Linux is Best Operating System

Linux is good operating system as compare to windows because it is open source and secure.

Ubuntu is also Good

Ubuntu operating system is used on client machines mostly to access servers remotly or other works

Linux Most secure Operationg system

Friends Its true Linux is a secure because in this all data store in files not in .exe or .dll everything is possible to edit.

Linux is little diffecult to Use

Linux is little diffecult to use but if you use it daily then you love it as we love it .

We love and respect the Indian Army

Indain Soldires are die for our freedom I love and respect Indian Army

Tuesday, 7 April 2015

MS SQL Server Hardening

Hi friends, Today we are going to discuss about the MS SQL Database Security configuration and Hardening. In this post we are going to discuss about the various security controls in the MS SQL Database and how to configure then so that we can move in the secure environment of the database.

In this post we are going to discuss about the following security controls in the MS SQL database.

Bellow are the few main points you should know about the database while configuring database server.


  1. Install only the required components : number of installed components, number of problems increases .
  2. Install all service packs and critical fixes for database server : It is vary necessary to implement all critical fixes to ensure that there are no known holes on your security.
  3. Disable unnecessary services and features : Disable all the unnecessary services you can disable database by using SQL Server configuration manager.                  
  4. Disable the unused SQL Server protocols : Disable all the unused SQL Server protocols. SQL Server support 4 types of protocols these protocols as shown in image below. use the minimum protocols and disable the other protocols.                                                                                                          
  5. Change the default port number : As we knows that SQL Server is running on the default port 1433 to secure and if you want that nobody identify the sql server then change the default port. 
  6. Hide server instance and turn off the SQL browser service :  you can configure the SQL Server instance as hidden the main purpose of the SQL Server Browser is to provide instance and port information to incoming connection request.
  7. Restrict the access to the SQL Server configuration and database files : you should also protect the file system to prevent unauthorized file deletion, copying or alteration of data. 
  8. Restrict the access to the SQL Server backup folders :
  9. use Transparent data encryption :
  10. remove executive rights to PUBLIC on extended stored procedures : Ju st Remove the execute permission to PUBLIC on extended stored procedure.below extended stored procedure should not be executed by application : xp_availablemedia, xp_dirtree, xp_enumgroups, xp_fixeddrivers, xp_regaddmultistring, xp_regdeletekey, xp_regdeletevalue, xp_regenumvalues, xp_regremovemultistring, xp_regread, xp_regwrite, xp_servicesontrol, xp_subdirs.
  11. Disable the xp_cmdshell option : you must have disable the xp_cmdshell option stored procedure from your database. 
  12. Rename and disable the SA account : as  we all knows SA is Super Admin for the SQL Server. any attacker knows about this account so if your machine is in the network then he can brute force this usernam and can easily take controls. To protect this user account you need to rename or delete this users as shown in the image below 

  13. Remove the Administrator group from the SQL Server logins : as we all knows in windows administrator is a default user or group so we are disclosing one user here.So for security resigns we need to change the administrator account name and we need to remove administrator so to rename or removing administrators user and group. as we knows "sa" is super administrator as in above point we rename the sa account with any other named account so first of all logged in with sa and ensure that all the user roles and power is given to any other users and then we can remove administrator account from the users and groups list. 
  14. Use windows authentication mode : mainly there are two ways of SQL Server authentication logins. windows authentication mode and windows and SQL Server authentication mode ( Mixed mode). In windows authentication we can only use windows logins to connect to SQL Server. In this type of authentication windows login credentials are normally Active  Directory domain credentials. and in mixed mode authentication, we can use either windows authentication or SQL Server Authentication to connect to SQL Server. So always select the windows authentications to connect to the SQL Server. to enable windows authentication you need to just right click on instance and select security option and now you can select authentication mode as shown in the image below.
  15. All accounts for named user access should be controlled by Active Directory : always use the named accounts which is connected with the active directory instead of the conman name for all the users. 
  16. Use service accounts with the least privileges : It is most recommended to use different accounts for different services. Suppose if you want to manage the database then you can use dbuser to handle the DB operations only and users must have list privileges . No need to having rights to make changes on OS level to the DB Users.
  17. The user privileged should be minimized : as discussed in the above point that we need to have names users with different and low privileges. 
  18. All Administrator accounts should have a complex password and password change should be enforced : always apply password policy according to the baselines settings in your company. to apply password policy can select it from the Local security policy user administrative Tools >> Local Security Policy. as shown in the below image and always select password enforced
  19. Configure SQL Server login auditing to log both failed and successful logins : always audit the logs, logs for both success and failure. that mean system need to have backup for all success and failure activities. you can select audit policy at Administrator  Tools >> Local Security Policy >> Local Policy as shown in the image below. 
these are the basics hardening security controls in the SQL Database Servers. If you want to tell me any more security controls then you can contact me ...

Saturday, 28 March 2015

Windows OS Security Controls

Hi friends, Today we are going to discuss about the necessary security controls in windows OS. Here in this post we are going to discuss about windows server 2008 R2. Let's check security controls in the windows one by one.

There are various Registry Settings a huge list of Registry values, Security policies, services managements, we need to set and handle according to company baselines. So how we can do this tedious task easily. we can't set each registry values manually one by one because it takes huge time to set all the settings. So what we can do for it. So for settings all the values we have Microsoft Compliance Manager by which we can handle all the Registry values at same time for download windows Microsoft Compliance Manager from official site here

Security Controls are given below
  1. Missing patches
  2. Unwanted Admins
  3. Security policy
  4. Services controls
  5. baselines and Registry settings
  6. Up-to date Antivirus
Let's understand these security controls one by one
  1. Missing patches : Missing patches are the Security vulnerability fixes which are released by Microsoft at every month. In the Missing patches all the security bugs fixed by Microsoft will be applied on the machine. So here we have Questions how we knows that our machine is vulnerable to the bugs or not. To analyse Security Bugs there is a tool from Microsoft known as  MBSA ( Microsoft Baseline Security Analyzer ) you can download this tool free of cost and run it on your server it provide you all the security patches released according to your system. To run this tool on your system you required admin access on the server.


MBSA finds various issues like missing patches for Security Updates like for installed Microsoft tools, missing Windows Security updates, missing SQL Server Security updates. Administrator Vulnerabilities like Automatic updates, password expiration, Incomplete Updates, Windows filewall, Local Account Password Test, File System, Auto logon, Guest Account, Restrict Anonymous, List of Administrators. Additional System Information  Auditing, Services, Shares, Windows Versions etc.


Share Drives with permissions



    2.  Unwanted Admins : Unwanted Admins are the local group administrators on the servers. To find the unwanted Admins on the servers run the below commands  

open your cmd with admin privileges run the below commands

 net localgroup administrators 

above commands provides us all the admins on the servers



   3.  Security Policies : Security policies are the various security settings applied on the system. In these settings we can say account policy, local policy Windows firewall with advance security, Network list manager policies, public key policies, Software restrictions policies etc.
In account policy we can say we can set maximum password age, minimum password age, password must meet complexity etc. in account policy we can set settings like account lockout duration etc. in local policy various settings like access this computers locally or from internet who can access, backup files directory, who can force shutdown system from the networks etc. enable accounts , Disable Guest accounts etc settings are here, domain controllers settings etc are there. firewall settings for inbound and outbound connection are here. we can add secure certificates for SSL here and we can encrypt file system. Installed software controls etc are here only.



  4.  Services controls : There are various services in windows which start automatically when you start up your Windows Server. actually we do not need to be running these services. many of these services can impact performance and can also compromise security of your server. we need to identify unnecessary services and disable these services.

warning: disabling any services can cause installed application to fail, Recommended practice is to disable unnecessary services one at a time, testing all installed application to ensure that they still function correctly.

to perform this task, log on to your machine with the admin privileges. then follow the steps as given below.
Step 1 : To get the service list we have various ways. just go to run > services.msc and press Enter this gives you the list of services as given below.

else go to Start > Administrative Tools > Services




here i am giving you a list of few unnecessary services but again be careful and disable unnecessary services one by one

DHCP Client
DNS Client
Distributed Link Tracking Client
Distributed Transaction Coordinator
Human Interface Device Access
IP Helper
Netword Location Awareness
Print Spooler
Windows Error Reporting Service
Alerter Service
Clipbook service
Computer Browser
Fax Service
Indexing Service
Internet Connection Sharing
IPSEC Policy Agent
Messenger service
Netlogon service
Network DDE
NTLM Security Support Provider
Performance Logs and Alerts
Plug and Play
QOS RSVP
Remote registry service
Routing and Remote Access
Runas service
Security Account Manager
Smart Card Helper
Smart Card
Server Service
TCP/IP NetBIOS Helper
Telephony Service
Telnet

these are the few unnecessary services in windows we need to disable.
Note:Read the description accordingly and if you ask me while disabling or manual the services then i recommend you to set manual then disabling services.

just go to service right click > properties > here you can select disable enable or manual settings according to your need. apply and OK

   5.  Registry settings : According to the Wikipedia, Windows Registry is hierarchical database that stores configuration settings and options on Microsoft Windows operating System. It contains settings for low-level operating system components and for applications running on the platform that use the Registry. The kernel,device drivers,services, SAM, user interface and third party applications can all make use of the Registry. The Registry also provides a means to access counter for profiling system performance.

 go to run and type regedit



   6.  Up-to date Antivirus : Always keep your antivirus upto date to avoid various security attacks. always install latest dat version for your antivirus.

Note:  These are the basic security controls in windows.

Thursday, 18 December 2014

How to use acccheck tool in kali linux

Jai Hind Friends I am DeadManINDIA from 1ND14N H4X0R5 T34M(IHT) 
after long time.
We are:- NullPort_Goind,Grey_Noob,Eagle_Shadow,Spy_Hunter,Karate-Katrina,X-ManINDIA,Mr.R@66!T.

Lets Start 
What is this tool ?
 This is a tool which can targets windows server by Dictionary attack and work on SMB protocol.

How to use this tool ? 
We can use this tool easily and perform our task.

1 We should run this command in terminal.
  Syntax :- acccheck 
  Now you can see all the options. 
Try all the options 
1 acccheck -t <Ip address>
  2 acccheck -t <ip address> -u <user name> -p <password>
 Try others options by yourself 

If you like then say  Jai Hind Jai Bharat 

Saturday, 27 September 2014

How to check your Bash shell is vulnerable or not For Bash Code Injection in Linux

Jai Hind Friends I am DeadManINDIA from 1ND14N H4X0R5 T34M (IHT) here to serve my services.

We are :- EagleShadow,NullPort_Govind,Grey-Noob,SPy-Hunter,Mr.R@66!T,
X-ManINDIA,Karate-Katrina.

love to :- Mom & Dad 

 So friends today i am here to tell you something which i learn new .There are a bug viral in IT market thats called Bash Code Injection vulnerability.So I am tell to you here how to check our bash shell is vulnerable or not .

Lets start :- 

We run this command in our terminal and then we will find some errors .

  env 'x=() { :;}; echo this is vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test"
if you found this output which is shown in this image then you bash is vulnerable.

Another way to check is this 

run this command in you terminal 
# cd /tmp; rm -f /tmp/echo; env 'x=() { (a)=>\' bash -c "echo date"; cat /tmp/echo
 in this case when you run this command then a file is created in the /tmp/echo  in this file time and date is saved if your bash shell is vulnerable.
Now if you want to fix or patch this vulnerability then update your bash shell. with these versions.   Say Jai Hind or Jai Bharat if this is helpfull for you

Red Hat Enterprise Linux 7 bash-4.2.45-5.el7_0.4 Red Hat Enterprise Linux
Red Hat Enterprise Linux 6 bash-4.1.2-15.el6_5.2 Red Hat Enterprise Linux
bash-4.1.2-15.el6_5.1.sjis.2 Red Hat Enterprise Linux
bash-4.1.2-9.el6_2.2 Red Hat Enterprise Linux 6.2 AUS
bash-4.1.2-15.el6_4.2 Red Hat Enterprise Linux 6.4 EUS
Red Hat Enterprise Linux 5 bash-3.2-33.el5_11.4 Red Hat Enterprise Linux
bash-3.2-33.el5_11.1.sjis.2 Red Hat Enterprise Linux
bash-3.2-24.el5_6.2 Red Hat Enterprise Linux 5.6 LL
bash-3.2-32.el5_9.3 Red Hat Enterprise Linux 5.9 EUS
Red Hat Enterprise Linux 4 bash-3.0-27.el4.4 Red Hat Enterprise Linux 4 ELS

Saturday, 13 September 2014

How to use Log Viewer GUI in kali linux

Jai Hind Friends I am DeadManINDIA from 1ND14N H4X0R5 T34M(IHT)
serve my services.

We are :- EagleShadow,NullPort_Govind,Spy-Hunter,Grey-Noob,Karate-Katrina,Mr.R@66!T

Love To :- MOM & Dad.

lets starts 

Its too easy to  manage logs on our system who log in our system.

Goto 
Applications >>System Tools >> Log File viewer 

 here you can see all logs which are created by your system :) 

its too basic but i notice it today so i made this tut.May be helpfull for you.

                          JAI HIND JAI BHARAT

Saturday, 6 September 2014

How to use Btscanner in Kali Linux

Jai Hind Friends I am DeadManIndia Here to serve my services from 
INDIAN HAXORS TEAM (IHT)

We are:- NullPort_Govind,Grey-Noob,X-ManIndia,Karate-Katrina,Spy-Hunter,Mr.R@66!T,Eagle-Shadow.

Love to :- Mom & Dad

Lets Starts :-

1 Start your bluetooth with that command :) 
  Syntax:-service bluetooth satrt 

    2 Now open the btscanner with this command :)
     Syntax:- btscanner 
 Now you are here 
 3  Now see the instructions which are given below
   in my case press i . and your scan is started 
 Now you find the bluetooth  like this 
 Now select with the arrow keys and press enter :) and get full info about the bluetooth
Thats its :)
 If you like this tutorial and want we carry on the like our facebook page and Say Jai Hind Jai Bharat Once 

Tuesday, 2 September 2014

How to use Sqldic for bruteforcing on Windows server in Kali Linux

Jai Hind Friends I am DeadManIndia As you know from 1ND14N H4X0R5 T34M(IHT) from for server my services.

We are:- NullPort_Govind,EagleShadow,Mr.R@66!T,Karate-Katrina,Grey-Noob,Spy-Hunter,X-ManINDIA.

LOve to :- Mom & Dad
lets start in this we are brutefroceing on the windows servers :) 

 lets go :- 
1 Open the tool by the help of this command :) Sqldic  like in this image.
  #sqldic
after that you find that type or graphical interface

 2 Now enter the ip of server and user name which password you try to crack :)

3 Then select wordlist :) from your pc and click on load password file
 like below image
4 Now click on start then your attack will start


IF you like tutorial then say once 
                               Jai Hind Jai Bharat