decepticon_eazy_e
-
Posts
164 -
Joined
-
Last visited
Posts posted by decepticon_eazy_e
-
-
Switches...
Find a WS-C2924-XL-EN, that would be nice. WS-C2912-XL-EN is the 12 port version. Stay away from the 1900s. We have a pallet of WS-C2924M-XL-EN switches that have been going out the door at $25. I have a couple WS-C3524-XL-ENs in my basement, works the same as the 2900s. I replaced all my 2900s with those 3500s.
If you can find one that has a bad port, the price will probably be significantly lower. For home use, 23 ports is just fine for the discount you might get!
Gigabit is really nice to get, I found an Extreme 48 port gigabit switch. Port 48 fails testing, so it was free.... :)
If you find model numbers, post em here, I'll give you my opinion too!
-
after reading all your posts, that definitely motivates me to go :D
Dingle already sent me some info on what he would like to work on, and I think we could collab. and bring something to light.
BTW, what of the hak5 crew? Anybody know if they will be there this year? That would be like the icing on top of the cake for me. After doing some more research into the event I have even maybe struck a spell of technolost to get back into some programming on the side.
Thank you all!
You should go to defcon, it's worth it. I watched a talk last year on layer 2 network attacks, and one on BGP attacks. I thought I'd see something new and cool with layer 2 attacks but no, it was networking 101 for beginners. They talked about MITM stuff, and ARP spoofing, and flooding a switch to make a hub. That stuff was interesting and relevant when switches came out and replaced hubs. Which was how many thousand years ago? But the BGP talk was cool, the guy showed how you hi-jack a BGP route and reroute internet traffic right into you lap, now that's some ownage.
Point is, the talks run the spectrum from super basic to super complex. There's something for everyone!
-
thanks for the info. i can just boot from a thumb drive and install these programs and run them like a live CD so i can run them from the lab machines
thanks for the info sir
A windows program that will move 100 megabits to another PC? NetCPS, I think I found it lurking these forums, works pretty good.
http://www.netchain.com/NetCPS/
Otherwise just use ping with the size option for big packets, like -l 9999 in windows.
-
Why didnt you just p.m. me? j/k. Look @ the 2600 series, namely, something like this oneCisco 2610
Pretty cheap too (for a cisco router)
Cheers! you beat me to the home lab!
2621 would be more fun, 2 ports vs 1 and they're 10/100 vs 10.
-
Wow, sounds just like me man. I'm in mississippi, and the reason why I thought about phreaknic anyway, is because it's the closest. It's either go to texas, miami fl (a hell of a lot farther away that people think) or tennissee which is about 8 1/2 hours for me. I'm thinking alot about going. Funds would not be an issue, and I am excited to go.
I've been going to defcon for a couple years now. YOU know plenty to go to the con. There are noobs there, lots of em. And there are geniuses there, but they are not NEARLY as outspoken as the noobs. If you know the basics of networking or programing, you will enjoy the hell out of it. It's also one of the cheapest cons out there, entrance was $120 last year. Vegas is fun, as to be expected, but the con is also fun. Super nerdy!
defcon.org
-
The last Dell rep I spoke to was talking about addon SD cards for 2950's and 1950's which allow you to forgo the hard disks all together. And I know some of the newer Dell boxes come with internal USB ports for this purpose.
Out of interest, what are the benifits of ESX over ESXi? As far as I can see the main push seems to be with ESXi especially as a lot of servers come with ESXi embedded. What do I gain by going with ESX?
1. ESX 3.x has a full linux operating system behind it. ESXi does not, there is a secret CLI and you can enable SSH, but the options there are pretty limited and totally undocumented and unsupported. The backend of ESX 3.x allows you to do everything that the GUI does via CLI. There are some features that have not made it to the GUI that the CLI does, storagemotion is one of them. Why would anyone want this? A couple reasons, disaster, what if you only have a telnet/ssh option from the outside. Another would be scripting, you could automate an ESX install. When rolling out a cluster of servers that will all have similar settings, this is nice. This is the reason that ESXi can fit on a USB drive and ESX 3.5 cannot.
2. The big features, ESX gives you vMotion, HA, storagemotion, bigger HAL list, cloning and templates, consolidated backup, update manager, snapshots, etc. ESXi does not, you can clone in a half-assed way, but it's not nearly as efficient. The Virtual Center is what makes all that possible. If you were to upgrade ESXi, you would buy a Virtual Center license and install it on a server 2003 vm machine. When you connect to the VC via your client, you get all these options (license allowing, of course!)
3. Another big reason is support. ESXi does not have formal support. The help you will find is in forums and white papers, but it's officially not supported. You get a support contract from VMware and a 1-800 number to call. Seems like a trivial perk, but at 2am Monday night, it's better than scouring Expert Exchange or whatever top hit google spits out while you search for the fix to get ALL your servers back online.
If you want to put this in production and depend on it, you need to move up to the full version. The cost is pretty significant but then again the requirements are multiple core-big RAM-redundant servers and a SAN, which is not cheap. If your business can afford those things, you should be able to afford this.
Their big push is to get the hypervisor out there in the real world and get everybody comfortable with it, kind of like a crack dealer. The first hit is free, the next one will cost ya! Same thing with VMWare Server, it's the free version of Workstation, which can do much more.
-
Check your hardware off the HAL list, it gets updated weekly.
http://www.vmware.com/resources/compatibil...Category=server
The internal RAID group is unnecessary. Use a couple small drives, low RPM and mirror them. 2x 36gb or 18gb drives is plenty. If that dies and you have to reinstall ESXi, you are down an hour or so tops. The drives for the OS is only access during boot up and the entire OS is loaded into RAM, so there's no latency for access time (no need for fast/redundant disks!) VMWare says you can do this off a USB drive, I wouldn't put a production system out on a USB drive, no matter what they say.
If you want HA or vMotion, or StorageMotion, you need to buy the license and attach the servers to a SAN. That way the guest OS resides on a SAN and is accessible to other ESX servers. ESXi does not offer those functions out of the box.
When you get to the point of putting this in production and trusting it, upgrade to the full ESX 3.5. You'll have to go through a vendor and at that point you can look into all the options and hardware required.
Keep the questions coming, I work for a consulting company and VMware installations are our biggest money maker.
-
I dont really understand rainbow tables, i've been trying to figure what they are for a while but honestly all i can seem to find out is that they're used to help crack passwords and hashes, does anyone have a nice website or video that could explain in more depth for someone like me that is not in the know?
Thanks,
Fortuna.
Easiest way to explain it is, somebody else did all the brute force work on (for example) the MD5 algorithm (or lanman hashes or whatever) and save the results. Now all your computer has to do is compare the unknown hash it has to the list and find the match. It's much less time consuming and processor intensive. Time-memory trade off is the name of this concept.
-
Ok cheers. Pretty sure that was the case. I was looking at some documentation on our network and it was in Megabytes, then i got confused haha.
Thanks.
This is megabits always, also the packets per second are 64kbytes in size. Packets vary in size so those numbers are achieved only in a controlled lab scenario. Those throughput numbers are for clear text packet forwarding with little to no processing.
When you add QoS or encryption, your throughput goes down significantly. This list will not give you a starting point to find the best router, but not the answer. You need to factor in your organization size and needs.
However, a 6mb pipe is a relatively small WAN link. Your biggest bottleneck is probably not the router on the WAN, it's the 3-4 users that watch youtube. It only takes a couple people to max out a 6meg pipe. QoS will help this, but your bandwidth utilization will not go down until you throttle down the specific user or service.
-
I don't need the appliances right now. I need to install a Virtual Machine system first with an OS or embedded but thanks for the link!
The appliances are just the download section. I gave you a link to a bunch of Linux distros already installed on VMDK files. You just import them and turn them on. Linux is ready to go.
-
Don't think you can do it the way you want to, because of the way the virtual NICs are 'bridged' across your host machine's physical adaptor it needs to be up and running.
The only way of doing this (as has been suggested already) is to completely bypass the host machine's adaptor using something like a USB wireless adaptor.
You could also try firewalling it off completely. Drop a firewall between you and the Internet, then block the IP of your host machine inbound and outbound. That should still allow your VMs to communicate, but stop anything getting to/from your host.
Agreed, the free Server version doesn't allow that much with the networking side.
If you have a box to dedicate, use the free ESXi version. Lots of possibilities there.
-
I was wondering what Hacking Competitions are out there and information towards that
Defcon hosts a few, the biggest would be Capture the Flag. I thought they did something similar at shmoocon. I think the government sponsors one too, probably DARPA. There's plenty out there, pretty much every major con will have one, defcon, blackhat, etc.
Google for capture the flag results and see walk troughs and results, you'll see how they are organized.
-
Hey guys, I am going to check out Xen today when I get home from work. Xen is a open source Hypervisor project. Hopefully it will support my system! *crosses fingers*
Edit:
I doubt it will work. Most embedded solutions are for actual servers with specific hardware =[. I think I will try a optimized linux OS for hypervisor. Any idea on that? I am going to continue my research. -Life is study-
Update:
I found oVirt which I believe is a project for an embedded hypervisor by red hat. It has some potential to work. It is in beta but I can get the installs. I will report back with more information later tonight on that.
Update2:
oVirt isn't what I thought it was. It is a interesting idea but I don't need it for what I will be doing.
Looks like I will try a Linux install, probably Fedora Core 10 or ubuntu with VMware. I will see how that runs and report back.
http://www.vmware.com/appliances/directory/cat/45
VMware did most of the work for you, here are the preinstalled virtual machines ready to download and import.
-
I appriciate your help. What can be done to secure Ubuntu besides installing chkrootkit?.. I just installed Wireshark, I used it on windows previously but never fully understood how to use the filters and such..thanks
Wireshark is not for securing anything. It's a packet sniffer for collecting data, that's it. That's probably why you had problems.
-
After completing yet another rebuiild of my machine, I would like to be able to keep it away from the web as much as i can. My idea is to have a virtual machine for internet based tasks that way i can still access the outside world but all my stuff in my main machine can be kept away from the web and whatever malware tends to get into it. Im a video editor so im really trying to keep my work machine in tip top shape this time around.
Any help or ideas would be greatly appreciated.
What VMware product are you using?
ESX methods will be different than Server. In ESX (and ESXi), you can manage your network connections through the Virtual Infrastructure Client.
-
Its more of an appliance than an OS, so you may need to buy additional kit that is on the HCL (hardware compatibility list) in order for it to run. This is why it needs a proper server in most cases. If your just looking at Windows VM's I would suggest hyper-v which is also free (go microsoft!) as it will run on anything that boots server 2008 x64 and has hardware vt. VMware server will sit on top of linux or windows if you need linux, but as its not a hypervisor based vm it will be slower.
"VMware server will sit on top of linux or windows if you need linux, but as its not a hypervisor based vm it will be slower."
"VMware server" is a windows or linux application, yes. ESX and ESXi is an operating system and offers far better performance than VMware server. VMware server is the free version of VMware workstation and ESXi is the free version of ESX.
Put an ESX box next to a hyper V box and I guarantee that the guest OS will run better and faster on VMware.
-
actually it sparks when i turn it on with teh P4 in. and Ive done it with and without the HDD and it works as long as i only have the 20pin and not the P4 in. i dont have any PCI its all onboard. and i know about the beep, it always beeped when it worked normal, now it doesnt at all.
If you can find another power supply, try it with that. I would say you have a bad motherboard.
-
the best way to deal with it is to find the brown note (like in south park) then play it over xbox live voice and make the attacker crap their pants :)
jk
blocking the ips doesn't really stop the attack because your still receiving the data
I have experienced a few DOS attacks but some of them weren't well done, the user was mainly using a simple app to flood, but the user was using the internet connection at a school or some public location to get a really good amount of bandwidth,
depending on the schools network, you can use their connection to do a DOS
it may be a dumb college student or someone who has a friend who is in a location with a good connection who can do the DOS
(PS a dsl connection can DOS a dialup connection, I tried it when kmart used to offer that blue light internet service like 10 hours for free each month)
PS any connection that has a greater upload than the target's download can DOS. You don't need any special software or apps. Just ping with the -t on it and let it go. The trick is to get 1000 of your friends to do the same thing.
This is what brought down the banks and government in Estonia. A couple thousand people sending non stop pings to specific IP addresses. For double the fun, they spoof the return address so a second IP address will get a flood of pings. Which is why the IP address of your attacker is pretty trivial, it's probably spoofed.
-
I may have over-egged the pudding somewhat lol.
BTW, you can boot ESXi from a USB stick which could be better then installing it. It doesn't use swap space as it takes 512MB of RAM for this instead.
http://blog.mechanised.com/2008/07/how-to-...table-esxi.html
I was looking for someone to point that out!
The idea that you need one of those OS's to run VMware means that somebody doesn't understand VMware.
-
also yes, i do have just the one P4 connection near the cpu, it all runs fine until i plug that it and then BOOM, its off, wtf.
jkust to cover it all, im using only 20 of the 20/24, and the P4, and its running fine w/o it. course no video, or the startup beep. so ya
edit: soprry bout the double post, but i know it ss a shortnow, i see the blue spark when i plugged it in. any suggestions?
Are you really plugging these things in while the machine is running? That sounds like a really bad idea.
"it all runs fine until i plug that it and then BOOM" YIKES?
Also, I said get that all running correctly before adding drives. You said it was working fine with the HDD, then you added the P4 connection. Make all that work without any drives or PCI cards (video card excluded of course!) No startup beep means it's not working fine, you have power to the fans and LEDs, that's not what you should look for. Video output and BIOS messages means it's working fine.
-
your reffering to the technical nonsense, i just wrote some numbers, just to demonstrate what im talking about, can anyone concentrate on the answer?
digip gave you all the information you need. If you are on the internet, you are part of subnet, somewhere. Look at your IP address. run > cmd > ipconfig
Once you understand network subnets, you'll understand the answer to your question.
-
Well, i built a computer about 3weeks ago and i use it occasionally. first time i built it it had booting problems, it would barely turn on and then shut off, i found the issue was i had 24power pins plugged in PLUS the one on the mobo. so i made it a 20pin (the other four slid off) and its worked since. Now today i got a grub error 17 (i was using ubuntu) and i decided the check the cords. well, i popped off the side and opened it up and everything was good, i didnt even TOUCH anything. so i closed it up and pushed the power button. all it did was click on then off, the fans didnt even spin. i tried again, NOTHING so i unplugged it and plugged it in, nothing, i flicked off and on the switch in the back and it clicked again. so i popped it open and i checked everything and it was fine, so i decided it was the psu. i poped off the 20pin ocnnection and wired it so the power on was with a ground and EVERYTHING turned on, NOTE:the other four (cpu power) was still plugged in. since no other powers plugged in nothing else turned on but the fans and the cd drive DID open and close but nothing on the monitor (of course). so... i plugged it back in and unplugged the four pin (cpu power) and it didnt work. so help? its brand new, i didnt do anything to it since i built it. any suggestions? i dont wanna buy a new mobo since i dont have the money.
ima try and get a video.
edit: sorry in advance http://www.youtube.com/watch?v=xgzq7N-KtSM
How to troubleshoot a power issue...
Confirm the following, you have a power supply big enough to support all those devices. Most power supplies are huge and this is not an issue. Next, is the motherboard installed correctly with stand offs? There could be a short if some of the motherboard contacts touch the case, this applies to bare wires/connectors (shouldn't have to be said, but still should be said!).
1. Unplug everything from the motherboard and power, that includes HDDs, FDD, CDs, etc. This includes the ATA, SATA, IDE, etc cables from the motherboard. I've seen motherboards try to startup devices that have no power, it's best that the motherboard doesn't even know they exist.
2. Plug in power to motherboard and power to buttons and LEDs. Does it power up and POST, do you see output on screen? If you must power up high end video card for that, please do so. If the answer is no, swap out motherboard or power supply, one of them is bad.
3. Plug in one device, probably the cd drive. Power up computer. Everything ok? If not, you have a bad CD drive.
4. Repeat step 3 until the system is complete. If everything works at the end, you probably had a loose cable and it needed to be reseated somewhere.
5. ???
6. Profit (had to be done!) ;)
You will probably find the problem right away, like at step 2. Do you have multiple P4 connectors on the power supply? Do you have an open P4 connector on the motherboard, near the CPU away from the 20/24 pin bank? Odds are you won't get past step 2 without some clue as to the problem.
Good luck!
-
No good.
Any half decent DoS attack will spoof their source address of the attack traffic.
At best it is random addresses, at worst they could be claiming to be coming from high-profile targets, which would then limit your use of those legitimate services if you started blocking them.
You also have a bloody difficult job of decided what is attack traffic and what is legitimate traffic.
Also, if you create an ACL to block them... you are still processing the packet which is what caused the DDOS in the first place.
DDOS attacks are actually very hard to fight, you need help from the ISP upstream to reroute traffic that fits the profile of the attack. Usually the profile of the attack is "legitimate traffic" that you desire, so it makes it very difficult to filter. Most companies that are attacked use the oldest defense in the book... add more bandwidth.
-
I set up a 10gig network today... It was between two Sup32-10GE supervisors with xenpaks. I feel very 1337 and nerdy today. I did a 10gig ping! It just seems like something someone with my job experience or lack there of, should not have access to. I don't think that many companies or schools have the need to justify that cost, therefor I assume not that many people have messed around with 10gig stuff. Sometimes we build servers with 128gigs of ram and terabytes of space, but that doesn't seem as cool. I've messed around with some 8gig FC switches, but those don't seem to compare to the mighty 10gig.
Anybody else have access to some really cool/rare resources at work that are worth bragging about? Post pics if you got em!
I have a 10Gbps e-penis today.
Defcon 16 Speech videos are here!
in Security
Posted
Awesome! We came 2 hours early to get a good seat for Kaminsky's and they pushed us all out to make room for the people waiting.... because we weren't waiting before that.... total BS. Anyways, none of got to get in and see that talk. I've been waiting for this!