webstersprodigy.net

Easy? yes. Trivial? yes.  But it is something I always seem to forget. smbclient -L //localhost Password: Domain=[MIDEARTH] OS=[Unix] Server=[Samba 3.0.26a] Sharename Type Comment ——— —- ——- IPC$ IPC IPC Service (Samba 3.0.26a) data Disk Data Domain=[MIDEARTH] OS=[Unix] Server=[Samba 3.0.26a] Server Comment ——— ——- HOBBIT Samba 3.0.26a Workgroup Master ——— ——- MIDEARTH HOBBIT Just leave [...]

For some people in my class this was easy, and others it was difficult. Some people have spent a good 40 hours on this, so I thought I’d post some code to help out. There isn’t much documentation on the crypto modules.

This is a program written in python that gets the weather from the command line. The usage is like: $ weather.py 83204 5-day Forcast for 83206 ——————— Monday Tuesday Wednesday Thursday Friday High: 74 68 47 49 58 Low: 43 34 29 27 32 It breaks occasionally, most likely because wunderground’s output isn’t consistant.  but [...]

An interesting cryptographic way to deal with syn floods is syn cookies. SYN floods are simply a bunch of syn packets from spoofed ip addresses, and are a fairly common dos attack. Some other ways to deal with these include increasing the syn queue size and decreasing the wait for reply time, but these don’t really solve the problem. SYN cookies are built into the Linux kernel by default (though usually not enabled by default). You can find and configure this feature in proc/sys.

From the networking class, cs487. I really enjoyed reading and listening to these. Posted with permission from the authors. Good job, everyone!

From http://www.suse.de/~agruen/acl/linux-acls/online/ “Traditionally, systems that support the POSIX (Portable Operating System Interface) family of standards [11,2] share a simple yet powerful file system permission model: Every file system object is associated with three sets of permissions that define access for the owner, the owning group, and for others. Each set may contain Read (r), Write (w), and Execute (x) [...]

I was talking about fail2ban running from my firewall and a certain IP being the only one allowed in (as specified in iptables). First of all, I should probably be using port knocking or something better for this scenario (in fact, after the comment I went ahead and put spa on the firewalls – something I’ve been meaning to do anyway for awhile now) but that’s beside the point.

Short analysis of the nmap half open scans (also called syn scans).

The smurf attack is old and outdated, but still interesting ddos attack. An attacker broadcasts spoofed ICMP Echo Requests. The spoofed address is the intended target, as the idea is that everyone will reply to the same guy and potentially flood him with echo response packets. By using a large broadcast network, there could be a large number of hosts pinging at once. The code for smurf is at http://www.phreak.org/archives/exploits/denial/smurf.c.

There are many ways and many tools out there to spoof an IP address. The point is you can’t trust the source field of the IP, since it can be written and there is absolutely no authentication. Although it is ‘fire and forget’ since the sender won’t receive any reply, there are a lot of vulnerabilities discovered this way.

The server listens for connections to port 51424. it then sends out it’s public key. A session key is then sent by the client encrypted with the server’s public key using rsa. The server then encrypts a secret message with the session key using aes. The client then decrypt the message.

In my environment, the best kind of firewall is the bridge kind of firewall. Meaning: a transparent kind of firewall. Here’s how I generally set them up. This will be especially useful to all of you trying to hack me (you bastards).

This is a preview of what might happen at Chris’s bachelor party (if we get crazy enough). Add your questions here to skew the results! If you’re lucky there may even be a Linux drinking game. Some of these are stolen from online. Some of them may not seem very hard, but I’m sure they’ll get more and more difficult as we consume more and more alcohol. Also, it’ll be fun to see all the obscure crap I’m sure some of you know just on the top of your head (freakin weirdos).