Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by dylanwinn

  1. Erm, "OpenVPN allows peers to authenticate each other using a pre-shared secret key, certificates, or username/password" (http://en.wikipedia.org/wiki/OpenVPN). Of course, all of that goes through SSL, so I guess that's not exactly what you were after. Aside from that, plus lack of Linux support and the broken web site, WASTE seems to be pretty much exactly what I'm after. Thanks for the heads up!
  2. I am about to describe a concept for a piece of software which I have been contemplating for quite a while. If a similar piece of software exists, please tell me; if not, then this thread will be dedicated to debating the design (and hopefully proof-of-concept) of said software. If you see any problems (especially security flaws), please speak up! First off, you and your closest friends would meet by some secure means and have a key-sharing party. You would pair with each other person individually, generate an AES key pair, and then swap public keys and IP addresses. Lather, rinse, repeat. By the end of the meeting, each person would have a key which could only be used to contact one other person, which would be known only to them and that person. This stage need not be automated. Then, you would enter the keys and matching addresses into the program, which would proceed to send your handle and IP address to the IP entered, encrypted with matching key, and wait for a similar response from that IP, encrypted with the correct public key. This establishes a verified secure connection with that person, using the handle and IP to ensure against a man-in-the middle attack. This would be repeated for each person you paired with earlier, establishing a network of trust, to be labeled "friends". Now, things start to get complicated. Every so often, you and each of your friends would compare buddy lists (handles only at this stage). If you find someone on your friend's list who is not on yours, then you meet with them using your friend as a proxy. You each connect to your mutual friend using your unique keys, and he forwards traffic between you. At this point, a temporary secure connection is established (inside of the secure proxy), so that your mutual friend will not be able to spy on you (note that he could inject information, but we'll trust him not to). The key-sharing party from before would then be repeated in private, and this new friend would be added to a separate network of trust, to be labeled "friends of friends", kept separate because you may not trust your friends' friends as much as they do. When you meet friends of friends of friends (3 layers of separation or more), they are added to an "everyone else" group, with even less trust. At this point, the software would keep track of your friends, informing you when they are offline or online, when their IP or handle changes, etc. On top of this, it would allow for secure messaging, file sharing, and VPNs between specific people, whole groups, or everyone. All data would be sent directly to its destination, eliminating the encumbering "onion" of Tor and Freenet at the sacrifice of anonymity.
  3. https://www.open-mesh.com/store/products.ph...Mini%252dRouter http://www.newegg.com/Product/Product.aspx...4-190-_-Product http://www.newegg.com/Product/Product.aspx...;Tpk=asus%20n16 https://shop.fon.com/FonShop/shop/US/ShopCo...p;view=category
  4. I thought it was really cool, but I doubt it could carry the added weight of a WIFI-to-3G relay.
  5. Ya, as far as I can tell, the Cell processor acts as the PS3's GPU, and you can't utilize for anything other than basic OpenGL while running Linux. If someone could either write a better driver (longshot) or figure out a way for stock OpenGL to do raw floating-point (not gonna happen), you're stuck. I will say that I've seen videos of Sony techdemos in which native PS3 applications were used for floating-point calculations, and the results were impressive (for the price of a PS3, at least). If someone can figure out how to run homebrew on the PS3, all you need to do is hack together an app to make your hashes (which will be hard without the Sony SDK).
  6. dylanwinn


    My ASUS WL-500W just died (power surge, d'oh!), so I bought a ASUS RT-N16 from newegg just an hour or two ago. It supports dd-wrt mega and has 2 usb ports and gigabit ethernet, all for only $90. http://www.newegg.com/Product/Product.aspx...N82E16833320038
  7. You need to do that NOW. I'm serious. Not only is it totally harmless, but also hilarious and super noticable! What could go wrong? All you need to do is write a script that loops the say command and then RDP into every single computer during the school day and cron it to execute just before class ends. BEST. PRANK. EVER. EDIT: It looks like your original question about installing the script automatically is still unanswered. I've got nothing. EDIT: It would be really hard, but if you could swap the blacklist and whitelist on the filter proxy, that would be pretty funny. Imagine, Wikipedia blocked and 4chan allowed. Or make /b/ the home page! THAT would be funny. EDIT: Hold on a sec. You said that you were on good terms with the SysAdmin, but you also said you were trying to get his boss's attention. Are you trying to convince him to change the root password, or do you want him fired?
  8. Sorry, let me clarify my question. Your sensor is placed at the base of your index finger. In a normal resting position, that spot on my hand is about 2.5 cm off of the table, but the laser sensor (on my mouse) must be within about 5 mm to track properly. Therefore, it seems it would not work at all unless I flattened my hand, but in your video it seems to work fine. I see now that the sensor hangs down from your hand significantly, but I missed it at first. I'm going to try to stop posting in this thread for the next couple of days. XD
  9. I believe I have that same exact mouse (Logitech Wireless notebook mouse), and it has to be literally touching the table before it will get a response. I would say that an optical mouse would be better in that respect, as you would be able to take your hand off the table and still aim. In your videos it seems that your hand is not completely flat on the table. Care to explain?
  10. Apparently nmap has had this functionality since version 5.0. I really need to google harder before posting here. lol "google harder" is now my favorite phrase EDIT: The command is: nmap -p [port range] -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389 [iP range]
  11. I was having the same problem earlier. Just upload them to tinypic and embed them.
  12. Hmm... How are you doing the scroll wheel? I would think the best way would be to use two MOMC buttons to emulate the scroll up and scroll down, but I suppose there are other ways. Perhaps an optical gesture sensor? :D
  13. At first I thought this was a powerglove mod, but when I watched the video I quickly corrected myself. I think this has great potential as a gaming controller, but first you'll need to implement a mousewheel somehow. I would also like to see buttons for Mouse3, Mouse 4, and Mouse 5 on the middle finger, pinky, and thumb, respectively (Mouse2 moved to ring finger). The main issues I see with this are the glove becoming uncomfortable over time, and the need to keep your finders flat in order to click. Otherwise, this could vastly improve both speed and accuracy of the pointer by taking the heavy rat out of the equation. I'd love to try it.
  14. So, I kinda watched the movie Wargames yesterday, and I kinda started thinking, and I kinda wonder if there is a sort of wardialing script compatible with TCP/IP. Now I know there are very few whitehat uses for a wardialer, but I could see the usefulness of having every address on the 192.x.x.x subnet portscanned, for pen testing reasons, obviously. What I want is some sort of script that would sequentially pings every address in a specific range, and do a good ol' "nc -z -v" on every address that responds, if you know what I mean. I was getting ready to write a simple shell script to do so, but then I remembered that netcat crashes and burns if an address fails to respond on any port, or rather freezes, which is a pretty big problem. How am I supposed to write a loop around a script that may or may not finish running? Well, here goes my question: Is there anything out there that will do this already, or do I have to crack open the netcat source code and add a new feature? Ah, the joys of open-source programs! At least I can add a feature, even if it means a ton of work. That reminds me: if I somehow manage to modify netcat an add a new feature, how am I gonna convince the devs to include it in the official build?
  15. And... It still doesn't work. Same error, too. EDIT: It seems I just choose the wrong boot option. Let's see if this persistence works!
  16. I'm surprised that nobody has pointed this out yet, but if the clients are that far away from the AP, then they will likely have major problems connecting with the cheap antennas in ordinary notebooks. I would use wireless N router with DD-WRT (I've had success with the ASUS WL-500N, but it's antennas are not removable) and three of the biggest directional antennas you can afford, one for each of the antennas on the router. I would also strongly discourage the use of an amplifier unless the 200 mw provided by the stock transmitter proves insufficient, because you are likely to run into issues with interference. If you do go the 802.11g route, get a WRT-54gl, install tomato, and set the left antenna to transmit and the right to receive. You could then install signal boosters on each antenna independently of the other, reducing the chance of interference. That said, you'll want to have the amplifiers as far away from the router and each other as possible.
  17. Never mind that. I just found my new favorite program! http://www.linuxliveusb.com/
  18. I saw the episode about how to install a BT4 persistent LiveCD to an SD card and thought I might combine it with a Qemu install so I could run it on school computers, which have BIOS locks that stop you from booting from USB. I ran Qemu for Windows 0.12.2 with the following parameters so I could install it inside of the VM: qemu.exe -cdrom bt4-final.iso -m 512 -hdb fat:rw:files -boot order=d And boot freezes with this error: I tried booting Fedora and Ubuntu, but both simply crash a 100%. Am I doing this wrong?
  19. 1) They DID NOT MAKE THE EXPLOIT THEMSELVES. They weren't the first ones to do this kind of thing. 2) Our servers are still screwed up to the point of being un-usable. We may have to re-install. 3) We were half-kidding about the suing. John probably can't afford a lawyer. XD 4) The servers are VMware virtual dedicated, and we have no control over routing whitelists/blacklists. We simple use ULX for administration, and it usually keeps the minges at bay. 5) I'm a server admin, but not the actual server administrator, so I can't really do much about any of this.
  20. I'm not in charge of the servers (admin, not owner), but I have sent a message to John (owner) to do so already.
  21. I found this on my clan's forums and loled, so hopefully you will too. Basically, a couple of mingebags connected to our Garry's Mod servers and used some clientside memory editing to gain RCON access to the server. They then demoted Feha (a super admin who was present) to the restricted group, promoted themselves to super admin, and proceeded to harass every available player. They screwed all our servers thoroughly, and cracked all our passwords save the FTP, Web, SSH and MySQL servers. And this whole time, nobody thought to SSH in and ban them. They even explained to us how they did it! Anyhow, they've been banned, the exploit has been (hopefully) fixed, and our servers are still not quite working (they got at the backups too). To clarify, Effektiv, the person who posted the thread, was the lead hacker, who was bluffing that he would be able to do it again. EDIT: Link snipped, this is sortof a private matter. Here is how they did it: According to Doridian (henchman), he and Effektiv had written a .dll file that intercepted certain game packets and edited them to do something that wasn't explained. This .dll was integrated into the game via a clientside LUA script, which enabled them to exploit uLIB so that they could change their usergroup. They also admitted to using the same exploit on the official Wiremod servers. We still don't know how they managed to get the RCON password, but they might have just changed it and pretended to know what the old one was, as ULX stupidly allows you to do so. Edited server log: Oh, and my reaction?
  22. A while ago, I looked into tethering my blackberry to my netbook. When I got it working, I found that AT&T only blocks port 80 traffic (LAZY!) for non-tethering-plan customers. And sure enough, SSH worked just fine, so I went about setting up an SSH tunnel on my home server. Things quickly went downhill from there. I first tried the freeSSHd server, which sets up easy enough. But when I tried to connect to it via Ubuntu's built-in terminal SSH client, I got an "incorrect password" error, no matter if the password was right, wrong, or if there wasn't even a password at all. Same with every other Server & Client. So, any help?
  23. Here is my home setup. It's simple, I know... But it has ridiculously low latency :) NOTES: * WRT54G is running Tomato and has a pair or cantennas ;) * Blackberry is linked to home network via an SSH Tunnel, and the netbook via USB & Bluetooth * All Computers are connected wia 802.11g, except for the servers. :( * I hate bloody printers, you have no idea how crappy HP's drivers are
  • Create New...