the linux newb

all things tech

Man-in-the-Middle attack with Interceptor

The good folks over at Hak5.org did a little diddy on a network monitor that can be placed on the wired side of the network instead of collecting just wireless packets.  Interceptor is a network tap for the wired LAN that can collect packets, so you can come back later and analyze.  It also gives you the ability to run a wireless access point on the backside and create your own VPN tunnel from the outside, where you can be sitting in a van checking out what is happening on the network.

You can read more about Interceptor at DigiNinja.org.  Give it a look, you might find something interesting.  Thanks to Hak5.org for pointing this out to me, and a special thanks to Robin Wood for creating such a great tool!

Advertisements

22/03/2009 Posted by | open source, Security | 1 Comment

Bastille Hardening Program

You have heard of DISA’s Gold Disk as a tool to harden a Windows machine.  Well, Bastille is a program specifically designed to harden a Linux box.  Users can choose to run the program through command line or a GUI.  Bastille is designed for use on Red Hat, Fedora, SuSE, Mandrake, Debian, Gentoo, HP-UX, or Mac OS X.  The web site offers an easy how-to for installation.  On my OpenSuSE 10.3 machine, I had to add Perl-TK and the Curses packages for the GUI to work.

Through the GUI, Bastille asks the user a set of questions, and the user’s answers determine what settings are applied to the system.  One of the best features of Bastille is the ability to revert to previous settings if unwanted settings are applied.

Bastille

12/05/2008 Posted by | how-to, Linux, open source, Security | Leave a comment

Faster UDP port scanner

When you are using Nmap to scan ports, you have probably noticed that it takes FOREVER to scan UDP ports.  Well, here’s a port scanner that can scan UDP ports a little faster and it is very handy to have in your arsenal.

Unicornscan

03/05/2008 Posted by | Productivity, Security | Leave a comment

Traveling out of the country soon…protect your laptop.

Cnet’s Iconoclast blog has posted good steps to securing your data on your laptop when Customs decides to take it and scour it for any data that they deem a security threat.  The Customs’ agents can (and will) take your laptop, copy your data, and then return it days (maybe even weeks) later.

Now, I am all for “Homeland Security,” and protecting our borders; but don’t you think there might be a better way to go about this?

Read the blog and decide for yourself.

15/03/2008 Posted by | encryption, Random, Security | | Leave a comment

Saving changes on your Backtrack 3 USB

Thanks to the Newbie Hacker, there is a good how-to about saving your changes on your newly created Backtrack 3 usb.

You can find it here.

01/03/2008 Posted by | Linux, Security | | 1 Comment

Nmap’s new scripting engine…

In the past, pentesters would have to write their own scripts for further exploration of results found from an Nmap test. But now with the stable release of Nmap 4.5, the Nmap Scripting Engine (NSE) is included (the project actually started with the alpha release in version 4.21)(some scripts can be found in /usr/share/nmap/scripts).

What does NSE do? Well, for example, if a penetration test is ran and an HTTP server is found running on one of the machines; then, in the past, administrators would write a script to determine the version of the web server. Now, with NSE, the scripts are already written or easier to write.

Developers say that NSE is most effective with small to mid-sized organizations. If you have to scan a large organization, Nessus or GFI LANguard would be more effective.

For more information, click here

22/02/2008 Posted by | Linux, open source, Security | Leave a comment

Install Backtrack 3 on USB

Here are some pretty easy steps to install Backtrack 3 to your USB drive.

Go to Offensive-Security and get the Backtrack 3 Beta USB rar file, about 946 MB in size.

I got on my Windows XP machine and used WinRAR to uncompress to a folder on my machine.

Copy the BT and BOOT folders to your thumb drive.

If you are on a Windows machine, go into the /boot folder and run bootinst.bat, if you are running Linux or OSX run bootinst.sh. This will set your thumb drive to be bootable.

I am running BT3 on my Dell E1705 laptop with Compiz running. In the grub, it says that this is experimental, but I have not seen any errors as of yet.

06/02/2008 Posted by | Linux, Security | , | 21 Comments

Encrypt Thunderbird Profile with Truecrypt in Linux

Thanks to Chris who sent me this information about encrypting your Mozilla Thunderbird profile through Truecrypt in Linux through symbolic links. Not only do you have all of your profiles encrypted, but you also have easy back-ups. Not to mention all passwords that you have saved in Thunderbird are also encrypted (not reversibly hashed as before). There has been no noticeable performance problems when loading Thunderbird. Chris is working on encrypting his Firefox profile also, but has ran into a couple of issues that he is currently resolving. THANKS CHRIS!

   1. Close Thunderbird
   2. Move the Profile folder for Thunderbird into your truecrypt partition.
   3. DO NOT EDIT THE PROFILE.INI
   4. ln -s (where the profile is moved to)
   5. Restart Thunderbird
   6. Now it should act as it did before, only now the files are stored in an
      encrypted partition.
   7. If you don't mount the encrypted partition first, it just gives you an
      error that it can't start.
   8. Mount and start again.
   9. Voila!!

29/01/2008 Posted by | open source, Security | | 1 Comment

Eavesdropping on Bluetooth headsets…

I found this article over at Hackszine.com in which Joshua Wright demonstrates how a Bluetooth headset can be hijacked, allowing audio to be sent or received on the device.  All that is necessary is to sniff the device address and use the default pin, and after this the device can be “tapped” (while not in a call) and all audio around the mic can be listened to remotely.

 Here’s the link.

01/01/2008 Posted by | Security | , | Leave a comment

IT Toolbox

A couple of my friends (thanks Chris and Mike) work as security analysts for a DoD (Department of Defense) contractor, and they have put together a digital toolbox that includes applications that can run directly from a thumbdrive, leaving little to no footprint.

The toolbox was designed for use on stand-alone networks, non-remotely administered systems, and other factors. Programs used are for tasks such as malicious software removal, error analysis, optimizations, and security.

Applications are added to the toolbox as problems arise, and this “toolbox” is not limited to just these applications.

Just a side-note, all of the programs are either open-source or free, and I have added some other applications to my own toolbox. I invite comments if you have come across other helpful programs. And please, if you will, donate to the developers so that they will continue to create great software!

21/12/2007 Posted by | Security | Leave a comment