cooper
-
Posts
6,071 -
Joined
-
Last visited
-
Days Won
139
Posts posted by cooper
-
-
My suggestion: 3 partitions, all encrypted.
- Mint
- Kali
- Shared data
You could do more partitions, but I personally found it excruciatingly annoying that I needed to fiddle with USB sticks (which break or are slow or lack the capacity or were still formatted for FAT so your biggest file is 2GB or all of the above) and such to move data between the various OSes on *the same machine*. It might very well not make sense to do so (or even a lot of sense to NOT do so) in your particular usage scenario, but it's at least something to consider.
Alternatively, if it's not used very often, you could just try running Kali in a VM while on Mint.
-
Check out the OpenVPN parameter --down potentially with the --up-restart parameter.
I'm thinking that you can use 'ifconfig <device> down' as command parameter for --down or maybe even drop all the network routes or... well, you have a command that gets run. The world is your oyster.
-
-
I've already created an AUP (Acceptable User Policy), SRP (Security Response Plan), BCP/DR (Business Continuity Plan and Data Recovery Plan), Removable Media Policy, Password Requirement Policy, and I just finished our TT&E guide which I referenced NIST 800-84 for a lot.
My advice to you would be to now test all these.
You have established personnel behaviour policies. Verify that it's being adhered to, find out ways people are (trying to) circumvent it, and how you can both get them to do things the right way and prevent them from doing it the wrong way as early on in the process as possible. Educate the staff on the rules, why they're required and how it's in their interest to follow them.
You've worked out how you should deal with business problems. Try testing them. See if the plan is being followed and that it does what you expect it to do. Refine, lather, rinse, repeat. Bring in an external auditor to go over things to make sure all bases are covered. Get someone to do a pen test.
Guides, policies and plans are only paper - make sure people know about what's in them, follow the regulations imposed on them and react as you scripted them to in specific situations.
-
TCPDump dumps, you've guessed it, TCP.
When the 4-way handshake is performed, you don't yet have a network connection. There's no IP assigned to you or anything.
So airodump-ng dumps more than TCPDump, and what it dumps more is specific to wireless networks. TCPDump works on the network once the connection to the network has been established, and doesn't care if that network is wireless, wired or anything else.
-
The reason it works with Windows is probably swap. Did you configure (and enable) a swap partition for Ubuntu to use?
Note that using swap slows things down, so the suggestion to get more RAM is still very much valid, but if that's not in the cards adding some swap might get you going, just not as quickly.
-
This is more a warning than an error, really.
The compiler is saying that this specific macro introduces into the source code a compile-time constant (the exact time it was built) meaning that if someone else built that same code base, they'd get a different binary. From a software management perspective, this is unwanted but for you in practical terms, it doesn't matter at all.
Look at this ubuntu question on what you need to do to fix the issue.
Note that you can also set CFLAGS as an environment variable which should typically get picked up by a Makefile, so you might be able to get away with just
CFLAGS="-Wno-error=date-time" make
-
I don't quite understand what the trigger on which machine should be. Consider this:
Your machine <--1--> Remote VPN service <--2--> Internet
If this awesome bit of ASCII art doesn't apply to your situation, then please correct me, but assuming it does...
What you're essentially asking is to monitor the '1' connection and if, for whatever reason, it disappears, no other forms of networking is attempted - the network will be down until you manually re-establish '1' again. Is that the idea?
-
I googled "intel 8260 wlan linux kali monitoring" and got this old thread which describes some of the steps someone had to go through to get things working. It or possibly other threads found googling that might help you make some headway.
-
Whoops
-
I'd purchase cheap USB devices and instead of relying on autorun which, as you mentioned, has been disabled in most all cases, make the contents sufficiently interesting for people to warrant a click.
Princess_Laya_Gives_Han_A_Solo.swf
stock_portfolio.html
personal/finances.xls
private/divorce_settlement.doc
If you can't get someone to click on any of these, they probably wouldn't have inserted the USB drive in the first place.
-
nvm its RF coaxial coax adapter SMA female to RP-SMA male without the pin in center
Excuse me??
-
Find the process that's currently using the device (which is why it's busy). Likely culprit: wpa_supplicant.
-
The LAN Turtle is a USB Wifi adapter.
-
It's a conduit that only adds a level of encryption (and you could even install a password-protected proxy or something to prevent the encrypting too). The device description sounds more than adequate.
-
Meh. Just make sure this password needs to be changed on next login and you should be fine.
SSL wrapped email implies having client certs which thus far seem to be an excessive burden on most organizations.
-
Today someone mentioned to me this free malware analysis course up on github. You'll likely need to get a book to really come to grips with it all, but on the whole this looks pretty awesome.
-
Something I would like to point out about those keyboards is that the decoding of the wireless keyboard signal is done in software rather than in hardware and on a loaded machine this driver can get swapped out. What that effectively means is that if you put the keyboard away as the machine is chugging away, then decide to pick it up again and do something the initial lag can be substantial.
A potent example is my video rig, an i7 6700 equipped machine with 16 GB of RAM. Not exactly a lightweight I'm sure you'll agree. I had paired this with the Logitech K400 wireless keyboard since I had one. I was recording 3 HD streams (top said about 30% idle, load of about 7) for about 15 minutes when I wanted to make some adjustments so I grabbed the keyboard and tried to move the mouse using the trackpad. It was disgustingly sluggish. Typing characters had a similar effect. It took about a minute of just moving the mouse in circles before things responded somewhat normally again. Did the same a few minutes later, same effect. Replaced the wireless keyboard with a wired one and things were smooth all the time.
I had previously seen similar effects on my Odroid-U2 while streaming a video to my TV, but here I figured the problem was that the network driver (using an old-style driver that would interrupt on every packet rather than once at the start of the stream - the interrupt handler was eating a fair chunk of the CPU) and the fact that, like with the Raspberry Pi, the network adapter was an USB device meaning that the keyboard would have to share the bus with this very bandwidth-heavy stream combined with the video decoding configured to be too taxing on the CPU. That 4-core puppy was a trooper, but quite clearly overwhelmed by the task I gave it.
Bottom line, if you want flexibility a wireless keyboard is the way to go, but be aware that it taxes the CPU and if this CPU is already heavily loaded...
-
When you connect to the server, the server knows your IP and it inserts that in the mail header. You can send an email to X different people and they all get that email with that same header. If you want to have a different IP in the header, you're going to need to make a new connection with the server such that the server sees your alternate IP and uses that for the headers next.
Hence, one at a time if you want to send 1 mail to the same, single user with alternating IPs.
-
The danger with relying on shell expansion with {} like is done in the accepted answer is that it's bash-specific and it slightly hides the fact that the name before the comma is the source and the one after is the target. If you add another comma and a file name, you're copying the first 2 files to the last file which hopefully denotes a directory or the command will fail. It's something that's quite easy to overlook and something an uninformed user might try when adapting the command to their own, personal use.
-
For 1 and 2 put the words in Google and read what comes up.
For 3, so the same for the words "network port".
For 4, do the same for the words "filtered port".
For 5, read up on what slowloris does (again, Google knows all and Wikipedia elaborates). Given what the program is intended to do you should be able to understand what a good value is.
My advice to you: Read this pinned topic on where to begin with hacking because trying to DDoS a machine without even knowing what a network port is sounds a lot like wanting to partake in the Tour The France before learning to crawl.
-
I vehemently, passionately *HATE* all those fancy schmanzy terminal emulators. Much like there is only the one true editor (vim to the infidels) there is only one true terminal emulator which is that very application: xterm.
I typically invoke it like this
xterm -fn -*-fixed-bold-*-*-*-*-100-*-*-*-*-*-* -fg white -bg black
which uses the bog-standard font, in bold, white letters against a black background.
People like the tabs feature of many terminal emulators, but I prefer to switch desktop (<ALT>-<F1> to <F12>), negating the need for terminal tabs. Often the very first characters I press on a terminal is <ALT>-<Enter> to full-screen the thing, hiding the window manager's distracting nonsense (and I'm using Fluxbox, so there's very little of that to begin with) and increasing the screen real-estate by 2 lines. Compared to most people I'm quite the minimalist so much of this probably won't be appreciated by most, but I like it.
-
One email at a time. And I'm really worried about what you're trying to do now.
-
This one just blew my mind: http://blog.checkpoint.com/2016/02/02/ebay-platform-exposed-to-severe-vulnerability/
It doesn't hurt that, as per the blog post, eBay has stated it's not going to fix this.
Network probe making
in Applications & Coding
Posted
Old article
Older article
I would suggest you google for "parse large pcap files".