Jump to content

logicalconfusion

Active Members
  • Posts

    149
  • Joined

  • Last visited

Posts posted by logicalconfusion

  1. @digip

    On a more serious note, Anti-virus is pretty much dead.

    Great info but I don't think we'll see Norton AV disappear. Most enterprise users rely on utilities such as Norton, Panda, and McAfee, when they're not connected through a VPN thats audited real-time by a network admin. The utilities you listed are good for monitoring and inspecting Windows applications and VMs can be used to beta-test suspicious files. Most torrent apps are loaded with malicious code, so forget trying to debug or distribute to friends. You never know whats really embedded in a virus. I remember the days when it was possible to embed executable code in .doc files to trick AV apps. The AVs apps are developed to detect KNOWN viruses and malicious activity. Its really just another layer of security. What happens if the virus is smart enough to hack itself outside a VM thats inside a VM thats inside another VM......

  2. @barry99705 Kali is the new version of BT5r3. Although its loaded with pen-testing tools and supported by Offensive Security, I think it's still a work in progress. I don't need a distro with like 1.3 gigs of just security tools. I know that BT5r3 crapped out when installing multi-media codecs and certain utilities that reference its internal libraries; so, I would presume that Kali is designed with the same set of restrictions. I'm looking for a script that will install just what it takes to turn an ordinary distro into a network/rev. engineering swiss army knife. I noticed a couple of neat scripts on the Unbutu forum. I'll post it here for review, if its still available. Maybe we can fine tune it and turn it into a real MCITP research tool. M$ applications rarely ship with whats required to reach under the hood.

  3. @barry99705 Thats true. I can use a generic distro. I ideally want a host that comes with a slew of security tools like on BT5R3 (aka Kali) w/out the headache. There are scripts out there that will make Ubuntu - BT-like. In other words, scripts that can beef up Ubuntu by d/ling all the editors, network apps, file utiliities. I remember having to actually tweak sys files on BT5R3 just to get the bkgrd and menu to appear like on the root acnt...it was a real pain in the a$$. I'm not going that route again. So, I definitely need a disto or script that can aid my research. Pleae help :D!

  4. I noticed several YouTube videos demonstrating how to emulate Win2k Server (08 and 12) on Win7 using VBox. What's the best distro for Windows OS emulation using Vbox on a Linux machine? Distros like BT5r3 require root access for just about everything, and some distro's like DSL(Damn Small Linux) just suck. I'm thinking of using either Ubuntu or Mint, but I don't necessarily need a Debian box. Any suggestions?

  5. Kali is way too new! I'm guna wait a while for them to kick out the bugs before I jump in, not that ol'skool BT5r3 is any better.

    I think Kali autogen/s a key to any local Win 7 box out of the box (with privileges required, of course). Just ma 2 cents...

    That may be true if the OS is coded to detect OS type and protocol settings. In my case, the XP had a beat up hd that wasnt actually spinning at 7200 rpm even after a defrag. So it had nothing to do with software! I gota switch to solid state....somehow!!

  6. @digininja

    With Linux you just boot into single user mode (if enabled without a password) then you have access to the machine as root without a password and can just pull off the passwd and shadow files. The alternative is to boot off a live LInux disk and then just mount the partition with /etc on it and pull them off from that.

    Seems too simple. I've never heard of Hashcast or John the Ripper (the one I read about is in jail getting his you know what ripped). Anyway, I think I missed the episodes where they demo how to compromise Linux shadow files and implement SAM security on USB drives. Its definitely worth researching.

    @digip

    I cannot believe that M$ deliberately coded their recent Win7 OS to allow anyone using the Offline NT Password & Registry Editor to reset passwords. You would think their keen enough to block such a hack.

    Think int0x80 did a segment on how to do this too, and Shannon did a segment on moving the SAM file, off of windows, and onto a thumbdrive or removable media as well, so no one can boot windows without it, but unless you use disk encryption in windows as well, booting off a live disk you could still see all the files and just pull off whatever you want, regardless of windows, linux or mac OSX, if live booted, you can just copy what you want off to portable media and leave the password the same, and the owner would be none the wiser. You just need time, physical acccess, and tools to boot the system. For my laptop, I have the bios password protected as well as the HDD password protected, so you can't boot it, sort of removing, and remounting the laptops HDD and reading it in another machine and I keep it in a locked aluminum case pretty much at all times except when using it.

    So, it's possible to install Win7 using full disk encryption - hm. Do you know if its a proprietary encryption format? I definitely gota dig around for those episodes. According to your last post, anyone can suck the hashes off Win7 and Linux, and then crack away, if its left un-encrypted. Digininja didn't list any reset tools for linux passwords. Anyone know of reset tools for popular debian based distros like Ubu (non-crack)?

  7. this may not come as news to most ppl on this forum but the Windows XP (and reportedly Win7) login password is easy to hack using a plain old boot disc. According to researchers the Offline NT Password & Registry Editor utility can be used to reset the password and Ophcrack can crack the pswd hash using large rainbow tables. Although I personally haven't seen similar utilities for Linux, I bet there's a slew of'em out there. Anyone know of any boot disc type tools for lost Linux pswds?

  8. @digip how exactly do you expect attackers to pivot the entire network on a secure system, even it happens to be in the DMZ? Services like the Vonage-VoIP regularly instruct their customers to DMZ adapters that function like miniature routers (vdv22). I suggested closing all the other ports, except for the ones needed for the service on top of a secure software based firewall system. Please reply with real examples.

  9. @digip teamviewer and logmein hamachi both require interaction with an outside network - third party network. SSH, freessh, is a stand alone technology. I know from personal experience that popular freeware programs rarely every stay free forever. Do you know if the standalone teamviewer exe file calls home (requires outside authentication)? I wouldn't recommend such a service to an independent consultant. Who knows how long the CEO plans to keep it online for free to all "100 million" users.

  10. A poor man's version of what dipip suggested would be to DMZ the PC hosting SSH, obscure the port # to avoid bot scanning and use IP chicken to get the public address. You can probably write a small script that e-mails/msges you the public IP when it changes. The OS firewall can admin the other ports and the SSH server would not have access to your internal network. DynDNS is great for those who can afford like 20$ a month on top of personal expenses and utilities.

  11. Whats the best way to back up web based e-mail msgs. Services like Gmail, Yahoo, and Hotmail offer POP/SMTP servers. IMAP caches the msgs w/out removing the original from the server. I need an all in one utility that can D/L emails, contacts, and attachments. The ideally utility should encrypt the info and integrate seamlessly into apps like Outlook. Cnet offers like a million and one different backup apps for Windows. Is there one that works on Linux and Windows?

  12. This is really weird. I got two daemons running on my old BT5r3, SSH and FTP. VSFTP crawls when I try to transfer files from my Ubuntu to the BT5r3 using SSL - its like deadweight. For some reason, the SFTP provided by the SSH daemon actually works on the BTr3! Windows on the other hand can actually use the VSFTP SSL. Its best to setup two tunnels instead of just one! I wonder which one is more actually more secure....

  13. eBay carries un-cut fobs with chips installed. You can probably find one for your car. The dealers program the keyfob with a unique code that's tied to the vehicles VIN#(they claim), so theoretically its impossible to un-lock your neighbors car. But, just like WiFi its a radio signal so I bet its not hard to mimic using the GRC hacks. Whatever happened to slim-jims? I think most cops still rely on prying....

  14. @digip I just run netstat -ant | less and noticed a few open ports. It looks like the system is waiting for a connection or possibly running a daemon on some ports - 53, 631, 52931. How can I figure out the name of the application that opened the port and more importantly close the port? I know TCPview can close connections on Windows. Whats the best way to monitor and admin network connections on Linux? The default Ubuntu apps seem kind of primitive, imo.

  15. @Phil K. M$ paid hundereds of people and invested millions of dollars to develop the apps you listed. You don't honestly think there's a freeware alternative do you?

    Anyways, I am currently taking a database course through the business school at my university because the CS department did not offer it this semester.

    Why waste your time tinkering w/ freeware linux apps. You should focus on learning DB theory. You're best bet would be to use VM on your nix machine or like SSH into a Windows box loaded with applications you mentioned, as suggested. Apps like WINE will never be able to emulate an entire OS like Windows 7....code base is just way too big. Good luck trying to get a handle on T-SQL!

    ''

  16. @CheeseBadger that's so stupid. push the issue? Send him your CV and resume! What do you think he's going to do even if they're not interested? It's not like you're ask him to pet your badger. You're just looking for cheese like the rest of us. I've been to several interviews just so I can meet IT professionals and managers, knowing they're looking for someone else. It's a great way to network! I'm not shy.

  17. The only real option is to use full disk encryption which you can't do on shared hosting. Also that only protects once the power has been pulled, again, while the power is on anyone can see the files as they are unlocked.

    The bit lengths are all dependent on what you are doing with them, you are probably talking about the size of keys used for the SSL certificate, in which case the current recommended length is at least 2048bits.

    @Jason Cooper I'm confused! You mentioned symmetry and asymmetry. The technology is really based on factorization of large like, 2300000^23, prime numbers, based on my research. The wiki page you referenced outlines the procedure for implementing keys based on RSA's standards. So, it appears that a third party is in charge of the initial transfer of encrypted, authenticated, info. Now before I discuss this here any further I want to know if the RSA algorithms are up for public scrutiny.

  18. Whilst I've been Googling the company in question to try and find out more about them, I've happened across documents that would constitute (under UK law) a breech of the Data Protection Act. I hasten to add that these documents were found with nothing more than Google and some targeted searching - an employee has been using a website that allows company documents to be uploaded, but they are not in any way protected from public viewing.

    Who's to say you're the only one? I don't think it would make any difference! Its out there already in cyberspace. This would be a great door opener for just as long as you clearly explain your intentions, in my opinion.

    I have not mentioned or passed this on to anyone else, but it includes names, addresses, phone numbers, emails and financials. The flipside of that, is that the employee responsible is easily identifiable, and could potentially wind up in a whole boatful of trouble.

    He's going to get canned either way.

×
×
  • Create New...