bwall
-
Posts
74 -
Joined
-
Last visited
Posts posted by bwall
-
-
Well thank you. btw custom 404 pages are always fun to see
So I got to rethinking how I block web scanners, and had an idea for putting some code in my custom 404 page. Here is the run down of my idea.
It blocks any IP that visits those pages(if they don't exist that is). I'm going to try your tool against that idea, and let you know the results. I'm not sure if PHP code will run on a HEAD command, but if it doesn't, that could be one way to bypass my idea.
Edit: The custom 404/403 method does work against your tool. This includes ninja mode.
-
Ok, so the original question was about exploits in IRC? And MrProtocol gave the exact correct answer. There is no across the board exploit. As a developer, that would be one of the first bugs I would fix. When looking for vulnerabilities, you are looking for them in a specific piece of software and version.
digip is right too. Google hacking isn't hacking into Google...its using Google to expose targets. IRC is most commonly used in hacking for bot nets.
If you want to hack an IRCD, grab a version of it, and start poking holes. Or even better, if you can find the source, dig through that for holes. You can look at the Anope module list and find a few modules that have massive holes in them, for instance, http://modules.anope...page=view&id=42
That module has problems in many places, mostly revolving around its access system. The bugs that are mentioned mostly shutdown all services...
If everyone knew a fuck-all vulnerability, then no one would use that software. So in most cases, when someone finds a fuck-all vulnerability, they keep quiet about it, tell the devs, or sell it. I say most cases meaning security experts, most you've never and will never hear of.
-
Don't like how all the media paints the US as technologically behind.
China's military puts way more money/effort into hacking.
-
I know of an incident, where one of my Cisco instructors worked for a company that bought equipment made in France that was backdoored, so its not entirely impossible, but read this. http://erratasec.blo...ackdoor-in.html
It kind of takes a different approach, although, I don't doubt there are devices, that even our own government has some hand in, that has backdoors in the hardware or the operating systems.
Good catch, but yeah, I'm sure there are tons of backdoor cases that haven't been found yet. I just hope NTKernel didn't put one in Winpkfilter...
-
Is it just me or is everyone else more upset that they are not disclosing the details.
Security though obscurity is like having no security at all. The whole point of security research is to disclose your findings otherwise you are wasting your time.
The fact that China is spying on us is not news. Its obvious. Of course China is spying on us and I would be suppressed if we where not doing the exact same thing. I honestly hope we are.
The problem is what is this chip used for?
Is it a key component in our infrastructure?
Or is it just a component in laser pointers that the pentagon uses?
They mention in the article that its used for military and commercial purposes. Does that include routers, cable boxes, Cell phones? How badly does this effect us and can it be exploited by anyone?
Its like saying that every copy of a specific server operating system has a manufacture built in back door but we are not going to tell you what OS or what the specifics are. That does not make it not exist it just takes away our ability to protect ourselves.
Its not a question of spying, its a question of remote access. If its to machines controlling the power grid, it could shut down our ability to retaliate altogether, unless there is a plan.
Henry Kissinger talked about how China uses "shock and awe"/"rapid dominance" in various occasions throughout history. The whole point is attack out of the blue, leaving your enemy crippled to counter attack, winning the battle in one short carefully planned fight. The Art of War also puts a lot of emphasis on knowing your enemy, so spying does come into play, but like you said, they have been for years. I think the only way to prepare for an attack like this is what I refer to as a dead switch. A term taken from bomb making, the idea is that when something can no longer respond, an attack is triggered. Like if the bomber gets shot and dies, they let go of the dead switch, blowing everything up anyways. I realize this idea isn't very different from the Cold War nuclear war plans, but its not exactly dumb when all it does is stop our attacker from attacking and being able to coordinate their attack. The idea is that this would be a deterrent. If they attack us, they automatically get hit back.
By the way, please limit the War Games references.
-
I've been following China's actions for a few years now, and its become extremely obvious that China is looking to pull off a flash and awe kind of attack in order to secure their place as the dominant country in the world.
Can anyone else see what is going on? Couldn't we be ready to hold off an attack that was written in the Art of War, or at least setup a method of striking back?
-
I see what you are saying now. I thought that it was a trusted list for firewall rules in and outbound that was propagated between nodes. Like if someone blacklisted update servers and white listed their own to propagate rule changes, but if it only blocks failed hack attempts and sends just that list, then that would be fine.
It might be a good idea to have a white list for stopping IPs from getting on the list, but that would be something static I would imagine. So machines can make sure they don't block their update servers.
-
The only flaw I see in the P2P model, is one node gets whacked, it propagates to all trusted nodes?? You would need to have a way to prompt each node, to authorize the changes, so its not automatic. Otherwise, someone who gets on a few trusted nodes could wreck havoc for the rest and bring down the defenses.
How would they be prompted? If they can only add IPs to be blocked, it would not be very effective at taking down defenses. If a false IP is added, maybe a message signed with an administrative key could be sent out to remove the IP from the list. I guess that would be generated for every P2P net that used it.
-
ReL1K has a tool called artillery, that auto bans attacks. https://www.secmaniac.com/download/
The port traps are actually pretty easy to implement in iptables. Just add the ip to a list when it syns to the trap port, and set a rule to block any IP on that list. I am a fan of the honeypot approach, as I wrote http://honeyports.sourceforge.net/ a few years back, but what I'm proposing is a cross system P2P block list between trusted peers to stop attacks that your computers might not be vulnerable to, but someone else's could be. Or if they aren't vulnerable to something you are vulnerable to, getting the word to others that they should block communication with that IP. We could easily add a way for artillery to submit to this list. I'm thinking that it would be a daemon running on the machine, that anything with access could write to the "new blocked IP" file, and it would continually check if it had new entries, then upload them, while also managing the P2P communication from the others.
-
I took a different approach. Try it on mine, and it sends the request and URL to the FBI. I do however have a funny one for general timthumb searches.
RedirectMatch temp ^(.+)thumb(.+)php$ http://www.youtube.com/watch?v=iRyF5aP3B7c
This got me thinking. Maybe we should make a collective of ips found vuln scanning us, and block them in Apache, fireBwall, and/or iptables. I already have a long list of people who tried to port scan firebwall.com, who are now dropped from the server. So the idea would be setup commonly scanned pages that are traps, that send the IP to the others who use the service, possibly via P2P communication. The same with port scans detected. Probably would be a good idea to have a timeout value on the IPs' bans, just long enough for people to update any vulnerable software they are running.
-
So I made a bunch of taunting 404 images on my server after I kept getting people checking to see if I had phpmyadmin. I figured I'd share them, and see if anyone else has some good ones.
-
If you want to use stealth try -ninja
Also Web-Sorrow uses Connection caching aka all on one socket. Don't forget to update I posted this thread awhile ago
I hadn't tried it out, I was just suggesting based on how I detect scans, the fact that yours does that puts it above most. I see scans from w00tw00t all the time, to the point where I started blocking IPs in iptables that scan my server for vulnerabilities, and made taunting 404 messages. :P
-
i want to make programs
and windows can vb.net do that
or there is better language
vb.net is an ok place to start for developing on Windows. For more serious projects, I would suggest something else.
-
The fireBwall team is always looking for more people. Check us out at https://firebwall.com
We have some forums, a trello board, but we mostly talk in an IRC channel.
I'm a software engineer finishing up college, with a lot of experience in design, and even more in development. You might be happy to hear that we are in the middle of redesigning the architecture of fireBwall, so you could see that process.
#firebwall isn't where we talk, but where we answer questions for people. Take a look at the project and let me know if you want to join in. By the way, most of the code is C#, which is extremely easy to pick up if you don't already know it.
-bwall
-
The major thing that gives away a web scan is how they don't really throttle the scan. I drop most web scans just by putting a SYN rate limit in my IPTABLES. It works with port scans and SYN floods too. I would look into HTTP 1.1 Keep Alive as it lets you keep the same connection to check multiple pages. This would stop you from getting picked up by the same rules that keep other easily avoidable attacks left out in the cold.
-
There's also running a free proxy, and I've been meaning to look into WINS as a protocol for potential with mitms.
-
Great work:-D
Do you think something like peerblock could be made into a module for your system? It hasn't been updated in some time.
Was that the IP list blocker? Because we do have a module called IPGuard that does that. It is included in the current version of fireBwall. We hope to improve it soon, allowing for IP block lists to be auto-updated and downloaded via the module, instead of manual downloads from www.iblocklist.com
https://github.com/bwall/fireBwall/tree/master/IPGuard
https://firebwall.com/modules.php#IPGuard
There is the source in my git fork right now, it was a module headed up by drone, the other developer.
-
DNS cache poisoning and NDP poisoning(like arp poisoning for IPv6) for starters.
-
She did, in fact, misunderstand my instructions (not sure how) and gave me an incorrect ip address.
That question has been answered, but now I'm curious to know more about IIS (which is a good thing). I have no idea what IIS really does or why it's needed. Wiki says that it's server software that is included with Windows Server and some desktop MS OS's, but that's not enough info for me to understand what it does. Does this software just hand out files, which are intended to be accessed by public internet? If this software is intended to turn a piece of hardware into a web server, then why don't we simply use IIS as our webserver instead of having to use lots of other server software?
I'm so far behind on this stuff because, as a kid, I didn't have very much opportunity to use a computer. As a consequence of that, I am still waaaay behind in my understanding of networking technology. I've said before that the one and only way that my parents really failed me as a kid was never recognizing my obsessive interest in computer and networking science/theory. I never had one, so I had to learn by using the computers at a wealthy friends house or at the schools I went to. Elementary school had a single Tandy 2000 (which was beautiful), and high school had two computer labs, but we were only allowed to use those for official computer class business (A rule which I categorically disregarded).
Anyway, this is a long way off my original topic, better stop typing...
IIS is like Microsoft's Apache in the simplest way of explaining.
-
Hey guys,
I've been working on an open source firewall for Windows for a while now. Its called fireBwall and it filters/edits/sends packets from user mode, and lets developers create modules that can filter/edit/send packets. Right now, modules are developed in .Net 2.0, just like the firewall(aside from the driver) is. We added themes because people kept saying the GUI looked lame, and for this occasion, I made a theme for Hak.5
We are fairly experienced developers, but we lack users who are writing their own modules. We allow users to submit modules so that the rest of the community can use them, and even help develop them. The same with themes. We are also always looking for more developers. I'm currently in the middle of implementing the new software architecture I drew up that will increase functionality, and make current functions more efficient. Here's a short demo of the latest version.
If you want to try it out, you can download fireBwall from our site, and here is a template for Visual Studio for getting started with developing fireBwall modules. fireBwall Module Template 0.3.11.0.zip
Just a heads up, the fireBwall installer installs the drivers that fireBwall needs to function, but the template does not. These drivers are currently supplied by NTKernel(the Winpkfilter drivers). Now here is the kicker. In the future, we plan on making a Module Market kind of place, where developers can sell their modules, whether they be for protection, or for attacks(like the ARP/NDP/DNS poisoning module PoisonIvy currently being developed). I think this will help security developers not only make a name for themselves, but be able to make some money without having to make an entire firewall. This project has been my raison d'etre for 6 months at least now, and I use it on all my Windows boxes(works on Windows XP all the way up through 8, including servers).
You should check out the modules we've made so far and include with firebwall, the Save Flash Video module easily saves files played on sites like Pandora and Grooveshark, and various video sites. *cough* redtube *cough
-
ARP poisoning can cause a denial of service on the target depending on a number of variables. One could be the target's defenses. From my experience, commercial firewalls do a terrible job with protecting against ARP Poisoning, more often leading to denial of service to the target instead of actually protecting against the attack. It could also be the firewall on your machine. In both cases, this is where my firewall comes in handy. fireBwall is a modular open source firewall for Windows, letting you control packets at the NDIS layer. Anyone with .Net and networking experience can write a module(yes, user mode processing!) and we tend to write a few of our own. The Anti-ARP Poisoning module actually rectifies ARP Poisoning attacks by informing the other target(the router in most cases) of the correct mac->ip relationship. Also in the works, is our general purpose poisoner. One module handling ARP/NDP/DNS and other forms of poisoning. https://github.com/hatRiot/fireBwall/tree/master/PoisonIvy
Sorry if that sounded like a commercial, but yeah, without explaining a bit more about your setup, we are kind of just pissing in the wind here.
-
In what I would call a twisted of irony and rather amusing about two weeks after I made this
http://paste.pocoo.org/show/539780/
a downloader script for Megavideo.com videos it is shutdown :) oops ;)
Why I made it? Well it was fun and no existing tool was able to download a video past 72 minutes (they cut if off by ip).
All in all it was fun and interesting to figured out why merging the two flv files together didn't work (a flash header was in the way)
fireBwall's SaveFlashVideo module will save megavideo streams I believe, but you actually have to buffer them in a browser first. Its been a while since I tested it on megavideo, but I know it works on stagevu, youtube, redtube, and various other streaming sites. As of right now, the only sites I know SaveFlashVideo doesn't work for is like stuff like Hulu and Netflix. I'm the head developer on the project, and its at firebwall.com if you want to check it out.
-bwall
-
Hey,
So I develop an open source Windows firewall that allows modular plugins for filtering traffic. It is more of a network framework for Windows, acting like a Winpcap that can drop/edit packets. I was wondering if you guys had any opinions about it, ideas for modules, or anything else. You can check us out at https://firebwall.com and the most up to date source code is at fireBwall on Github.
Here is a short video demo of version 0.3.11.0 (youtube video for those with flashblock)
Thanks,
bwall
Voice User Interface Interactive Computer Project
in Applications & Coding
Posted
You are basically looking for a 3 part system. You only really need to write one. Most languages have some sort of voice to text and text to voice engine, whether they are built in(like in .net) or are external. This section would be the IO section, handling input and output.
The next layer would be what you actually have to write to make this work at all. This is the translation section. It would be best to have a selection of commands for input, that can parse the command they are running on the actual system(the actual system, ie. your linux box, is the 3rd part). With command line applications being what you are running from this, you would want to pipe their input and output via the translation section. I would suggest avoiding using scripting languages for something like this, but mono isn't very good with the most intricate parts of .Net, and the alternative that will save you time is Java. And I hate Java.
Let's walk through a use case:
You say "Get System Uptime"
The first layer recognizes speech, converts it to text, and passes it to the translation layer.
The translation layer parses this string to make sure it matches one of the acceptable commands, in this case system_uptime(just for example).
The translation layer then calls "uptime" with its stdout(standard out) piped into the translation layer, reading "18:51:13 up 2 days, 22:53, 4 users, load average: 0.47, 0.82, 1.02"
The translation layer parses this string to get the uptime, converting it to what should be said, "The system has been running for 2 days, 22 hours and 53 minutes".
This is passed to the first layer to be spoken.
I feel this would be a good starting design for at least prototyping the concept. If you have an Android device, it would be kind of an easy project to do on that.
My biggest concern about this project is my concern with any voice recognition system. When does it know you are talking to it? Random example, what if playing Uptown Girl makes it think you are asking for the uptime?