mungewell

Agents of the Revolution
  • Content count

    391
  • Joined

  • Last visited

  • Days Won

    2

Posts posted by mungewell


  1. because I read online that somebody found that the graphics card was actually great for the kind of computations that are needed for cryptography.

    Accelerware (http://www.acceleware.com/) base their business on using Nvida video cards to do alternative computations, mainly for predictive/modelling purposes.

    Sure would be good for brute force attacks....

    Munge.

    My weirdest system was Elks (very light weight Linux version for <= 286) on the Psion3.... a whacking 0.75 bogomips. I guess it's just too easy these days with embedded processors getting so powerfull and plentiful.

    0

  2. i just can not figure out how to make all traffic headed towards a certain ip go through my tunnel

    You can either pick certain ports and use ssh on local machine to port forward a local port via ssh to port on remote machine. Quick and easy if you just need a few, ie. private webserver on remote machine. As simple as installing (using) Putty, see 'command/ssh/tunnels' to enable specific ports. It's not clear whether you want other machines on the LAN to use the forwarded port, I think you do....

    Or you can create a SLIP/PPP tunnel over ssh (basically a ssh VPN), with a private IP address on each end. If you need to redirect all trafic set the default gateway to be remote private address and enable NAT on remote machine. Definately works with Linux, don't know whether this can be achived without installing Cygwin on local machine.

    A simpler 'full' solution may be to use a pre-done VPN solution. I hear that TINC is quite simple to set up, although have too many distractions that I haven't actually tried in yet.

    Munge.

    0

  3. If you can think of it, I try using it...I'm planning on setting up a weekly underground music podcast/radio show....I'm learning all I can for what is available for linux...and trying to figure out what app is going to be the best bet....so ...yeah...I'll be recording my voice :lol:

    If you are just starting looking, then Dyne:Bolic is a really useful tool. Loads of audio/video tools in a bootable CD.

    Audacity seems to be the 'best' (redefine 'best' as you like), if you're used a real mixing console. Jokosher looks like it might be a good app for an 'average' person.

    Munge.

    PS. First actions on Linux ... enable remote X (via SSH) and install encrypted home drive (Encfs).

    0

  4. and I want it change to

    CABLE_MODEM -> CENTOS -> ROUTER -> OTHER_PC

    I have two NICs, the first one (WAN side) should be dhcp and the second one can provide static or dynamic address for the router

    I assume you mean that you have 2 NIC in the CentOS machine. You have a number of options.

    1). DMZ CentOS machine from your router so that the CentOS is 'fully' connected on the public IP (via LAN). Or just port forward all of the ports you need.

    2). If your cable provider will allocate you 2 public IP's install another hub (or router without using the WAN port) up stream of CentOS machine.

    3). If your cable provider will allocate you 2 public IP's then you can bridge the connection between the 2 NIC's with a single IP public address, whilst the router will claim another public IP. Packets meant for the router will be relayed. The OtherPC will be on a private network.

    4). You could install a software firewall on the CentOS machine so that there is 1 public IP on 1 NIC and use NAT to create a private LAN on the other to the router. You can just use LAN ports on the router (ie. disable WAN port) or use a third private LAN for the OtherPC (multiple layers of NAT is a pain).

    5). If your Router supports alternate firmwares (ie. OpenWRT) you can configure more than 1 physical port (RJ45) to be the WAN. Plug 1 WAN into cable modem and the other WAN into CentosOS machine.

    Should give you a few things to try....

    Mungewell.

    0

  5. I don't understand exactly what you require.... but given that your on Windows (menton Putty) you could install cygwin, which contains both a ssh client (to connect out to other machines) and a ssh server (to allow connections to your machine).

    There are some instructions on setting up ssh server as a windows service, so that it is always started when the machine boots (even if a user is not logged in).

    [edit]

    The activity within an ssh session will not be displayed on the 'server' machine. It will occur in a 'invisible' console/bash shell/dos box (behind the scenes).

    Munge.

    0

  6. The suggested script will work... but remember every time you change your MAC address you will have to re-negoiate your IP address with your cable modem (asuming cable connected). You will also find that any active internet session may be interrupted. So you'll probably find that doing this is just a PITA.

    If you want to re-flash your router, I would recomend open-wrt. It's a bit more flexable that DD-WRT, but less polished (in the GUI sense).

    Cheers,

    Mungewell.

    0

  7. something to do newsletters and newspaper like MS publisher but free is there such a program?????

    http://www.scribus.net/

    ---

    Scribus is an open-source program that brings award-winning professional page layout to Linux/Unix, MacOS X, OS/2 and Windows desktops with a combination of "press-ready" output and new approaches to page layout.

    ---

    Munge

    0

  8. Hi,

    I would agree with stefanovich, ssh is most definately your friend.... if you want to use a GUI on it then you can use ssh port forwarding using the '-L' option. This magically binds a local port to a remote port and passes all the data through an encrypted tunnel, perfect for VNC.

    The Linux Realatity podcast had an episode decribing how to do this is you want more info:

    http://www.linuxreality.com/podcast/episode-51-vnc/

    Have fun.

    Mungewell.

    PS Yes that laptop was a good deal ;-)

    0

  9. Assuming that you're attempting to spider data from websites. If you're not specifically tied to MySQL or PostgreSQL you should check out programs build with 'Lucene' technology:

    http://wiki.apache.org/lucene-java/PoweredBy

    Lucene will automatically index the data for you and enable some quite complicated searches.

    A good starting point would be Nutch (although I have not tried it)

    http://lucene.apache.org/nutch/about.html

    I use MindRetrieve (a Lucene base personal proxy) to 'scrap' the bits of the web I see. I often have the feeling that I've seen something in the last few weeks but can't remember where it was....

    Munge.

    0

  10. Yeah, it's called "proxy".

    I take it you meant transparent proxy.

    I actually posed the question as an 'unauthorised attacker' situation without compromising the attackee's machine or the network hardware (router); for example someone siting outside your appartment and spoofing 'into' your wireless network.

    Munge.

    0

  11. Hi,

    One of the mainstream podcasts I listen to has stated multiple times that it is not possible to spoof IP packets as it is a two way communication, in that the 'callee' needs to send back to the 'caller'. This is something that makes me cringe each time it is said, but I don't know whether this is wrong or not.

    If you have access (however obtained) to the network at some point between 'caller' and 'callee' is it possible to spoof an IP interaction without the 'callee' releasing that they aren't 'talking' to whom they think they are.

    I would imagine that this might be possible to do with promiscious monitoring and packet injection, in that you might be able to fake a connection without the 'target' end being aware.

    So two questions:

    1) If an IP response (from the faker) comes back sooner than the real end, does the real response just get ignored? Guessing something to so with IP sequence numbers.

    2) Is it possible to actively/selectively kill IP traffic on an ethernet/wireless segment based on it's source IP? Can you decode the IP from the ethernet package before the ethernet packet is complete, hence have the oppotunity to corrupt the packet so that the intended receiver does not receive it at all.

    Note: these questions are meant to be from an understanding/defending point of view, rather than exploting it.

    Cheers,

    Munge.

    [posted in 'Nubie' in case this has an obvious reply]

    [edited for spelling]

    0

  12. hi , sorry im new to this "Hacking" thinking and alot of hack-purposed files are in Gzip , tar and BZ2 , and im wondering can anyone explain for me to how to use it , i know im a complete noob , but i havnt found a nice enough community to help me with basic problems to start off , thanks =]

    Hi,

    'gzip', 'bz2' and 'tar' are Unix ways to basically do 'zip'. 'gzip' and 'bz2' are compression schemes (make files smaller), whilst 'tar' is an archive scheme (collate lots of files into a single archive file) but without compressing them, hence doing '.tar.gz'.

    For a Windows user you can use the application '7-zip' to extract/browse these files. see:

    http://www.7-zip.org/

    This and other great open source applications for Windows are compiled onto a CD, which can be got from:

    http://www.theopendisc.com/

    Cheers,

    Munge

    0

  13. Yeah I noticed that too... took it as a sign from God that I should stop drinking & browsing the internet and go to bed in order that I might be able to get up and go to work on time. ;-)

    Just a request/suggestion for StankDawg, when you make episode #200 available in the archive can you please fragment it into a few pieces.

    Seeking to position on my MP3 player is quite slow and thus would be a pain to seek to the location where the stream gave up... 5 hours in.

    Cheers,

    Mungewell.

    0

  14. The streaming episode was cut off about 5 hours into it. (11:35 PM PST)

    Yeah I noticed that too... took it as a sign from God that I should stop drinking & browsing the internet and go to bed in order that I might be able to get up and go to work on time. ;-)

    Looking forward to 'act two'.

    Munge.

    0

  15. I don't know anything really about this laptop. but why would they put a WinModem in a linux laptop?

    err... because its cheaper than a 'real' modem. Winmodems are basically a sound card and some are supported under linux, see http://www.linmodems.org

    There were 5 (WTF!!) at the LUG meeting ths evening, they look pretty sweet and seem to be quite well loaded. Still a little bit big for my taste (had Psion 3a many years ago) and a bit pricy for what they are, although I'm sure the prices will drop in a few weeks/months.

    Munge.

    0

  16. PS. Call Manager has some quite nice web interfaces for setting all manner of things... nice area to play with.

    URL will be something like:

    https://ccmpub/ccmuser/logon.asp

    http://unity1.xxxxxxx.xxx/ciscopca/logon.do

    Voicemail 'map' attached.

    Once you know what IP the server is sitting on you can start downloading (via tftp) the configs for phones etc.. to work out how they have configured the system. This info is available on the IP handsets under 'Menu/settings/Network settings'.

    If they've done it right then you won't be able to access it, as access *should* be limited to vlan that the phones run on.

    Munge.

    0

  17. Therefore, our PBX could still be anything at this point, as the Cisco Unity system (which, looking through datasheets, appears to be a Windows computer with a few extra PCI cards) is barely integrated.

    It could be the other way round, in that Cisco Call Manager/Unity is driving the bulk of the system over a VoIP based infrastructure and that they off-loaded the old analogue system to provide simple service to the outlying areas such as student dorms with effectively one huge ATA linking them into Call Manager.

    Check out what the departmently offices are using... I'm guessing you'll see Cisco IP phones on every desk.

    Not absolutely sure, but I think Unity is the unified messaging system (voice mails available via exchange) rather that just the simple 'Call Manager' voicemail system.

    Are analogue phones internal only, or can you get an outside line?

    Mungewell.

    PS. Call Manager has some quite nice web interfaces for setting all manner of things... nice area to play with.

    0

  18. Open VPN is free.

    Just offer an alternative (gotta love the 'open source=more choice') there is also Tinc, which I came across for providing VPN tunnels between hacked/flashed wireless routers.

    see:

    http://www.tinc-vpn.org/

    Appears to be simpler to set up than OpenVPN and less resource hungry. Currently clients/servers for Linux, FreeBSD, OpenBSD, NetBSD, MacOS/X, Solaris, Windows 2000 and XP.

    [removed trailling comment as I didn't read the whole thread properly.... engage brain before talking!]

    Munge.

    0