Binrev Financier
  • Content count

  • Joined

  • Last visited

  • Days Won


Everything posted by tekio

  1. Could you use a Sling Box?
  2. Tekio loves drinking coffee and programming all night. :-)

  3. Saw this and laughed...
  4. Actually got to use my MCSE subletting skills ay work today. No Solarwinds Subnet Calculator needed. Buwhahahaha

  5. I.P. Address. IMO - anyone who needs to access a remote system should be smart enough to read a word document and follow screen-shots. I actually went through this with our G.M. where I work. Basically said, "the users need to revolve around the I.T. Department. And I'd like to think they could follow these steps (screen shots of putting in an IP address into our remote client). I still have a job. :-) I like to stay away from Dynamic DNS for business. For me, Dynamic DNS leaves a host too discoverable. I have obtained zone transfers from a major DDNS provider before. :-( EDIT: from the way TCP works anything would need to reconnect anyway, for the most part. Anything that established a session would be left dead in the water and need to make a new virtual circuit???? Maybe some remote clients are able to do this. A VPN that tunnels everything into UDP could correct however. But it seems users experience a time-out and try to reconnect anyways. But that's me talking about educated guesses. :-)
  6. Dynamic DNS would work well in the situation: just make script to update DNS. Or better yet - just train offsite employees to use the IP address of failed over static NATs. Internal it would be invisible: the default gateway is the same - the border router would just sense failover, then use the port/interface providing the static NAT to the failover ISP.
  7. I'd use Perl: LWP::UserAgent. Then make a separate browser instance and loop through it for however many number of times you want. HTTP apps should not care about IP address only valid sessions as the programmer defines. Ever-time a tab that is opened in a browser a cookie could make it use the same session for for every instance of the web browser. So looping instances through something like LWP::UserAgent and controlling the sessions making each look like a unique request should work (in LWP::UserAgent give each its own cookie jar). Example: Bob logs into pc and into gmail. Bob's session will be continued and he will auto-login from again with a new tab. Bob log's out of computer and Jane logs in. Jans's HTTP session is different from Bob's. If Jane opens Gmail in Opera and not I.E. she has a different HTTP session. This is because HTTP doesn't have sessions - these are done in PHP, ASP, or JSP. And the developer uses cookies to maintain session state (usually HTTP cookies in memory). So new browser sessions with their own cookie jar. And each should be new to the web-app. However, you may need to see how the web-app checks session state by looking at the cookies.
  8. No, when he mentioned "if you like doing it". That is something a person would need to like doing. Basically a career as a Computer Scientist. I.T. is much easier than Computer Science.
  9. For every bug found, there are several that are never found. Windows 7 is said to of had 40 million lines of code. That's a potential for over 40 million vulnerabilities. EDIT: what glitch was getting at (I think). This type of work is really hard work that takes sacrifice: weekends doing research, all nighters a few nights in a row, girl friends getting disinterested and not allowing time you need to keep up with technology etc... But would be very satisfying as not many achieve the ability to be professional security analysts at that level. Good luck man!
  10. Was war-dialing once and found a Telco switch with common or no credentials (unsure but can remember the first thing I tried logged me into it). Just logged in and looked around for about 5 minutes at different stuff connecting then logged out and never went back. Sure I could have caused some serious mayhem (but also done some serious time). Unsure what it was - but pretty sure it was Telco. Could see different numbers and stuff connecting. Would have taken a screenshot but was too worried about being able to deny it ever happened (LoL).
  11. Apple is funny... Feature number two: we took away a feature so you need new headphones, too.

  12. That's pretty cool. Cannot remember how many times in the past, could have used passthru for a PCMCIA card with BackTrack. Would have saved me hours of dualbooting notebooks.
  13. Triple boot that sucker! 1) vsphere for sever stuff. vsphere's hyper-visor will run VM's faster than Workstation running inside Windows. Probably use a few lRAID arrays for this, Maybe two: one for a data store booting and running the virtual O/S another RAID array for storage datastores.. 2) Windows Install for direct hardware access (running stuff like brute forcing, etc... 3) Linux Install for the same. Here is how I'd configure the RAID / Disks: System boot array: about 500GB-600GB running speedy SSD's for hosting a datastore for system boot disks If you can a separate array for non-boot data-stores about 1TB The better you can segment the RAID arrays for each datastore, the faster disk access in a virtual server will be. For example to run say Sever 2012 and Linux: 300GB SSD RAID Array = DataStore0 == Windows C:\ Drive 1TB HDD RAID Array = Datastore1 == G:; H: 300GB RAID Array = DataStore2 == Linux /boot; /bin; /lib; sbin 1TB RAID Array = Datastaore3 == /home; /etc 250GB SSD == Windows for direct hardware access 250GB SSD == Linux direct hardware access 32GB SSD == vsphere HyperVisor install Get the most use out of that hardware as possible. Just my opinion and what I'd do with it. :-) EDIT: for gaming and what you wanted hardware passthru would work, as Dins stated. Didn't know a GPU was supported though. I thought for vsphere passthru was just used with USB and other buses, not PCI-E. But I've never really tried to do that.
  14. Same here, those schools are expensive. I've heard WASU was one of the best party schools next the ones in Cali, Arizona and Florida though. LoL Went to Pierce College, then a Tech Center. Then got smart and got a job for a place with crappy wages, but on the job experience and free Microsoft Certified Training. They were a consulting, ISP and MCT (Microsoft Certified Training Center).
  15. A few years ago someone in here posted internal documents from a carrier, I think MCI or something. And welcome to the forums.
  16. Was always under the impression Gentoo was supposed compile everything and optimize it for the CPU installed? Anyway, I got tired of Gentoo just because it earned street cred online. Maybe I should just lie and say I use FreeBSD? But since everyone here knows I use OS X a lot - some BSD fanatics would probably own me for being a poser. :-(
  17. Does anyone know of a good (and either free or decently priced) app for charting wire-shark captures in graphs? Something like Compass from WildPackets, but only a little more updated and maintained? I know Wireshark does this, but was looking for something a little more robust. Open Source, or free would be nice; but paid is do-able so long as its not some 10,000 dollar tool. Will post back if I find something good. :-)
  18. You have access to a "jailed" part of the file system. Y There are several common techniques to exploit FTP most insecurities are from poor configuration by the administrator. Or bugs in the programming of the daemon. This should get you started: https://www.cs.colostate.edu/helpdocs/ftp.html
  19. Find out who owns the voicemail. Then find out most common PIN combinations thru some research. Then research your target. It worked in War Games. Hahahaha
  20. RAM errors? Graphics card issue? I'm starting to think something at lower level, maybe? If it were my machine: download a trial for Windows Server 2012 64 and install it: - works :: check Linux compatibility and the chipset/motherboard - does not work :: check for BIOS/UEFI flash make sure it is current - works reinstall Linux - doesn't work :: pester seller for a return or replacement or enough to cover the cost of a new mother board - More than likely problem solved. Maybe PSU as well? Do you have another PSU to swap in?
  21. Good programming will stop ether dead in their tracks.... Repeat after me, "On the Internet any user supplied data is rogue, unless proven otherwise....". I think this is a false sense of security and measures need be taken at the web app dev. level or NOTHING can stop SQLI or any exploits. EDIT: but with that said, I've seen some pretty 1337 stuff done with null terminated strings in PHP. Seen people exploit PHP functions (regEx engines, stored procedures) exploiting the underlying C code.
  22. Did you attend WASU? I cheer for the Huskies every year in the Apple Cup. Go Dawgs!!!! ;-D EDIT: WASU pronounced as WAZU vs UofW pronounced as U-Dub. Hahaha
  23. 1Gbps will work fine. 10 Gbps is going to demolish a 1000 dollar budget with two NICS and a switch. Good luck finding a 10Gbs cheap SOHO wifi router. Would need to think heat: 1200 Watt PSU, 2 - 3 7970's, and an 8 or 6 core AMD CPU? AMD CPU's suck up wattage and run really toasty. Now start thinking liquid cooling if you're going to use this like a Super Computer. Cluster computing would decrease the extra cooling needs to spend on more GPU/CPU and memory. But eventually you're gonna need a good 8-25 port 1Gps switch (you could also get dual NICs in each box that support teaming and go to like 4Gbps. But would need drivers for whatever O/S you plan to run them on) I'd think clustering more semi powerful boxes, think my last post I confused Grid Computer with Cluster, sorry. Speeds can be much greater in a cluster than one single Super Computer. Especially when wanting parallel processing for stuff like cracking password hashes. There is actually a company that makes a distributed hash cracker for Cuda enabled clusters. It is expensive, but can be found.
  24. Kind of nice to install something and be able to find your IP Address then know what your interface name will be, and not need to remember up 20 or more epnXXXXXXXXX strings. Very inefficient, from my perspective. :-) Of even know the name of your interface to pass it some commands. If one builds five boxes that are multi-homed thats a lot of random epnXXXXXXXXX to remember? I don't think I was the only one with these complaints on the forums either? Anyway, I guess if guessing random interface names is your thing - more power to ya. But it seems a lot more practical to call them something like Eth0, Eth1, and Eth2 to me. How many times do we need random interface names across a LAN? More often we need stuff up efficiently, especially in production. :-) Then if we are special and need unique names we can do that. :-) [root@tecmint ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:0B:CD:1C:18:5A inet addr: Bcast: Mask: inet6 addr: fe80::20b:cdff:fe1c:185a/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2341604 errors:0 dropped:0 overruns:0 frame:0 TX packets:2217673 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:293460932 (279.8 MiB) TX bytes:1042006549 (993.7 MiB) Interrupt:185 Memory:f7fe0000-f7ff0000 IT works on every other disto for me? To me it looks like they expected someone to be using a GUI.
  25. Just wanted to get some feedback on this: I have implemented a fault tolerant / high availability solution for vSphere. Two servers running critical VM's are RAID6, one primary and the other secondary. Pretty much same physical hardware. My implementation will use a Linux share to store snapshots, replication data, backup data (onsite), and other data needed for replication/backups. The entire share will be backed up to the cloud for disaster recovery. I want Linux to boot off a standard SATA drive - and the entire drive will hold the Linux filesystem. I'm getting a RAID card and two 4TB hd's for the FT/HA data share. This will be a standard desktop class system with 16GB RAM / Dual Core Pentium 3.6Ghz). I'm thinking about having the FT/HA share mounted to a RAID 1 array. I was thinking RAID1 because hot swapable is not really vital, here (three other copies of data). And if the system fails (operating system, CPU, RAM, MoBo, etc...) I could easily swap-out RAID card and HD's into another box (one that I could buy from any computer store, locally). Just worried about being able to get to the data in case of a hardware failure (since it's not a server class CPU, RAM, etc.....). Is RAID 1 a good idea in this scenario?? Thoughts???