One paper on netcat uses is fine, but two sites in two days exceeds my Recollection Buffer and defaults back to needing a post.
Dean De Beer offered up a paper on Netcat for the Masses which gives some good initial infomation on playing with netcat.
And I found Luke posted even more uses for netcat.
I may not get to try everything out, despite my intentions, I still like to post things here in case I want to reference them later on. This site isn’t a blog, but it does have some interesting tools and papers. I got pointed here to check out wfuzz a web fuzzer/bruteforcer. But I really want to try out the Geoedge script which will do a geographical lookup on IPs (yeah, even automating a few clicks is worth it if you do a lot!). There is also an Intro to Reversing on a Mac that is only one page but at least illustrates a few simple things for Mac users. And Metagoofil will pull out meta data from docs. Now that is pretty neat. What ever happened to talking about info leakage via doc metadata?
Tail is an excellent tool for watching a log file. Tail in cygwin on Windows is ok, but the display really does kinda suck. Baretail is a similar program for Windows that can tail a log file quite nicely. The program doesn’t even use an installer and is just a bare standalone executable and works quite nicely to watch logs on Windows. Excellent little tool.
There is a problem in IT and security with home users and small businesses. Security and any sort of halfway solid IT infrastructure is simply not possible without buying an outside service or having the luxury of an employee or employee friend with IT aptitude (and even they can be detrimental to security). Devices and software are expensive, and open source tools tend to be more advanced than many small businesses can handle (consultants that know licensed Microsoft tools are a dime a dozen, but an open source/linux guru will cost ya).
So I liked reading what Untangle (formerly Metavize) is doing. They have a server device that you can run and it looks rather robust for a tool they are offering free to small shops with 10 or less computers (that would include me at home!). This is like Smoothwall, but with other features. I look forward to checking this out, but if it is as easy and solid as it looks from the website, I’ll be quite enthused to recommend it for people without a budget or IT support.
The server appears to provide firewall, antispam, antispyware, antivirus, web filtering, and various other services that make sense to be packaged into one single chokepoint device on a network. I think I will try to segment off a part of my home network and drop this in with a test laptop behind it and see how it works. I just need to find a spare system that is close to the required specs, and I think my old server that I just phased out a few weeks ago may be just the ticket.
Cookies are a very old (in tech terms) method of messing with a website and/or circumventing security or obscurity. Nonetheless, never underestimate them or overlook the low-hanging fruit. InformIT has a quick illustration on playing with cookies on a large website.
Sometimes it is just nice to see examples and how tools are used. For more cookie playing, I’d like to check out this firefox extension for adding and editing cookies (supposedly AnEC like the one shown in the article?).
Finally, open source apps for this stuff! The article explains how to turn your webcams into security cams. I really need to put this on my project list someday, as I have at least two webcams gathering dust in a box somewhere that are decent cams and almost never used.
Mobility has its limits, especially if your ISP prefers you use their DNS servers, but then does not want you to use their DNS servers from IPs that it does not own. What to do? Many tech geeks have ways of finding DNS servers they like, some use their own or DNS servers from their work, but your average home user probably wouldn’t know what to do. OpenDNS sounds like a nice idea to get free DNS use. In fact, it offers up some services that may be of limited (read: better than none) security in blocking phishing sites and doing some spelling correction (for commonly misspelled sites that take you places you’d rather not see). Sounds like a nice enough deal to try out. However, in reading their marketing material about being blazingly fast and such, its really just all talk. It is no faster-feeling than any other DNS server, really. I suppose, however, that this thing can be programmed to adjust ad-ware and spyware and even botnet DNS calls as well, helping to quell botnets and other malware from contacting dynamic home adresses.
The only thing to keep in mind is what this service’s business model is. It is a free service, but nothing is ever really free, no? Perhaps they gather statistics on DNS queries and sell that gathered information in creative ways. Perhaps they will be able to log your queries and better tailor things to you, such as crafted DNS queries much like Google puts relevant ads on gmail or based on various searches. Either way, there shouldn’t be too much “badness” involved in something like this, and even if there is, it is only IP address and DNS query badness. For someone like me who will use this on a laptop that roams around, I’ll end up fairly anonymous as it is.
Another area I’d like to delve into in more detail, maybe with Vista’s built-in Bitlocker. But here are a couple free tools that provide disk encryption:
FileAudit will provide audit trails for file access in Windows. Thing I like with this tool is that it is relatively cheap for what you get, and you get a tool that just does its one thing, and seems to do it well. Granted, Windows file servers can already do file level monitoring in the event logs by adjusting the auditing on folder properties. However, making reports and doing anything beyond onesy-twosy checks in the logs is not possible without custom scripts or additional tools to parse the logs out and correlate the data. While not free, and not even something I want to use right now, this is still useful to log for my own benefit sometime in the future if I am asked about this issue.
Sometimes, you just want to tackle challenges outside your lab, contrived by someone else. Here is a quick rundown (stolen shamelessly from pen-test mailing list on SecurityFocus) of some training programs and sites:
webgoat
foundstone’s hacme series
www.pulltheplug.org
hackquest
Wow, a free web-based network inventory tool. Definitely gotta try this out!
SANS has a list of nice links for log analysis tools and discussion. No need for me to duplicate it, just click the link.
TrueCrypt is a cool encryption tool. NTFS ADS is still a cool and under-known feature. And this tutotial shows how to use both together.
New users to TrueCrypt can also reference this written tutorial on using truecrypt for the first time.
update: Another link from SANS on getting started with TrueCrypt (I totally cannot read this name without hearing IronGeek’s voice…)
Hak5 has an awesome little mention about using FreeNAS with some spare equipment to create a very cool NAS. It also has some free scripts to do backups. I don’t know if I have the hardware right now, but I’d love to try this out with some old parts.
From Hak5, here is a link to a USB “Switchblade,” which is basically a Windows-hacking USB key that is really slick. I’m looking into making this right now if I can find a spare key.
The show notes on this section are helpful as well. I only have one U3 key, so I have been playing with the non-U3 technique. You still have to click something when using a non-U3 key. I may look for a small, cheap U3 key here soon.
Even more info on the forums.