Jump to content

Jason Cooper

Dedicated Members
  • Posts

    520
  • Joined

  • Last visited

  • Days Won

    8

Everything posted by Jason Cooper

  1. I get a good enough connection for streaming HD Video over using 200Mb adapters (which produce a connection of about 100Mb in real terms). The adapters are probably separated by about 30m of wiring as despite being within 5m of each other they are on different circuits so the path taken is through the main fuse box.
  2. Actually there is a third attack method if you have the Truecrypt container mounted when you locked the machine, take the encryption keys straight from your machines memory. If you have an accessible port which supports DMA (e.g. Firewire) then an attacker can connect through this and search your machines memory for the key. If there isn't a port supporting DMA available then they can restart the machine and boot it into a simple bit of code designed to dump the machines memory to a USB drive, which can then be trawled through to find the keys.
  3. If it is the original battery then you should look to replace it whether it is working fine or not as its capacity is very low and the replacements can give you a significant boost. If the battery appears to be working fine but your battery monitor program is showing that it only ever reaches 20% charage then one thing to be aware of with the eee PC 900 is that the battery monitor hardware doesn't return the standard mAH's left in the battery, instead the battery report the percentage left. This leaves most linux distros thinking that the battery is reporting that it only has 100mAH left when in fact it is reporting the it has 100% left. This throws most linux battery monitor programs and when I was using one on my old eee pc 900 I had to build it from source after altering the function that calculates the percentage left (It turned out top be a lot easier than it sounds as it just needed to return one of the parameters passed to it in the first place)
  4. You've had lots of good advice about trying to tackle the situation, but it does sound like the chances aren't good for recovering the files. If you do reach the stage that you have to admit that you aren't ever going to be able to recover those files, then here is some advice. First Pick yourself back up, look at what you have lost and how you can deal with the immediate repercussions of it. In this case the key files lost look to be the seminar notes and software. I would suggest asking friends for copies of their seminar notes and doing some group study with those same friends (as notes are a very personal thing and you will need them to translate theirs). Start your revision early and if you can't understand something go and see the lecturer about it. Hopefully you can still learn enough to pass any exams or course work. Secondly, once you have resolved the lost seminar notes, review your backup procedures. This time it was a mistake that lost you the files, next time it could be a drive that fails or some malware that encrypts your files, or something worse that you couldn't have predicted. Also having been stung by the lack of backups this time it will stick in your memory for quite a while and help you get into the habit of making regular backups. Finally remember that you aren't alone in having done this, I'm pretty sure most people on this forum can remember a time when they have accidentally deleted a file they needed. Actually I'm pretty sure that most people on this forum have made mistakes which have wiped out entire disks. The important thing isn't that you made a mistake, but how you deal with the consequences and what you learn from it.
  5. If you want a lot of options then you could look into using Asterisk, but that could be overkill if all you want it to do is to answer the phone count to 3 and then press 9. If that is all you want it to do then you could just put a modem on the computer (or if it is an old laptop it may have a modem built in) and then knock up a script that connects to the modem, waits till it sees a RING message, answers it, wait a bit then dial a 9. Useful Hayes commands for this would be AT&F - Resets modem to factory defaults ATA - Answer ATDT9 - Dial 9 using tone dialling ATH0 - On Hook (i.e. hang up) ATH1 - Off Hook (i.e. pick up the phone, may be a better option than answer as it might stop the auto-connect kicking in and screaching down the line at you).
  6. Most standard *nix programs use the getopt library to parse the parameters on the command line. If they have used the getopt library then you will be able to merge any switch parameters (so "ls -l -t -o -r" can become "ls -ltor"). If you have a parameter that requires and argument you can't merge it into the middle of a merged group of switches as then it will think the rest of the switches are the argument, though you can merge it on the end of the group. e.g. sed -er 's/:/\t/g' /etc/passwd doesn't work, but sed -re 's/:/\t/g' /etc/passwd does. Wethere you should merge switches or not, assuming there is no company policy you have to follow, really comes down to personal preference. When scripting just use whichever makes the script easiest to read (which may be to use long opts where available as they tend to be more descriptive).
  7. To do diagrams, flowcharts, etc. I have tended to use either Dia or X-Fig. Both are usually available as standard packages on Linux distributions and work fine. I don't tend to use an IDE for most development work. Instead I just use vim and a Makefile for building/publishing.
  8. Symmetrical encryption is where the same key is used to both encode and decode the message. Asymmetrical encryption is where there are two keys, a public and a private key. Any thing encrypted with one of the keys can't be decrypted with the same key, but it can be decrypted with the other key. Asymmetrical encryption is sometimes referred to as public key encryption. AES, RC4, DES, etc are all Symmetrical ciphers. They are very fast to encrypt/decrypt but all parties involved require the same key, which makes key distribution a major concern. RSA, ELGamal, Elliptic curves are all Asymmetrical. Key distribution is easier as you just need to pass public keys about (proving that a public key is your public key can get a bit tricky though). Times to encrypt/decrypt though is slow compared to symmetrical ciphers. SSL/TLS uses a combination of the two, using asymmetrical encryption to secure and verify the host (and possibly the client as well) before deciding on a key and symmetrical cipher to use for the rest of the communication. All the ciphers and protocols used in SSL/TLS are publicly available for you to read through, just Google for whichever bit it is you want to learn about, and if you want a good introduction to encryption then try The Code Book by Simon Singh.
  9. If you are going for a job there then public disclosure would almost guarantee that you wouldn't get hired. Personally I would just contact the IT manager or CIO (depending on size of company) and bring it to their attention. I would also make sure that in the communication you send them that you state clearly that you found them when researching the company in preparation for applying for a job. That way it spells out that you weren't trying to find secret stuff, Google just gave it to you.
  10. Why 2096 instead of the more common 2048? Are some attack tools out there coded to work with only standard key sizes?
  11. O.K. this can be a bit confusing until you understand the difference between symmetric encryption and asymmetric encryption. Key length for asymmetric need to be a lot bigger than those used in symmetric encryption (if you want to read more about it check out the wikipedia page on Key Sizes [ http://en.wikipedia.org/wiki/Key_size ]). Now SSL/TLS uses both asymmetric and symmetric, asymmetric at the establish the tunnel and symmetrical for data flowing through the tunnel. So sometime you will see recommendations that you should be using at least 2048bit encryption and others that you should be using at least 128bit. Really you need to follow both bits of advice, but it is quite easy. 1) When generating your public/private key pair for your server (usually done as part of getting the SSL certificate sorted) make sure it is at least 2048bits in length. 2) When configuring your SSL server make sure that it is configured to only use strong symmetrical ciphers. [ http://httpd.apache.org/docs/2.4/ssl/ssl_howto.html ] Encrypting information stored on a hosted service really comes down to what are you trying to protect it from? If you are trying to protect it from other users on the hosted service then Truecrypt volumes won't work as once mounted their contents is only really protected by the OS's file permissions. If you are wanting to protect it from other users then a virtual server would be a better way to go (provided you have the skill to configure and maintain one) as then you don't have any other users. One thing I can tell you is that 400$ per yr for a VPS sounds far too much unless it is going to be really heavily used. Out of interest have you tried connecting to your hosted service via sftp? I find that while sometimes the phone support staff don't know what sftp is but the people responsible for the server have it running as a side effect of having SSH on the machine.
  12. Mr-Protocol's right. You are unlikely to get any help without a bit more information indicating that this Busy Box device is one that you own and/or one you have permission to break into. Even if you had explained that you weren't breaking any laws in what you are attempting we would also need to know some more about the device in question to give you a useful answer. Also it would be good to explain how you have determined the length of the password but still don't know the actual password.
  13. You logic is a bit messed up with this. You are XORing (^) the next block with the encrypted version of the previous block, but decoding with the decoded version of the previous block. Really you don't want to be doing either, as if you are encrypting with the previous block the attacker already has everything that they need to decode all but the first block Encoded Block A (EBA) = [IV^Block A] Encoded Block B (EBB) = [EBA^Block B] Encoded Block C (EBC) = [EBB^Block C] A the attacker will have EBA, EBB and EBC to get Block A they just xor EBA with EBB and to get Block C they xor EBB with EBC. Now if you use your decryption method's way round Encoded Block A (EBA) = [iV^Block A] Encoded Block B (EBB) = [block A^Block B] Encoded Block C (EBC) = [block B^Block C] Now an attacker has a harder job to recover the plain text, but for a long enough message it can become quite trivial. Also any known plain text will break the cipher from that point onwards (even guessing at probable plain text at points will usually be enough to break this sort of set up). The method usually used with xor encryption is to have a psuedo random number generator (PRNG) that is seeded with your IV or a key and then produces a stream of values that are XORed with the source. With this sort of set up your security relies on your chosen key and the difficulty of calculating/guessing the state of the PRNG. For a quite easy example have a look at RC4. It is good to learn from but is itself considered breakable these days and shouldn't be relied upon.
  14. Screen is a great tool, just remember to change it from using <CTRL>+a to some other key combination you prefer. Why? Well <CTRL>+a is select all on a lot of systems/programs and you don't want to be doing that by accident, especially if your next key press will delete the selected items.
  15. For GSM stuff I would start by looking at GNU Radio, Universal Software Radio Peripheral and OpenBTS. For the WIFI tracking you wouldn't need to set up a hot spot or make the phone try to contact you. You would be just listen to all the packets being sent as even when the phone isn't connected by WIFI it will be sending broadcasts asking if specific networks are available (unless WIFI is actually turned off on the phone). Kismet would be my first port of call for this, at least at the research/proof of concept stage.
  16. As others have said first thing to do if to run it all past your lawyers before doing anything. The problem you would have with trying to track people via their GSM signals is that the majority of the kit to do that is quite expensive (though the prices are always dropping) and it would require quite a bit of specialist GSM knowledge, e.g. Is there an easy way to identify unique devices without encrypting the GSM signal? Of hand I don't know and would require quite a bit of research to be able to answer confidently. Bluetooth used to be a very good option for this as everybody seemed to leave their devices as discoverable. These days there are less devices left as discoverable by default (though there is still too many to say that the issue has been truelly resolved). Wifi would be the method of tracking that I would prefer to use as each packet will have a unique id in it (the MAC address). As to the best way to track over a set area, you would have to decide how accurate you want to know their position. If you it narrowed down to the exact position then you would struggle. If you just want to narrow it down to a grid of 12 areas or so then you could simply set up 12 nodes (one at the centre of each grid location) listening to all the packets passing by and store a list of those MAC address they have seen and the signal level. A separate server could then poll each node asking for the details of those MACs the node has seen in the last X minutes. It could then simply assign each MAC seen to the node where its signal strength was the highest. Each node wouldn't be expensive, a raspberryPi with a USB wireless adaptor would be more than capable of doing the job.
  17. The tool you are looking for is called Windows (best disk fragmentor I have found)
  18. But if you are cracking password hashes then you already have the hash and the salt and you are just searching for a password when hashed with the known salt produces the hash. Thus the strength of a password in this case isn't the length of the actual password used to generate the hash but the length of the shortest password that will generate the same hash. Having said that, as you probably won't actually have your password hash for many systems you are still better to go for a longer password (that way there is only a chance of a shorter password produces a collision with your hash, if you pick a short password then there definitely is a short password that can be found when cracking the hash).
  19. Oooh a Java rant, must be a programmer whose first language isn't Java (don't worry there are plenty of us around). Just so you don't start to think that you are on your own I will join in. One of the most annoying things I find with Java is that there always seems to be a "Java" way of doing things that are already done in a standard way by most other languages. For example take building your project, make does a great job and is used for many languages and on many platforms. So how do you build a Java project, you use Ant. So there is a good reason for this? I have heard many different people try to justify it but as far as I can tell the only reason it exists is because some Java developer couldn't distinguish between tabs and spaces and so couldn't write a Makefile :). I have heard people claim that Ant is faster to compile the Java code because it only launches the Java compiler once, but really if starting your compiler impacts that much on a build then there is something wrong with the compiler or the way it is being used. "At least it produces portable code." Is usually the next comment I hear. Really, I have lost count of the number of times that I have been trying to run a Java app only to find it complain that I am using to wrong JVM or runtime environment. Seriously , in my experience this portable language isn't very portable at all. I guess I have been spoilt by having scripts (Perl, Python, etc) run on both windows and *nix boxes without any complaints (Even a missing module is a simple case of installing just that module, not an entire new runtime environment which then has to be kept seperate from the other ones on the machine). Now I must really stop ranting about Java, I will save the rest for the next time I am forced to deal with it at work.
  20. An interesting question is how increasing the length of a password affects the probability of their being a collision with a shorter length password. After all a password of 2000 characters is no use if the same hash is generated by one of 5 characters.
  21. If just using subnets without VLANs then a single DHCP server should be able to server them all relatively easily, but you gain that simplicity at the cost of security. If your hardware supports VLANs and you have multiple subnets then you should use VLANs. (note: If you split by VLANs then you will also have to split by subnets, as they will be used to route between your VLANs). If you are using VLANs then you could have one DHCP server per VLAN, but that would quickly become unmaintainable as your number of VLANs increase. You could put multiple interfaces in a single DHCP server and connect one to each VLAN (which would reduce the number of DHCP servers required but would still be impractical for a large number of VLANs). Alternatively you could supply a single DHCP server with a trunk connection so that it gets all the VLANs passed to its interface, which in the long term would be the easiest to maintain but would be more difficult to set up initially. Finally if your switches are all layer3 and they have support for ip-helper then you could use that instead to have a single DHCP server (e.g. http://www.kathmann.com/2009/06/17/providing-dhcp-to-multiple-vlans-from-one-server/).
  22. 1. Yes, each subnet will have 2 IPs that you can't use (as you have already mentioned them I can assume you know how to calculate them). 1a. The overheads will be negligible and you will find that the more pressing issue will be the logistics of managing a lot of small networks. Will 62 IPs be enough on a subnet? How about 126? the answer depends on your environment. 2. I have seen static ranges put at the start, end and both start and end of IP ranges. Really it comes down to personal preference. The one thing that would slightly sway me to putting the static IPs at the end of the range is that theoretically it is easier to increase the number of static IPs available as DHCP servers assign IPs from the start of the range to the end and so are less likely to have already assigned those IPs you want to move to being static.
  23. To paraphrase Obi-Wan Kenobi "Read the source Luke." The secure_password passed back from the browser will be generated via JavaScript on the page. You may have to do some deobfuscation of the JavaScript but once you find the hashing function you should be able to figure out if it is a common one or some homegrown method. From the length (32 Hex characters) you can tell that the hash output is 128bits (32 * 4 as each hex digit represents one nibble). This rules out any hashing functions that don't produce 128bit output (including the SHA-1 and SHA-2 families of hashes). If they are using standard functions then it could be MD4 or MD5. MD4 if less likely which would suggest that it is MD5. Of course when you read the HTML and JavaScript source you will find out if it uses a salt with the password when hashing, which would explain why the hash doesn't match the one produced by you decrypt tool.
  24. If ARP poisoning relied on a race condition then your distance from the router would be an issue, but there is a big weakness in the ARP protocol. Each machine keeps a cache table of known IPs and their related MAC address for the local network and when ever they receive a ARP reply they update their cache table with that information. A machine will first check that table for an IP to MAC mapping and only if it fails to find a suitable entry will it send out an ARP request. An attacker can take advantage of this weakness by regularly send out fake ARP replies mapping the IPs they want to intercept to their MAC address. Those machines receiving those fake ARP replies update their ARP cache table, then when they try to send a packet to one of those IP addresses they find they already have an entry in their ARP cache table and use it. That entry though is the attackers fake one and the packet is actually sent to the attacker's MAC, which then does its stuff with it and forwards it on to the correct MAC address for the desired IP.
  25. You can also used while true in place of while [1=1] Logically the same but a little easier to read.
×
×
  • Create New...