatically.

How to Secure your Enterprise with Free SSL Certificate

The Secure Sockets Layer (SSL) is a commonly-used protocol for managing the security of a message transmission on the Internet. SSL has recently been succeeded by Transport Layer Security (TLS), which is based on SSL. SSL uses a program layer located between the Internet's Hypertext Transfer Protocol (HTTP) and Transport Control Protocol (TCP) layers.

Why Use SSL ? 
Secure Sockets Layer (SSL) is a message transportation protocol that provides the following

Advantages of SSLAuthenticated:- The origin of all messages is assured.

Reliable:-The message transport uses a message integrity check (using a MAC) that ensures the quality of the data being transmitted.

Private:-Messages between the components are encrypted, after a handshake to define a secret key. This ensures that the contents of the messages cannot be read by a third party. If all of your components are behind a firewall, or some other means of protection, and do not require encryption, privacy can be disabled without comprising the authentication and reliability aspects of SSL.


               :: 0x02 Starting to Setup up SSL ::

Things required ssh with root access (For this Tutorial) Apache web server (I’m using apache, slightly different method for others)
An Account at http://www.startssl.com (Sign up for the free one)

Let’s Start,Generating RSA Private key
Install & enable OpenSSL (sudo apt-get install openssl / yum install openssl & then sudo a2enmod ssl
; sudo /etc/init.d/apache2 force-reload)


Then to generate the key, give this command.

# openssl genrsa -des3 -out www.cybershubham.com.key 1024


The key will be generate now, and will be saved as www.cybershubham.com.key.

Generating CSR (Certificate Signing Request)
Using the key generate above, you should generate a certificate request file (csr) using openssl as shown below with following command.

# openssl req -new -key www.cybershubham.com.key -out www.cybershubham.com.csr


The csr will generate now, & will be saved as www.cybershubham.com.csr                   :: 0x03 Getting a Valid Signed Certificate ::

Hope you have already registered at StartSSL, & validated your domain name.So let’s go forward,

   :: 0x03 Getting a Valid Signed Certificate ::

Hope you have already registered at StartSSL, & validated your domain name.So let’s go forward,

Select Certificate Purpose

Submit CSR

Skip the above screen & move forward, as we have already generated the CSR & Key.


Paste your CSR here & click continue.
Click continue.
Selecting Sub Domain

As for the basic free certificate, we don’t get certificate for all our sub domains. you want ssl for your main website. just put www.
Follow the rest 1-2 steps, they are easy.
Retrieve Chain File

Download the StartCom Root CA (PEM encoded file).

:: 0x04 Configuring Web Server ::

Every web server has different configuration, I’ll tell you how to configure apache.

Step 1- Gather all files- the key file(www.cybershubham.com.key) ,  The retrieved certificate file (www.cybershubham.com.crt) , the Chain file (CA.pem)

Step 2-
# cd /etc/apache2
# mkdir ssl

Step 3-
Upload all files in the ssl directory with ftp or simply use nano command in ssh.

Step 4-
# cd /etc/apache2
# cd sites-available
# nano default-ssl

Most important part, but quite easy just set the write path to files. like this-


Step 5- Configure ports
# cd  /etc/apache2
# nano ports.conf

simply add "listen 443” after listen 80 line. (without quotes)

Step 6- Restarting Apache

# /etc/init.d/apache2 reload
# /etc/init.d/apache2 restart


Now you are done !!! Just open https://www.cybershubham.com to check if it works ;)

Step 7- Make https default
# cd /var/www/cybershubham.com/web/
# nano .htaccess

Paste the following content now -

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.cybershubham.com/$1 [R,L]

Now all users will land on https :),Hope you liked the post.