ascorbic
-
Posts
129 -
Joined
-
Last visited
-
Days Won
1
Posts posted by ascorbic
-
-
Awesome, thanks the first one really helped. I didn't realize the service starts after you install it. The steps I needed were
Edit /etc/dnsmasq.conf
Specify interface=eth1
Enable DHCP dhcp-range=192.168.0.50,192.168.0.150,12h
I also enabled an address for the host as well as set that address using ifconfig on the host, not sure if that is needed
Restarted the service /etc/init.d/dnsmasq restart
-
Thanks for the responses.
I am having some trouble with dnsmasq. I feel like the configuration I want is pretty simple, any ideas on how it should be set up? A basic tutorial would be great. I am looking online and I am seeing either the man descriptions or advanced configurations. The PC is running backtrack 4 by the way.
-
I'm going to guess that the wireless router is acting as a DHCP server, and doesn't have NAT configured. That would mean that it is setting itself as the default gateway, and so the clients cannot connect.
Install a DHCP server such as dnsmasq on your PC, and configure yourself as the gateway.
Thanks for the response.
Yes the wireless router is acting as a DHCP server.
Even without a DHCP server on the PC, shouldn't the wireless clients be able to ping IP addresses?
-
Here is my setup
[WIRELESS ROUTER] ----- [ eth1 <PC> eth0] ----- [INTERNET]
I have a PC which connects to the internet (via eht0). I want to share that connection with eth1 for the wireless router. Basically I am trying to set up my own little router here. The PC does not need to server DHCP, the wireless router can do that on its own. The PC just needs to forward all the traffic from eth1 to eth0.
I thought this would be as easy as setting the wireless router up with a static ip of 172.20.0.1 and executing the following on the PC
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE sudo ifconfig eth1 172.20.0.1 netmask 255.255.255.0
But something is getting lost along the lines. From the PC I can ping 172.20.0.1, but from the wireless clients I can't ping anything beyond the router, most ping attempts from the wireless get destination host unreachable.
Am I going about this the completely wrong way? If this is the correct path am I just missing settings? I have also tried configuring the router to use the PC's IP as the gateway.
-
the flash didn't had any error's and don't have a serial cable so i need to find it somewhere can you give me specs or something ty
Edit :
i opened my fon and i found 4 pins for serial connect but where can i buy this serial adapter thing
You can build one
-
Yeah, worth looking at. But TBH, dd-wrt does what I need it to do, and beyond that I can't really be arsed.
Yeah if it works, don't fix it. OpenWRT and DD-WRT are both great firmwares. You can't go wrong with either as long as the build is stable on your router.
-
1,2,3 Depends on the wireless supplicant. Some wifi clients will only connect when the target encryption system matches the one they expect others will negotiate down to the lowest common denominator - no encryption. What Jasager is mainly targetting is users who have connected to unencrypted hotspots, coffee shop wifi, hotels, airports etc which have no encryption in the first place so Jasager is fine
4 No
5 No, Look at Karma which Jasager is based on and then at Karmetasploit which is also based on Karma.
I learned a new word http://en.wikipedia.org/wiki/Supplicant_%28computer%29
Thanks for the response (and the great work putting together jasager and interceptor).
I understand the target audience for this device now, that clears things up.
-
OpenWRT is the most powerful, but last time I checked didn't have a gui (sorry kids, i like gui's). Tomarto is a little feature light for me, but good for most people. I've used dd-wrt for years now, and its very good imo, just set it up and forget about it.
www.x-wrt.org is a web interface for OpenWRT. It doesn't come with OpenWRT so you will need to go to that site to get it. Releases are a few weeks behind OpenWRT. I prefer UI's simply because it is easier and for me, I am less likely to make a mistake.
-
I got my Pineapple setup. It took a bit of work because I was having DHCP and DNS issues, but I can issue a wget on the pineapple and that succeeds (ping isn't good enough because previously I could ping but not wget). I also have a test virtual wireless lan through openwrt that I am able to connect to from a different machine too ensure routing is really working properly.
The first thing I notice is Jasager responds "Ja, hier bin ich!" when my victim machine is looking for a wireless lan. But more specifically it responds, Ja, hier bin ich! But I am also unsecured so you don't need any key to get in.
1) It seems that the a way to defeat jasager would be to code the wireless manager so it only auto connects to a wireless lan where all the settings match, basically don't rely on SSID alone. Is this correct?
I am testing all of this at home with my normal router right there. In my wireless manager on my victim machine, I actually see my home router listed twice, the secured network, and the unsecured jasager network. I couldn't get my victim machine to connect to the unsecured network. It ended up reconnecting to the secured network.
2) Is that the correct behavior? Basically you can't run an attack by spoofing a router when it is in reach? Or in other words, you will only be able to trick vicitims into connecting to their home router away from home (or work router away from work...)
I really wanted my victim to connect to the unsecured network so I went into my home router, appended a 2 on the SSID and told it not to broadcast the SSID. I then refreshed the networks and I see the unsecured jasager network spoofing my home SSID but I couldn't connect because Windows Vista stated something along the lines of "The settings saved on this computer for the network do not match the requirements of the network"
3) So it seems #1 is already being done. Am I missing something?
4) Does the pineapple II (bought from the hak5 store) support power over ethernet?
5) Is the pineapple really needed? Can't you just run the same setup right from your machine with backtrack? I have the pineapple connected via ethernet to my laptop which bridges the laptops wireless connection with the ethernet connection. It seems like if I left the pineapple in a remote location and connected to a virtual wireless network on it it would probably drop packets like crazy, too much traffic, but is that suppose to be the idea that you can just set the pineapple up in a remote location and monitor it remotely?
-
Dell Precision M4500
Screen Size: no larger than 16" preferably larger than 15" but not a huge deal
15.6"
Resolution: 1920x1080
15.6" (40 cm) FHD LED Back-Lit Display (1920x1080) Resolution
Video Chipset: nVidia or Intel
NVIDIA® Quadro FX 880M Graphics with 1GB3 dedicated memory
or
NVIDIA® Quadro FX 1800M Graphics with 1GB3 dedicated memory
CPU: Core i5 or Core i7 or better if there is something in the pipleline
Intel® Core™ i7 Quad Core & Extreme Edition
or
Intel® Core™ i5 & i7 Dual Core Processors
Brand: Preference towards ASUS or Lenovo, Toshiba, HP. No Sony.
Dell
Memory: min of 4gb expandable to 8gb
Two Memory slots offering up to 8GB
Aprox spec £1400 (going by your min requirements)
Thanks for specing this out. I checked the USA site, it doesn't seem like the Precision line has the Core i7 yet but the Lattitude does. I was able to price one for $1433 that meeted my requirements.
Do you use a dell machine, what are your thoughts on their build quality? I have stayed away from them.
-
Alternatively you could consider this one http://usa.asus.com/product.aspx?P_ID=8je5Ot4HBnKOdT81
That is an impressive machine and was also featured on anandtech http://www.anandtech.com/show/3662/asus-g7...-xlsized-gaming but a 17.3" screen is way too big for my needs.
-
In my day to day life I see plenty of people not taking security seriously enough. I guess ignorance is bliss for these guys. They either think "WEP, it is equivalent so it is good enough" or "Nothing will ever happen to us" or the worst of all "We can't invest any money into hiring a network guy to secure and maintain our network, it just costs too much."
Have you ever scared someone into beefing up security on your network? If so what sort of techniques seem to work best to get people serious about security?
-
I have been looking into alternative hardware for the interceptor, if you don't check that forum please see this thread
http://www.hak5.org/forums/index.php?showtopic=13182
The hardware I listed should also work for Jasager purposes.
The most interesting looks like this guy
http://www.alfa.com.tw/in/front/bin/ptdeta...Category=107225
I sent an email to alfa about purchasing information, awaiting a response.
-
I am partial to OpenWRT if it runs well with X-WRT on the router or DD-WRT if OpenWRT/X-WRT isn't completly supported.
When using DD-WRT make sure to get the latest stable development build. I usually look in the forums to see what Eko has released. OpenWRT is great, but generally DD-WRT seems to be faster at getting more devices/features supported. Both are great firmwares and I don't think you will go wrong with either so long as it is stable on the particular router you have.
OpenWRT is really free and open source where as DD-WRT source has some controversy around it if that matters to you.
I have tried Tomato but I wasn't impressed. I probably didn't give it enough of a fair chance because I am already familiar with OpenWRT/DD-WRT. But basically tomato just seemed to be geared towards being easy to use, rather then being feature rich.
I'd start off by checking your routers compatability. For OpenWRT you need to check in two places
Older List: http://wiki.openwrt.org/oldwiki/tableofhardware
Newer List: http://wiki.openwrt.org/toh/start
For DD-WRT: http://www.dd-wrt.com/site/support/router-database and I usually read on the forums for the most up to date information.
-
This looks really interesting, but I have no idea where to buy it from.
http://www.alfa.com.tw/in/front/bin/ptdeta...Category=107225
StandardIEEE 802.11a/b/g
IEEE 802.3
IEEE 802.1x
CPU
Atheros AR2313
Flash
8MB
RAM
32MB
Interface
2 x RJ45 LAN Ports
2 x MMCX antenna connector
Output Power
802.11a: 500mW
802.11bg: 1000mW
Sensitivity
802.11a: -94dBm @6Mbps; -74dBm @54Mbps
802.11b: -97dBm @1Mbps; -92dBm @11Mbps
802.11g: -94dBm @6Mbps; -74dBm @54Mbps
Operating Mode
AP
Router
Client
WISP
WISP Client
Data Rate
802.11b: 1, 2, 5.5 and 11Mbps
802.11g: 6, 9, 12, 18, 24, 36, 48, and 54Mbps
Channel
802.11a
Lower Band
5.18~5.24GHz(FCC,ETSI,SG)
5.17~5.23GHz(MKK)
Middle Band
5.26~5.32GHz(FCC,ETSI,TW)
H Band
5.50~5.70GHz(ETSI)
Upper Band
5.745~5.825GHz(FCC,SG,TW)
5.745~5.805GHz(ASIA)
802.11b/g
2.412~2462GHz(FCC)
2.412~2.472GHz(ETSI)
2.412~2.484GHz(Japan)
Super Channel
2.3GHz ~ 2.7GHz
4.9GHz ~ 6.0GHz
Software
Site Survey with RSSI Signal Survey
Bandwidth Control
SNMP v1/v2 support
Support adjustable output power
Distance Adjustment
WEP over WDS support
Radius Supported
Physical
Power Method
18V PoE
Size
86 x 86 x 16 mm
Weight
60g
-
my blog post regarding it
depends on:
linux
iptables nat
nmap
ettercap (with iptables enabled in etter.conf)
sslstrip
it just gives you a list of available targets on your lan, sets things up and leaves you with ettercap for when passwords start showing up.
let me know how you get on if anyone decides to use it. its not coded very beautifully but it works for me and ill try and get it working for others too.
Awesome, thanks for this, I can't wait to give it a try.
-
Yes, using a sd/micro sd card:
being discussed here: http://www.hak5.org/forums/index.php?showtopic=16239
orriginally from here: http://elasticsheep.com/2010/04/teensy2-us...ith-an-sd-card/
It is definatly possible, But it might be a little dificult to get it to be both HID & Mass Storage Device at the same time.
Ahh interesting, when I first came across this I thought it was so the Teeny could ready from a microsd card.
For getting both devices to show up at the same time I was thinking they would be two completely independent devices which would appear to be connected throgugh a hub.
-
There is no avoiding it, the little ducky is cute. I would bet nine times out of ten if I left a USB ducky sitting around an office or even a street someone would pick it up and plug it into a machine.
But a command window opening up and disappearing with nothing else happening would be very suspicious.
What are some ideas to make the situation less suspicious?
Launch a webpage of a duck doing something silly?
Maybe integrate an LED/speaker into the duck and have it physically light up and quack?
Would it be possible to have the ducky be both an HID an a flash drive? This way it gives the user the appearance that the ducky is simply a flash drive. You can drop some stock images on it to make it look like someone lost it. No need to try and run malware from the flash portion, but the HID portion will still execute normally.
Actually, having a combo HID and Flashdrive would help get around the autorun issues...
-
check out Acer's new Machine
Acer Aspire 5732z
hope you'll like it
Thanks, the price is awesome, but the CPU and resolution aren't up to snuff for what I am looking for.
-
Do you have any idea if this non descript WR5204 thing will work? It looks like it is made by abocom.
Here is the user manual and specification download page
http://www.abocom.com.tw/download_show.asp...45210DCABDF2EAD
It looks like it supports some nice specifications, but I can't find out what hardware it is really using.
I just got an email back from abocom, they said this model is using Ralink chipset model #RT3050.
-
IDEs do like big resolutions, and lots of RAM, and lots of CPU, and cause lots of hard disk grinding. Have you considered a high performance SSD? That obviously comes with a storage problem, but if you get a laptop that has a high performance SSD and a regular hard disk... The G51Jx does look like an awesome laptop, the only thing that comes close is a AlienWare M15x (yes, it's a Dell) whcih only misses but having a 15.6" screen (also 16:9 1920x1080) and probably costs a bit more (it's an alienware).
I'd love an SSD. In fact I'd love an SSD for my desktop but the price hasn't been sweet enough for me just yet. I don't need a ton of storage space so the capacity factor isn't a big deal for me. I'll take a look at the aliendell, I haven't touched one of those machines since the dude your getting a dell days. Thanks for the input.
-
I think you need to review your requirements a little. I just want to be sure you know exactly what you are asking for.
Laptops generally are 15" or 17", relatively very few are 16".
I am looking for something no bigger than 16" so sizes 15", 15.4" 15.5", 15.6" and 16" all match that. I am not looking for 15" or 16" only. Anything above 16" is going to be too big. There are a variety of Asus, Toshiba and MSI's that are 16".
Most computers screens (and laptops) have a 16:10 (1920x1200, 1280x800) aspect ratio, very few laptops/monitors are 16:9 (1920x1080, 1280x720). As most applications have bars on the top and bottom of the window you loose screen hight and end up looking at a thin bar of actual content, by going for a 16:9 screen you loose even more screen hight. Also, having such a high resolution on such a small screen hardly seems worth it. 24" and 27" screens (usually) use 1920x1200 as there native resolution.I haven't seen many 1920x1200 laptops. I am just looking for the highest resolution I can get and 1920x1080 seems pretty common. If there is something that meets all other criteria with 1920x1200 that would be even better. Visual Studio gets cramped very quickly, the more pixels the better.
Why would you allow an Intel graphics card in this? Every thing else seems relatively high end, not that Intel graphics cads are particularly bad, just doesn't match the CPU requirements.I am looking for nVidia or Intel, no AMD/ATI.
-
Here is what I want out of my next laptop
Screen Size: no larger than 16" preferably larger than 15" but not a huge deal
Resolution: 1920x1080
Video Chipset: nVidia or Intel
CPU: Core i5 or Core i7 or better if there is something in the pipleline
Brand: Preference towards ASUS or Lenovo, Toshiba, HP. No Sony.
Memory: min of 4gb expandable to 8gb
And obviously it should work well with backtrack.
So far it looks like just the ASUS G51JX meets my needs. It seems like this model had some drivers issues so I am not sold just yet. Is there anything upcoming which would be worth waiting for?
-
I was wondering if the Professional version will work too? https://www.open-mesh.com/store/products.ph...nal-Mini-Router
That would probably work for pineapple, but not for monkey/interceptop because it only has one ethernet port.
Physical Or Virtual Smoothwall
in Everything Else
Posted · Edited by ascorbic
I really want to get a smoothwall box up and running to replace my routers. I also have an openfiler box set up for NAS. I am considering combining them on a beefy machine running ESX. And if I am running ESX, I will be making the most of it so I will have a windows and linux server running on there as well. One machine, four hosts.
Here is the setup I am considering:
Case: Casetronic TE-1160 Rackmount Mini-ITX Case http://www.logicsupply.com/products/te_1160
Motherboard: ZOTAC H55ITX-A-E LGA 1156 Intel H55 HDMI Mini ITX http://www.newegg.com/Product/Product.aspx...N82E16813500043
CPU: Intel Core i7-860 Lynnfield 2.8GHz 8MB L3 Cache LGA 1156 95W Quad-Core Processor http://www.newegg.com/Product/Product.aspx...N82E16819115214
Memory: I'll start off with a 1x4gig then add a second when prices come down some.
Ohh yeah and a quad port intel pci-express nic. Probably via ebay to keep costs down.
So I will have eight threads to play with and eventually eight gigs of ram for four hosts. Seems like enough, but should I worry being that a core networking service (routing) is virtualized (and virtualized on a box with NAS, windows/linux servers)?
Have any better recommendations?