bwanaaa

necro alert the link in the first post is 404. where can I find a guide for my old mk2

An old white one.i think it's a fon2100 (white case). how do I start figuring out what's running on it? It seems I set it up long ago and totally forgot about it. It does come up with the SSID 'Free Wifi'. LOL. If I connect to it via wifi (Free Wifi) I get inet 192.168.2.209 netmask 0xffffff00 broadcast 192.168.2.255 so it is running an ip of 192.168.2.209 but what port does the admin log in to?

I remember an older episode of Hak5 when Darren was showing some fun with a MITM. He actually had an application that was reconstructing the packets as they flowed through his laptop and reconstructed the webpage that the user was surfing.Anyone remember that episode? And for icing on the cake he did some text manipulation (like flipping the text upside down, or changing certain words. etc) so the user was seeing a 'modified' version of the web page.

thank you. I was befuddled because the mac osx version of wireshark doesn't make this obvious. This is what the settings looks like: http://i.imgur.com/NgfUhpm.png

OK…so I can load wireshark and see my packets. But today with Web 2.o there are a number of ads popping up no matter where I go and there seems to be a lot of traffic completely unrelated to the web page I am interested in (or thought I was interested in). I understand everyone needs to make money, but is there any way to find out and focus on the traffic to the web page I am interested in? For example, try going to pcgamer while wireshark is running in the background, Even if you only click on one article to read, wireshark logs countless packets from ad sites - many of which come from cdns like akamai etc so you don't even know what is really going on. It seems that there are a lot of ip addresses and I ave to highlight them individually and then click on 'resolve name' to find out where they are form. Is there any way to 'auto-resolve' packets so I can quickly identify the conversations I am interested in?? Thank you.

Does anyone here have any experience with the reaver? http://www.reaversystems.com Looking at getting a kit to test my wifi but cannot really decide. Obviously the support here is AWESOME. But I was hoping for some experienced person to chime in a comparo.

i am not interested in arp poisoning. rather i have a network tap. i need a low power pc that will log packets and not drop them when the traffic gets heavy. my sense is that i need at least a p4. since i need to troubleshoot a network, my tap is between the wan and the lan switch. so really, my question is what is the lowest power pc that has excellent nics. since linux plays better with intel than broad com i tend to think an intel mini its box is the way to go. it would be nice though if there were an intel usb ethernet adapter-but i can't find one of those .

of course the raspberry pi would be great- if i could ever get one. but since since its still in short supply, i am wondering what else would be good. and don't say the interceptor. i already have a network tap. i need something that runs wireshark. the configuration would be: internet -> network tap -> lan switch-->lan clients and wireless access points ........................|tx....|rx..........|cat5 ........................|.......|.............| ........................V......V...........V ...................... network analyzer then i can vnc into the network analyzer from my iPad as i walk around to all the network clients to evaluate them. so the network analyzer needs three nics - i guess there is no mini itx with such a built in config so i would need a usb-ethernet adapters (prob 2) an duse the native nic on the miniitx mobo as well. does anyone have any hardware suggestions? or perhaps a better strategy? somewhere i read about just installing winPCAP on the network analyzer as a service. Then wireshark can run on the remote device-trouble is- i don't have wireshark for the iPad.

in your pic of two subnets sharing one router, how do you get that to happen? That means that a router would need two gateways to the net-one for each subnet. i have not seen that in a router-but then again, i've only seen consumer grade devices.

thank you.

what is a usb passthrough? this is being done for a school library, and signs are posted at every pc that communications on the pcs are school property. i disagree with that concept-it's just indoctrinating youth into giving up their privacy and identity as a way of life. but then again, i dont make the rules. the other advantage of this working on a vm is its portability to other nodes.

yes, that's what i thought. i read a little about the concept of a loopback.of course this is what i want to avoid basically i would do this i want to get the xp instance to act as a bridge and run wireshark on it. so it looks like this: client (lans with pc, mac, iphone, ipad) -> usb nics & native ethernet port -> mac server ->virtual ports on vm(1 port for each hardware device) to windows ->wireshark->one other virtual port to airport -> router with wireless access point ->internet the router has a firewall and nat. firewall on the mac server is off for testing. firewall on the windows instance is off for testing. need direction on how to do this in windows. or would it be easier to do in a an instance of ubuntu on the command line? or other linux distro running as a vm?

hoping for the virtual machine to be a 'network tap'. configuration is an intel mac with an airport card and several usb nics. The airport card is for connectivity to the internet. the usb nics provide connectivity to the local lan. internet sharing is used on the mac to distribute internet access and the mac is also a file repository. Internet sharing on the mac results in a dhcp serving addresses in a different class c for each nic-so one nic for example will get 192.168.2.x, the next nic gets 192.168.3.x, etc. This allows each nic to service a whole lan segment. Wireshark installed on the mac sees all interfaces and allows monitoring of traffic. I do not want to run wireshark natively on the mac. It's a production machine and messing around with the bare metal is discouraged. A virtual appliance is perceived as safer (even though it may not be, i cannot convince the responsible higher ups) So, vmware fusion is set up on the mac to run an instance of windows xp sp3. wireshark is installed on windows.in this configuration, wireshark only sees the airport but not the usb nics. The network adapters are set up in bridged mode on vmware. Is there a tutorial that clarifies setup for the nics in fusion and the proper ip addresses they should have in windows? Should they be bridged there as well? If i use the same ip as that used on the mac, obviously i get an ip address conflict. I was hoping for the virtual machine to be a 'network tap' but it's having trouble seeing the nics, let alone the traffic that is not even destined for it. i guess another way to solve this problem is to get the traffic to go through the xp instance. XP would need a dhcp server running. This dhcp server would service the nics. i tried tftpd but that is a little too rudimentary- it does not see the virtual interfaces. i'll keep looking but need some enlightenment. please be gentle.

tnx. got it sorted.

[sOLVED] Turning off the firewall in the gui did not actually turn off the firewall! dont know why but sudo ipfw list showed that it was still up. i had installed noobproof for more granular control to ipfw and i had forgotten that. i turned off ipfw with noob proof and now internet sharing works properly. Running wireshark on the MBP allows me to capture from jasager. unfortunately the data streams are hot, heavy and dense so i use the follow tcp stream in the analyze menu to get focussed in.

MORE info I connected it to a DHCP server (a basic router wih DHCP on) and now clients get an ip from it a laptop and an ipad are getting ip addresses in the 192.168.2.x range. I scan that subnet but cannot see the ip of the pineapple gateway. nor can i get a login page from it at 192.168.2.1 (I'd assume that's what it'd use) help?

Well, it's late at night and i was playing with the open wrt interface. At one point i changed the lan setting from static to DHCP. It used to have a gateway ip of 192.168.1.1 now it's gone! and even though the pineapple is still broadcasting its ssid i cant seem to connect to it. it's not handing out ip addresses. i scanned all the ip addresses fro 192.168.0.1 through 192.168.3.255 but did not find it how can i fix this?

you'll notice i didnt do any port forwarding in the above example. since i am not trying to access the pineapple from the internet,i dont need to forward any ports from the internet to the pineapple. i also tried turning off the mac firewall but that did not help either, the ipad still has no internet access through the pineapple.

[sOLVED] see my reply below same issue here dsl modem 192.168.10.1 w/ DHCP on macbook pro on airport (en1) 192.168.10.7 has internet. i start internet connection sharing as per the usual way when you configure your mac as a router http://www.cyberciti.biz/faq/howto-configure-macosx-as-nat-router/ macbook pro ip on ethernet (en0) 192.168.1.2 macbook pro gateway on en0 left blank (the idea here is that anything plugged in to the mac's ethernet port will have internet access-and that client should have an ip of 192.168.1.1 or 192.168.1.3 or greater) add pineapple (192.168.1.1) to ethernet jack on macbook- pineapple settings in open-wrt page gateway 192.168.1.1. at thispoint you'd expect the pineapple to talk to the mac like it's a wireless access point I can connect to the pineapple with an ipad and the ipad gets an ip 192.168.1.146 i can even go to the openwrt settings page from the ipad however the ipad has no internet access i check ifconfig on the macbook and it says both interfaces(en0 and en1) are active and they both have proper ip addresses en1 192.168.10.7 en0 192.168.1.2 so why cant the ipad go through the pineapple to get to the mac? i turned off the dhcp server in the dsl modem, (thinking it might conflict with the pineapple dhcp) but that made no difference, i turned internet connection sharing off and on and that did something interesting. i have an application running called 'little snitch' that alerts you whenever your pc wants to make an outgoing connection and it popped up a dialog that said "natd" wants to connect 0.0.0.0 on DIVERT port 2560 (labrat) and there were 4 choices any connection only port 2560 DIVERT (labrat) only 0.0.0.0 only 0.0.0.0 and port 2560 DIVERT (labrat) i chose any connection and hit 'allow' the ipad still cant get onto the internet. i dont have anything on my network named labrat so dont ask me where that came from i am obviously missing something here. can anyone shed a little light on a solution?

is this supposed to be working? when u go to the main hak5 page and look under community->wiki i get this Database Error A database query syntax error has occurred. This may indicate a bug in the software. The last attempted database query was: (SQL query hidden) from within function "Revision::loadText". Database returned error "144: Table './hak5_wiki/wiki_text' is marked as crashed and last (automatic?) repair failed (localhost)". what does this mean?

i guess i dont really understand how the remastering process works. i thought it created a ram disk and so limits a lot activity to ram-reducing wear and tear on the flash disk (they only have a limited umber of cycles)

Like BT5, added some stuff(like nvidia drivers), want to make a new live usb. Tried remastersys from here: http://www.geekconnection.org/remastersys/ Boots into command line with postgres@postgres$ I used to be root# What happened? tried login root and got Cannot possibly login as root without user So, I asked the author of remastersys what's up and he said: The backtrack folks must do something different than ubuntu. When you remaster, you are remastering like ubuntu and it appears the backtrack devs do something different. The ubuntu live scripts called casper basically disable the root account during live boot. If you can find out from the backtrack folks what they have done differently I might be able to do something about it. Anyway, I ran remastersys again and tried changing these options: user=/root (instead of the default, 'custom') still results in booting into 'postgres@postgres' user=root still results in booting into 'postgres@postgres' but now there is a root folder inside the home folder On the bright side, the folder exclusion option works well. just be sure to empty the trash before beginning a backup because that can really swell the iso. So, is there any way to rebuild a copy of BT5 after I've modded it?