Wetwork

I have a FreeNAS on 3.0 Dual core with 2 gig of ram on a gig network with 6 - 1 TB HDD 7200RPM with a RAID5 setup and the best transfer speeds that i am seeing is somewhere between 7 - 9 mbps. This is due to the limitations of the FreeNAS o/s to be able to do asynchronous read/writes from the NIC card to the Drives and then back. This issue is being addressed according to the Freenas forums and they hope to resolve it with the next release (god knows when that will be considering that it was several YEARS in between this current version and the previous) My best advice is either deal with it or go forth and spend money on a REAL NAS because with your setup your not going to be getting any better with your present config

http://ophcrack.sourceforge.net/ Nuff said

Use the USB verson of Ophcrack if the system has decent memory you can get the hashes for all passwords within a few min. OR as previously mentioned USB BT4 to do the same thing

NIIIICCCCEEEE. Might be a little hard to fit in your pocket but i'm sure that Darren can find a place for it next to his droid on his bike!

regardless, I still say that you should fire her twice then invoke a mandatory password change for all users and then re-evaluate your network security policies. If she was able to gain access to ANY dataset that she was not privileged to then that is terms for dismissal with no reference. Btw MY password is the true name of god in reverse with symbols. So no one knows it besides me and him

Screw that!......Fire that bitch....twice!!! Its obvious that you have all the proof that you need to take whatever termination action that you need to. Why go through the whole Perry Mason act when you have her by the short hairs

Barry is 100% right! if you have a stated policy against using 3rd party hardware on company systems then she is in clear violation and you have the right to enforce disciplinary actions against her. It wont recover the files that she stole but it seems like the burden of proof is against her already.

The cover letter these days is not nearly as important as a resume that shows what experience and diversity you have. Just starting out its tough to come up with the experience side of the equation. I would advise listing all projects that you have engaged in as a Net Admin including stuff that you did in college until you can broaden your resume with real life exp If you are stuck on the cover letter, keep it brief and try to come up with a solid description of your self that is no more than 2 paragraphs and include some personal hobbies that are involved in the IT world. Recruiters don't want to sit there and look at a cover letter that looks like War and Peace PM me and i would be glad to show you some examples of resumes & cover letters that can turn heads

when you work 14 hrs a day doing pentesting and network security im lucky if i have 5 min to take time to look over the hak5 forums ergo its easier for me to buy one but if no one is interested in making a few bucks thats fine by me

I was wondering if anyone was making Ducky's premade with payloads already installed....I am too busy myself to start diving into the whole creation aspect but would be willing to pay for one if someone is willing to sell??

It might be a moot point anyway because it seems that the poster has dropped off the hak5 radar and isnt accepting PM's unless the mods have done away with him. Hopefully someone else can make a decent o/s independent keylogger that we can play around with for strictly educational purposes because none of us would use this for nefarious means *sic*

didnt know that Darren turned Rap star.....

Thanks one and all! The ATA command might be the best way to go but i still think that there might be a way to degauss the HDD by interfacing a electromagnet to a HDD inside the case to go for the instant nuke. Granted with whole disk encryption and a good hammer no one is going to access the drive but depending on the vigilance of the law enforcement monkey who comes a knocking he might just have to go through the whole electron microscope process but will have a bitch of a time getting through the whole disk encryption Doing a little homework of my own i ran across this http://www.bhphotovideo.com/c/product/4228...ive_Holder.html Im sure that the components can be busted out of the case and then interfaced with the HDD inside the box that can be activated via a toggle switch on the front of the case and nuke the whole thing with the flip of a switch. It will prob wipe out the memory and the cpu at the same time making the box a brick. This might be a consideration as well with the advent of cold boot attacks that can get whole drive encryption hashes and keys from the ram I will see if i can get one of these on fleebay and see if its a viable possiblility will keep everyone updated

Yes, this is true but even under linux there is no way to bypass that little wrinkle and MTF wipe the drive? The long and short of it is that i need a software electromagnet... Has anyone come up with the idea of interfacing a electromagnet on a hard drive for an instant wipe?

Hey Happy Hackers I am looking for a HDD Core Dump/ Wipe program that can wipe out a hard drive with a few keystroke combos. I know that there are some HDD wiping programs out there such as BCwipe that comply with DoD requirements for drive wiping and the like but they take far far far too long. I am looking for a program that can scrub a drive as fast as possible like in under 5 min from within the operating system effectively scrubbing the drive Im looking for something that can wipe out the MFT and sectors as fast as possible with a 3 or 4 keystroke combo that will work for linux and/or windows Any thoughts?

To quote one of my fav lines from the old star trek series "Brain and Brain .....what is brain!"

Well....at least its an answer and i wish him the best of luck in his future endeavors

Nothing good lasts forever and Hak5 has been very good to us on many levels so i think that its our duty to try to keep the community and the show that we love going for as long as we can. The show has seen many changes over its 7 seasons with co-host coming and going and the sets changed like underwear but Hak5 remains and will remain hopefully for a long time to come. For whatever comes i wish DK the best of luck in SF and i know that whatever comes its going to be a good thing I just have one question.....WTF ever happened to Matt? We heard from Snubs, we heard from Darren, Mubix is rolling his own podcast now and it kicks ass but with all this going on no one ever mentioned what the deal with Matt Lestock? Was there a drunken brawl that we never got told about??? is Matt no more......Information ....Information....Information...."you can not make bricks without clay" says a recent movie quote

ROFMAO that is awesome

I haven't gotten to Admiral yet but i did get to Commander last night and got my Heavy Escort (yes it is bad ass) The ones that have maxed out in lvl obviously have no life and havent seen daylight since the head start launched Friday night. Wouldnt want to be around that smell when they do break daylight

Ya its called a hash key that gets compared to the hash that lives on the Domain controler but nothing that Ophcrack can use

I was part of the Open and Closed beta and now am a paying player and i fricking love the game. If you are the slightest bit of a ST fan then you are going to LOVE this game. I left Age of conan after playing that for 18 mo to come to STOL and i am never going back!

That is a really great idea....but if the system has any sort of sector recovery software such as Faronics Deep freeze then whatever packets are installed to the HDD from the previous session will be deleted when he reboots Lets hope that your hawkish sysadmin doesn't have that or something similar installed Other than that, the idea gives me a wealth of other ideas about dropping hidden files to the O/S root then getting the boot manager to run those on startup ......such as the ones similar in the Hacksaw project but hidden from the root o/s *strums fingers through beard thinking evil thoughts*

One thing that should also be mentioned that ANY tampering with GSM or any cell signal is a federal offense. They are monitoring such things considering that GSM has been cracked (I.E. this is why the GSM cracking was done in Germany where it isn't illegal to do it, nor is there any guarantees that it will work in the US). All the moble broadband carriers such as ATT verizon and the like monitor the CSID IMEI and the ICCID of the phones and can detect when one is cloned over the other. Considering that most phones these days have GPS push devices embedded into them it will be an easy matter for a 3 letter agency (Read FBI) to find you damn fast Cell jammers just blanket the known phone spectrum's with white noise so signals get lost but do nothing for redirection or cloning Anything is possible with a fair bit of know how and money but the question is......is a federal wire charge and time in Leavenworth or butler pen worth it? Side note...Mitnick did this back in the early 80's when cells were mostly analog and by comparison to the digital world of today an easy hack considering. I would love for him to try the same thing that he did back in the day today and see if he gets away with it

Granted that Symantec is quite bloated these days and very much a memory hog but the up side is that you can just run a VM as a Symantec server and control everything very easy