plazmatron

Thanks for that! I Use Googles own DNS servers for name resolution, since my service provider started hijacking DNS, and failing to resolve sites like hak5! I will check out OpenDNS, and probaly query that in future..... :-D

So I was tinkering around with domain name lookups and such in preperation for an exam, and happened to do a whois on google.com. In the search results, I get things like this: Server Name: GOOGLE.COM.ZZZZZZZZZZZZZZZZZZZZZZZZZZZ.LOVE.AND.TOLERANCE.THE-WONDERBOLTS.COM IP Address: 50.62.130.9 Registrar: GODADDY.COM, LLC Whois Server: whois.godaddy.com Referral URL: http://registrar.godaddy.com Server Name: GOOGLE.COM.ZZZZZZZZZZZZZZZZZZZZZZZZZZ.HAVENDATA.COM IP Address: 50.23.75.44 Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM Whois Server: whois.PublicDomainRegistry.com Referral URL: http://www.PublicDomainRegistry.com Server Name: GOOGLE.COM.ZZZZZZZZZZZZZ.GET.ONE.MILLION.DOLLARS.AT.WWW.UNIMUNDI.COM IP Address: 209.126.190.70 Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM Whois Server: whois.PublicDomainRegistry.com Referral URL: http://www.PublicDomainRegistry.com Server Name: GOOGLE.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM IP Address: 69.41.185.195 Registrar: TUCOWS.COM CO. Whois Server: whois.tucows.com Referral URL: http://domainhelp.opensrs.net Server Name: GOOGLE.COM.ZOMBIED.AND.HACKED.BY.WWW.WEB-HACK.COM IP Address: 217.107.217.167 Registrar: DOMAINCONTEXT, INC. Whois Server: whois.domaincontext.com Referral URL: http://www.domaincontext.com Server Name: GOOGLE.COM.PEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEENIS.COM IP Address: 8.8.8.8 Registrar: DOMAIN.COM, LLC Whois Server: whois.domain.com Referral URL: http://www.domain.com Server Name: GOOGLE.COM.PE Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM Whois Server: whois.PublicDomainRegistry.com Referral URL: http://www.PublicDomainRegistry.com Server Name: GOOGLE.COM.PAVLINOFF-55-11-44.COM IP Address: 64.29.154.69 Registrar: HOSTOPIA.COM INC. D/B/A APLUS.NET Whois Server: whois.names4ever.com Referral URL: http://www.aplus.net Server Name: GOOGLE.COM.MY Registrar: WILD WEST DOMAINS, LLC Whois Server: whois.wildwestdomains.com Referral URL: http://www.wildwestdomains.com Server Name: GOOGLE.COM.MX Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM Whois Server: whois.PublicDomainRegistry.com Referral URL: http://www.PublicDomainRegistry.com Server Name: GOOGLE.COM.LASERPIPE.COM IP Address: 209.85.227.106 Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM Whois Server: whois.PublicDomainRegistry.com Referral URL: http://www.PublicDomainRegistry.com Server Name: GOOGLE.COM.IS.NOT.HOSTED.BY.ACTIVEDOMAINDNS.NET IP Address: 217.148.161.5 Registrar: ENOM, INC. Whois Server: whois.enom.com Referral URL: http://www.enom.com Who is screwing with the whois records, and how is it done??

Panasonic make the Toughbook line of laptops. They have Magnesium metal cases, are splash proof, dust proof, and built to mil spec. Second hand ones of reasonable speed are available on e-bay all the time. I'm writing this on my mini CF-M34 right now. Its the 1GHz model, but get this, no CPU fan either! The CPU is thermally coupled to the case, and the whole thing acts as a heatsink! :-D And yes, plastic is pretty poor for laptops, although, I must say some are worse than others. I have an old 386 laptop that you can happily stand on, as the plastic is fairly thick, but these days, the plastics are really quite thin!

Yes, Britain is going all 1984 on us. They have blocked TPB, which is pretty annoying since I was forever downloading Linux isos, which are um, free! But as people have pointed out, it's really not that difficult to circumvent! The thing that worries me, is where it goes from here. Once you have successfully blocked a site, it becomes easy, to start blocking others. Point in case, the recent rumblings about blocking "Adult sites" and "Harmful sites" because well, "your kids might see them". My response to that would be "well hows about doing some god damn parenting then", but sadly the mentality of the herd means that if you throw in the sentence "think of the children", they will happily give up our liberties to the government, without a second thought. The terminology the government uses is disturbing too. I mean, what exactly constitutes a "Harmful site"? That could include sites like hak5, because "hackers are evil", or perhaps it will progress to the point where foreign news sites are deemed "harmful" when they show the horrors our nation commits in other countries. How about, instead of the Hollywood crew moaning because they can't gold plate their swimming pools this year, they create an IT department, specifically tasked with finding, and taking down, their copyrighted material on the net? Granted, such a maneuver, will never be 100% effective, but it will cripple all the noobs who got a dell for Christmas, from downloading a new film every day, plus it will provide much needed jobs in our horribly crippled economy. Ultimately the truth is, this is nothing to do with copyright theft. The latest comment from the government is that the person who had the IP address that was downloading allegedly copyrighted material over torrent, will be instantly hit with a £20 fine. This fine may apparently be recovered if you can prove your innocence (which is strange, since I could have sworn, you were supposed to be innocent until proven guilty). The question here is, so will the government send Hollywood a check at the end of the year? Or is this simply another stealth tax? Back in the day, if you wanted pirated stuff, you went to car-boot sales or swap meets, so I guess all that will become fashionable again!

If it is a small network, could you not use wireshark, and simply log the traffic that way? If you wanted to generate a human readable report, have ngrep parse the pcap files into say IP addr, Site visited, and date+time. ngrep -W byline -qilwvt 'referer' tcp dst port 80 \ | grep -i " -> \|get\|host" That way, no matter how crafty your users may be at covering their tracks, as long as they are sending network traffic, you can see what they are at.

That is amazing! Ever since I got my Pineapple a few days back, I have been trying to find out how to create my own little modules, and this sounds truly excellent!

I am in the UK. I ordered mine on the 22nd June, and received it on the 30th, so it arrived pretty quick, though your mileage may vary. The tracking info on USPS is not very verbose, but rest assured, it will be moving through the system. It was never held in customs. I think as a general rule, customs either snarf packets at random, or go for high value ones. By the way, if you use it with Backtrack and use the wicd network manager to handle your connections, remove your eth0 (or whatever your wired connection is) from the control of wicd (it's in the preference>general tab). The reason is, that wicd misbehaves when you run the connection script (wp4.sh), and you seem to end up either being only able to connect to the pineapple, or only being able to connect to the internet.

I'm not quite sure what you mean here. If you are thinking of providing power via the USB port on the pineapple, don't! The Hakshop sells a suitable USB to dc barrel connector for less than $6 USD, for you to either power off your laptop (assuming its ports support the current requirements) or to plug into your battery pack. The battery pack you describe cannot output 10v at 2A, it just has two 5v 1A ports, you can't just arbitrarily add voltages and current together. It should however, put out a total of 5v and 2A if you parallel the two ports, (if you have one of those Y shaped USB cables). From what I have read, the pineapple will run quite happily of 5v at an amp or so, via its DC barrel connector.

So, what happened to the ngrep interface on the mkIV? Ngrep is present, just no nice web interface for it. Sure I can ssh into the pineapple, and ngrep the pcap file, or ngrep the traffic, but still, it would have been handy to have it right there in the browser. Is anybody likely to build a module for it? Thanks!