What's Wrong With Utux-Utux?

Samba is the only protocol connecting Windows and Linux. And we already knew that Windows is lack of virus, worm, trojan, etc. Of course all of our writeable samba shares may get infected. So what should we do??
We can install antivirus scanner on Windows. But that's not the point because we still get infected from all of our network. So if one of them infected the samba file(s), it will spread all over network.
The cleverest thing we can do is scanning all over the files that will be write to samba. If you asking me how? Here's the answer. We can put antivirus to our samba module. So every file in samba will automatically scanned before. If the file get infected by virus, worm, etc, it will be reject and quarantine automatically. So our samba share won't be infected.
And the how to?? You can read and practice it by yourself here and here.

It's sucrack, tool tool for cracking local user accounts via wordlist bruteforcing su. Get the latest series here.

You can read the how to down here.

sucrack - a su cracker README document version: 1.2.2
-------------------------------------------------------------------------------

1 About
2 Installation
3 Run It!
4 Troubleshooting & Notice


1 About
--------

sucrack is multithreaded a Linux/UNIX tool for cracking local user accounts
via wordlist bruteforcing su(1).

2 Installation
---------------

./configure
make
make install

2.1 additional compile options

If you prefer detailed and nice looking statistics to be printed, use the
`--enable-statistics' configuration flag. The downside of that feature is a
decrease of performance as the statistics have are frequently recalculated.
If you compiled sucrack without statistics, you still can print a
minimalistic statistic/progress, that is the number of bytes from the
wordlist already done and the total number of bytes.

sucrack is able to run multiple threads on su. That actually only makes
sense, when you are facing a delay for failing authentications. However,
if you are planning to use multiple threads, compile sucrack with a static
buffer wordlist (`--with-static-buffer'). This avoids an overhead of a
dynamic list management. If you are only using one thread it turned out to
be more efficient to let the dictionary thread put words into a list
(`--with-dynamic-list') and let the worker thread take one of these,
whenever it needs to.

It will make sense to link the binary staticly against the libraries. In
that case, configure sucrack with the --enable-static-linked flag. Default
is a dynamicly linked sucrack.

See INSTALL for further details.

3 Run It!
----------

3.1 Options

Before you run sucrack, take a look at the help message or the manpage:

sucrack -h
man sucrack

In order to run sucrack now, you need to specify a wordlist:

sucrack wordlist.txt

You generally will have two options for printing the progress and the
statistics (if you have compiled sucrack with the `--enable-statistics'
flag). Either by using ansi escapes codes, what makes it look nicer or
without. The -a flag indicates, whether ansi escape codes should be used or
not.

sucrack -a wordlist.txt

The interval for reprinting the statistics is set to 3 seconds by default.
You can alter that interval using the -s flag or disable the auto
reprinting functionality and print the output on any key pressed.

sucrack -s 10 -a wordlist.txt

This disables the auto reprinting functionality:

sucrack -c -a wordlist.txt

By default, failed authentications on various Linux distributions causes a
three seconds delay. sucrack is multithreaded, so that while a thread is
waiting those seconds, others can do su. It is not advisable to run sucrack
with more than one worker thread, if there is no such delay, as it slows
down the overall process.
Run sucrack with ten worker threads:

sucrack -w 10 wordlist.txt

There is another thread running, besides of the worker threads. The
dictionary thread reads the words from the wordlist and puts them into
an internal buffer. By default, that buffer is a static array.
You can set the buffer to be a dynamic list with the `--with-dynamic-list'
configuration flag. In both cases, you can alter the size of the buffer
with the -b option. By default, the buffer size is set to the number of
worker threads plus one. Consider, that it can't never be less than that.

sucrack -b 50 -w 10 wordlist.txt

In that example, the dictionary thread will always try to have 50 words
in the buffer to offer them to the 10 worker threads.

If you wan't to su to another user than root, then specify the username
with the -u flag:

sucrack -u myuser wordlist.txt

The rewriter is a helpful addon. It is rewriting the words from the word
list by certain rules and enqueues them to the word buffer. To enable
the rewriter use -r and to set up your rules -l:

sucrack -r -l AFL wordlist.txt

Here is an overview over the rules:

rule description original rewritten

A all characters to upper case myPassword MYPASSWORD
F first character to upper case myPassword MyPassword
L last character to upper case myPassword myPassworD
a all characters to lower case AnotherPASS anotherpass
f first character to lower case AnotherPASS anotherPASS
l last character to lower case AnotherPASS AnotherPASs
D prepend a digit (0..9) password 1password
d append a digit (0..9) password password1
e 1337ify the word password p455w0rd
x enable all of the above rules

All rules run at least once. The `D' and `d' rule rewrite a word ten times
and append each digit once.

3.2 Environment Variables

sucrack depends on the responses su gives on a failing authentication.
Because that can vary from version to version and distribution to
distribution you can set the expected responses in environment variables.

environment variable description

SUCRACK_SU_PATH the path to su
SUCRACK_AUTH_FAILURE the response of su, if an authentication fails
SUCRACK_AUTH_SUCCESS the response sucrack should receive, if an
authentication attemp succeeded

It is very important to set SUCRACK_AUTH_SUCCESS to any string that can't
be a response of su and does not appear in the wordlist file. Test it,
before running sucrack:

export SUCRACK_AUTH_SUCCESS=banzaii
grep $SUCRACK_AUTH_SUCCESS wordlist.txt
sucrack wordlist.txt

4. Troubleshooting & Notice

sucrack was tested on Linux, FreeBSD and NetBSD.OpenBSD is known to not be supported yet.

If you encouter any bugs, not listed in this section, please refer to nico@leidecker.info

-------------------------------------------------------------------------------
sucrack 1.2.2 - a su cracker
Copyright (C) 2006 Nico Leidecker; nfl@portcullis-security.com
http://www.leidecker.info

Have you ever been ask someone you know about Virus, Malware, Spams, Trojans etc on your WIndows? Or your importing files get corrupted by the virus or something like those? Just leave your Windows and try Linux.
Why were you needed AntiVirus on Linux? Adapted from Linux.com There's no any virus on linux.

I try to explain that permissions on Linux make such tribute unnecessary. Without quibbling over the definitions of viruses and trojans, I tell them that neither can execute on your machine unless you explicitly give them permission to do so.

Permissions on Linux are universal. They cover three things you can do with files: read, write, and execute. Not only that, they come in three levels: for the root user, for the individual user who is signed in, and for the rest of the world. Typically, software that can impact the system as a whole requires root privileges to run.

Microsoft designed Windows to enable outsiders to execute software on your system. The company justifies that design by saying it enriches the user experience if a Web site can do "cool" things on your desktop. It should be clear by now that the only people being enriched by that design decision are those who make a buck providing additional security or repairing the damage to systems caused by it.

Malware in Windows Land is usually spread by email clients, browser bits, or IM clients, which graciously accept the poisoned fruit from others, then neatly deposit it on their masters' systems, where malware authors know it will likely be executed and do their bidding -- without ever asking permission.

Some malware programs require that you open an attachment. Others don't even require that user error. By hook or by crook, malware on Windows often gets executed, infecting the local system first, then spreading itself to others. What a terrible neighborhood. I'm glad I don't live there.

On Linux, there is built-in protection against such craft. Newly deposited files from your email client or Web browser are not given execute privileges. Cleverly renaming executable files as something else doesn't matter, because Linux and its applications don't depend on file extensions to identify the properties of a file, so they won't mistakenly execute malware as they interact with it.

Whether newcomers grok permissions or not, I try to explain the bottom line to them: that because they have chosen Linux, they are now free of having to pay either a security tax up front to protect themselves from malware, or one after the fact to have their systems sterilized after having been infected.

But if you still worry and want to protect your virus you can get this software below installed.

• AVG for Linux
  
• MCaffee

I have writen bout DeepFreeze for Linux before. But here, this script more compleks with Graphical Interface. Then, Let's Freeze your Linux.

Make a bash script named deepfreeze with this content first.

#!/bin/bash
# Deepfreeze a la Linux
# Backup before use, Use At Your Own Risk
# Copyleft 2007 by A. Hardiena
# Translated by fortmunir

Xdialog --title "Deepfreeze ala Linux" \
--menubox " Welcome to Deepfreeze ala Linux." 17 65 3 \
"Install" "Install Deepfreeze" \
"Remove" "Remove Deepfreeze"
"Abort" "Abort Installer" 2>/tmp/checklist.tmp.$$

choice=`cat /tmp/checklist.tmp.$$
rm -f /tmp/checklist.tmp.$$

case $choice in
"Install"

ask=`mktemp -q /tmp/menu.XXXXXX`
header="Deepfreeze ala Linux"
size="9 60"
content="Home folder you want to protect."
Xdialog --title "$header" --inputbox "$content" $size 2> $ask
if [ ! $?= 0 ]; then exit 0
fi

directory=`cat $ask`
check=`cat /etc//rc.d/rc.local | grep `# Deepfreeze System'`
temporary=" Deepfreeze System"

if [ "$check" == "$temporary" ]; then
sed -i "/# Deepfreeze/d" /etc/rc.d/rc.local
rm /home/$directory.tar.gz
fi
# Processing Deepfreeze and put to /etc/rc.d/rc.local
cd /home/
rm $directory.tar.gz
tar -cf $directory.tar $directory
gzip --best $directory.tar
cat << EOF >> /etc/rc.d/rc.local
# Deepfreeze System
cd /home/ # Deepfreeze do not manual editing this line
rm -f /home/$directory # Deepfreeze do not manual editing this line
# Deepfreeze has ended here
EOF
# Check if autorecovery has errorr
if [ $? = 0 ]; then
content="Deepfreeze home $directory success."
else
content="Deepfreeze home $directory failed."
fi

Xdialog --title "Header" --magbox "$content" $size
;;
Remove)
ask=`mktemp -q /tmp/menu.XXXXXX`
header="Deepfreeze ala Linux"
size="9 60"
content="Home folder you want to protect."
Xdialog --title "$header" --inputbox "$content" $size 2> $ask

if [ ! $? = 0 ]; then
exit 0
fi

directory=`cat $ask`


If your distro doesn't use rc.d but init.d, You should change position of rc.local from /etc/rc.d/ to the right directory.

The last step is change the mode
chmod +x deepfreeze

Just double cliks it to activate. Or type in your console sh deepfreeze.

Have a problem with Windows? Like virus, trojan, worm, spam, etc? Just install your linux into external hard drive or put its in your USB Flash. Don't forget to install antivirus like AVG and ClamAV. Distros such as PClinuxOS, Ubuntu, OpenSuse and Mandriva have had those Anti Virus in their repositories. Then boot the linux and scan the Windows partition.