Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by ewook

  1. Here's the deal - if you wanna run a exit node for tor, I'd strongly recommend that you implement your own safetynets - as well, a simple example - remove all the porn... Since you get the pure information flow, traffic-restricting this in the sense of "removing not-so-etical-content", I see no problem with it, because it's not part of the tor filosophy to allow access all things in that sense, it's to remove sensorship. Yes yes, one might argue that "well, now you are restricting it!" - not really. You are safekeeping your interests and makes sure that you can without having a cup of paranoia everytime you fire up the exit node, that you servre the tor user a legitime at better internet - protecting both of you ;).
  2. There's more fun.. with Valve porting Left4Dead 2, they got the attention of gfx-makers if I'm not mistaken.
  3. You can find some of my private stash @ ewook.fluffis.se

  4. Out of date? http://support.microsoft.com/lifecycle/?p1=3198
  5. I'd recommend any "suite" that fills your req's. A simple AV you can get for free, check the specs of your faviourites, what bang you can get for the buck... Depending on how your env is behaving and the needs of it - I'd say go for a whitelisting approach if you can, there's a few options on the market - and adding up that with an extended FW (Host and Network IPS should be considered as well).
  6. Hah, or she'll learn how to bypass it ;).
  7. Hey lostngone, sorry for the speedy return. Sadly, I simply re-solder another type of connector that goes with my AC adaptor, so no pics available. Sorry.
  8. Trivs du med BBB? ;) For the majority of the audience - here's another tip, when it comes to hardening deb-based systems: http://www.debian.org/doc/manuals/securing-debian-howto/ Mind, it's long, large and not the pretiest bird around - but if you're truly interested in the basic steps, parse through it :).
  9. Here's a simple one: OUTF=duplicates.sh; echo "#! /bin/sh" > $OUTF; find "$@" -type f -print0 | xargs -0 -n1 md5sum | sort --key=1,32 | uniq -w 32 -d --all-repeated=separate | sed -r 's/^[0-9a-f]*( )*//;s/([^a-zA-Z0-9./_-])/\\\1/g;s/(.+)/#rm \1/' >> $OUTF; chmod a+x $OUTF; ls -l $OUTF Change sed -r 's/^[0-9a-f]*( )*//;s/([^a-zA-Z0-9./_-])/\\\1/g;s/(.+)/#rm \1/' >> $OUTF; to sed -r 's/^[0-9a-f]*( )*//;s/([^a-zA-Z0-9./_-])/\\\1/g;s/(.+)/rm \1/' >> $OUTF; if you wish to delete it when running the shell-script it creates (duplicates.sh). On windows? Well, mount your win-drive over smb and run it from a *nix system or cygwin it from within windows.
  10. ewook

    My Nes Mod!

    Woh! I did not know that - If I had, I'd still have my setup, thanks for the info tho!
  11. IPcop, zeroshell m0n0wall pfsense etc etc. But turning a deb(based) dist into a fw isn't hard at all. Here's a extremely simple version: #!/bin/sh PATH=/usr/sbin:/sbin:/bin:/usr/bin # # delete all existing rules. # iptables -F iptables -t nat -F iptables -t mangle -F iptables -X # # Enable routing. echo 1 > /proc/sys/net/ipv4/ip_forward # and some good stuff to have enabled.. #no spoofing echo "net.ipv4.conf.default.rp.filter=1" >> /etc/sysconf.conf echo "net.ipv4.conf.all.rp_filter=1" >> /etc/sysconf.conf #no broadcasts #echo "net.ipv4.icmp_echo_ignore_broadcasts" = 1 >> /etc/sysconf.conf echo "net.ipv4.icmp_ignore_bogus_error_responses" = 1 >> /etc/sysconf.conf #more.. echo "net.ipv4.conf.all.secure_redirects = 1" >> /etc/sysconf.conf #echo "net.ipv4.conf.all.send_redirects = 1" >> /etc/sysconf.conf echo "net.ipv4.conf.all.accept_source_route = 1" >> /etc/sysconf.conf #echo "net.ipv6.conf.all.accept_source_route = 1" >> /etc/sysconf.conf # Always accept loopback traffic iptables -A INPUT -i lo -j ACCEPT #yes, you should have fail2ban ;) #/etc/init.d/./fail2ban restart #fix tap0 forwarding etc. #clarify - eth1 internet #clarify - eth0 lan # Allow established connections, and those not coming from the outside iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #iptables -A INPUT -m state --state NEW -i ! eth1 -j ACCEPT iptables -A INPUT -i eth0 -j ACCEPT iptables -A INPUT -m state --state NEW -i eth1 -j REJECT iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow outgoing connections from the LAN side. iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT # Masquerade. iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE # Don't forward from the outside to the inside. iptables -A FORWARD -i eth1 -o eth1 -j REJECT # portforwarding-rules #iptables -t nat -A PREROUTING -i eth1 -p tcp --dport [port] -j DNAT --to [ip:port]
  12. I'm hoping I'm wrong here - but you have a managed (open)PGP installation, without a administrative key tied to every user-key, thus not enabling you to do a decrypt on PGP-encrypted material? I'd say sorry, without first of the private portion of the key or the recipient key (if any?) there's a big black hole on recovering that information.
  13. I'd say look into portknocking or at least the reasoning behind it - you'll get plenty of lovely ideas from that ;).
  14. ewook

    My Nes Mod!

    Kudos for the pics! Did that myself in like 2005 (I think), but scratched it after the dog pulled it down from the tv-counter and I didn't have the energy to mod a nes-controller :/.
  15. I got into pentesting by an accident. I've designed networks, from the cable to the host - and somewhere along the line I just wanted to know - can I count on this to be somewhat secure (right now - remember, everything changes). First of, if you're talking about penetration testing applications (the hard part), you'll need to start learning about applications first - and before that, the platform (in my world, at least). Second, if you're simply intrested in networks and what information you can gather - you've already been given the pointers from others - start out with what you wish to know - may it be wired or wireless, form an idea regarding what segments you wish to get information about, read some about it first, then put it to the test. Just my 2-cents. /cheers
  16. Gday! Got my cute little MkIII a week ago, but due to the fact that I need a US-to-EU(not UK)-converter, I started out with trying to connect with the included battery-pack. Notice my suprise when plugged in, the plugs had a glitch - some electric-tape on the connector from the battery-pack solved this, but my first scare was that I thought the connector on the board was not soldered in place correctly. Noticed so far; Glitches with the battery-pack plug, can be fixed - but if 'crew' is reading this, might wanna check out the quality of the plugs. The external antenna connector soldering looks bad, and might need some re-soldering when the box starts to age. The on/off switch on the battery-pack feels like it has tendencies to get sloppy after a few on and offs'. Otherwise, looks good - only had a few minutes with the new gui, but kudos on the nice work on that. So, anyone else had issues that might be reflected on the hardware (quality) ? (haven't noticed any other threads regarding anything like this yet - if I'm misstaken, pardon my bad searches) /greets
  • Create New...