Sunday, March 26, 2006

Paranoid?

For the paranoid users reading, refer to this. The onion router network is an excellent way to scrub your source ip when you're just surfing or logging into a friend's server. Read the documentation here to install. Then either use the proxy settings in PuTTy and make sure to use SOCKS4 and keepalives to keep it alive, or if you're doing it from command line use socat to create a bidirectional connection with the destination. Example:

socat TCP4-LISTEN:4242,fork SOCKS4A:10.0.0.1:www.fbi.gov:22,socksport=9050
ssh -p 4242 federale@localhost


The connection/latency isn't always the greatest but at least you've covered your tracks.


[federale@fbi:~] last -10 federale
federale ttypd ned.snow-crash Sun Mar 26 15:05 still logged in
federale ttypg ned.snow-crash Sun Mar 26 15:01 - 15:04 (00:03)
federale ttypd slab.caida Sun Mar 26 14:50 - 15:02 (00:12)
federale ttypd 137.148.5.13 Sun Mar 26 10:19 - 12:25 (02:05)
federale ttypb 137.148.5.13 Sun Mar 26 10:18 - 12:19 (02:01)
federale ttype 85.31.186.61 Sun Mar 26 00:08 - 02:13 (02:04)

Saturday, March 25, 2006

FreeBSD lists

I use FreeBSD. You should too. Here are some worthwhile FreeBSD mailing
lists.

Bugtraq

I'm this lazy. I don't want to subcribe and fill my quota with dozens of cross site scripting exploits but every once there are some good posts

Friday, March 24, 2006

Thursday, March 23, 2006

South Park v. Scientology (Payback)

And thus the battle continues..

To quote:

"A lot of us don't agree with the choices the Chef has made in the last few days," one of the children eulogizes him at a funeral. "Some of us feel hurt and confused that he seemed to turn his back on us. But we can't let the events of the past few weeks take away the memories of how Chef made us smile.

"We shouldn't be mad at Chef for leaving us," the eulogy concludes. "We should be mad at that fruity little club for scrambling his brains."

Tuesday, March 21, 2006

Interesting

Another day, another blog. It even has its own moderated mailing list.

Scientology v. South Park

While I'm not the biggest South Park fan, this battle just gets funnier and funnier. This could be up there with Ali v. Frazer...

Saturday, March 18, 2006

For the hardware hackers..

You might want to check bunnie’s blog if you're really into hardware hacking. There's a monthly 'name that ware' game as well as discussions on reverse engineering hardware like HP2600N Watermarks (if you're not aware of printer watermarking, you might want to read here first).

Friday, March 17, 2006

HP Openview whackiness

I was troubleshooting some significant network alert messages from Cisco Security Agent and determined it was relating to HP Openview sending ICMP ECHO packets to the host. Typically, some of the security checks in CSA wouldn't alert on this, however it appears the echo packets being sent to the host are putting random data into the payload as opposed to the typical packet payload. The CSA check thought it was someone sending an ICMP covert channel payload ala Project Loki (article 6) by Mike Schiffman
and Jeremy Rauch. Its pretty funny that commercial monitoring management software sends commercial grade host intrusion prevention software into a tizzy. Also read the SANS following from SANS discussing various ICMP packets that you see from the net.

Thursday, March 16, 2006

Coincidence?

Yano, if anyone ever doubts that politicians don't know how to prey on the American public take a look at what the Republican party is pressuring Google to do. Now add in one sick, volatile situation to sway the opinion of the masses and just see what kind of push back they express for letting them strong arm the freedom of the Internet.

Tuesday, March 14, 2006

Improved Sniffing

Here's a link over to Richard Bejtlich's blog where he mentions new improvements in FreeBSD's bonding support for bridge interfaces for network taps. I.E. allowing multiple interfaces to RX only and save some iterations from unnecessarily TX packets when you're just using it for Snort.

Sunday, March 05, 2006

Milwaukee Mexican Restaurants

Yesterday I went to Conejito's to satisfy my enchilada craving. Man, this place was great - cheap food (cheap as in served on paper plates and all meals are less than $5). You can also get plates of taco's (four at a time) for $3. Their chips & salsa is excellent too. Well worth the drive down to 6th & National. If you want something a bit more upscale, you might want to just check around the corner and visit La Perla. I ate there last year when my father visited and I've got to say it wasn't that bad -- margaritas are pretty good although it's bit more of a bar than a restaurant, at least where I sat anyways.

At any rate, if you're just looking to pick up a burrito for the road, I can't say enough about Chipotle which is quite honestly one of my favorite places to eat. Their burritos are huge, the flavor and spice is amazing, everything is cooked fresh each day, and their chicken is organically friendly. Check it out the next time you're in a rush.

And if you're not in a real Mexican mood but something close, try out Cubanita's the next time you're downtown. It's a great place for lunch although a little pricey for a lunch but if it's on the company dime - who cares? I highly suggest their Cuban sandwiches and empanadas (chicken, beef or spinach). They're pretty quick for lunch too. But they're also great for an evening affair and its just as lively, I'd recommend their mohitas to go with your dinner.

Friday, March 03, 2006

Professor Hacks-a-lot

Great Friday afternoon. Why oh why couldn't I have more professors like this when I attended university?!