Jump to content

hexophrenic

Active Members
  • Posts

    239
  • Joined

  • Last visited

  • Days Won

    3

Everything posted by hexophrenic

  1. What about one of these? http://www.belkin.com/networkusbhub/
  2. ESXi is free. As long as you don't need centralized management, failover, etc., it works quite well at no (software) cost. I played with ProxMox for a while, and I just did not care too much for it. I have used VMWare for so long I suspect I am brainwashed :).
  3. Just a quick hint: if you can, since you are in a vm environment anyhow, take a snapshot before doing risky things (dist-upgrade, running exploits you don't trust, etc.). Sorry I cannot help further on decoding shellcode.
  4. I suspect he means that most shellcode is contained within C code for delivery.
  5. hexophrenic

    Tcp/ip

    I just included it since the OP mentioned he had to find it on his network, which if he were on a large campus it may in fact support jumbo frames. Since he is also looking at datalink layer, it would preclude the MSS header options in layer 4. Sorry if I am being pedantic as I am a network guy by nature, and probably have a touch of Asperger's.
  6. hexophrenic

    Tcp/ip

    No worries man, just did not want OP confused.
  7. hexophrenic

    Tcp/ip

    You are right, which is why I specified -f. As I stated, -f will DISALLOW fragmentation.
  8. hexophrenic

    Tcp/ip

    MTU is not necessarily 1500 bytes. That is the RFC default ethernet MTU. If jumbo frames are enabled MTUs can be quite a bit higher. 4k and 9k MTUs are commonly used in gigabit networks and up to 64k is possible, though not used at this time. To test for this manually, you can issue ping -f -l x hostname or ip. The options -f will disallow fragmentation, -l will denote the size you wish to test. There are other ways, though, like using tcp optimizer from speedguide (http://www.speedguide.net/downloads.php) or others. It is set in the registry, other by your network card drivers properties.
  9. I have no idea of any specific softwares that would perform this task. However, I suspect that if you used some forensic packages, remote image acquisition and post-acquisition analysis should be able to enumerate the differences between the images. It will most likely be expensive, though. Perhaps AccessData (FTK) or Encase offerings do this?
  10. You might checkout some of Wicked Clown's stuff: http://www.tombstone-bbs.co.uk/v1d30z/srp-bypass%20-v2.html
  11. 1. Do you have the interface up? 2. It is shown as optional, but perhaps if you put in an IP range that is not assigned to an interface, you should specify the interface? 3. Do an msfupdate to make sure you are using the most up-to-date versions.
  12. Sorry, PSI does not support Mac...their paid commercial product CSI does, though. They also have an online scanner, but it is also limited to windows.
  13. Probably some new DRM enforcement tool Apple implemented Kidding *kind of*
  14. If you are using WPA2 with a strong passphrase you shouldn't worry so much about a man in the middle attack of the AP, IMHO. But what you are describing would be a fairly targeted attack, which means most of the common defenses would not hold up given a skilled attacker. Again, if I were trying to capture the records, I would probably try to do so closer to the source as I can get far more accounts than just attacking yours. All things being equal, you are right. But in a practical sense, I would not lose any sleep over it. As I stated before and was mentioned again by Sparda, I would be far more concerned with how THEY are protecting my password in THEIR system.
  15. 8 characters, with siufficient keyspace (you mention alphanumeric + special), should protect your information sufficiently. The time required to bruteforce 8 characters is still likely prohibitive (ie, still measures in years). If you are uncomfortable, change it daily/weekly/monthly/whatever. However, you are still trusting a third party to protect your password, which is the bigger risk than strength of password. IMHO, the bigger issue with passwords than bruteforcing a website would be SQL injection and retrieving said passwords from plaintext or to find out the encoding/encryption used was weak. Much quicker than brute forcing. All that being said, I am hopeful as legacy systems are replaced that companies are looking to support much longer passphrases.
  16. Thanks for the report...now just have to see if I can keep myself from buying one so it can go on my xmas list...guess having a couple wouldn't hurt :).
  17. If everyone uses it, it may help create some security through obscurity when they look for who to blame...just saying...
  18. Please do man. I hate buying things and they not quite work the way they were intended...reviews seem promising, though. I would really like to see if the iso boot folder can contain subdirs since I would be putting several ISOs on there and not want to scroll for days.
  19. I added it to my wish list this morning. If it works, it would sure save a lot of effort writing isos to thumb drives for installs.
  20. That is asking a lot of the wireless cards, but may be doable. If you were using high-power cards, like Alfa or Ubiquity you would stand a good chance. Otherwise, I think at best you will get mixed results.
  21. Do you have .Net 2.0 installed on the client?
  22. Actually, it sounds more like a driver incompatibility between aircrack and the wlan card (with -1 on stuff). Do you see any other APs (other than the one you might be connected to)?
  23. Yes to your understanding of point A. Point C - the thing I was mentioning is that the AP is either responding with its own MAC addresses (each wireless profile will have a unique mac address) or is masquerading virtual MAC addresses in some sort of layer 2 translation or protection. So, it could be multiple APs with the same SSID or multiple SSIDs on the same AP, or some variation therein is the most likely scenario.
×
×
  • Create New...