IceBerg

Thanks, back up and running

I updated my fon just a few minuets ago. After I loged into jasager I got the error Interface ath0 not found and a button to set it up, upon pressing the button it pretty much gets the error wlanconfig: ioctl: No such device ifconfig: SIOCSIFADDR: No such device I reinstalled the madwifi ipk and still nothing I thought I would just reinstall the jasager ipk but when I tried that I got the error Installing jasager (2.1-1) to root... Nothing to be done An error ocurred, return value: 28. Collected errors: Only have 0 available blocks on filesystem /, pkg jasager needs 399 can anyone please help me figure this out. thanks

First of all... If the government wants to spy on you they wont ask microsoft for help. Microsoft souce code goes through some inhouse testing before it goes even to MSDN members for testing. With thousands of people working on one project it's very possible a disgruntle employee could try to slip something in but other employees get bonuses for reporting these things and with extensive versioning logs it's easy to track down who injected the code. This policy makes it very unlikely that anyone intentionally puts in back doors. Reasons why it's not practical for the GOV to have microsoft do it are simple, if they get caught there is no deny-ability. It would be to easy for them to get caught with all the people out there running routers and firewalls packed with IDS such as snort. It would be much more logical for them to break into your place when none is around and install some inline hardware so they can monitor your screen and keyboard from a nearby location over a wireless connection. Though they have been known to do this, it's unlikely unless you are a high profile subject. They are 'supposed' to get warrants for this shit, but G.W. Bush said it was ok if they didnt and our elected officials decided that was ok because it might help fight terrorism. As far as cellphones go, I wish my OKI still worked, but alas AMPS is gone forever. The way phones work is they receive GPS spacial pings and calculate their location. This then has to be transmuted so you MUST be connected to a cell tower. Under most circumstances this is only transmitted when you call 911 and that can be disabled on many phones. If you are paranoid then geet an HTC and roll your own radio rom. You can find more help with that at xda-developers. Best practices for staying anonymous 1. always use free wifi with a random MAC for your adapter 2. never stay connected for more than 20 minuets 3. never log into any personal accounts 4. use onion routing where possible (TOR) 5. never use the same location twice 6. do not devlope patterns or habbits that can be tracked. 7. only boot from a flash drive and keep a container of acid handy to disolve the flash drive in if needed 8. never leave fingerprints digital or physical 9. avoid doing things to draw attention to yourself 10. use your brain

You are forgiven this time! But next year... :) Maybe there is a Hawaii Linux fest, if not, you now have something to do.

I must have had a moment of retardeddness but I thought I posted this in the everything else area. It needs moved if someone sees this.

Who all will be going to the Ohio Linux Fest? Saturday(Sept 25) Dual Core will be playing there at 8:30 Will any of the Hak5 crew be attending? P.S. www.ohiolinux.org (free registration, some pay events)

The guys at Soldier X have a tutorial on running the famous Geek Squad MRI (internal tools for Geek Squad only) from USB http://www.soldierx.com/bbs/Small-Tutorial...ting-MRI-pe-USB It's pretty straight forward just extract everything to the root, unfortunately you can not rename anything so all your other stuff will have to work around that. MRI is the tools Geek Squad uses when they charge you $100 bux to clean up your computer, remove trojans and viruses. Ir runs like 8 different virus and spyware scanners and some hardware checks. This just tells you how to install it IF you happen to be a Geek Squad member and have MRI. Distributing MRI would be illegal as it uses Best Buy's licenses for various virus scanners and what not. That being said, do NOT ask for it. Get you a job at Best Buy on Geek Squad if you want it. Of course you could build you a similar BartPE setup with your own licenses for the tools you use.

I don't carry a cell, I use my touch with a bluetooth adapter and one of the sip phones, I route that through a proxy. They can trace a cell back to you, and track your movements. I've worked will Cells since we were fucking with the Oki900 and there are a lot of things they don't tell you. For instance the only way to shut a phone off is to remove the battery. If there is no physical switch that means there is an active circuit somewhere. You can figure out the rest. netphones are the way to go for privacy and security conscious individuals.

This does not help in this case, but you should always use some type of repayment system that you can put a stop payment on. Mailing them a check is very handy, it gives you a few extra days while it is in the mail plus a day or two for the clearing. But I agree with Eviltechie, never send anything without tracking information, not even the refund check.

If you were a malicious person you could file paperwork declaring him dead, his credit cards and bank accounts will get locked and it will cost him thousands to fix it, oh and lifelock wont protect against a death notice.

I added some undocumented and little known features of the acer aspire, I do not know if they work on the eee so if you try them out please let me know, or any other netbook for that matter. NetBook-v0.0.2

This is basically v0.0.1 of my doc on how to get the most out of a netbook. It centers around the Aspire One 150 as that is what I have but most everything should apply to all netbooks and even laptops. If you have further suggestions, additions or other comments it's best to leave them here as I ignore most emails. I have to use a file share link since I can not make attachments of pdf or zip NetBook-v0.0.1

Also the best alternative to Cain and Able on Linux is ettercap. If you need arp poisoning this works. There are tons of youtube videos on how to do this and I feel they are better than a text tutorial so I suggest a search on that. But this tutorial is great for the setup mad props!

if you need more space on the fon, set up a remote file system. That is significantly easier than adding an SD card as most of us are using some netbook or laptop to control the fon. SMB file share might be the easiest if your running a netbook or laptop with windows.

I just like the AAO for it's weight and it was my fav of all the ones I was able to get my personal hands on. It was just a weight thing for me. I have a Asus G1 currently that I will be selling soon and replaceing with a macBook Pro 15" for development work. but the AAO is what I will carry with me.

I also ordered an AAO: AOA150-1447 Sapphire Blue it will be a dual boot ubuntu(possibly remix) and XP, bluetooth mini dongle and Logitech v470 bt mouse. I will also be upgrading to full 1.5G ram and a 500G ext hd for rainbow/hash table storage It will be accompanied by my Jaseger FON, and will be loaded with all my tools such as: CnA, winrtgen, rainbowcrack, hamster, ferret, as well as some custom arp poisoning and ssl hacking utils and a nice proxy server for full MITM. Not to mention tftp server that will push keloggers. I'm also working on spoofing a domain controller using apr poisoning and dns spoofing to push keyloggers, and custom config files, all for the AAO. I will also be using a Alfa AWUS036H network adapter over the built in one as it's ~500mW and fully supports injection. I haven't decided if I'm going to do the touch screen mod and the 3G mod yet or not. I will probably upgrade the internal HD to 500G for extra hash and data storage.

I just got a FON under the tree. I had 0.7.0r4, So Jassager installed perfect. What I am wondering is how I go about setting it up so that the OpenWRT ESSID is something different and is not broadcast. There is no sense in anyone knowing that it's even there if I can help it. It would also be nice to add port knocking to the admin and ssh ports.

O defiantly, as a HAM I would love to have the money to build a GNU Radio setup. Using the GNU base board instead of a beagle runs about 700USD to get into, and that's low power. It's a lot more versatile than a HAM rig would be but you have to have a bit more money and time to put into it as you need a linear amp. After I graduate I should have more money to play with than I do now with school. If I gather the money up this spring Im going to build a pair of collinear antenna and put a 1W booster on both. One for TX one for RX and use some sort of open single board PC that can run jasager or something similar. If I dont go into video games I will probably get a admin/security consultant job.

The BB+USRP is a lot more versatile than the ones above, but it's also a lot more expensive, to get the wifi range you need the RFX2400 board and that runs $275 not including antenna. so without a case or antenna you are at 150 for the BB and 275 for the RFX2400 totaling $450 Once you add in power, case antenna, you are over 500 and not very light. So it's portable yes, but in my opinion there are better options. Also I forgot to mention that with that setup your only outputting at 20mW not 400mW.

Those are actually the ones I use in my software. I just was leaving it open for anyone to use what they wish.

I wasn't quite clear on this. You need a DNS server to resolve off of since were not using dhcp we do not get assigned one. If we don't set a static one then we can not use name resolution. So I dont mean we need to run one, just have one in resolve.conf. Sorry for the confusion on that.

WARNING: Use this information in some areas of the world may be hazardous to your freedom. As always you and you alone are responsible for your action! Because I can not release the software that does this automatically, I'm going to explain the process of how you do this manually. It is very simple and you should be able to follow this easily. There are some assumptions made here. 1. The hotspot uses http authentications 2. The hotspot does not use wep/wpa etc or you already have the key 3. you are using an OS and card that allows you to change your mac address (I will use Linux) First you need to sniff out a MAC and an IP address with a sniffer such as kismet or wireshark or many others. Then you have to watch for the activity to stop. The reason you do this is if you jack a live session all kinds of bad things could happen that will give you away and could land you in free living quarters. So wait till the session has stopped. Once you are sure it has, set your IP and your MAC and surf away. The way youchange your mac is simple in Linux and most other Unicies. Asuming the wireless interface is wifi0 ifconfig wifi0 down iwconfig wifi0 mode managed //just to make sure your back in managed mode ifconfig wifi0 hw ether {target mac address} ifconfig wifi0 {target ip address} ifconfig wifi0 up Now there are a few things to consider here. 1. you need a dns server, for these I hard code a dns I know, you can look up how to do this. 2. some hotspots allow people to logout, most people don't but this will stop you 3. some sessions are timed and time runs out Yes I know this is so very simple but there are some who may not have realized how simple it was, and many who have asked about the program that automates this. The reason I can not release the program is it was written under strict stipulations. If you think about it though it;s quite simple to write and in C/C++ should take less than 200 lines of code.

There is no way it will be 15km unless it's in a very non-urban area, It's output is about 380mw so it's on par with the Fon and the Alfa AWUS036H. All 3 devices will have have about 15x the xmit range of a normal laptop that runs around 20mw. The problem is that the effective range is about 1/2 that as it has to be able to receive those weak signals. I am in the process of looking for something this small that will deal out a full 1W, but using an 8-15dbi antenna with a device like the 3 above will defiantly help with reception. Anyone out that that is a HAM will know that for better reception of weak signals you want as close to a full wave antenna as possible. However thats a big ass antenna. collinear full wave 802.11 centered is about 104.4 mm or 4inches per segment. For 8dbi you need roughly 18 segments with the ends thats about 75 inches or 6.25 feet. Suffice it to say that is not very inconspicuous. I would say you can expect 50-100yards very good reception and maybe more with average to low reception. It's still very good.

I also am curious. I got up at the early hour of 10:30am and went to see what was happening as today should be a filming day if they don't celebrate Matt's birthday. To my surprise I get some sort of blog page.

I have to agree that with BT3 out there already it seems the efforts of HAK5 and the community would be better focused elsewhere.