redxine

If a video is capable of being a jpeg/tif/png sequence, is it possible to hide files in individual frames of a video and then wrap it all back into the original file? This would open up some doors for new possibilities. You can only extract the hidden information if you know exactly what frame it's on, and given 30 frames per second, and 60 seconds of video, that's 1800 frames to hide in. I think I'll try to get an example worked out, I'm just not sure if extraction programs would include the extra information in a frame dump. I'm thinking of using cinelerra [on linux] to export a single frame, steg. it, delete the exported frame and replace with the modified one for encryption; and use VLC/mplayer/whatever to export the single frame, or use cinelerra again. On a side note, I've long since found yet another good use for those old CRT monitors:

Actually, you don't even need the CD. When your computer starts up enter the grub menu and select the last kernel entry and press 'e'. delete all but the kernel line and put an 's' at the end of the line. i.e. (for fedora): change kernel /vmlinuz-2.6.27.21-170.2.56.fc10.i686 ro root=/dev/VolGroup00/LogVol00 rhgb quiet to kernel /vmlinuz-2.6.27.21-170.2.56.fc10.i686 ro root=/dev/VolGroup00/LogVol00 s wait a few moments and you'll have a root shell. No login for run level 1! [not sure of the entry for ubuntu will look like] Grub password? 1. Live CD. 2. Follow above. Any way you see it, and like everyone else has said, physical access NEVER FAILS! [well, maybe full disk encryption......]

I wouldn't be surprised if Obama approved a secret 'mission' for the internet people to start attacking our networks and cause wide spread communications blackouts. Or they're making like Germany and enforcing computer security, only without the public knowing and not in the form of a law. So why does ARIN just go and start rejecting packets on their network? o.O And why would this cause my router to go down? Even better, why am I sending packets to them anyways? These are the mysteries of the world.

Pretty sure it's the router and not a problem with software. I guess the kernel module doesn't know how to handle whatever kind of packets the router was tossing out. It causes the entire LAN to go down. No wi-fi either. I have two wireshark files here, one of just the network idling (supposedly) which contains an interesting little destination unreachable (host administratively prohibited) that is not in my /etc/hosts.deny file. This some of these, like the first 3, are repeated. The nmap wireshark seems fine..... no lost packets.

It managed to happen this time without running any software. Just happened out of no where. Here's some information I managed to get out of it: [root@server redxine]# ping 192.168.1.1 PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data. From 192.168.1.20 icmp_seq=1 Destination Host Unreachable From 192.168.1.20 icmp_seq=2 Destination Host Unreachable From 192.168.1.20 icmp_seq=5 Destination Host Unreachable From 192.168.1.20 icmp_seq=6 Destination Host Unreachable ^C --- 192.168.1.1 ping statistics --- 6 packets transmitted, 0 received, +4 errors, 100% packet loss, time 5868ms pipe 2 [root@server redxine]# ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:6E:17:68:9F inet addr:192.168.1.20 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20c:6eff:fe17:689f/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:49569 errors:0 dropped:0 overruns:0 frame:0 TX packets:43527 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:49912484 (47.6 MiB) TX bytes:6463710 (6.1 MiB) Interrupt:19 Base address:0x8800 And shortly after the failure, [on all computers] I recieved a kernel failure: Kernel failure message 1: ------------[ cut here ]------------ WARNING: at net/sched/sch_generic.c:219 dev_watchdog+0xda/0x12d() Hardware name: System Name NETDEV WATCHDOG: eth0 (sis900): transmit timed out Modules linked in: vfat fat usb_storage fuse it87 hwmon_vid hwmon sunrpc iptable_nat nf_nat nf_conntrack_netbios_ns nf_conntrack_ftp ip6t_REJECT nf_conntrack_ipv6 ip6table_filter ip6_tables ipv6 p4_clockmod dm_multipath uinput ppdev ns558 gameport floppy bttv videodev v4l1_compat ir_common compat_ioctl32 v4l2_common videobuf_dma_sg videobuf_core pcspkr btcx_risc firewire_ohci serio_raw tveeprom firewire_core crc_itu_t sis900 snd_ca0106 mii snd_rawmidi snd_intel8x0 snd_ac97_codec ac97_bus snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq usblp snd_seq_device snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd soundcore snd_page_alloc parport_pc i2c_sis96x parport ata_generic pata_acpi pata_sis sha256_generic cbc aes_i586 aes_generic dm_crypt crypto_blkcipher radeon drm i2c_algo_bit i2c_core [last unloaded: microcode] Pid: 0, comm: swapper Tainted: G M 2.6.27.21-170.2.56.fc10.i686 #1 [<c042db4c>] warn_slowpath+0x69/0x89 [<c04242fe>] ? enqueue_entity+0x203/0x20b [<c0424341>] ? enqueue_task_fair+0x3b/0x3f [<c06ab3fc>] ? _spin_lock_irqsave+0x29/0x30 [<c0422894>] ? __enqueue_entity+0xe3/0xeb [<c04242fe>] ? enqueue_entity+0x203/0x20b [<c051ebf2>] ? strlcpy+0x17/0x49 [<c0641f14>] dev_watchdog+0xda/0x12d [<c04281ed>] ? try_to_wake_up+0x230/0x23b [<c0436439>] run_timer_softirq+0x14b/0x1bb [<c0641e3a>] ? dev_watchdog+0x0/0x12d [<c0641e3a>] ? dev_watchdog+0x0/0x12d [<c043279b>] __do_softirq+0x84/0x109 [<c0432717>] ? __do_softirq+0x0/0x109 [<c0406f1c>] do_softirq+0x77/0xdb [<c0432402>] irq_exit+0x44/0x83 [<c04152b1>] smp_apic_timer_interrupt+0x6e/0x7c [<c040576d>] apic_timer_interrupt+0x2d/0x34 [<c041b753>] ? native_safe_halt+0x5/0x7 [<c040a15d>] default_idle+0x38/0x6a [<c0403c61>] cpu_idle+0x101/0x134 [<c069ae72>] rest_init+0x4e/0x50 ======================= ---[ end trace 955890b62951cfef ]--- My guess is that the router is dying/being_chrooted and expressing it's agony via kernel failures on all it's host machines. [it's a linksys wrt475 with decent security all ways] Digip: I can't be completely certain, but i'm almost sure that the networks I scanned that caused the error had Quest Cable/DSL, and the platform did not make a difference. And according to the ping I ran, the packets appear forged.

That's the thing. I'm only scanning one address, and sometimes it doesen't matter how many ports I scan. i.e. I normally run nmap with -bvq host port (1-1024). It seems as soon as hit hits a certain port, it all shuts down. And i'm pretty sure that nmap is only going one port at a time; nothing very bandwith/connection intensive. Have never had this problem after 3 years with the same modem and router..... Although I am looking into getting a new router and NICs.... [yay gigabit!] PS: I'll try running a ping on a known network to see at exacty what port it stops on.

Recently, I've noticed when I run NMAP on WAN addresses, all the sudden my entire network just locks up. Packets get lost and die, and am sometimes forced to do a hard reset of my modem, although other times I can just wait it out or just reset the interface with ifconfig eth0 down; ifconfig eth0 up . After a little investigation, I found that almost all the addresses I scan that cause this are from Quest; I have Cox. Any ideas? :(

I remember reading somewhere that the kernel guys actually got a code submission that was bright-as-day malicious and quickly discarded. And if someone is that paranoid they can always compile their own kernel. Then again, they might not even be able to trust themselves.....

So now all you have to do is burn the rootkit along with some torrent your friend has been begging you for. "Who wants a copy of $MOVIE || $SOFTWARE?"

I prefer this method for resetting passwords: Boot into your favorite linux live CD. Mount the hard drive, and cd into C:\WINDOWS\System32\. Make a copy/rename sethc.exe to sethc.exe.bak [or whatever]. Copy cmd.exe and rename the copy to sethc.exe. Reboot. At the login page for windows, hit shift 5 times and you'll get a command prompt with SYSTEM privledges. The SYSTEM account exists on every windows machine and controlls the kernel and things like that. Type net user Administrator * (or whatever username you want to reset) and bingo. I use this method all the time to unlock computers where people forget their password. Or do they....