Hak5 - Technolust since 2005 » tcp

Hak5 904 – Writing software without a line of code, crafting packets with hping, case mod cable mangement & cathodes and more

Jason — Thu, 17 Mar 2011 08:41:48 +0000

Darren finishes off the photo frame case mod with a little cable beautification and accent lighting. Shannon’s getting into programming without touching a line of code using the Illumination Software Creator from Radical Breeze. Plus getting crafty with packets and the hping utility, open-source dropbox alternative based on OpenSSH and Rsync, and multi-threaded steganography bruter-forcers!

Download HD Download MP4 Download WMV

Hacker Headlines

Last week we reported on nearly 60 nasty trojans hitting the Android marketplace. Google responded by delisting the publisher and used their app remote kill switch on the over quarter-million affected users. Google also released a security tool to clean up the mess. Well, said security tool has been found on an unregulated third-party Chinese marketplace injected some delicious botnet code. This one sports the ability to send text messages from the zombie’d phone.

A ‘group of hackers’ has figured out a way to scam Microsoft’s XBox Live Points by producing working character strings like the ones you get on the back of the points cards. They released the scheme on a website that would generate the codes for you! Microsoft lost about 1.2 million dollars in points, but they have since blocked the site… though, they don’t have a way of knowing who did it and they’ll probably have to redo the entire algorithm.

Just when you thought your Linux box was safe, a router-rooting bit of malware has been discovered. Once run the malware, posing as an ELF file, brute forces network routers. If successful the malware even sets up an IRC backdoor on the system. This router-rooter comes months after the Chuck Norris botnet circulated, attacking routers with default passwords.

If you visited George Hotz’s website between January 2009 and now, Sony may know about it. In a decision last Thursday, Magistrate Joseph Spero granted Sony a subpoena of PS3 jailbreaker George Hotz’s web provider for logs. Sony also won subpoenas for data on Youtube and Google. GeoHot’s provider, Bluehost, has been asked to turn over server logs, IP address logs, and just about anything pertaining to geohot.com/jailbreak.zip

Whats more fun than Gary’s Mod? How about using the Kinect to play Gary’s Mod! John B used OpenNI to gather skeletal coordinate data from the Kinect and pass it through to Gary’s Mod so he can do all the physics fun while get an exercise. How about some Gary’s Mod music videos next? With baby kittens?

—

Crack the Code Challenge

Did you have what it took to compete in our Crack The Code Challenge, brought to you by GoToAssist Express? These fine Hak5 viewers did last Sunday. Mad props go to Paul, Sork, Richard, Raging Cake, Jenkins, John and Joey, as well as our returning champions Netshroud, Leo and Tristian.

A big thanks go out to all that participated, joined the live stream and chat, and of course GoToAssist Express for sponsoring our Hak5 Lab Network. We had an overwhelming reception with more participants than virtual machines, however we’ll be increasing our capacity this week as well as getting the Thunder Kitten Assault Force involved. Stay tuned for info on the next, even bigger Crack the Code Challenge.

And be sure to tune in next week as we’ll have a detailed walk through on how the challenge was completed.

—

Illumination Software Creator

I would love to have the ability to make my own software applications without having to know any kind of coding language. But it seems like even to do something as simple as a Hello World script you still have to know at least a few lines of script.
Well… not anymore! With Illumination Software Creator, from Radical Breeze, you can write software apps without the code, by using a unique easy interface.

Requirements:
Windows- Needs Python
Works on Windows, Linus, Ubuntu, Mac, Android, and Flex

Follow directions on the Requirements page at RadicalBreeze.com. For Windows, I have to download a few python installers before it’ll work. Then go to the download page and click on your desired OS. Run through the quick download and open the Software Creator.
Simply drag and drop boxes for what you want your application to do. Then connect the boxes by the ribbons to make a full application.
I’m gonna do a really simple one. It’s going to have a popup window that says Hak5 Rules!
First, click on new project and add your boxes. I want to set some text in a message box that will pop up.
So I add the set text box and add a variable that I can re-use for several commands. The variable is called Hak5 Rules, text, and the default text is Hak5 Rules!
Under Set Text I add the Hak5 Rules to the custom text line, then for the message box I add the Variable for Hak5 Rules.
After you make your application, click run to make sure it works. Ok, I need to add the variable to the Set Text box, and now I can click Run, save it, and in a few seconds, there we have a text box that says Hak5 Rules

At first it’s a little tough to get used to if you’ve never designed an app or used code. Once you get the hang of it it’s really easy.
Email me what you think at feedback@hak5.org.

—

HakTip: Crafting packets with HPING

We’ve been talking about screen, and packet sniffers, but today I’m putting ‘em together with a new tool to craft our own packets.

Hping3 is a TCP/IP packet assembler. It’s modeled after the unix ping command — but it can do so much more. It’ll craft TCP, UDP, ICMP or even RAW-IP packets.

So here in the top screen I have tcpdump running on eth0. If I issue a ping 66.11.227.169 I’ll see that traffic.

Now let’s say I want to not just ping the server, but figure out if there’s an HTTP daemon running. For this we’ll do what’s called a half-open SYN connection.

hping -c 1 -I eth0 -s 1234 -p 80 -S 66.11.227.169

In the top screen I can see my traffic. In the bottom I get the output from hping and I can see that we sent a SYN packet and received a SYN+ACK. Since we’re not completing the three-way-handshake we never complete the connection, thus leaving it as a half-open SYN connection.

Just as an example I’m going to run the command again but this time let’s change it to port 81.

hping -c 1 -I eth0 -s 1234 -p 80 -S 66.11.227.169

And in this instance there isn’t a daemon running to answer the SYN, thus we see 1 packet sent, 0 received.

Now this is just scratching the surface of what’s possible with a traffic generator like hping and a debug setup like tcpdump coupled with screen. And of course I’m looking forward hearing about your favorite packet assemblers.

So what tips are rocking your world? Send ‘em by tips@hak5.org

—

cables and lighting

In this segment Darren covers the beautification aspects of the case mod, tackling the tricky bits of cable management and accent lighting with cold cathodes. Darren reviews some of the recent case mod feedback and looks forward to hearing your ideas for future mods. Send ‘em by feedback@hak5.org

—

Trivia!

Last week’s trivia question was:
In WarGames, this character gives his name to the first computer game Lightman finds. The answer is Stephen Falken.

This week’s trivia question is:
This composer of Blade Runner was an inspiration to the recently released OST by Daft Punk of Tron Legacy?

Answer at hak5.org/trivia for your chance to win some hak5 swag!

Emails: Cluster Specs, Dropbox Alternatives and Brute Force scripts

“Jamie writes:
PLEASE tell us all the parts you use for the cluster nodes in episode 823. Please??? Love the show.”

The exact specs are ASUS P8 H67-M series motherboard, Core i5 2500K CPU, 2.5″ Scorpio Blue 250GB hard drive, and the least expensive 4GB of RAM you can find.

“You guys should work on metatagging your episodes based on what is covered and then have a search function for that… I am having all sorts of issues finding a few older episode I remember on Android… as I just a working one I want to play with it now -initialhit”

We are! In fact Paul is even cataloging our archive of segments. You may have noticed the code, game, geek, hack and IT categories on hak5.org. Stay tuned as we get all of our content cataloged over the coming weeks.

“After the last CCC I realised that you could brute force stegfiles a
Lot faster if you created multiple concurrent threads to do the work.
So, I wrote my own script to do just that. It’s definitely faster than
cypherround’s script, though not as pretty. I don’t have a website or
blog, so I pastebinned it http://pastebin.com/nLSbbF17.
Oh, and I’m really looking forward to the next CCC! –Nevermore”

Wicked! Thanks Nevermore

Tim writes: “Hey guys, I have a question about a possible dropbox alternative.

I have been using dropbox for about a year now for my paranormal research group. It has worked great for sharing casefile paperwork, evidence collections, etc.

I would invest in the pro versions to hold more space, but due to a security concern, each member of our organization has their own account and each person depending on
their position in the company gets access to certain folders, if I got pro for each person I would end up spending thousands of dollars a year (we have 20 members)

My question is could there be a better way of sharing files and synchronizing file versions instantly between users. I tried Microsuck Skydrive but I am also using some linux
machines which counts that out.”

The short answer is rsync. The longer answer will be a future segment, but
here are some links to get you started:

http://philcryer.github.com/lipsync/, https://github.com/philcryer/lipsync#readme, http://fak3r.com/geek/howto-build-your-own-open-source-dropbox-clone/, http://code.google.com/p/s3fs/wiki/FuseOverAmazon, and http://www.tarsnap.com/.

—

Keep up with the latest on Hak5 by following us on Twitter or Facebook. Subscribe and get your weekly technolust delivered automatically. Or show your support and grab some swag from the HakShop – including the new airport friendly WiFi Pineapple and hoodie. Finally if you’d like to suggest a topic
for ask a question feel free to hit up feedback@hak5.org.

Hak5 903 – Building a photo frame computer case, your iPhone jailbroken picks, Multi-monitor PC setups…

Darren Kitchen — Wed, 09 Mar 2011 19:04:18 +0000

Someone let Darren at the power tools again! Forget the case window, his latest creation includes a set of shadow box photo frames modded into a computer case perfect for showing off that sexy hardware. Shannon has rounded up your picks for webcam motion detection and iOS jailbroken apps. Plus answers to your questions regarding multi-monitor PC setups and much more!

Download HD Download MP4 Download WMV

Hacker Headlines
04:30

Watch out Ruby and Django, you may not be the only scripting languages in town to sport your own web server. This week Moriyoshi Koizumi of PHP.net posted an RFC for a built-in web server in the PHP binary. While this wouldn’t replace Apache as the web server of choice for major deployments, coders wanting to get a development environment up and running quickly would benefit from not having to write an HTTPD conf file.

Be careful what you download. 21 popular free apps in the market have been injected with root-kits and republished, AndroidPolice.com reports. “Guitar Solo Lite”, for example, was republished as “Super Guitar Solo” with the added functionality of secretly publishing your IMEI and userID, among other data, to a server in Fremont. Google has pulled the publisher from the marketplace and used its remote kill switch on the apps, but that doesn’t cover additional payloads which may have been downloaded from the 200,000-some zombie’d phones.

TorrentFreak reports that 70 percent of respondants to a Danish poll, say that they find piracy socially acceptable. 7 out of 10 said it’s acceptable, about 20 percent saying it’s completely acceptable, and 30 percent replied that it’s completely NOT acceptable. Although most that took the poll said piracy is ok, they mostly agreed that selling those downloaded goods for profit are completely not ok. I’m a little surprised to see how so many people think it’s alright.

Is Asus a fan of the Hak5 motherboard box case mods from weeks back? Possibly. The Taiwanese manufacturer showed off a concept shipping box that doubles as case for Mini-ATX motherboards. The box holds the motherboard and allows for additional components including hard disk and optical drives to be installed. I’ll go ahead and predict wall-mounted computer cases from Thermaltake next.

Thanks Lifehacker for the shoutout on our recent motherboard box case mod. Insert In-Soviet-Russia joke here.

Last year a 40-year-old computer specialist hacked into an advertising server and made a large plasma screen off a highway in Moscow play 20 minutes of porn (video). He faces up to 5 years in jail. This week the man plead guilty, to hacking into an advertising server and having a large plasma screen in Moscow to play 20 minutes of porn.

HakTip: Webcam motion detection round-up
7:04

I love those little tools that help out with everyday tasks. I have talked about motion detecting webcams in the past, but here are a few user picks:

Gary writes: If you want something sophisticated that runs in Linux try Zoneminder. Zoneminder is a professional quality, free, motion detection program for webcams and other cameras. It does everything Yawcam does plus more. In Ubuntu there are install instructions, and everything is in the repositories. Note, to prevent false triggers due to clouds passing the sun during daylight set up an exclusion zone. Another note, this program uses Mysql, Apache, Php and may be difficult to set up initially but is well worth the effort.

Ubuntu install guides and Zoneminder.com

Another viewer writes: Thought I’d let you know that Vitamin D is THE best webcam-software that there is. The ability to recognise motion between humans and animals, seriously!

What little gems are rocking your world? Hit us up, we’ll share ‘em! tips@hak5.org

User picks- Top Jailbroken Iphone Apps
10:14

Lots of new apps for me to check out. Here’s a quick overview of my favorites that you sent in:

Max Gamer uses JavaScript Anywhere when he needs something to do on his Iphone. This lets you hone HTML skills and play with web design. It’s a simple application for Web Development and Programming that lets you work on programming JavaScript, HTML, or CSS whenever you want. It’s free and downloadable from the iphone app store.

PkgBackup- backs up repo sources and Cydia apps and saves them as an info file in contacts. Have to restore? No problem. Go to Cydia, download the app again, sync contacts from ITunes, and press restore in the PkgBackup App. This redownloads all your sources and apps. Its good if you have a lot of apps installed and no time to keep track of them. It’s $4.99, available through Cydia.

Mike- VNC’s- Veency- Little faster, quick toggle in SBSettings. Free in Cydia.

MCleaner- Lets you annonomously block calls and create a blacklist or whitelist. You have choice to have phone keep ringing, go straight to voicemail, hang up or accept. You phone wont ring while blocking call. There’s a 15-day trial or it’s around $12 total through Cydia.
iFile is a very useful file manager and viewer. It gives you fast navigation through the iphone system to view files. You can view movies, sound, text, html, pdf’s, even ZIP files. Files can be sent as email attachments straight from your phone or edited and bookmarked as well as uploaded straight from the iFile built in web server. $4 plus free trial.

Pirni Pro- Network sniffer, native ARP spoofer. This can be used to sniff usernames, passwords and data traffic running over your wireless network. This new version with a graphical interface is very user friendly. $1.99 in Cydia.
Wifi Sync- Wirelessly sync with iTunes from wherever whenever. Wi-Fi Sync enables wireless syncing with iTunes at the touch of a button. Never go looking for that USB cable again. It’s $9.99 and available in the Cydia store.
From Ed-

iBluever- iBluever is an iOS application which enables Bluetooth Dial-up networking support (client mode) for your iPad, iPhone and iPod Touch. iBluever has its own Bluetooth and network stacks, you can connect your iPad/iPod Touch/iPhone to a Bluetooth Dial-up networking enabled phone, and then access the mobile network via the phone’s connection. So you can share your phone’s data plan to your iPad/iPod Touch/iPad, and save your money to buy an iPad 3G, make your iPod Touch to be more like an iPhone. $5.00 in Cydia.
iNet- non jailbroken app- $3.99, a network scanner. Great tool to find out what devices are connected to your network… or the hotels open wi-fi network…

Nick-
Just following up to your jailbroken iPhone apps segment. I found this site called CodeThemed which makes it really easy to make your own WinterBoard themes.. you should check it out.

Send em in! We got plenty more, I just dont have time to review all of them!
feedback@hak5.org

Crack The Code Challenge
17:16

Do you have what it takes to compete in our Crack The Code Challenge — brought to you by GoToAssist Express? Test your skills in our private lab network and bid for the title supreme leet hax0r. Winners will be featured on a future episode of Hak5!

Our next event will be this Sunday, March 13th at 3pm Pacific. Visit Hak5.org/challenge for all of the details. We’ll be live streaming at hak5.org/live throughout the day. See you there!

Modding a photo frame into a computer case
18:50

It’s time to break out the power tools and start building again. This week I’m pleased to bring you the first part of the photo frame case mod build. I’m using two Ikea RIBBA series shadow-box photo frames to display a mounted and lighted motherboard for your admiration. Technology is a beautiful thing.

Trivia!
38:29

Last Week: In Tron, characters that are depicted battling in the digital world are called what?

Answer: Programs

This Week: In WarGames, this character gives his name to the first computer game Lightman finds.

Answer at hak5.org/trivia for your chance to win some hak5 swag!

Email: Email: Multi-monitor PC setups
40:55

Gehric writes:

Hiya Darren and the team, Can you do a segment on how you did the multiple
screen setup, i would like to do a 4 monitor setup and show a snake or cube
scrolling, so that i can show it off at my next house party

Darren recommends multiple PCI-e graphics cards in a compatible motherboard from the same manufacturer. He has had plug-and-play experience in Windows and Debian variants of Linux.

There are also plenty of USB VGA adapters available.

Email: Email: Packet sniffing with tcpick
42:47

MyssT writes:

Good show, can’t wait to see what you do with the cluster! Anyway reason I’m mailing is…
This is a cool packet sniffer.. tcpick
For example, sniff irc on your network:
tcpick -i eth0 ‘port 6667′ -e 1000 -yR
Lots of other cool stuff too and has curses support on linux, I’m using it on debian 6.0

Thanks MyssT! Always good to have another packet sniffer in our arsenal.

Episode 812 – Toorcon San Diego 2010 Part 2: IPv6

Darren Kitchen — Wed, 03 Nov 2010 12:51:30 +0000

In this episode Darren sits down with Joe Klein at Toorcon San Diego 2010 to talk IPv6, good and evil. Its more than just a big address space. We discuss the demise of IPv4, the differences between IPv6 and IPv6, Neighbor discovery, self-forming networks, global multicasting, address discovery and more.

Download HD Download MP4 Download XviD Download WMV

Links generously provided by Joe Klein

Hurricane Electric Free IPv6 Certification
Self Certified
IPv6 Ready – IPv6 Forum
DOD JITC
What is my IPv6 Address?
Test my system/network support for IPv6?
What sites support IPv6 and to what level?
What is my speed on IPv?
Joe Klein’s IPv6 security presentation

Keep up with the latest on Hak5 by follow us on Twitter or Facebook. Subscribe and get your weekly technolust delivered automatically. Or show your support and grab some swag from the HakShop – including the new airport friendly WiFi Pineapple and hoodie. Finally if you’d like to suggest a topic for ask a question feel free to hit up feedback@hak5.org.

IPv6 from the Pentesters Perspective

paul — Thu, 21 Oct 2010 01:18:31 +0000

This demonstration Mubix joins us to add persistance to our penetration testing with a little Metasploit, Microsoft, and IP version 6.

Bind shells went to the wayside with the dawn of firewalls and NAT, but IPv6 was nice enough to bring them back. With the help of some built in tools from good old Redmond and our trusty Meterpreter, we can now connect to our shell any time we please. Based on his Revenge of the Bind Shell presentation we dive into the tools and techniques required to traverse firewalls and maintain persistence.

Episode 515 – Build your own SAN, PSP Hacking, Net Grep

Darren Kitchen — Wed, 27 May 2009 06:54:21 +0000

Jenn Cutter of Open Alpha fame joins us to talk about recent developments in PSP hacking and homebrew. Matt’s got answers to your questions about rolling your own Storage Area Network for all your virtualization needs, and Darren’s filtering packets in the console with ngrep.

Download HD Download MP4 Download XviD Download WMV

While Shannon’s on vacation our friend Jenn Cutter from Open Alpha joins us to talk about the recent developments in PSP hacking and homebrew.

The PSP homebrew scene has grown more interesting over the past little while since the user base has been sectioned off into different camps based on the particular unit they purchased and whatever firmware they are using. Thanks to the efforts of Team Typhoon, ChickHEN (homebrew enabler) permits owners of all models to run the unofficial apps and games they’ve grown to love without touching the flash of the PSP, so there’s no worrying about turning it into a brick. No one likes expensive bricks. Keep in mind that ChickHEN is not a piracy tool so don’t expect to run any type of backups though it. Davee has the lowdown on the latest release which can be downloaded here. If you are curious or sceptical, feel free to check out video proof that it works on PSP 3000s.

–Jenn Cutter

Matt answers your questions about storage area networks and recommends QNAP. If you’re feeling hands on rolling your own is a great option too. Matt points out his favorite hardware like 3Ware RAID cards, Transcend IDE Flash Modules, and the Intel Storage Server SSR212MC2. Software wise it’s worth investigating Freenas, and SAN Melody.

Continuing on with Eighty‘s segment on extracting windows executables from packet captures and Mubix‘s segment on network tap analizers, Darren’s taking a look at the open source tool ngrep. If you’re familiar with grep you’ll be at home with this tool. Darren demonstrates using the tool to filter packets from a live capture using a Network Monkey. Alternatively it can be used with pcap files.

Don’t forget to check out our latest contest at Hak5.org/yourlan where the most creative network will win cozy Hak5 gear from our newly opened HakShop

Episode 501 — Won’t you be my neighbor?

Darren Kitchen — Wed, 18 Feb 2009 21:51:13 +0000

Getting to know your neighbors — Darren takes a trip around your network with nmap, THE open source network security scanner. Want to obscure your OS fingerprint? Make a Windows Box show up as a printer? Shannon�s got just the thing. And Matt takes a first look at the Napera N24 smart network switch / security appliance. All that and more on this Hak5 Season 5 Premiere!

Download HD Download MP4 Download XviD Download WMV

Watch

Show Notes

Taking a trip around your network with Nmap

This week I talk about network scanning with the difinitive open source security scanner Nmap.

Scanning ones own network is ideal whether simply to know your neighbors or keep inventory of your assets. As a black hat it can be the first step in enumerating a target environment and looking for weaknesses.

In order to perform our scan we’ll simply need a copy of Nmap. It’s available for Windows, Mac, and just about every flavor of Linux, BSD and more. If you’re on a debian based system like Ubuntu a simple apt-get install nmap should do you good. If you’re looking for a security distribution with nmap (and a ton of other great tools) built in can’t speak highly enough of BackTrack. Version 4 beta was just recently released.

The underlying workings of Nmap are better explained in this guide but suffice it to say it takes advantage of TCP’s 3-way-handshake and other fancy raw packet tricks to find hosts and open ports. In this segment I set out to introduce the concept and get you started with a few basic examples. If you’re interested I recommend Nmap Network Scanning and the official man pages as further reading.

The segment details some commands and their usage in a searching for open MS terminal servers scenario. I highly encourage you to provide feedback either by way of email (darren AT hak5 d0t org) or on our forums. I enjoy doing segments like these but if you have any corrections (more than one way to skin a cat), suggestions for future topics or hacks of your own please let me know.

–Darren Kitchen

Obscure your OS Fingerprint

OSfuscate 0.3 by Irongeek is used to camaflouge or obscure your Windows OS. With this tool, it’ll show up like another OS of your choice, nothing at all, or even a printer. OSFuscate could be used if you are on a hostile network and need some sort of cloak while going along in your daily routine. It is important to note that this is not a fool proof method for hiding yourself on a network and should not be relied upon for security. however, as a layer of obscurity in addition to your regular security practices you may want to consider it.

It’s a simple process to set up OSFuscate on your machine. Go to Start->Run->Regedit. Back up your Parameters folder, found under System->CurrentControlSet->Services->Tcpip->Parameters. You can do this by simply right clicking on the folder, and choosing export. This is basically just to keep yourself form messing up your OS in the process and having no way to return it to normal. You’ll notice on Irongeek’s website that certain Parameter Registry keys will be subtly changed. You could do this by hand, but OSFuscate makes this task super simple. Open OSFuscate, and choose an OS that you want to pretend to be. Restart your computer and the differences should be in place! Now if someone running NMap snoops your computer, they’ll see some other OS other than what you actually have.

You can find more information at Irongeek’s Website. And as always, you can email me with any comments or suggestions.

as it really helps us out.

–Shannon Morse

Matt’s full review of the Napera N24 can be found on his blog at MattLestock.com.

Thanks for tuning into our season premiere episode. We’re very excited about all of the exciting new projects coming up in Season 5. We appreciate and encourage your feedback — especially on this episode’s fresh format, pace, and presentation. We strive to make this show better and better for you every week so let us know how we’re doing!

And a big thanks to those who’ve contributed to the success of Hak5. Your donations are greatly appreciated!

Build a hardcore router for free with pfSense

paul — Thu, 05 Feb 2009 03:14:47 +0000

While our smoothwall is and has been working well for us for the past two years, I recently had the need for something a little more robust.

I came across a fork of the monowall project, pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution.

Here’s a short summary of some of the eye catching features.

Filtering by source and destination IP, IP protocol, source and destination port for TCP and UDP traffic
Able to limit simultaneous connections on a per-rule basis
pfSense utilizes p0f, an advanced passive OS/network fingerprinting utility to allow you to filter by the Operating System initiating the connection. Want to allow FreeBSD and Linux machines to the Internet, but block Windows machines? pfSense can do so (amongst many other possibilities) by passively detecting the Operating System in use.
Option to log or not log traffic matching each rule.
Highly flexible policy routing possible by selecting gateway on a per-rule basis (for load balancing, failover, multiple WAN, etc.)
Aliases allow grouping and naming of IPs, networks and ports. This helps keep your firewall ruleset clean and easy to understand, especially in environments with multiple public IPs and numerous servers.
Transparent layer 2 firewalling capable – can bridge interfaces and filter traffic between them, even allowing for an IP-less firewall (though you probably want an IP for management purposes).
Packet normalization – Description from the pf scrub documentation – Scrubbing is the normalization of packets so there are no ambiguities in interpretation by the ultimate destination of the packet. The scrub directive also reassembles fragmented packets, protecting some operating systems from some forms of attack, and drops TCP packets that have invalid flag combinations.
Enabled in pfSense by default
Can disable if necessary. This option causes problems for some NFS implementations, but is safe and should be left enabled on most installations.
Disable filter – you can turn off the firewall filter entirely if you wish to turn pfSense into a pure router.
pfSense offers three options for VPN connectivity, IPsec, OpenVPN, and PPTP.
There’s a ton of other great features that you can read up on at http://is.gd/iauk

The LiveCD ISO is available from http://www.pfsense.org/mirror.php?section=downloads and for VMware folks, a prebuilt VM is available at http://files.pfsense.org/vmware/pfSense-1.2.2-VM.zip

–Matt Lestock

Episode 409 — HappyHakoween: Password Cracking Clusters, Remote Control Services, Wireshark Packet Filtering

Darren Kitchen — Wed, 29 Oct 2008 16:29:25 +0000

Matt shows us how to turn anything into a service and provide a web frontend to manage them windows server, great for game server administration. Chris Gerling wraps up his three part series on Packet Sniffing with Wireshark techniques for packet filtering. Darren harnesses the CPU power of the HakHouse for good or evil to demonstrate cluster computing. Plus details on our Hak5 Halloween LAN Party!
[ MP4 | XviD | WMV ]

Watch

Show Notes

Matt Lestock turns any windows application into a service using instsrv and srvany and demonstrates how we use this technique, coupled with Panel Daemon to delegate game server administration at the Hak5 playground.

Chris Gerling shows us some packet filtering techniques using the network analyzer Wireshark. He covers capture filters, display filters, colors and statistics. Read more on packet sniffing on his blog at ChrisGerling.com

Darren Kitchen talks about parallel computing. He touches on grid computing and massively parallel processors though he mainly focuses on clustering. Darren demonstrates simple windows password cracking techniques using an openMosix based image and discusses the theory behind setup. Darren has a lot of further reading for you to check out on his blog and would like to hear your feedback about building the Hak5 beowulf cluster!

And on a production note: We’ve switched over from a standard-def composite based video mixing solution to a high-def HDMI based system. Unfortunately until we get a Mac Pro and switch to Final Cut Pro for editing we’re unable to release a 720p version of Hak5. But we’re well on our way to bringing you guys truly high def technolust thanks to everyone who has continued to support this cause. Thanks!

Episode 408 — Dissect TCP/IP, Dos Box, Alice, Day-Con, and Fon Batteries

Darren Kitchen — Wed, 22 Oct 2008 16:26:25 +0000

Chris Gerling breaks down IP and TCP headers with Wireshark and building blocks. Shannon Morse shows us DosBox, a free IBM PC DOS emulator. Christine Bourquin talks about Alice, a teaching programming language for beginners. Darren Kitchen summarises his experience at Day-Con and answers some questions about Fon batteries. [ MP4 | XviD | WMV ]

Watch

Show Notes

Chris Gerling dives into the structure of IP and TCP headers in part two of his three part series on packet sniffing. He covers everything from source ports to checksums and everything inbetween offering insight into TCP packets in plain English. Then in part three he covers basic Wireshark usage and advanced techniques. Read more on packet sniffing on his blog at ChrisGerling.com

Shannon Morse shares with us DosBox, the free and open source IBM PC emulator that allows you to break out those old floppies and play your DOS games once again. While we wait for DNF, anyone for a Duke Nukem 3D deathmatch?

Christine Bourquin demos Alice, an innovative 3D programming language that makes it easy to teach programming using a simple drag-and-drop interface. Perfect for the next generation of computer scientists.

Darren Kitchen brings us his review of Day-Con with photos courtesy of the security twits. He also talks about Jasager batteries both big and small.

And on a production note: We’ve switched over from a standard-def composite based video mixing solution to a high-def HDMI based system. We’re not ready to release the full 720p quite yet as we’re ironing out (read: developing on the fly) the post production process but in the mean time we’ve got damn good looking 480p and we’re looking for your feedback. Thanks a million to everyone who has donated and helped make this happen!

Episode 406 – Packet Sniffing 101, Social Media with Boxee, and multiple Gordon Freemans with Synergy

Darren Kitchen — Wed, 08 Oct 2008 17:05:19 +0000

Chris Gerling begins a three part series on Packet Sniffing starting with the fundamentals of packet structure, the OSI model, tools and terminology. Matt harnesses the social power of media with Boxee, a social media center based on XMBC. Shannon demos out Synergy, the Half-Life 2 co-op mod, and Darren check out Cron for Windows.
[ MP4 | XviD | WMV ]

Watch

Show Notes

Matt Lestock harnesses the social power of media with Boxee, a social media center based on XBMC.

Chris Gerling starts a 3 part series on packet sniffing, this time starting with the fundamental structure of a packet, the OSI levels, the tools and terminology.

Darren Kitchen demos Cron for Windows, a tool from Tom Bell that brings the powerful task scheduling service Cron to Windows!

Shannon Morse checks out Synergy, the Half-Life 2 mod that allows you and your friends to play as multiple Gordon Freemans through Half-Life 2 campaigns in co-op mode. w00t!

We’ll be at Day-Con in Dayton Ohio this weekend. Come meet us at the con or hit up the after party if you’re in the area (I think it’s 21 and up). Then on the 25th we’ll be heading down to Nashville, TN for Phreaknic so be sure to stay tuned to Hak5.org for all the details and announcements or follow @hak5 on the twitter.

Oh yes, and we’ve ordered nearly all the equipment necessary to go HD! Woohoo! Thanks so much for all the donations. We’ll be high-res in no time now