tekio

Binrev Financier
  • Content count

    1,525
  • Joined

  • Last visited

  • Days Won

    80

Everything posted by tekio

  1. I looked at the article you read (i think): http://web.textfiles.com/hacking/footprinting.txt. The Mac has standard network utilities that perform most all those functions: Applications>Utilities>Network Utilities. Really, I think the author of that article was mistaken. I believe Agnet tools were a Win only utility and are now owned by Wildpackets, known as Inet Tools and are bundled with OmniPeek. As systems_glitch stated, both Darwinports and MacPorts offer far superior Unix discovery utilities. EDIT: if you do use Win there are older copies of the original AgNet tools floating around for free (not warez). I do not know what the licensing stipulations are as both InetTools and AgnetTools were once freeware.
  2. It cannot be decrypted as it is a one way algorithm. It can however be cracked. EDIT: http://milw0rm.com/cracker/list.php EDIT: http://en.wikipedia.org/wiki/MD5 Thought you would like the las link to answer any questions you may have about MD5.
  3. VMware workstation IMO is the best. It does cost $$$, but VMware makes very good software and designs guest software for several different operating systems including FreeBSD and Solaris. Parallels makes decent VM software as well, but they often lag behind when making guest software to support Unix. On the free side there is Virtualbox (i haven't tried it yet), Qemu, and Microsoft's Virtual PC. If one has the money to spare VMware workstation is the way to go. All minor upgrades are complimentary and every major revision is worth $100. Also, there is more support for VMware Workstation than most others. VMware Workstation has a full featured 30-day trial as well. EDIT: VMware also has a freeware application called VMware player. This can run any (i think) VM created with VMware Workstation. Many people will post torrents of Unixes that are compatible with VMware Player. One could also use the 30-day trial of Workstation to make Windows VMs and use the freeware once the trial period expires. I'm sure there are several other limitations of VMware Player too.
  4. yeah i agree i have two hp 2133's one is in pieces and one is working just fine, they do get very very hot on the bottom so ventiation is important, but the construction is solid, the brushed aluminum case gives it a very nice feel and look and makes it seem more expensive than it really is, plus with things like 2gigs ram 1.6mhz via proc 800mhz fsb and a 120 gig 7200rpm hard drive, with integrated webcam, bluetooth a/b/g wireless and a crisp 1200x768 resolution display, the choice is pretty easy. Ya, especially with the recent price drop and $100.00 rebate. I just picked on up today: http://www.jr.com/hp/pe/HP_KX870AT/
  5. For someone learning about computer security, networking, or programming the possibilities are endless. Virtual machines will allow a student to run software with major security flaws in a controlled environment while testing it. When developing applications VMs provide the ability to test code across several OS versions without spending a fortune for hardware. Imagine wanting to learn about administrating a windows network, using an advanced version of Linux, FreeBSD, and Solaris. Without virtual machines five different computers would be needed. With vm software one could just get a single higher end system and still have more flexibility. Edit: VMs are also far superior over dual-booting as a means to make hardware more efficient. When dual booting hardware supported by two completely different operating systems must be obtained. It is possible to plot different possibilities as well. For example an NT domain with a PDC, BDC, Vista client, Windows XP client, and a Linux file server. Even when dual booting different operating systems a minimum of five computers would be needed.
  6. Yes, most everything is compiled from scratch. However, Gentoo has an excellent manual dedicated to it's installation. The user is walked through the entire installation process step by step. If one desired Gentoo could probably be installed by cutting and pasting commands from the tutorial (assuming it is in a VM). Heck, why bother to ask? Not to flame, but go for it and give it a try!
  7. IMO like playing sports hacking cannot be taught out of a book or in a class. Technologies can be learned but hacking is original out of the box thinking that can only come from within one's self.
  8. The creator/developer of Cain & Abel has an app called sterm that will spoof IP and MAC addresses in telnet sessions. Because it uses ARP poisoning it will probably only work on the LAN. sTerm
  9. I would recommend using Ubuntu on a system you will actually be using as you would your Windows PC. Also, pick either Slackware or Gentoo to run in a VM. for educational purposes. That way you will gain experience using Linux as a Desktop system while either Slackware or Gentoo will force you to learn Linux.
  10. Forwarding port 80 or configuring DMZ on the router, pointing to the VM should work. If the web admin UI is running on port 80 it could conflict with the forwarding and DMZ rules. Unless you really need remote admin functions it wouldn't hurt to disable all admin features from the WAN side anyway. Here are a couple issues that I've encountered in the past that may be a problem: - ISP not allowing inbound connections to port 80. configure the web server to listen on a different port. - Broadband router/modem does not allow connection from LAN to WAN. Use shields up to scan your gateway to assure something is accepting connections - port forwarding issues with router. Some routers must have a range of ports specified, not just a single port. Just forward port 80-81 - dual NAT. I've seen this happen a lot with brodband routers that do NAT and a wireless AP connected to the broadband device that performs NAT as well. In this case just put either the broadband device or the AP in bridge mode. As vector mentiooned it could also be that your VM is running with NAT networking mode. If you can conenct to the webserver from other boxes that are not hosting the VM this is porbably not the issure though. This post has links to directions for configuring bridge networking with VMware.
  11. I don't understand. What server allows a computer by it's MAC address? Do you mean your WiFi router? Unless giving the guest o/s direct hardware access to a USB WiFi adapter MAC address filtering will have no effect on the guest unless the host is restricted. When using bridged mode it has to be configured, virtual adapter to the actual physical adapter. Also, I do not think is possible to sniff the physical LAN from the guest when it is using NAT. EDIT: instructions for configuring bridged networking: Here and here
  12. If I understand correctly all connections coming from the Internet (WAN) can connect to the web server. All connections from the LAN to WAN ip (that supplied by your ISP) fail. All connections from the LAN to LAN ip of the web server are fine. Is that correct? If the above is correct it could be that your broadband device filters WAN connections from the LAN. To test this scenario do a ping sweep on the WAN side. If some hosts respond and your broadband/router doesn't chances are the device is dropping packets destined to the WAN ip from the LAN.
  13. It should work with aircrack-ng as it has an Atheros AR5001 chipset. I've just ordered one here: refurb wg511t It should work with Commview for WiFi and Wildpacket's drivers as well. According to this it will inject with windows too: AiroWizard EDIT: sorry. just noticed the question was for vector.
  14. aircrack-ng is opensource and from what I've read about airpcap it is much more robust. From my experience the easiest chipset to set up is a compatible Atheros with patched Mad-WiFi drivers. Other chipsets, like the Prism 2.5 need either an older kernel or a patched and rebuilt kernel (not sure of your Linux skills). To start back-track is already configured for WEP cracking. If you want to use back-track as a learning platform there is plenty of discussion about compatible chipsets at the remote-exploit forums: Remote Exploit Forums EDIT: btw cool avatar. Did you make it? EDIT: as vector stated there are other options besides Linux as well.
  15. The first thing I'd look for are third-party services. Most MS services will be patched with Automatic Update. Google will know more about those than anyone.
  16. Ya, most home devices use the browser GUI. The few that do use TFTP, like the WRT54g only run TFTP as the device is booting (this feature actually saved mine from a future as a brick). Also, most admins will block TFTP at the border (if not just disable it). Looking for a default named config file is an old and worn trick. Not sayin your planning on this just that it has caused things to get locked down. As for finding open systems running TFTP unicornscan is the most reliable UDP scanner I've come across.
  17. I've got both a 900 and 1000 series. The 1000 is better, but not as portable. As for the 900 my advice is stay away from the SSD driven devices. Sure they sound cool, but the cheap ones (such as the 900) are slow as heck. I had to put in a faster 16GB SD card and boot from that just to make it usable. I would also recommend one with an Intel Atom vs the Via or Celeron processor. EDIT: despite the VIA and the fact they get a bit hot the HP 2133 models are pretty cool too. IMO they've got a much better feel than the eee PC.
  18. Just curious, do you have a tethering plan or use and unlocked phone for that (w/o the $30 tethering fee)?
  19. LOL... I just read that article.

  20. I searched and didn't notice any other mention of it. http://www.google.com/chrome/index.html?hl...oogle%20browser I've not tested it yet, but will next time I'm on Win.
  21. Because script kiddies do not use periods to end sentences. My grammar sucks, but at least I'm attempting to improve it.
  22. IMO unless doing some video editing or CAD (which the video card on macbook is not very good for) anything over 3GB is overkill on a laptop.
  23. Ya, I forgot that Xillisoft's ipod rip will not work with newest firmware. I've been using imtoo and it works great with the original 2.0 firmware updates. I've not yet installed the latest sub-release. There is no problem copying standard media files from your ipod, there is nothing apple can do but make it overly complicated. Apple will however run up court fees on a company if they add compatibility for itune's store purchased media. Anyway, these can be recovered from the ipod using transfer purchases from itunes. Also, rip all your music in AAC format, as transfer purchases will upload these to the computer as well . EDIT: just to mention I've not tried the AAC trick with the newest version itunes, it could be broke now. Nothing ticks me off more than having to upgrade itunes. My itunes library is over 200GB in size and resides on a dedicated NAS. Organizing that with a new version of itunes takes about 45min x4 computers. Itunes is updated about every two weeks with a feature needed for new itunes purchases so everyone will upgrade. C'mon guys make a live updating feature Duh!
  24. That would be way too easy and would "promote piracy". iTunes is used to sync the media on a pc with ipod. To retrieve standard media files (mp3. mov, etc) from the ipod 3rd party software should be used, as that is not supported by iTunes (again we are all assumed pirates). Unlike older iPods the touch and iphone don't support native disk access (again we are all pirates). Even with 3rd part software to access the flash drive it is nearly impossible to organize several hundred "tunes" because the files and folders have such cryptic names(ARRR Matey). I'm sure some clever individual has thwarted that at one time or another. After all the cat and mouse games it is just easier to spend $30.00 for software that works when needed. Of course were all assumed pirates and would just pirate the software anyway so what is the difference?