jabzor

Agents of the Revolution
  • Content count

    1,138
  • Joined

  • Last visited

Community Reputation

-1 Noobie

About jabzor

  • Rank
    hax?

Profile Information

  • Gender
    Male
  • Interests
    perl? pron? pedantics?
  • Country
    Canada
  • Location
    Northern Elbonia, fighting the lefties

Contact Methods

  • Website URL
    http://jabzor.com
  • ICQ
    0
  1. Fluke Meters are great. If you want to test it yourself, just do a throughput test between two gigabit ethernet network cards with a known good cable and then the same test under the same conditions but with your new cables.. easiest and cheapest real world viability of your cables. You could even label each of them with a xx packets/sec and xx megabits/sec, a pseudo quality rating. It's not hard to look for cross talk or other signs of bad wiring in jumbo/runt frames and crc errors incrementing across the wire, or higher attenuation and latency.
  2. Control Panel -> Printers -> add printer -> local printer (uncheck 'autodetect') -> create a new port ('standard tcp/ip'); 'ip/hostname of printer'/'port name' -> your network print driver. Now the printer will be installed for network use, and you simply need to share it, and add additional drivers for different versions of windows/etc (both of which are accessible by right-clicking and going properties on the newly created print share in the printers and faxes folder).
  3. To get a bit more indepth, hopefully it is not too jumbled: computer: 192.168.1.100 macaddress: aa-aa-aa-aa-aa-aa default-gateway: 192.168.1.14 your router lan: 192.168.1.14 your router wan: 215.15.100.14 lan macaddress: aa-aa-aa-bb-bb-bb wan macaddress: aa-aa-aa-cc-cc-cc default gateway: 35.38.19.1 <- some upstream router upstream router: 35.38.19.1 clientside mac-address: bb-bb-bb-bb-bb-bb networkside mac-address: bb-bb-bb-cc-cc-cc your dnsserver: 8.8.8.8 dns macaddress: bb-bb-bb-bb-bb-bb google.com: 74.125.53.106 web macaddress: cc-cc-cc-cc-cc-cc ---- Basic network info: - Packets keep the ip-address source and destination while the layer2 frames substitute in new mac-addresses for each hop. - The same network (same-subnet) is switched instead of routed, but to reach a different network you must route the traffic. ---- You decide you want to go to google.com. Step 1: Your computer checks its dns cache for 'google.com', if it doesn't have it locally it sends a request to 8.8.8.8. Assume you have it locally for now, if you don't the steps to obtain it are the same as the steps to reach google.com. Step 2: Your computer ANDs the ip address of the destination against the closest source network in its routing table; If it's a different network entirely it has to go to your default gateway. Asssuming 192.168.1.0 /24, 74.125.53.106 is a different network and you must send the packet to 192.168.1.14. Step 3: Your computer sends a packet to 192.168.1.14 (the default-gateway), with: source mac: aa-aa-aa-aa-aa-aa, destination mac: aa-aa-aa-bb-bb-bb source ip: 192.168.1.100, destination ip: 74.125.53.106; via 192.168.1.14 (based on the arp entry) Step 4: Your router repeats step 2-3, with its own local ip and addresses in the routing and switching tables. It substitutes in a new source ip and keeps the destination ip, and also substitutes in new mac-addresses for the source and destination. This is network address translation, so that you can hide multiple users behind a single gateway without the need for each of them to have an internet routeable address - you can still host services on specific ports. source mac: aa-aa-aa-cc-cc-cc, destination mac: aa-aa-aa-bb-bb-bb source ip: 215.15.100.14, destination ip: 74.125.53.106, via 35.38.19.1 (again, based on the arp entry) etc.. until the packet hits a network with the same local network, and then it looks in the arp table for the mac-address that corresponds to that ip. Step 5: Google gets your packet, and does the reverse to respond back to you when it negotiates a 3-way-handshake, now with itself as the source ip and you as the destination; the mac-addresses change every hop. There is also likely network address translation going on, and quite possibly vpn tunnels or ipv6-to-ipv4 could be in play. Wiki has some articles on this, and either the Comptia Network+ or the first part of the Cisco CCNA (ICND1) will have all of the information you need.
  4. As much information as you transmit in the clear. Which websites you go to and your specific traffic patterns are unique. MAC addresses are layer2 and stop at the edge of the broadcast domain, so assuming you are doing NAT and not acting as a bridge you are fine in that regard. They can find your mac address directly though they could sniff it over the air. If you are logging in to the domain they can, or if you are advertising it in some other manner. Obviously, it is their domain and they can see any domain logins As I have said several times in other threads, get a torrent seedbox that is hosted off campus and ssh in to it. You can also use your seedbox as a proxy, tunnel dns and http to the proxy-server over an encrypted channel will protect your web-browsing as well. They will be able to see your bandwidth usage, and that you are using a secure tunnel but not what you are doing over that tunnel. If they are that concerned about bandwidth.. you could write a script that gathers the mac addresses of various users and then cycles through them so that the traffic is not tied to just one user-account. This has the potential to lead to duplicate macs on the network, not a good thing.. so you might want to consider simply using a non-university resource for your bandwidth intensive needs - like open wireless, or paying for a dedicated network drop.
  5. I wouldn't worry about it. Back in the mid nineties I got an associates degree in information systems and did pretty well for myself with it. A few months ago I quit working in IT because I am completely sick of the entire tech field. Now, in retrospect, I am glad that I didn't spend the extra 2 years and tens of thousands of dollars getting a Bachelors degree. If you do a Bachelors/Masters while working in your field, especially after completing an Associates; you get the best of both worlds and it pays for itself.. particularly if your employer has an education budget.. it's essentially free money. That being said, I know a very successful person who put the time that could have been spent going back to school in to certification and career advancement; management recognized him and promoted him above several of his then bosses in a very short time span. It's more who you are, who you know and what you can do, than just how good you look on paper. Certs and academic credits can either help you get past the initial HR screening, help you justify your stance when it comes to a raise, or can actually benefit you with the base knowledge they are supposed to impart.
  6. Doing some work around the home; rewiring with Cat6a-STP, rolling out Cisco IP-phones and configuring Call Manager and Unity. After that, replacing the wireless cards in the laptops with Wireless-N, no more of this silly wireless-g + speedboost.
  7. If the 'backdoor' password 'netICs' doesn't work (hardboot the device with a console cable plugged in, within 15 seconds from startup; try typing it in directly.. otherwise hit ctrl+c and try typing it in), sounds like he is down to brute-forcing one of the running services (go with an snmp dictionary attack), or contacting the vendor for the mac-based bypass.
  8. http://www.tek-tips.com/viewthread.cfm?qid=41420&page=115 Sounds like you can either phone them up and try to social your way in to generating a password based on the mac, stumble across a valid service contract and just demand it, try the ctrl-x/ctrl-h/ctrl-c/ctrl-z + 'NetICs' console password after a hardboot, or try your hand at brute-forcing the snmp/http/telnet/etc.
  9. No typo. 'firefox' from the tar is a shell script that checks your sym links and then executes 'run-mozilla.sh', which then runs 'firefox-bin'. '&' tells the shell-script to run in the background.
  10. Untar it: tar -zyxf firefox-3.5.5.tar.bz2 Then execute it: firefox &
  11. Another film that Reno was in, as a hitman - also known as 'The Professional' in some regions. Very much worth seeing.
  12. This site might be of interest to you. The Proxmark3 with newer Firmware can for example clone HID cards; a simple swipe of a card on the street or if you hide your Proxmark near an active reader - which actively amplifies the signal as someone powers the reader, and you can gain entry in to any door.
  13. You don't have to do arp-poisoning to a specific host, you can also just flood the switch cam-table turning it in to a hub. You can also put a hub directly between the switch and the router and capture all non-local traffic, or set up a port-mirror/span/rspan on the switch and forward your sniffer all of the traffic. I do this a lot at work, the span/rspan.
  14. Put a perl/other script in place of the wav file, and have that script direct-output one of x wav at startup ?