Etherape - Check your Network Traffic

A nice GUI interface to see where your network traffic is going to or coming from.

Screenshots -

Website -

Have fun

Random Js Virus

In late 2009 and early 2010 i have seen a new kind of Attack on websites which Security Companies Named as Random Js Virus. It used to insert a java script code to redirect the page on a rogue website inside tag. Lately they have started putting encrypted code to make it look like a genuine code.

I am still seeing its happening to lost of websites. The main reason are : -

1) Week FTP Passwords

2) FTP traffic in plain text

3) Sql Injection

GNU/Linux Server Security - The Initial Steps

Below are the Steps and the links to the tools which you can use on your GNU/Linux server to make it secure.

Server Security:-

1) If you are not having cpanel / webmin and not good with iptables rules as well you can use APF however if you are having cpanel then go for Both the utilities provides easy to use interface to configure the firewall rules

2) You can use more tools from this page

3) On server where you are not using cpanel you can use.

Securty Wiki

System Monitoring

A very good article about it at

its a good tool for system monitoring

and the tool link is at



Green Sql - A great Mysql firewall

Green Sql - it acts as proxy in between your database and request from outside world . It blocks the attempts for sql injection.

Great tool to add more for your Mysql security for more information visit below link


How to Do a little with Linux Commands

Some of the useful commands on Linux if you are facing a sudden DDOS attack

Count the number of HTTP processes (it helps to know what your normal count is for comparison):

ps -aux|grep -i HTTP|wc -l

Executing the following command will show the IPs arranged in order of established connections

netstat -lpn|grep :80|awk '{print $5}'|sort

It will show a list of the current active connections by IP address and the offending IP is usually the one with a high number of connections:

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

Unhide - Hidden Process finder

Good to check hidden processes on your server

Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique.


great tool to use on winblows

An old post at security focus

and the issue is still there i can still see people putting questions about it