Quick blurb on recovering a MySQL password. Up to 4.1 MySQL stored user passwords using a 16 byte hash created via the PASSWORD() function. Recovering a MySQL password is a matter of retrieving the password hash from the user table of the MySQL database and attempting to crack the hash. Most alph-num-special passwords < 9 chars can be cracked given enough time. One program that was designed as a proof of concept is available at sqlhack.com. Stop the MySql server: /etc/init.d/mysqld stop or killall mysqld Start MySQL without the privilege system: mysqld_safe --skip-grant-tables & Login as...

When performing an install I usually create several partitions in order to take advantage of additional mount options (noexec,nosuid,etc). The partitions I create usually include the following: / /var /usr /tmp /home /boot While working in the hosting industry I have investigated countless hacked systems. Exploits often get placed under /home/user where user is whatever user was exploited – or they get placed in /tmp. Having /home and /tmp mounted noexec, nosuid might have kept the exploits from running. The most common argument against multiple partitions is that you never know how to properly...

Tripwire Tutorial & A Personal Reference A tutorial on installing and configuring Tripwire on a Redhat based system. I made this tutorial as a reference for the next time I install Tripwire. I will have undoubtedly forgotten the specifics by then.