Nice post, another little bit for peeps.

A friend sent me this other day when I was configuring squid for a reverse proxy:

Before mod:

Server: Apache
Last-Modified: Mon, 19 Oct 2009...

Nice.

We got a DECT card and after a lot of playing managed to record and play back an unencrypted transmission.

Our biggest problem? (bigger than buying a DECT card from Switzerland...) was...

Picking this one at complete random, but just to say thanks for huge amount of vids posted ! When I get home (i.e. with sound) I'm going to try and get through quite a few, will be good!

If not too late try:
Active@ Recovery suite thingy, lost a disk once, tried a dozen or so recovery apps, this is the only one that worked, slow as hell, but recovered flawlessly.

If you want to prevent SSH being brute forced use keys?

Thanks for link will give it a read.

Also this one if anyone interested:
https://www.honeynet.org/files/KYE-Conficker.pdf

23 pages, good read.

How do you intend to 'catch' them? If you mean physically locate them then ok, but if you mean 'be aware' of them then its different.

If they are faking their mac then yes it it wouldn't be picked...

Looked into arpwatch?

Is there any point with the WPA if using a properly configured VPN?

How about shutdown the wireless links or the end points to only accept/listen to the VPN port and then use VPN, adding the...

Putting it on a random port will only delay the time taken for an automated both to stumble on it... but it will happen... 'maybe' many years from now, but it will happen.

What about if your first...

I presume the IP wouldn't be stored in the same way as variable strings? (ie the strings command?)

Sorry theprez98, didn't realise it was the same thing (I mean come on look at the website layouts.... completely different lol )

Yes thankyou Thorn :p

de ice
try this one

Im prob talking out my arse here, but can you SSH to it with -vv ? This should give you the methods the server will accept, if indeed it is struggling with auth methods

Well have you? lol

I presume this is backtrack, which is slax? I dont have it to hand but do you edit resolv of ifcfg-eth0 for slax dns?

PS you make it sound like sending out DNS is a bad...

I know you say you set the gateway, but just double check its in place (ip route show), might explain why you can get traffic over the wireless (route in place) but not internet (default route not...

20Gb ? thats nothing, try one of the 150Gb tables !

And isn't there one project that is producing something like 100 x 100Gb? again WPA related iirc... and yes too lazy to search at mo

I believe this was discussed in the muts/bt4 blog

http://backtrack4.blogspot.com/2009_01_01_archive.html



[edit - sorry for mistake, try and follow too many pages, got confused]

Forgive me for probably saying something daft, but is this really a 'new way', to me beating the real response with a forged packet of your own with a manual sequence number is the standard way?

Sorry for spamming, but just wanted to say nice thread peeps, def one for the bookmarks

Forgive :p me for :mad: probably pointing :o outthe :mad: obvious :eek: but have you :( untarred :confused: it :) and then :cool: gone :D into (enough thats irratating me) the folder before running...

I have heard of situations where removing a wireless connection didnt revert the routing table (though may have just been 3G sticks, cant remember)

#ip route show

do this inbetween every...

This always makes me wonder about the future, will more people start to run encrypted tunnels, host their own mail server (and have smtps between friends etc)... I know some people already do, but...

Not forgetting that ICMP and IP are not stopped when they hit a router/bridge etc.

Arping (arp) is only accurte/reliable if you are on the same branch of the network.

There is also nmap which...

The more I get to use SSH -L/-X the more i love it lol