Sunday, November 25, 2012

How To Enable root (SuperUser) In Ubuntu 12

If you are a new linux user , you might wonder why sometimes linux don't let you to something in the GUI mode or in the terminal. This feature is for higher security and you need to login as "Super User" to run those specific command. The easiest way is to put "sudo" before any command you want to run then it will ask for your password and run the command. But what if you like to do something as SuperUser in GUI?? for this purpose you need to login as "root".
root user is not enabled by default in Ubuntu and you cannot go to super user mode by running "su" command.Before enabling "super user mode" if you run "su" you will see this error message "su: Authentication failure".

Warning: by logining as root you might put your computer at risk and enabling root is not recommended.

Enabling SuperUser account password:
First you need to choose a password for your root account. run below command, then it will ask for a password for root user and verify password.

server@ubuntu:~$ sudo passwd root
[sudo] password for server:
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

Now you can go to SuperUser mode by running "su" command.

suserver@ubuntu:~$ su


Disabling SuperUser account password:

If you decided to disable root user just run the following command in the terminal.

suserver@ubuntu:~$ sudo passwd -l root

Enabling root Login in GUI welcome page:

Now if you decided to login to Ubuntu GUI mode by root user , you need to enable "LOGIN" section in the welcome page of Ubuntu. We assume you already enabled the superuser from above tips.
run following command in the terminal:

sudo sh -c 'echo "greeter-show-manual-login=true" >> /etc/lightdm/lightdm.conf'

now restart your computer , after your computer bootup you have to see something similar to following image, in this section click on Login and enter root as username and press enter now enter your superuser password.

Tuesday, November 13, 2012

How To Install Mod_Security On Apache(Ubuntu 12.10) Step By Step Tutorial For Beginners

ModSecurity is an opensource web application firewall. It is an Apache module that helps to provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with no changes to existing hardware infrastructure. The main engine of this application use regular expressions and set of rules to detect and block common web exploits.
High percentage of all web attacks happens in web application level, for example if you install a opensource application (like Phpnuke,phpbb, joomla &...) anytime soon might hackers find new vulnerability in that specific CMS and if you don't update your CMS on time your site might become victim of these hackers.By using Mod_Security it's possible to detect and block most of these common security attacks.

I had many problems as a beginner to install mod_security so after reading a lot of articles and documents and successfully implemented the mod_security decided to make this step by step tutorial for beginners.
All steps in this article are tested on a fresh install of Ubuntu desktop 12.04 and worked successfully.

In this tutorial I'm going to teach you how to install mod_security on Apache web server and do a basic configuration to start it up and finally test it.

Ubuntu Desktop/Server ver: 12.04 or higher.

We assumed you don't have Apache installed. if you have Apache installed and configured skip to step 2.

Saturday, November 3, 2012

A Good Tool For Breaking Monoalphabetic Substitution Cipher

In Cryptography Substitution cipher is a method of encryption by which units of plaintext are replaced with ciphertext, according to a regular system; the "units" may be single letters (the most common), pairs of letters, triplets of letters, mixtures of the above, and so forth. The receiver deciphers the text by performing an inverse substitution. A monoalphabetic cipher uses fixed substitution over the entire message.

Now if you got a monoalphabetic cipher , you can break the cipher by doing some cryptanalysis. The most common way is to use frequency analysis to check the most repeated letter and compare it with the frequency analysis table to see its equal to which letter in English language. Frequency analysis table is a table of letters that shows what is the percentage of usage of each letter in English language. by repeating this method you can break the cipher.
Another way is to do brute force attack that it might took long time to broke the cipher if you don't have access to parallel computing facilities or powerful clusters.

Or you can use "Secret Code Breaker-Monoalphabetic Substitution Solver". 
download it from: This tool use a random key to decrypt the cipher and try again by changing  1 letter of the key then it compare the result with the old result to see which one is the better one!  You might ask yourself how this tool can understand if it find the right word or not, for this problem it use a internal dictionary that it contain 52,483 word entries; each time it find two possibilities or more , it will refer to the list of word to see which one is more accurate. 

Social Networks Sharing