Is there a solution for live-cd sessions beside running the installer (and aborting it after language selection)? Something we can put in a script or a way changing files on the cd?

Where can i find the link to the R2 changelog? Why not put it right beside the downloads?

Hmm... when i run a bash script like 'export qqq=111' variable remains empty. How exactly looks your loadvars script?

I have problems on one system as well. Monitor mode and airodump work well but if you start sending a fakeauth or deauth the driver (rt2800usb) goes down at once. Another RT73 USB stick works...

Hallo,
a typical backtrack setup needs multiple shells like having one running airodump-ng and another to deauthenticate or similar. I like to put stuff like mac addresses, essid and such into...

Hallo,
once i enter 'startx' i try <ctrl+alt> + <F1-F9> to switch to txt mode console but nothing happens. When i press <ctrl+alt> + <backspace> it gets me there but i think X(?) gets closed. That's...

Certs have MD5 and SHA1 fingerprints these days. Its very unlikely you can fake both. That would be a serious problem indeed if possible.

But Thunderbird should compare the top-level domain (TLD) it connects to against the address stated in the certificate, shouldn't it? And the destination address is explicitly set in the options and...

I always check the addressbar automatically even way before knowing about any possible weakness, its kinda eye-poking since the new addressbar was introduced. And i use TLD highlighting like IE8.
...

Ok, they successfully removed the 'negative feedback' (invalid cert) but you will loose 'positive feedback' (lock sign, https, cert info) and if you substitute certificates (for https) its clearly...

SSL itself is not broken. Read carefully, guys. They even set ssl look-a-like favicons to fool proper cert/auth. Thats still not cracked. You cannot fool latest thunderbird or firefox that way...

But if you (or the software) checks for valid certificates it should be safe. If i get it right none of these methods can fool that.

Another option would be setting up a DNS and doing routing by hand with iptables. I looked up some tutorials. Its not that hard to handle if its well documented i think.

You run it in a windows vm on a linux host?

I don't think the cisco routers will handle wlan sticks directly with all the drivers and wlan encryption options. The only chance i probably have is...

Mono and pfSense don't support USB-Sticks as source. Only Static, DHCP, PPTP and PPP are supported.

What about Dynamips? Anyone know for sure its working with it? Any suggestions about suitable...

That sounds interesting. Didn't know about cisco emulators. Cool piece indeed.

I will also test pfSense. Looks like monos big brother. Maybe i should check out mono betas for wlan-stick source...

Hallo,
is it possible to use BT as a router? Its not easy to find a livecd router. I already have an IPCop router but its mainly intended for hdd/compact flash usage and m0n0 is not capable of using...

Ok, so SSL itself is safe against MITM attacks. Thanks!

Hallo,
lets say there are several clients in a wlan and someone is using Thunderbird or Firefox with SSL (lets say gmail/pop3..) to receive emails. If someone (in the same wlan) will set up a MITM...

http://en.wikipedia.org/wiki/Universal_Plug_and_Play

I will test netdetect. I've seen APs that were completely silent though. Kiddiestuff like upnp and such can be disabled.

You could protect your desktop systems, that's not a problem but they can use your internet connection to make stupid things, send spam mails, hack other systems and sniff on your network, steal your...

Ok, if its abstracted and changes the whole packet (and not a hardcoded string) its maybe not that easy to realize but learning and gathering informations is never wrong. Its even advised to use WEP...

Thanks for all the infos. It helped a lot.

Not sure if we mean the same thing here. I don't want to modify the passphrase but the three letters 'WEP' that would show up when someone sniffes my...

Yes, i used Wireshark already. But all it gave me in promiscuous mode were beacon frames or my fakeauth responses but nothing on IP layer. Is there anything else needed beside setting the key with...