decepticon_eazy_e

Awesome! We came 2 hours early to get a good seat for Kaminsky's and they pushed us all out to make room for the people waiting.... because we weren't waiting before that.... total BS. Anyways, none of got to get in and see that talk. I've been waiting for this!

Switches... Find a WS-C2924-XL-EN, that would be nice. WS-C2912-XL-EN is the 12 port version. Stay away from the 1900s. We have a pallet of WS-C2924M-XL-EN switches that have been going out the door at $25. I have a couple WS-C3524-XL-ENs in my basement, works the same as the 2900s. I replaced all my 2900s with those 3500s. If you can find one that has a bad port, the price will probably be significantly lower. For home use, 23 ports is just fine for the discount you might get! Gigabit is really nice to get, I found an Extreme 48 port gigabit switch. Port 48 fails testing, so it was free.... :) If you find model numbers, post em here, I'll give you my opinion too!

You should go to defcon, it's worth it. I watched a talk last year on layer 2 network attacks, and one on BGP attacks. I thought I'd see something new and cool with layer 2 attacks but no, it was networking 101 for beginners. They talked about MITM stuff, and ARP spoofing, and flooding a switch to make a hub. That stuff was interesting and relevant when switches came out and replaced hubs. Which was how many thousand years ago? But the BGP talk was cool, the guy showed how you hi-jack a BGP route and reroute internet traffic right into you lap, now that's some ownage. Point is, the talks run the spectrum from super basic to super complex. There's something for everyone!

A windows program that will move 100 megabits to another PC? NetCPS, I think I found it lurking these forums, works pretty good. http://www.netchain.com/NetCPS/ Otherwise just use ping with the size option for big packets, like -l 9999 in windows.

2621 would be more fun, 2 ports vs 1 and they're 10/100 vs 10.

I've been going to defcon for a couple years now. YOU know plenty to go to the con. There are noobs there, lots of em. And there are geniuses there, but they are not NEARLY as outspoken as the noobs. If you know the basics of networking or programing, you will enjoy the hell out of it. It's also one of the cheapest cons out there, entrance was $120 last year. Vegas is fun, as to be expected, but the con is also fun. Super nerdy! defcon.org

1. ESX 3.x has a full linux operating system behind it. ESXi does not, there is a secret CLI and you can enable SSH, but the options there are pretty limited and totally undocumented and unsupported. The backend of ESX 3.x allows you to do everything that the GUI does via CLI. There are some features that have not made it to the GUI that the CLI does, storagemotion is one of them. Why would anyone want this? A couple reasons, disaster, what if you only have a telnet/ssh option from the outside. Another would be scripting, you could automate an ESX install. When rolling out a cluster of servers that will all have similar settings, this is nice. This is the reason that ESXi can fit on a USB drive and ESX 3.5 cannot. 2. The big features, ESX gives you vMotion, HA, storagemotion, bigger HAL list, cloning and templates, consolidated backup, update manager, snapshots, etc. ESXi does not, you can clone in a half-assed way, but it's not nearly as efficient. The Virtual Center is what makes all that possible. If you were to upgrade ESXi, you would buy a Virtual Center license and install it on a server 2003 vm machine. When you connect to the VC via your client, you get all these options (license allowing, of course!) 3. Another big reason is support. ESXi does not have formal support. The help you will find is in forums and white papers, but it's officially not supported. You get a support contract from VMware and a 1-800 number to call. Seems like a trivial perk, but at 2am Monday night, it's better than scouring Expert Exchange or whatever top hit google spits out while you search for the fix to get ALL your servers back online. If you want to put this in production and depend on it, you need to move up to the full version. The cost is pretty significant but then again the requirements are multiple core-big RAM-redundant servers and a SAN, which is not cheap. If your business can afford those things, you should be able to afford this. Their big push is to get the hypervisor out there in the real world and get everybody comfortable with it, kind of like a crack dealer. The first hit is free, the next one will cost ya! Same thing with VMWare Server, it's the free version of Workstation, which can do much more.

Check your hardware off the HAL list, it gets updated weekly. http://www.vmware.com/resources/compatibil...Category=server The internal RAID group is unnecessary. Use a couple small drives, low RPM and mirror them. 2x 36gb or 18gb drives is plenty. If that dies and you have to reinstall ESXi, you are down an hour or so tops. The drives for the OS is only access during boot up and the entire OS is loaded into RAM, so there's no latency for access time (no need for fast/redundant disks!) VMWare says you can do this off a USB drive, I wouldn't put a production system out on a USB drive, no matter what they say. If you want HA or vMotion, or StorageMotion, you need to buy the license and attach the servers to a SAN. That way the guest OS resides on a SAN and is accessible to other ESX servers. ESXi does not offer those functions out of the box. When you get to the point of putting this in production and trusting it, upgrade to the full ESX 3.5. You'll have to go through a vendor and at that point you can look into all the options and hardware required. Keep the questions coming, I work for a consulting company and VMware installations are our biggest money maker.

Easiest way to explain it is, somebody else did all the brute force work on (for example) the MD5 algorithm (or lanman hashes or whatever) and save the results. Now all your computer has to do is compare the unknown hash it has to the list and find the match. It's much less time consuming and processor intensive. Time-memory trade off is the name of this concept. http://en.wikipedia.org/wiki/Rainbow_table

This is megabits always, also the packets per second are 64kbytes in size. Packets vary in size so those numbers are achieved only in a controlled lab scenario. Those throughput numbers are for clear text packet forwarding with little to no processing. When you add QoS or encryption, your throughput goes down significantly. This list will not give you a starting point to find the best router, but not the answer. You need to factor in your organization size and needs. However, a 6mb pipe is a relatively small WAN link. Your biggest bottleneck is probably not the router on the WAN, it's the 3-4 users that watch youtube. It only takes a couple people to max out a 6meg pipe. QoS will help this, but your bandwidth utilization will not go down until you throttle down the specific user or service.

The appliances are just the download section. I gave you a link to a bunch of Linux distros already installed on VMDK files. You just import them and turn them on. Linux is ready to go.

Agreed, the free Server version doesn't allow that much with the networking side. If you have a box to dedicate, use the free ESXi version. Lots of possibilities there.

Defcon hosts a few, the biggest would be Capture the Flag. I thought they did something similar at shmoocon. I think the government sponsors one too, probably DARPA. There's plenty out there, pretty much every major con will have one, defcon, blackhat, etc. Google for capture the flag results and see walk troughs and results, you'll see how they are organized.

http://www.vmware.com/appliances/directory/cat/45 VMware did most of the work for you, here are the preinstalled virtual machines ready to download and import.

Wireshark is not for securing anything. It's a packet sniffer for collecting data, that's it. That's probably why you had problems.

What VMware product are you using? ESX methods will be different than Server. In ESX (and ESXi), you can manage your network connections through the Virtual Infrastructure Client.

"VMware server will sit on top of linux or windows if you need linux, but as its not a hypervisor based vm it will be slower." "VMware server" is a windows or linux application, yes. ESX and ESXi is an operating system and offers far better performance than VMware server. VMware server is the free version of VMware workstation and ESXi is the free version of ESX. Put an ESX box next to a hyper V box and I guarantee that the guest OS will run better and faster on VMware.

If you can find another power supply, try it with that. I would say you have a bad motherboard.

PS any connection that has a greater upload than the target's download can DOS. You don't need any special software or apps. Just ping with the -t on it and let it go. The trick is to get 1000 of your friends to do the same thing. This is what brought down the banks and government in Estonia. A couple thousand people sending non stop pings to specific IP addresses. For double the fun, they spoof the return address so a second IP address will get a flood of pings. Which is why the IP address of your attacker is pretty trivial, it's probably spoofed.

I was looking for someone to point that out! The idea that you need one of those OS's to run VMware means that somebody doesn't understand VMware.

Are you really plugging these things in while the machine is running? That sounds like a really bad idea. "it all runs fine until i plug that it and then BOOM" YIKES? Also, I said get that all running correctly before adding drives. You said it was working fine with the HDD, then you added the P4 connection. Make all that work without any drives or PCI cards (video card excluded of course!) No startup beep means it's not working fine, you have power to the fans and LEDs, that's not what you should look for. Video output and BIOS messages means it's working fine.

digip gave you all the information you need. If you are on the internet, you are part of subnet, somewhere. Look at your IP address. run > cmd > ipconfig Once you understand network subnets, you'll understand the answer to your question.

How to troubleshoot a power issue... Confirm the following, you have a power supply big enough to support all those devices. Most power supplies are huge and this is not an issue. Next, is the motherboard installed correctly with stand offs? There could be a short if some of the motherboard contacts touch the case, this applies to bare wires/connectors (shouldn't have to be said, but still should be said!). 1. Unplug everything from the motherboard and power, that includes HDDs, FDD, CDs, etc. This includes the ATA, SATA, IDE, etc cables from the motherboard. I've seen motherboards try to startup devices that have no power, it's best that the motherboard doesn't even know they exist. 2. Plug in power to motherboard and power to buttons and LEDs. Does it power up and POST, do you see output on screen? If you must power up high end video card for that, please do so. If the answer is no, swap out motherboard or power supply, one of them is bad. 3. Plug in one device, probably the cd drive. Power up computer. Everything ok? If not, you have a bad CD drive. 4. Repeat step 3 until the system is complete. If everything works at the end, you probably had a loose cable and it needed to be reseated somewhere. 5. ??? 6. Profit (had to be done!) ;) You will probably find the problem right away, like at step 2. Do you have multiple P4 connectors on the power supply? Do you have an open P4 connector on the motherboard, near the CPU away from the 20/24 pin bank? Odds are you won't get past step 2 without some clue as to the problem. Good luck!

Also, if you create an ACL to block them... you are still processing the packet which is what caused the DDOS in the first place. DDOS attacks are actually very hard to fight, you need help from the ISP upstream to reroute traffic that fits the profile of the attack. Usually the profile of the attack is "legitimate traffic" that you desire, so it makes it very difficult to filter. Most companies that are attacked use the oldest defense in the book... add more bandwidth.

I set up a 10gig network today... It was between two Sup32-10GE supervisors with xenpaks. I feel very 1337 and nerdy today. I did a 10gig ping! It just seems like something someone with my job experience or lack there of, should not have access to. I don't think that many companies or schools have the need to justify that cost, therefor I assume not that many people have messed around with 10gig stuff. Sometimes we build servers with 128gigs of ram and terabytes of space, but that doesn't seem as cool. I've messed around with some 8gig FC switches, but those don't seem to compare to the mighty 10gig. Anybody else have access to some really cool/rare resources at work that are worth bragging about? Post pics if you got em! I have a 10Gbps e-penis today.