Jump to content

SupaRice

Active Members
  • Posts

    40
  • Joined

  • Last visited

Recent Profile Visitors

1,360 profile views

SupaRice's Achievements

Newbie

Newbie (1/14)

  1. Yeah I've seen that, but I'm looking more for something equipment vendor agnostic.
  2. I'm looking for a good event correlation device/software. Something that can help reduce the standard information overload you get from the tons of log messages from firewalls, IPS devices, servers, etc. Security oriented correlation. I've had experience with Cisco's MARS: http://www.cisco.com/en/US/products/ps6241/index.html Which is a great idea, that works well in a lab. But in the real world, ummmm, not so much. Not to mention you have to have pretty much all Cisco gear for it to be of any value. And, like everything else they make, it's ridiculously expensive. I've also messed with Splunk, which I think is awesome, but doesn't really put any intelligent correlation to the information. It just seems to be a better way to sort information. http://www.splunk.com Has anyone used something that they like? The only other ones I know of, which are both really expensive, are RSA enVision and Q1.
  3. Yeah, I didn't take offense, I was just trying to apologize if I caused offense. I guess I didn't explain myself very well either. I have a customer that wants me to figure out what they may be vulnerable to without running a scanner like Nessus or something. So all I have is version numbers and such. I was just curious what sites everyone here used for research. I figured if I asked, there might be some really good sites that are not well known. Sorry for being a dumbass n00b, but my main job function doesn't take me as deep into hacking as I'd like so I'm not as familiar as you guys are. Thanks for the replies.
  4. Where is the best place for me to find any known vulnerabilities for application X and version Y?
  5. So, I'm a n00b... maybe this has already been done. I've searched but I didn't see anything. Would it be possible to do the following Run Jasager on an Acer Aspire One, and use a 3G card to offer broadband upstream service to your victims friends. ;) This link shows how to put a 3G card into the Aspire. http://tnkgrl.wordpress.com/2008/10/28/mod...pire-one-hsdpa/ I'd like to be able to do this while booting from a USB thumb drive, so I don't have to use the Windows OS installed on my Aspire. Do you guys think this would be possible? Or am I missing the boat, and someone has already done it?
  6. Do this: http://maddhat.com/?p=23 So that you can use linux without messing up your PC. Most new machines will boot from a USB. Backtrack has a lot of tools already installed and ready to go. Or you could do this: https://help.ubuntu.com/community/Installation/FromUSBStick And once you feel more comfortable, you can move on. Good reading: http://www.debian.org/doc/ http://doc.ubuntu.com/ Also, think of things you'd like to be able to accomplish. Like be able to configure all of your networking manually, wireless and wired. Then read the docs and howto's to figure out how to do it. Most of all.... Welcome to the fold! ;-)
  7. Linux as the host OS, Windows in a VM for everything you can't do in Linux. Which isn't much. For me it consists of a couple of company Windows only apps (.Net apps that require IE), and Visio. Because dia doesn't even come close. And the only other thing is iTunes. GTKpod sucks ass. iTunes sucks ass too, but at least it works. There really is no excuse for not having a better solution to iTunes by now, but then again I've not contributed to a solution so who am I to bitch about it. Although it's been my experience that Hardy is WAY faster than Vista out of the box. That is without performance tweaking either, maybe you could get Vista to perform as well with some tweaks. I dunno, don't care. I used to make an argument for Windows to people. Justifying it's existence, so that the non-technical folks out there who just want to surf the internet and check email could have something that was familiar and easy to use. That is no longer a valid argument. I'd say at least 70% of those people (who make up a large portion of the non-commercial computer purchases) would be perfectly fine with a Linux system. The only time that they wouldn't, would be if they wanted to play games. Games are better on Windows. That's all there is to it. It's just too much of a hassle to get it working in Linux most of the time. And Windows does offer businesses something that most other OS's don't, AD and group policy. Although most don't use it, or at least not properly. It is something that other systems lack in the way managing rights and access. I don't do admin stuff, so maybe I'm missing something, but that's just been my observation. I know Apple has something like AD, but I've heard it sucks and isn't as comprehensive. It's all what you are comfortable with. Both get the job done.
  8. I've done it without a U3 following these instructions: http://forums.remote-exploit.org/showpost....amp;postcount=1 But I don't seem the advantage of using the U3 to do that. I mean, you're already booted up to another OS for it to recognize a U3 partition. And if you want to boot from it, the PC would require booting from a USB. In which case you could just use the above type of full USB ISO.
  9. I had to tab out the originally posted code to get it to work: import urllib2 subs = ["www","wi","wik","wiki","forum","forum"] for sub in subs: site ="http://"+sub+".hak5.org" try: urllib2.urlopen(site).readlines() print site except: pass But after that it worked like a champ.
  10. Thanks, is there a way to pick up the loss percentage on the other line? For instance, I took what you did and put this into ping.sh ping -c10 -l10 $1 | grep '/' | awk '{split($4,t,"/"); print t[1], t[2], t[3]}' That gives me the min / avg / max from the second line of output, but I need to pull the % of loss from the first line too. Thanks for your help!
  11. So, I'm setting up cricket (basically like MRTG) for some simple network performance trending. I've used it before, but a long time ago. And I've lost a script that a friend wrote for me to measure latency. I basically need to be able to do this: latency.sh www.google.com And get output that looks like this: 45.23 48.94 56.7 0 Which would be minimum, average, maximum round trip times, followed by % of packet loss. I'm able to do this, but don't know how to write a script that will clean up the output: #ping -l 10 -c 10 -n -q 172.20.227.1 PING 172.20.227.1 (172.20.227.1) 56(84) bytes of data. --- 172.20.227.1 ping statistics --- 10 packets transmitted, 10 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 2.299/2.362/2.451/0.065 ms, pipe 10 Can anyone help me? I'm sure this is a pretty easy thing to do, but I can't figure it out. I've been working on it for a while and looking at scripting guides, but nada...
  12. I think you'd be fine with an off-the-shelf type antenna. I've deployed wireless for college dorms with concrete walls like you are talking about and the APs have those same style antennas. Although this would depend greatly on the specifics of your walls. Can you see the signal at all with your laptop's OEM wireless card?
×
×
  • Create New...