Wifi Card du jour

Wireless cards that are supposed to do it all, packet injection and the like. As high power as is legal ~300mW

Manufacturer:

http://www.ubnt.com

Local Retailer:

http://www.echotechwireless.com

Recommended Card:

http://www.ubnt.com/downloads/srcdatasheet.pdf

There are also mini-pci cards that one could install into their Dell latptop. Pricetags are > $100, so pony up , or watch E-Bay.

A testimonial of the Ubiquity card I've formatted it a little:

"I've tried 4 different wireless cards on Back|Track2 with varying levels of success.

[...]

UbiQuiti SRC Range Max

Without a doubt the best card available IMHO.

• A massive 300mW power
• comes with 2 x MMCX connectors and now shipping standard with a 5dB aerial
• Can support OMNI and Directional at the same time
• Uses the madwifi driver, supports packet injection
• Support for ABG networks; Great sensitivity

Only draw back is the price, ... If you don't mind the money, then this is the only choice."

Here is a site listing cards and drivers that are known to work with BT2 (Backtrack 2). This list includes the following entry for the Ubiquity:

Ubiquiti SRC

• Driver : Madwifi-ng
• Chipset : Atheros AR5212 a/b/g
• FCC ID: SWX-SRC
• lspci : 03:00.0 Ethernet controller: Atheros Communications, Inc. AR5212 802.11abg NIC (rev 01)

In stock in the Salt Lake City area at EchoTech Wireless, 740 W. 1700 S., Unit #6, Salt Lake City, UT 84104. (801) 649-6400 (order@echotechwireless.com)

Images on the command line

I have used imagemagick as a command line tool in the past; you know, for batch image processing and tweaking in various scenarios. It has always come through for me and generally saved me a lot of time.

Since recently purchasing my Cannon SLR, I now have a lot of very large (3MB jpeg) pictures to manage. Imagemagick was an easy choice for things like shrinking to a size you can share with grandma via email, and cropping for the perfect fit on your desktop.

I would be interested if any of you have tricks to optimize / automate such tasks. Some of my imagemagick notes are as follows:

KNOWLEDGE IS POWER

Working with images, it is often helpful to verify what your commands have done. Use the identify command to tell you the image format, dimmensions, etc.: identify filename.jpg

• Very useful in making robust scripts that handle different formats or sizes.

RESIZE AN IMAGE

To resize an image you can just use a simple: convert filename.jpg -resize 50% newfilename.jpg

• This will resize the image to 50% of the original size and maintain aspect.

To resize to a particular width and maintain aspect use the following: convert filename.jpg -resize 800 newfilename.jpg

To resize to a particular height and maintain aspect use the following: convert filename.jpg -resize x600 newfilename.jpg

To resize in a fit in screen type mode, specify both width and height: convert filename.jpg -resize 800x600 newfilename.jpg

• This maintains aspect and fits the image within that square

To force the image to a certain size, or "stretch" the image, you can use: convert filename.jpg -resize 800x600 ! newfilename.jpg

• This will result in a perfect size image, but the image may be distorted.

CROP AN IMAGE

As with resize above, you can specify width or height to crop to.

width

convert filename.jpg -crop 50% newfilename.jpg

convert filename.jpg -crop 800 newfilename.jpg

height

convert filename.jpg -crop x50% newfilename.jpg

convert filename.jpg -crop x600 newfilename.jpg

both

convert filename.jpg -crop 50%x40% newfilename.jpg

convert filename.jpg -crop 800x600 newfilename.jpg

NOTE: the above commands will not discard anything, but rather give multiple output files of the original in pieces no larger than what is specified in your crop command. Think "tiles".

If you want ONLY a specific portion of the original, you can follow the dimensions with an offset x and y (+x+y). The x is measured from left to right by default and y is measured top to bottom. The upper left corner is +0+0. The picture saved is then measured from the +x+y reference point, again, the default is to the right and down.

convert filename.jpg -crop 800x600+0+0 newfilename.jpg

• This gives the specified area measured to the right and down from the top left corner (+0+0). Everything else is discarded.

convert filename.jpg -crop 800x600+100+50 newfilename.jpg

• This moves the upper left corner of the kept picture to the right 100 and down 50. Then measures to the right 800 and down 600 for the picture to be saved. Everything else is discarded.

COMBINE STEPS IN ORDER

You can actually combine steps in order on the commandline. Just give the name of the output file as the last argument like so: convert filename.jpg -resize x1024 -crop 1280x1024+0+0 filename-sm-crop.jpg

FINAL NOTE

There are a million more things that imagemagick can do... countless formats are supported and so are conversions between formats. If you have to process large numbers of images you should check it out.

Bluetooth security/auditing

And it begins... singin' the bluez

• http://www.pentest.co.uk specifically http://www.pentest.co.uk/cgi-bin/viewcat.cgi?cat=downloads&section=01_bluetooth
• http://bluediving.sourceforge.net
• http://www.harbaum.org/till/palm/bluetooth/--some good info on bluetooth under linux... and on a Palm if you have one.

... more to follow

Using secure access "network connect" with Linux

In order to use the full network connect option of SecureAccess (Juniper SSL VPN), you have to do the following on your linux (Debian) host.

sudo apt-get install libstdc++2.10-glibc2.2
sudo ln -s /usr/lib/libssl.so.0.9.7 /usr/lib/libssl.so.2
sudo ln -s /usr/lib/libcrypto.so.0.9.7 /usr/lib/libcrypto.so.2

(you get the idea)

This is a year old, so the versions in the above syntax may have changed.

Get yours from SourceForge before someone buys it!

http://www.heidi.ie/eraser/

This is a program for windows. Secure file deletion, wiping unused space on disk, secure recycle bin erasure and the like... You can even choose your algorithm and number of passes... to some extent anyway - I haven't played around with it enough yet.

Full integration with all the right-clicky menus etc...

Note that this handy little gem does not hide files... it only deletes and overwrites the contents. The tell tale signs of files that were once present on your windows box can only be removed by zeroing the drive and reinstalling a nice fresh copy of Windows.

Getting vmware server to run on Debian GNU/Linux

I have reinstalled vmware server (free version) and encountered incompatibility problems with my kernel (2.6.22-1-k7). It seems there are a lot of similar issues with other distros and similar kernels.

There are a number of standard hoops to jump through for Debian, but the following was the silver bullet for me with this new issue.

Needed is the any-any-113 patch from http://knihovny.cvut.cz/ftp/pub/vmware/vmware-any-any-update113.tar.gz

• untar the files
  tar zxf vmware-any-any-update113.tar.gz
• change to the vmware-any-any-update113 directory
  cd vmware-any-any-update113
• execute the runme.pl package
  ./runme.pl

The result will be a valid vmware-server package. By the way, when it asks for the location of your kernel's include files, use: /lib/modules/2.6.22-1-mepis-smp/build/include

Useful info at:

• http://phaq.phunsites.net/2006/03/17/installing-vmware-server-on-debian-sarge/
• http://www.vmware.com/community/message.jspa?messageID=716899

mp3 converters

compile these for use with grip try this URL: http://yolinux.com/TUTORIALS/LinuxTutorialMP3.html

http://members.tripod.com/Milaa/mp3Comparison/conclusion.html for usage options for lame.

both of these compiled fine, only used the --prefix=/usr/local/blahxxx option with ./configure

It looks like lame-3.97b2.tar.gz is still the latest version as of 2007-Aug.

I had to install (apt-get install) gcc and g++ with their accompanying libs to get the ./configure to work. I just followed the INSTALL doc that came with the source.

nvidia drivers and xorg configuration for Debian linux

So, I just went through the process of getting my nvidia GeForce FX 5200 card functional under Debian linux.

It was a joy.

NOTE: The package http://packages.debian.org/unstable/x11/nvidia-kernel-source is required and auto installed in like step 6 or 7 below. This package was not available in testing but only in stable or unstable, oddly. This being the case, I had to do an apt-get dist-upgrade to unstable before I could install everything that was needed for this method. AFTER THAT IT WAS SMOOTH SAILING!

ALSO NOTE: If you change your kernel (which the dist-upgrade did) or otherwise muck with your environment too much, you have to start the steps all over again.

There is actually a very good reference here: http://www.debianhelp.co.uk/nvidia.htm which I used for the most part - after fiddling around with a few other postings that were less useful.

I have summarized or just cut/paste the points that were relevant to my experience below.

1. Check that you have "main contrib non-free" in your /etc/apt/sources.list like this:

   deb http://ftp.us.debian.org/debian/ unstable main contrib non-free
   deb-src http://ftp.us.debian.org/debian/ unstable main contrib non-free

2. Run apt-get update to refresh your package info.
   #apt-get update
3. You need 2.4 or 2.6 kernel - check it with
   #uname -a
4. Install the required packages as follows
   #apt-get install nvidia-kernel-common module-assistant

   [now i'd never used this module-assistant, so it is all just so much black magic to me... I followed these instructions with a leap of faith.]

5. If you are running a debian kernel enter the following command
   #m-a -i prepare
   (fun stuff like binutils and kernel sources will be installed for your debian kernel)
6. Build and install the kernel module thus.
   #m-a a-i -i -t -f nvidia-kernel
   #depmod -a
7. Install (running unstable)
   #apt-get install nvidia-glx nvidia-glx-dev xserver-xorg
8. Reconfigure X to use the new drivers. Ensure you select "nvidia" when asked for your driver [see long section below for more info on this step]
   #dpkg-reconfigure xserver-xorg

NOTE: For the display properties, I was using a Dell 19" LCD flat screen. I tried to use the "simple" method of defining the monitor, it didn't work well. when I tried to start X, I lost signal to my display (Ctl-Alt-Backspace kills X), but in the process my display actually floated a message across it telling me what I needed to know... 1280 x 1024 at 60 MHz was preferred. I chose the middle difficulty option (not simple) the next go and that was one of the available choices... PRESTO MAGICO worked great.

ALSO NOTE: Users that want to run 3D applications need to be added to the "video" group

A note about configuring xorg using dpkg-reconfigure from: http://home.comcast.net/~andrex/Debian-nVidia/installation.html

The Debian way - This method avoids many common configuration errors, because you don't write an xorg.conf file yourself. Instead you answer a series of questions about your mouse, keyboard, and video hardware, and then the configuration script writes an xorg.conf file for you.

1. Save yourself some possible grief later, by backing up your current xorg.conf:
   cp -p /etc/X11/xorg.conf /etc/X11/xorg.conf.bak
2. Tell Debian that xorg.conf has never been edited:
   md5sum /etc/X11/xorg.conf >| /var/lib/xorg/xorg.conf.md5sum

   If you don't perform this step, and you have ever edited xorg.conf, then dpkg-reconfigure will lead you through its whole questionnaire below, and then silently fail to write a new xorg.conf. This is Debian bug #223929.

3. Run dpkg-reconfigure xserver-xorg and answer all of the questions.
4. When asked to choose an X server driver, choose "nvidia". An open-source alternative is the "nv" driver, which has 2D but no 3D capabilities.
5. When asked to select X server modules, deselect (uncheck) GLCore and dri, and select (check) glx.

When you're done, ls -l /etc/X11/xorg.conf to be sure your new xorg.conf file has been written. Thanks to Dave Page for informing me about this method.

See also: http://wiki.linuxquestions.org/wiki/NVIDIA_graphics_drivers

debugging tool that writes exploits

Immunity Debugger

Read a brief synopsis of the situation: Security firm creates vulnerability debugging tool that can help write exploits http://www.techworld.com/focus/endpointsecurity/news/index.cfm?newsID=9760&pagtype=all

Download at: http://www.immunitysec.com/products-immdbg.shtml

Throwaway email

A brief intro to throw away email... could be useful.

PCI ASV Requirements

PCI ASV Requirements. They are pretty rigorous from a business standpoint. I doubt the technical will be nearly as impressive.

See: https://www.pcisecuritystandards.org/programs/asv_program.htm

Where to buy scrubs

So... having worked somewhat in the medical industry... I have fallen in love with scrubs. Now, to the layman, it may not be readily apparent, but not all scrubs are created equal.

I finally took up the quest to get some of my favorite scrubs. These are the scrubs used by a large healthcare system I worked in. I snuck a peek at one of the labels and saw the brand "Angelica" and went off searching.

Eventually I ended up at A2Z Uniforms and Embroidery.
URL: http://www.a2zuniforms.com/

They still have what in my opinion is the holy grail of scrubs.

• Medline Angelica 600 (formerly 684) - Unisex Reversible Scrubpant
• Medline-Angelica 610 (formerly 683) Unisex V-Neck Scrub Reversible Top

These are the standby for large healthcare for several reasons which I really like. First, they can't be too expensive or a business wouldn't buy them. Second, they are durable, enough said. Third, they maintain a pretty good appearance as far as wrinkle and wear.

Whether I'm playing in the mud outside or at my potters wheel, they make great work cloths that breath well. I also find them great for lounging around in generally.

They come in a dozen or so colors and run around $10.00 per piece, pretty cheap. They of course have types/styles other scrubs in 100% cotton for example.

Contact info from the web site:

A2Z Uniforms & Embroidery
PO Box 845
Olive Branch, MS 38654

A2Z Uniforms Returns
3338 Goodman Rd. East
Southaven, MS 38672

Customer Service Hours (9:00am - 3:00pm CST)
662-349-1511 Phone
877-267-8015 Toll Free
662-796-3064 Fax

LDAP Injection White Paper

Some lite (tastes great) reading:

"How a Hacker Launches a LDAP Injection Attack Step-by-Step," a white paper from SANS.

PCI Latency

http://www.mythtv.org/wiki/index.php/PCI_Latency is a good reference. I was using this in relation to mythtv

you can use lspci to get the xx:yy.z number for any pci device. n is the latency you desire to set, and must be converted to a hex value. b0=176

If you do not specify n, the command will tell you what the current latency value is.

Higher latency makes a device get more time on the bus more quickly.

# sample command to increase PCI latency
setpci -v -s xx:yy.z latency_timer=[n]

# medusa IDE Interface 00:0f.0 - set to 176 or b0
setpci -v -s 00:0f.0 latency_timer=b0
 # medusa IDE Interface 00:0f.1
setpci -v -s 00:0f.1 latency_timer=b0

Using mii-tool to lock linux interfaces to 100baseT full duplex

The following syntax illustrates how to use mii-tool to lock linux interfaces to 100baseT full duplex

$ sudo ifdown eth0
$ sudo mii-tool -F 100baseTx-FD eth0
$ sudo ifup eth0

ISO Master

Meet a little tool called isomaster. Slick as slick, even sporting a simple GUI.

I used ISO Master 0.8 from a Debian package, but the URL is http://littlesvr.ca/isomaster/

Would be very hand for doing a little customization to somthing like knoppix or backtrack before burning your personal toolbox copy.

I lightened up the image I was concerned with by removing foreign language crap and then added a special boot file. Worked like a charm.

The reason I went looking for a tool like this was due to my inability to find a way to mount an ISO image to the filesystem in rw mode. If any of you know how to do that, you can enlighten me... ;)

ipwraw driver for the intel ipw3945 wireless card

it supposedly supports packet injection.

thread:

• http://tinyshell.be/aircrackng/forum/index.php?topic=1387.new

driver:

• http://intellinuxwireless.org/

RJ45-sized computer

Wow.

Hard to believe: http://www.picotux.com/

Rainbow Table information and resources

A little something to have on file.

about:

• http://en.wikipedia.org/wiki/Rainbow_table
• http://www.darknet.org.uk/2006/02/password-cracking-with-rainbowcrack-and-rainbow-tables/ (plenty of links to surf in those resources)

tables:

• http://www.antsight.com/zsl/rainbowcrack/ (create your own tables)
• http://rainbowtables.shmoo.com/ (you will need bittorrent for the tables)
• http://wired.s6n.com/files/jathias/index.html (more tables)
• http://lasecwww.epfl.ch/%7Eoechslin/projects/ophcrack/ (awesome live CD and other tools to use the tables with)

A few related references on breaking hashes:

• http://www.hashbreaker.com/
• http://www.md5hashes.com/index.php

Apt-Pinning

An excerpt from Apt-Pinning for Beginners

Why apt-pinning?

Do you run Debian? Have you ever gotten annoyed at how Debian Stable always seems to be out of date?

I will show you a way that you can have apt mix-and-match between Stable, Testing, and Unstable sources. This will allow you to run a mostly-Stable system, but also track the latest and greatest of those packages that you are most keenly interested in.

Why do this? Stable is covered by the Security Team. Testing and Unstable are not. For non-critical services, like perhaps your mailer, or your window manager, this is not so important, and the newest versions may have additional features that are desired. It is these packages that are perfect for pinning to a version, other than Stable. sources.list

The first step is to set up your /etc/apt/sources.list to include your typical Stable, plus the Testing/Unstable sources that you want.

A simple sources.list may look like this:

#Stable
deb http://ftp.us.debian.org/debian stable main non-free contrib
deb http://non-us.debian.org/debian-non-US stable/non-US main contrib non-free

#Testing
deb http://ftp.us.debian.org/debian testing main non-free contrib
deb http://non-us.debian.org/debian-non-US testing/non-US main contrib non-free

#Unstable
deb http://ftp.us.debian.org/debian unstable main non-free contrib
deb http://non-us.debian.org/debian-non-US unstable/non-US main contrib non-free

You would probably want to add your mirrors, security.debian.org, and perhaps the appropriate deb-src lines. Here is a copy of my actual sources.list. preferences

The next step is to create/edit your /etc/apt/preferences file. preferences is where the apt-pinning takes place. Normally, the highest version of an available package wins, but we will override that.

A simple preferences file may look like this:

Package: *
Pin: release a=stable
Pin-Priority: 700

Package: *
Pin: release a=testing
Pin-Priority: 650

Package: *
Pin: release a=unstable
Pin-Priority: 600

Note the decending values. Since Stable has the highest pin-priority, it will be installed preferentially over Testing or Unstable.

My actual preferences file is what you see above.

Hard Drive prices

an ad from slickdeals.net lists the following:

Seagate Retail or Western Digital OEM 400GB Serial ATA Hard Drives $100

uh... that's like 25 cents per Gig of storage... who would have imagined back in the good ol' BBS days.

I wonder how long before TB hard drives will be available for the consumer to purchase...