ben

Are those before and after makeup pictures?? j/k

It really depends on what you want to learn. I started going to a university with a computer science major. I then decided that I wanted to do a computer science major with a computer networking minor. After getting into Comp. Sci. a bit further I decided that I wasn't a major coder. I enjoy smaller projects and some of the design, but not the coding so I changed to a Comp. Networking major with a Comp. Sci. minor and that's what I graduated with. The biggest thing I could say is go to college of some kind. While at college try to get some kind of tech job. Any experience you can get would be great. Ben

I'm confused, with zoneedit you would be able to keep whatever domain name you want. If what you're asking for is a user to type http://www.wildandbad.com but be pointed to your server at a specific port then you're asking for something that can't be done. The "http" controls the default port for your browser. Unless you want to change what the user's services file sets the default port for http to use you won't be able to have them go to http://www.wildandbad.com but point to http://yourip:8080, it just won't work. Sorry. Ben

I'm going to go against most of you and say that you can't tell if someone is a hacker by what programs they use. Just because they use sub7 doesn't mean they are a noob. sub7 may be the best tool for the job. I've said before, do you know of a hacker that doesn't use a tool like Nmap, Metasploit, Ettercap, etc.?? Just because they use someone else's program doesn't make them a noob, it may just mean that someone else already did the hard work and why should they replicate code? As degoba said, it really depends on how much you understand. A hacker is someone who understands why and how things happen. If you use sub7 "because it works" then you are a noob. If you know how sub7 works then you may be a hacker. Ben

stingwray - I certainly wouldn't call it a "waste of space" since it's a good archive of the past. Without theBroken we probably wouldn't have Hak.5 or any other good IPTV shows to watch. They really broke ground and delivered a new product to the masses. How many of the IPTV shows that you watch were inspired by theBroken?? Probably most. VaKo - Yes, they have been planning a comeback for a long time. Unfortunately the creator of theBroken has A.D.D. (I'm guessing on that one) and can't really stick with anything good that he creates for more than a few episodes. And even more unfortunate than that he's screwed over many people by having them make donations to fund his projects and then just stopping production. Ben

Yes you will. You just won't be able to shape them differently than other encrypted traffic. There should always be a failover shaping rule and since you should have a rule that says standard http traffic is a high priority this other unknown traffic could get a lower priority. Ben

MrDave2176 - When an old ISP that I had blocked port 80 my DNS provider, zoneedit (which is a free DSN service), had a service called web forwarding. It works in one of two ways: 1. It can keep the URL as the main URL (http://www.mydomain.com) and capture the URL with the different port in a frame. 2. It can forward to the server running on a different port and in the location bar show http://server2.mydomain.com:8080 I'm not sure what you're currently using for DNS service but I would suggest that changing to zoneedit, if at all possible, may be the easiest solution. Ben

I'm sure the author would have liked to have kept the name Ethereal as well but when the company says they own the name it was probably much easier for him to just start off with a different name rather than start a legal battle. Ben

I wouldn't say that Digg can teach anyone anything about hacking. Yes, it's an interesting social networking site but I wouldn't put it in this list. I've got issues with Security Now! They are trying to do good things by explaining everything in a very dumbed down way but Steve Gibson bothers me because he jumps way overboard on things and isn't always technically accurate. Ben

Ethereal is dead, long live Wireshark. Ben

Not exactly. The difference between sniffing a hub and a switch is that a... 1. hub automatically forwards every packet on the network to your computer and then your computer decides whether or not to care about the packets. 2. switch requires the attacker to "tell" the victim's computer that the attacker's computer is actually the default gateway. The attacker's computer must then be set up to forward any received packets (that aren't supposed to end at the attacker's computer) on to the proper destination. Any tool won't do, but, as Harrison said, Dsniff and Ettercap make the job easy. As far as finding the correct "values", that shouldn't be that tough since most systems send out plenty of broadcast messages that anybody can sniff on either a hubbed or a switched network. Ben

I don't know if I'd really care to go to DEFCON anymore. As Harrison said, it's really just become a party and I'm not much of a partier. I would like to make it to ShmooCon and BSDCan sometime though because I think they've both got good technical quality. Ben

I have my Bachelors Degree (Major: Comp. Networking, Minor: Comp. Sci.), Network+, and RHCT (for work) I may work on my Security+ because that is what I'd like to get into for a career. Ben

I agree with VaKo on this one. This post is actually a good suggestion. If users want to to learn to hack they should: a. Get one or two spare computers and practice hacking those. b. Get VMware Player and VMX Builder and then hack virtual machines on their own desktops. c. Go to HackersLab, PullThePlug, Root Wars or one of the many other wargames sites out there that offer a spot for you to legally hack. Ben

I've got a Proxim Silver card and it's great. I purchased it because I wanted to play around with making a cantenna and it has an external connector. It may not work for you though because it uses the Atheros chipset. I'm not sure why you can't get it to work with Linux because since the release of MadWifi drivers I haven't had a problem with Linux support. Heck, FreeBSD even supports Atheros chipset cards so it's turned out to be a great card for me. Ben

I agree, I use vsftp but I'm guessing, even though he didn't say it, he needs a Windows ftp server since he's currently using Serv-U. Ben

I think the difference here is the author is suggesting that the people were testing the application to prevent someone else from stealing their information. If you find a bug in any program you can either choose to continue using that program or not. You just need to realize the consequences of your choices. Ben

In the Wired News article Spot a Bug, Go to Jail there was some discussion about a few different court cases. Case 1. Eric McCarty, a professional computer security consultant, found a coding issue with a web application at USC that allowed an attacker to harvest personal information. As proof McCarty anonymously e-mailed a sample of personal records to a reporter. USC later traced the server activity back to McCarty yet he claims he is innocent of any crime. I can't believe he's claiming to be innocent. He found a vulnerability, which I can see as being fairly benign, but then he accessed personal information and sent it to someone else. It's like if he noticed a car was unlocked (not a crime) but then he took a package out of the back seat to prove to the owner (or in this case someone else) that it was unlocked. He still took the package. Case 2. Stefan Puffer, a security consultant, was charged with illegally accessing a county court's wireless LAN to prove that it was insecure. I haven't been able to find much information about what he accessed, or how it was accessed so I can't really comment on this one. If he just accessed the wireless network by connecting to an unauthenticated network I don't believe he broke any laws. If he cracked WEP, or any used any other unauthorized authentication, I believe he should have been convicted. If others have info about how he accessed the wireless LAN or what information he accessed while on the wireless LAN I'd be interested in reading more. Case 3. Bret McDanel was charged with a crime for e-mailing out information about a security hole to "customers of his former employer" to potential victims. Since McDanel did not use the security vulnerability in any way (at least not as is stated in any information I could find) I believe he was not guilty computer crimes. He unfortunately was convicted but later had the ruling overturned. The most disturbing part of the article was the following quote: I agree that people should check out the security of a web site before using it but I believe there is no difference between someone who uses a bug in code to get information to show the company that a bug exists and a person who uses a bug in code to get information that they use for crimes. Both of these people illegally accessed private data. If you were not hired by the company to test the security of a site or system then you have absolutely no reason to access that data, even as proof of a security bug. If you find a potential security bug you should report it to the company. As long as you don't use that bug to access data you should not be convicted of any crimes. If, after you report the bug, the company fails to fix the bug then you can choose to not use their services. What are other people's opinions about the individual cases or personal testing of systems/site security in general?? Ben

Huh?? I'm not sure what running a firewall has to do with account authorization. Could you please explain more?? I think Sparda and I are talking about a machine that only acts as a server. If this is the case then all outbound traffic should be considered legitimate. This would also assume that the only outbound traffic for the machine would be response traffic to client requests (I know this not always the case because there are sometimes maintenance processes that access the network on servers but those are negligible). I am not 100% sure what you mean by "more lax" but it really don't like that idea. Yes, there may be certain services that you only open to your LAN (or other specified systems or subnets) but it should not be considered more "lax". Ben

The fact is he broke the law. If you don't agree with a law you don't get to just choose to ignore it. There is a process of appeals where, once convicted, he can appeal to the US Supreme Court if he wants to and then they'll decide if the law is constitutional. But the fact is that, when he broke into the systems, it was against the law and he should therefore be convicted. Ben

OK, whoever stickied this should be slapped. Ben

How much control do you have over that hardware firewall?? If you are the owner, and it's a high end firewall (not just a NAT router), you may have no use for a software firewall. However, I have a couple of firewall rules that prevent fragmented packets and syn only packets from hitting my server applications. I can't do this with a my NAT router so it is a little suspenders for me. Not necessarily true. As stated above, I run many services that I want and use my firewall mainly for logging and added protection. If you're running Snort in IPS mode (which you'd need to do to block traffic) you're basically running a firewall. Ben

iptables is probably the firewall you'll want to use if it's running on the same computer as the server. It's pretty easy to set up and the rules are fairly straight forward. A quick Google search will give you some good results but just ask if you've got any specific questions. Ben

I've used the GParted LiveCD a couple of times to shrink or grow NTFS partitions and it hasn't messed up yet. I'd trust it for repartitioning any NTFS drive (as long as I've got data backups of course). Ben

Other good questions may be... 1. Do other pcmcia cards work on your Win2K setup (it may be a pcmcia slot issue)?? 2. Do other network devices work on your Win2K setup (it may be a TCP/IP issue)?? Ben