G-Stress

Sweet. Thanks for all the info guys. I'ma play with it tomorrow and see what I can do.

Hey guys, I recently got a IBM ThinkPad t40 from my neighbor was moving and got rid of alot of things. The installed OS was corrupt and in order to repair/reinstall I need to be able to boot from media. The bios does ask for a password and if I just hit enter it will allow me in, but I can only make minor changes. I can't change the boot order, nor can I boot from any media. Is there a way I can either get around this, or even take out the HD, format it, copy the XP files to the HD and then re-insert and will it boot as if it was booting the disc to install the OS? Google didn't turn up much really other then it's almost impossible and best bet is to contact manufacturer. I went to disassemble looking for a cmos battery to hopefully clear the internal ram, but after a bit more googling, apparently laptops don't have a cmos battery. If this is pretty much a paper weight, that's no big deal, no loss to me, but it'd be nice to run just xp or even BT.

I think Symantec Endpoint Protection is pretty good. Had many administrative options if you install the manager client on a server to remotely push updates, apply policies, etc. I too am interested in the guys that actually work in IT on their suggestions.

I think I'll stick with key authentication only, I like it better. As for this port knocking, it looks interesting. However if I understand it right I would need to add the "allowed" ip addresses to the configuration of setting this up? That is an issue, because if I'm on a public hotspot it's possibly going to be a dynamic ip and I don't want to add a "coffee shop's" ip to my allowed list. Is that the case of setting that up? Looks interesting. Another thing that just made me think of is I remember and episode where darren would connect to a service on a certain open port and there was a utility or something that would bind or forward that port to the port the actual service was running on. e.g. "ssh to port 8080 and the server would forward that incoming connection to port 22 on the server", but would that be anymore secure or beneficial then just running the service on a different port?

I don't know what I was thinking. I usually NEVER run any service on their default ports at all. I did change the port. I'll disable root logins as well, though I'm not to sure how to block China, Russia, etc. When I was running an FTP years ago and had this same issue, I believe it was coming from China. @ digip, I'll look into that. I assume it's linux based only? That's fine though I've wanted to setup a honey pot for some time to play with. Thanks guys for all the info!

I am actually using key authentication thanks to Darren and the hak5 crew for the recent segment series:) I do remember a scene from the movie "Firewall" with Harrison Ford, when someone was trying to brute in and he had the admin do something with IPtables, however I'm not running any variant of linux right now so that's not really an option for me. I will disable password authentication and only use public keys. However if something like this happens again though password auth. would be disabled, but this could still serve as a DoS attack from so many attempts to log in. I'm wondering if there is a way to say "okay this ip had tried to log in with these credentials this many times and failed, ban/block this IP"

Hey guys. I just happen to witness someone trying to brute my ssh connection. I hop on the server and notice my winsshd event/logs are notifying me like crazy of someone trying to log in with username root, but fails. I did an nslookup on the ip and this was the output Name: 67-23-32-241.static.cloud-ips.com Address: 67.23.32.241 I immediately turned the port forward off, but I'm curious how would a sysadmin approach such an issue? Instead of turning off my port forward, is there a way I can say block an ip if it fails after so many attempts or such? Also I'm curious how this "user" was trying to brute me using the cloud I assume judging from the lookup result?

Sweet! As long as it works with android and idevices I'm good. I didn't see an app in the app store for android, but if you can just login through the mobile browser and access the music that works for me :) I'll install it and check it out tomorrow when I got time. Thanks.

@ RWING, This does look like exactly what I'm looking for, I didn't see an app in the app store for android, but I'm guessing I can access it through the mobile browser. I just might check this out, because I need something that works cross-platform, e.g. idevices and android. Have you tested over 3G to see how good it works?

@ Radau, The subsonic server side has trial feature's, but streaming the music is free. The android app is trial to use it. It will let you connect after trial has expired, but you have to donate in order to stream anything. My main issue with that is, I have a hand full of friends and family member's that would use the service too and they would all have to donate. @ Raziel, Google music would be nice if worked from home. That's just like Plex Media Server. Jinzora is pretty sweet, but I've had nothing but issues trying to get it setup just right and not much help in the support forums.

Yea I use dyndns as well and it works great, but the app for android I believe is trial. After so long it still connects, but says you need to donate. I'll try it again and see, but I'm pretty sure the droid app was trial.

Looking for a solution to stream my home music collection to my phone, or any other device. I really like subsonic, but in the android market the app is only a trial. I'm looking for a free solution. I wonder if maybe VLC this will work nicely over 3G. Subsonic was sweet I didn't have any issues it's just a trial app. I saw a few other's, icecast, tversity, etc. but all the apps were pay for apps in the market. I'm looking for a way to do this that will work with in the iWorld and Android world even if no app is required, if I can do this by launching the mobile browser and logging in, but after using subsonic and how it categorized everything so nicely and I had no issues that would be preferred. I just installed homedj app, but I'm tired, I been playing with Jinzora again for about an hour and been having issues left and right so I'm looking for something else. Curious what you guys use and your setups. Thanks.

Hey guys, I'm looking for a good wireless mic and HD camcorder, but I'm not sure what I'm looking for. I need a mic that is going to have good range. I don't know why I never asked here, being that Darren and Shannon use wireless mic's. I wonder how good their range is and what equipment are they using? Many thanks in advance.

Yea I was mad I didn't really get to listen to the full story. I just happened to glance over at the tv and see guys using BackTrack and couldn't believe my eyes. I know they can't catch them, but they can gather information and from that point turn it into whatever they want it to be. It's really sad the news is one of the only things I watch on tv and I'm all the time now it seems like everyday seeing on the news either a Coach or School teacher arrested for sexual misconduct, etc. or kids bringing deadly situations to their schools... wtf is goin on in the world to allow this? I can see in the near future the school system going completely online.

Just curious, anybody see on the news about a week or so ago that their using hacker's to catch possible sex offender's and other criminal's via online? I was watching fox news, but doing 10 other things at once so I didn't get the full story, but I did catch a glimpse of a couple of the "hackers" using BackTrack. They also stated that they were looking for more qualified candidates. I'm in Indiana so I don't know if it was more of a local situation or if this was going on elsewhere.

I agree with digip and Sitwon. NEVER give an untrustworthy/stranger source your hard drive or sensitive data! I remember one of my first laptops I bought around 2004 when I first got into wireless. It was an HP Pavilion series and just after a year of having it, the (monitor) went out. I don't have much patience for laptop dis-assembly, but I got a buddy who does. Just curious I did take it to a CompUSA at the time and paid their $139.00 "diagnostic's" fee just to see how good their troubleshooting was. Well of course they told me bad monitor, but the actual issue was just the bulb that lit the display in the monitor. I'm sure they have a technical standard on where they stopped as far as repair, but my point is, when I took it in I threw an old 4GB hard drive in just so it could boot if needed and of course when booted it said Operating System not found and I had to be CLEAR to them that I do not want you to install and OS or anything ONLY diagnose the LCD. So yea definitely make sure you trust who accesses your data.

Yea I don't mind using linux if I have to for that 1 specific purpose. I'll setup a VM with ubuntu. I can't wait until Darren gets into the server side setup's more in detail. So nobody here use's windows for the server side using private keys?

So I'm really liking this proxy series and finally I gave a shot at using private and public keys using ssh. However I'm getting this error: http://www.freesshd.com/index.php?ctt=forum&action=view&topic=1173943044 The server is Server 2008R2 as a DC running freesshd. The client is win7 ultimate using putty. Now I keep getting access denied whether it be password or public key. After some googling I found this: http://www.freesshd.com/index.php?ctt=forum&action=view&topic=1198291953 Created a special group (SSH User's) and allowed the logon locally property. Which then allowed me to log on via password, then a few days later including today I can no longer login period. I can't wait until Darren goes into the server setup series. Curious to know how you guys have your ssh server setup using win server OS? What SSH Client plays best with Server 2k8? I've played with freesshd and copsshd mostly.

I knew windows will connect to strongest AP and I know exactly what your talking about around colleges/universities, but I thought windows will only do so if it looses connection with it's current connection?

A friend of mine brought an interesting thought to mind tonight. He has 2 wireless router's, using one as a switch to extend the wireless and wired throughout the home. What he's wondering as well as myself, is there a way to tell a windows based pc to connect to the stronger AP automatically? To my understanding it will not connect to the stronger AP unless it looses connection with the existing AP.

Hey guy's, I'm trying to find some info on RSSI & Zigbee. I have a buddy that just got an alarm system that uses all wireless sensor's using the zigbee protocol. To my knowledge I did some research on Zigbee and as I was researching I noticed I didn't see really anything about this wireless protocol in the states. Just about everything I found needed to be translated. However he was notified about the RSSI not being in spec with some of his sensor's? I've been looking all over online about RSSI, Google, YouTube, etc. but haven't really found any useful information to my understanding on how to improve this RSSI value and what can effect this value. Was wondering if you guys knew of any useful documentation. Not looking for a book, just a "in a nutshell" youtube video overview, etc. if that makes sense. Thanks.

Yea I believe it was a software portal or something custom. Curious though, is there a "portal" distro or app available that can manage a wifi ap and create a user database on the fly? A coffe shop or cafe for example. User's connect, create their own account and the portal will query to see if that username exists, etc? Something I've been looking for, for awhile, but haven't found a friendly solution yet.

Hmmmm... I wish I could remember where it was. I would just to get a screenshot to figure out what it was. There wasn't actually anyway to sign in, I assume it was based off mac address.

I think I closed it out. Using Chrome saved tabs of course the next time I re-opened it, it obviously didn't show the same splash page, because I wasn't on the same network. It looked pretty interesting. I searched google images trying to see if I could find a screenshot of the same thing, but haven't been too successful. I thought it was strange though that it re-directed me to 192.168.1.1/up I mean it could have even been some sort of linux kernal firmware on a router with a custom portal page, but if I remember it did have a vendor logo/name on the page, I just can't remember what it was. :(

I recently connected to an open wireless access point, but didn't have much time to do any gathering of the network. However when trying to surf I was immediately prompted with what seemed to be a portal page with an image of a laptop that said "Unidentified Computer" I'm sure there was a bit more text, but I forgot to take a screenshot. I do remember it redirected me to http://192.168.1.1/up I believe. I'm just curious what this was, was it some sort of portal software or a specific router? It looked something interested in playing with @ home.