So, I got into a discussion with a friend of mine in my Computer Security class at UCF about this script. I’m posting this for historical and educational purposes only. As always, I never condone the implementation of any of my content for malicious intent. Moreover, this script has flaws that * would make it useless in such a scenario. Don’t do it!
Here’s a script I hacked up last semester when I was playing with MITM attacks and packet eavesdropping with ettercap:. This scripts will automatically:
fake its MAC Address get a new IP Address collect a list of hosts on the same subnet as itself iterate through and ARP poison: each of these hosts one at a time for 5 minutes each save all data collected in host-specific files in a timestamped directory repeat until the hard drive is full Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
I recently reformatted my hard drive–switching from pure Gentoo to the Sabayon fork. Sabayon did for Gentoo what Ubuntu did for Debian. It’s generally a lot easier to use, but–unlike Ubuntu–it doesn’t sacrifice functionality for ease-of-use.
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
I went to send an email the other day and I was halted when I discovered that my key had expired. I can’t believe that I’ve been using GPG for 6 months, but the time had come to generate a new keypair.
This post outlines the process to gererate a new keypair once your old keypair has expired.
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
Jesus. It’s only the second week of school and I’ve already pulled my first all-nighter. This time, however, it was not for school. I was determined to get my OpenVPN server properly setup so that I could finally browse the web securely from the dorms. I only expected this to take a few minutes, but I ended up spending over 7 hours of research, troubleshooting, and configuration changes.
This post will contain a slew of information about smoothwall, zerina, openvpn, and iptables. I’m mostly just going to throw all of my findings here without much of any logical flow.
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
A few weeks ago, I finally got around to downloading and installing 4 updates to my smoothwall box. Unlike Ubuntu upgrades, this process was farily painless except for one thing: my Zerina OpenVPN ‘plugin’ broke.
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
I’ve wanted to setup a serious linux-based firewall for my home network for some time now, and I finally got around to it yesterday.
There are TON of linux router distros out there, but instead of spending 8 hours picking & choosing, comparing & contrasting, nitpicking & debating, I asked someone else ;). Two buddies of mine have a similar setup at their homes: one uses Smooth Wall; one uses IPCop. I arbitrarily chose Smooth Wall (after actually setting it up, though, I think IPCop would have been a better choice–c’est la vie.
The installation is supposed to be quite painless, and it was–for the most part. The documentation and install process was intuitive and easy to follow, but it didn’t work OOTB. I probably only had so much difficulty because of hardware issues (fried NICs?) which is by no means Smooth Wall’s fault. Nevertheless, it took ~5 hours of bang-your-head-against-the-table troubleshooting ’till I could finally unhook the monitor & keyboard, shove it in a corner, and get some sleep.
I was also disappointed with two things that didn’t work as I had expected OOTB:
DHCP DNS VPN Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and . . . → Read More: Smooth Wall
So, it turned out that–by some miraculus chance–the day I decide to move my blog from wordpress.com to my own server is the day after a major upgrade of wordpress is released (v2.3 to 2.5). I figured that, while I was at it, I would upgrade the server that I setup a few weeks back (I’ve been planning this move for a while now, just never really got around to finishing). I’m pretty sure I followed the installation process just fine, but when I tried to go to any page on my fresh, new site (including wp-admin/upgrade.php) I got slammed with this lovely error:
Fatal error: Call to undefined function require_wp_db()
Eventually I decided “fuck the installation instructions.” I was able to install it by copying my config file and other data TO the new wordpress folder (the suggested process is the reverse: copying the new files into your current, older install).
It’s a bitch of a thing to search, too. If you search for that error (at least now, anyway) you get a bunch of popular blog sites that have since been fixed. There is no info from the webmaster or blog author as to HOW they fixed it, . . . → Read More: Blog Moved & Upgraded
Well, I’ve been fuming for the past few weeks over something, and I’ve just now gotten around to doing something about it.
I went back to my dorm room the other day, and a few buddies followed me in. One of them was carrying a camera; he was filming me for whatever reason (he’s weird like that). Anyway, I sat down at my computer and unlocked it (brought it out of the screensaver with my password) so I could begin studying for the upcoming finals (the next morning). Soon as I did, the dude with the camera behind me smiled and said, “Now I’ve got your password.” I didn’t know what to do. My computer password is the most secure password I have: alpha, numeric, symbol, and 10 characters long. I use that VERY secure password for the things that I REALLY need secured: computer data, and banks. The first former would be bad, but the later would be worse. If he knows that password, he can literally bankrupt me. Oh shit.
So, something had to be done; I needed to evolve the way I secure things. I’m in college now, so I should probably do it anyway. I need . . . → Read More: Grown-up Security
I just got the wireless working on my new laptop in ubuntu (thank god for forums), and I was disgusted to find that from my room I got ~20% signal quality. I knew the problem could be with the laptop or the wireless router, but since I can’t do anything about the laptop I did some tests with my router by using three different antennas.
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡