Wednesday, December 22, 2010

Watchdog Scripts -don't let daemons die

If you would like to keep certain process/daemons running on a Debian system that you would like for it to be monitored and restarted if it ever stopped you can use supervisor. But I did not find such an application in the default Ubuntu repos hence I started doing some googling and found a simple way to make your own watchdog script for Ubuntu.

First create script that will watch the daemon:

#Make sure process "YOURPROCESS" is running

if ps ax | grep -v grep | grep $pprocess > /dev/null
        $runprocess &

make sure the script is executable:

$chmod 775 nameofscript

then make this script check your process is running every 10 mins, you can set it lower if you like:

$sudo crontab -e

copy and paste this into crontab:

10 * * * *      /home/username/nameofscriptabove

the 10 signifies the time cron should wait until running this job again. The 10 is min the minutes section. 

Hope this helps not letting your precious daemon die when you need them running.

Monday, November 22, 2010

The Art Of Social Engineering

I doing some website stumbling and ran across this :
wow can this lend it self to exploitation of it has not already.

Sunday, November 14, 2010

Honeypot Project Coming Soon

Flytrap and Flyanalysis Project

Working on setting up a network of Honeypots for testing different variations of present malicious web activity. There will be two portions of the project one that consist of the actual honeypots and the other a reporting server which will poll from all the honeypots and report the malicious activity the honeypot caught. Also will open a donation page for anyone who would like to support the project. please refer to the new link for more details.

Friday, November 5, 2010

Kismac with an HWUG1 Wireless-G USB Adaptor

(mac only)

Recently purchased(from amazon) a Hawking Technology G adaptor to test with Kismac. Using this youtube video tutorial:

What I learned from this exercise is that the only way to crack WPA and WPA2 is via bruteforce/wordlist. I have gather some over the internet and I believe that you can produce some with Cain and Able, more details coming in the next post.

Here are some basic word list:
more from kismac:

Cracking WEP is much more easier specially with the HWUG1 card which can perform injection. You acn successfully retrive the key with these easy steps:
1. Select the RT73 device driver in preference, remove the airport drivers.
2. Scan/sniff the network
3. Then under preference select the channel which the SSID in interest sits on,
4. Click on reinject packets and wait until ~130,000 packets have been gathered.
5. After 130,000 or so have been gathered click on network-->crack-->Weak Scheduling Attack-->Both
6. The Key should be cracked in a matter of minutes (works for me if stuck email me)

Hope this quick guide helps, working on one for the WPA encryption.

dumb disclamer: This is not a toy dont break/crack networks that are not yours, im not responsible for anything done with this tutorial/tools

Saturday, October 16, 2010

Distro Debian

Been installing servers lately to do a multitude of things and I had a certain application that I had to install which would just not play well with Ubuntu. I went ahead and install debian as a test and boy am I impress. I'm known to be a lover of centos and fedora but the debian package repos is incredible and the fact that they are strip of crap as possible makes them a very very very good server distro. I highly recommend if you dont want to go with ubuntu and all its extra stuff.

Thursday, October 7, 2010

One Liner to detect as and ip registar info via cymru

This is a small oneliner bash script that it accepts an AS# or IP address and provides the registar and information about the owner of said AS or IP, it is a more complete whois


whois -h " -v $1"

Tuesday, September 28, 2010

Finding TACACS+ for RPM base distros

I found that the latest TACAC's build are in:

among other neat routing software.

To install in fedora simply do

in sudo
user#rpm -ivh tac_plus-xxxx.rpm (make sure you dont use .src.rpm files)
user#rpm -q tac_plus-xxx 
spits back the version you installed that means its installed correctly :-)

I used this guide as reference:

Monday, September 27, 2010

Best IRC chat client in MAC

In a search for a decent chat client for IRC on the MAC, I attempted to use the new Adium features, seeing as I already use it for everything else, i though it would have been simple for IRC also. Soon discovered that Adium does not support alot of basic IRC commands, also it does not make your life any easier by moving from channel to channel or PM. I quickly went ahead and moved to my next candidate Colloquy, man was I impress, this is a keeper. My recommendation. More on IRC server soon.

Thursday, September 23, 2010

Kismac, wpa and wep cracking on the mac

Cracking WEP and WAP keys in the mac is simple. Just learned this while review top 100 security application I came across this niffty tool called Kismac, is the port of kismet to the mac. You can get the app from here:

Kudos to the team also who put the video together on how to crack wpa and wep keys with and without packet injection on youtube:

Wednesday, September 22, 2010

Opensource hardware authentication

Any advising in deploying an open source server that does hardware authentication similar to that of RSA SecurID 700. Been googling the hell out of it but cannot find a decent solution the closes thing I found was but is a paid solution.

Friday, September 17, 2010

Loopbooks in MAC

Ran into an issue today attempting to configure GNS3 for a routing lab. I was looking for a way to add another loopback interface on the mac. I did not find an answer. I attempted using ifconfig, but I get this error:

sudo ifconfig lo1 create
ifconfig: SIOCIFCREATE2: Invalid argument

Strange, the GUI does not support creating real interfaces, only virtual ones which is not good in binding with GNS3 because the appliciation wont detect it :-/ still stuck.

Wednesday, September 15, 2010

Free CCNA study guide

Browsing Packet life I noticed that someone took the time to build a free CCNA study guide using GNS3 Please make sure you visit the site if your studing for the CCNA or want to understand networking a bit more. Kudos Matthew George!!!.

Ubuntu LOCO Teams

Seeing a lot of activity from the local ubuntu team, Im going to attempt to attend the meeting this saturday: