Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Sitwon's Achievements


Newbie (1/14)

  1. Asking people to buy closed-source software that isn't written yet? Based on nothing but your promises? And you're going to be borrowing heavily from Free and Open Source Software to build your closed-source, commercial project? O_o I'm with Oli, sounds pretty sketchy to me.
  2. Ubuntu probably isn't actually reading the FN key, just the key codes for ALT and F2. Holding FN is an implementation detail of your keyboard to allow it to send the F2 key code instead of whatever keycode it normally sends for that key. You can check which key codes are actually being received by the system with the 'xev' utility.
  3. The most trivial solution would look like this: while [ true ] do aireplay-ng -# # -a<MAC> -h<MAC> mon0 & PID=$! sleep 300 kill $PID sleep 300 done In bash (and pretty much any other derivative of 'sh'), '$!' is a special variable which holds the PID of the last command to be executed in the background (with '&'). Once we have the PID, we can use it to inspect or control that process. For example, by using the 'kill' command to send it a TERMinate signal. If it were me, I'd write a much more sophisticated function for ensuring that the process actually terminates before the next iteration. (Eg, send a KILL signal if the PID is still active after a reasonable timeout.)
  4. To slightly extend Cooper's explanation. 1. Don't forget about swap space. Even if you have only 16GB of physical RAM, you could extend that (as far at the running program is concerned) by periodically swapping inactive pages of memory to disk. There is, of course, a performance penalty, but for some applications it's worth it. 2. The way virtual address space works is that your program doesn't access the RAM directly, rather it makes system calls and tells your Operating System's kernel to do it. That's how each application can think it has it's own 8TB even though your system doesn't actually have that much space. The virtual address space of a given process doesn't even have to be contiguous. When your application requests more memory and the OS determines that there is none left to allocated, there OS can generally do one of two things: a) It could terminate the application with an out-of-memory error, or b) it could simply block until the requested memory is available.
  5. What you're seeing there is the public half of the host key. It won't help you with logging in, it's just there to allow clients to authenticate that they're connecting to the SSH server that they intended to. Even if you cracked the private key, all that would allow you to do would be to impersonate that SSH server to other clients. It wouldn't help you with logging in.
  6. ClusterKnoppix will almost certainly not do anything useful for you. Development of the upstream project was abandoned because there was no longer any pragmatic benefit to be had on the commodity hardware of the time.
  7. That would not work. You need to capture the output of nc into the $STATUS variable, otherwise your else clause will just result in $STATUS=="".
  8. Easier? I don't know. It would also work. I guess I could have written it like this. get_status(){ STATUS="$( nc -w "${TIMEOUT}" -z ${DOMAIN} ${PORT} 2>&1 )" if [ "$?" -eq 0 ]; then STATUS="Success" else STATUS="${STATUS##*: }" fi } Or even like this. get_status(){ STATUS="$( nc -w "${TIMEOUT}" -z ${DOMAIN} ${PORT} 2>&1 )" \ && STATUS="Success" \ || STATUS="${STATUS##*: }" } Just up to your style/preference I suppose.
  9. Trying to emulate your example relatively closely... #!/usr/bin/env bash TIMEOUT=30 stime(){ local START="$( date +%s )" "$@" local END="$( date +%s )" TIME=$(( END - START )) } get_status(){ STATUS="$( nc -w "${TIMEOUT}" -z ${DOMAIN} ${PORT} 2>&1 && echo Success )" if [ "${STATUS}" != "Success" ]; then STATUS="${STATUS##*: }" fi } report_status(){ stime get_status echo "${STATUS} | ${TIME}s" } while read LINE ; do DOMAIN="${LINE%%:*}" # alternatively: "$( cut -d : -f 1 <<<"${LINE}" )" PORT="${LINE##*:}" # alternatively: "$( cut -d : -f 2 <<<"${LINE}" )" echo "${DOMAIN}:${PORT} | $( report_status )" done < "${1}" The output doesn't exactly match your examples, but it's pretty close. There are many potential improvements that could be made, such as testing servers in parallel rather than sequential, improving the resolution of the timer, or performing additional diagnostics on failed connections. If I get bored today I may continue poking at this and update the thread.
  10. Tor may be reasonably secure at anonymizing your traffic at OSI Layer 4, however all the layers above that are unprotected by Tor. Unless you are using applications which were specifically configured/designed to protect your anonymity, your computer/devices are likely to leak identifiable information about you and undo the advantages of using Tor. Devices like the Anonabox or Onion Pi are designed for convenience. To allow you to use your normal web browser over the Tor network. However convenience and security are always at odds with each other. Your normal browser for web surfing is almost certainly not properly secured for protecting your anonymity on Tor. It's for these very reasons that the Tor Browser Bundle and Tails were created. They provide you with a safe(er) environment in which to browse the web without leaking as much about your identity. So Anonabox and Onion Pi both encourage an unsafe way of using Tor. They give you a false sense of security, where you expect your identity to be protected but the rest of the system is actually giving away identifiable information about you. This is dangerous. The recent Hak5 episode on OpenGarden discusses some very similar issues. The OpenGarden mesh is promoting itself as a tool for protesters, but by using OpenGarden they are literally broadcasting their position and identity in the clear over 2.4GHz (whether over WiFi or Bluetooth). So a government goon could easily single them out. Talk to your local Hams about "fox hunting" if you want to learn about how easy it is to find an offending station.
  11. The OnionPi already does exactly the same thing. A $30 RaspberryPi plus some free software and documentation are already available on the market right now to do this. But it's not secure, so if you build one, don't use it to do anything stupid.
  12. The broader problem with Anonabox is that it's just plain dangerous. It's the type of product that gets people killed. Anonymity is hard. Very hard. It's never going to be as simple or as easy as plugging a box into your network. The developers of Tor recommend using TBB or Tails for very good reasons. Your browser (and all your other network-aware applications) will leak far more information than even sophisticated users tend to realize, and it is far from trivial to configure your browser securely and browse the Internet safely while remaining anonymous. So difficult, that if you manage to do everything properly you would probably stick out like a sore thumb because you'd be one of a very small number of users to do so. Products like this prey on people who need real security but lack the skills and sophistication to do it properly. It lulls them into a false sense of security where they are more likely to put themselves at risk and put themselves and/or those they care about in harms way. I don't recommend this project.
  13. Where about in Maryland? I live in Silver Spring (just north of DC). The cheapest/easiest option will probably be StraightTalk. http://www.straighttalkbyop.com/ The 3GB of 4G is a bit lower than what you can get from T-Mobile, but for a week it should be plenty.
  14. Sitwon


    Sounds like the OP wants to be sure that all traffic is going through the proxy (much like the TOR liveCD claims to do). It's easier to proxy specific applications. If the application supports SOCKS proxies you can configure it directly. If it does not you can use a utility like tsocks or proxychains to sort of trick it into using a SOCKS proxy (it hijacks the system-calls and redirect network traffic through the proxy.) Doing it system-wide is a bit more complicated, and depending on the circumstances, potentially ill-advised.
  15. Have you checked if Cyanogen will work with your tablet? They seem to support a lot of devices, and it would save you from re-inventing the wheel. Seems like most of the custom ROMs out there are using Cyanogen as a starting point.
  • Create New...