†è¢h båbblè

This Blog has moved to Wordpress

2006-04-21T03:51:00.000+05:30

I've decided to make the switch to Wordpress software for blogging.Although right now I've created a free wordpress account which doesnt offer much when compared to hosting Wordpress on a paid server.I'll be soon making the switch for a paid domain as well as hosting.

All the posts have been ported into the wordpress account,thanks to the built in feature of wordpress allowing import of all posts from Blogger.com

I'll be continuing blogging at wordpress & hope to see you there ! :)

My Blog at Wordpress

Oobertech Revamped

2006-04-19T23:03:00.000+05:30

We have revamped our discussion board,Oobertech & transformed into a brand new product:Techspot.in.
This was all been done in just a matter of a day or so.We've also bought a license of Vbulletin forum software ver 3.5.

Although the forum is still under testing phase we are trying out new things which may result in a few problems with the way the forum functions.Please bear with us for the time being,the forum after all the changes,database integration is not even 24 hours old.

Please keep the suggestions,problems you are facing flowing.We are listening @ Techspot.in

Regards

digen

Article:Logical Volume Manager(LVM)

2006-04-17T03:03:00.000+05:30

Here is a excellent article about the fine details of setting up a LVM right from the horse's mouth.

Redhat Magazine:LVM

Project:Asterisk

2006-04-16T02:03:00.000+05:30

For anyone who has been reading my blog,one of the projects I desperately wanted to do was setup a PBX using Asterisk & explore many of the cool things that can be done with it.

But due to the hardware not being available I was helpless.Actually the stuff is available on ebay India but I dont trust people on ebay :-P.This month's LFY contained a advertisement about a company from Mumbai called Enterux who are selling FXO PCI card for Asterisk & other Digium Hardware.

The card would be costing me about 2.5k approx with VAT & shipping charges.I've just placed my order online through their order form which is located here

Looking forward for the stuff to land at my house ! :)

EPL Title Race has spiced up

2006-04-14T06:35:00.000+05:30

I'm an avid supporter of Manchester United.My love for the club started immediately after the 1999 UEFA Champions League Final against Bayern Munich,what a classic match it was.Since then I've watched every match I could possibly watch featuring Manchester United in EPL,FA CUP,Champions League..

The last two seasons have been without a doubt dissapointing,especially because we have the strength to play quality football & take on opponents but costly errors at the back,departure of Roy Keane the inspirational man in the centre & injuries to key players like Gabriel Henzie have hampered the Red Devils.So like all teams having their fare share of problems Man Utd had theirs too.But quality teams come back as it has always been with Manchester United,they never give up !

Beginning early Feb-March there was a massive gap between current champions Chelsea & 2nd place Manchester United.The gap was of 18 points.But by winning 9 games in a row & with a couple of slip ups from Chelsea the gap has now been reduced to 7 points with the title holders & Man Utd still to play on the 29th of this month.

Although Chelsea travel to Bolton as well as Blackburn Rovers,IMHO outcome of these two which will decide the winners once for all.

Its my feeling though that though this might be more in Chelsea's favour this sure hots up next season for sure.

Picture taken from www.manutd.com

DNS Howto

2006-04-11T20:56:00.000+05:30

I found this piece of info very informative,thought I might as well share it with you guys.

Traditional DNS Howto

CentOS: Enterprise-class Linux

2006-03-10T22:34:00.000+05:30

CentOS is an Enterprise-class Linux Distribution derived from sources freely provided to the public by a prominent North American Enterprise Linux vendor. CentOS conforms fully with the upstream vendors redistribution policy and aims to be 100% binary compatible. (CentOS mainly changes packages to remove upstream vendor branding and artwork.) CentOS is free. CentOS is now accepting donations via PayPal, please click the button for more information

You can download the ISO image files & find more information about the project from here

Linux Magazine has a detailed review of the same in its April 2006 Edition.
You can get the pdf of the article from here

Accelerated-KNOPPIX

2006-03-08T16:11:00.000+05:30

Yesterday I downloaded the ISO image file of Accelerated Knoppix ver 1.0.As the name suggests,its a clone of the popular & useful Knoppix Live CD but which is faster in booting. i.e the time taken from the boot: prompt to the GUI is highly optimised.

I decided to give it a shot today.On my laptop the LiveCD upon booting of the optical drive took me to KDE(default GUI) in about a minute & a half approximately.But there was one simple problem.The default language with which the CD boots is not English :-P

This is easily solved by issuing knoppix lang=us at the boot: prompt.

I dont see any other advantage than the vanilla Knoppix LiveCD except that this one boots faster.So if you got no patience & feel that wasting 2-5 minutes could get you killed then this one should suit your taste :-P

The ISO image is 692.49MB in size & can be downloaded from here

Google Safe-Browsing Extension for Firefox

2006-03-06T22:04:00.000+05:30

Phishing & Pharming attacks are getting common these days & more sophisticated to say the least.For the un-initiated the below para explains what phishing & pharming is all about:

What is Phishing and Pharming?
Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials. Social-engineering schemes use 'spoofed' e-mails to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers.

Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond. Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware. Pharming crimeware misdirects users to fraudulent sites or proxy servers, typically through DNS hijacking or poisoning.

Just a couple of days back I was watching CNBC India,they were featuring a TV show about these new threats & their use in committing Internet fraud.
The show was quite alarming & shocking to me,the only reason was that two very well known & emerging banks ICICI & IDBI have fallen prey to phishing attacks resulting in bank fraud.

It was reported during the show that around 10 people from different parts of the country who did online banking fell for a specially crafted clone website made by the attacker which intercepted their banking ID's & password information.

Although the higher level officials from both the banks denied any financial loss except those 10 customers (which also wasnt clear on ther part,whether their money was used by the attacker or not).The fraud happened were recently in the month of January & quite interestingly IIRC the attacker was caught in month of February.The mistake he committed was making a online purchase from Ebay India from one of the stolen bank accounts credentials.

Here is the article Times of India featured about ICICI bank phishing attack: Times of India

Now this brings me to my latest post about ways of preventing phishing & pharming attacks.Google has brought out a new extension for Firefox(works on ver. 1.5 & above only)which will report about a phishing attack by displaying a warning about its authenticity.

As with most things in the security world,you cant expect it to report every phishing website but to give you a fair idea about its working,here is a screeny of the extension in action on a fake Ebay phishing website.

I could only test this on one phishing website I stumbled upon through Neowin.But going by the extension's ability would be a disaster afaik.

/*No rants,ramblings please

Use whichever browser you like,people using Firefox 1.5 might find this handy & useful.If you dont use firefox,then search if there is a plugin or a extension which offers this functionality for your browser.If not then you are on your own :-P

Over n Out */

You can get the extension from here

Here are excellent tips right from the horse's mouth: Anti-Phishing Group

Last but not the least Common Sense & Good Eyesight always results in a Safer Browsing Experience !

Wireless Networking Need To Know 2006

2006-03-01T17:56:00.000+05:30

Here is a useful piece of info regarding wireless products,technologies,things to look out for & some very useful tips when choosing wireless gear.

Wireless Networking Need To Know 2006

Linux Professional Institute (LPI) exam

2006-02-25T20:25:00.000+05:30

IBM Linux tutorials for its Linux certification.Registration is free & compulsory to gain access to these tutorials.

Linux Professional Institute (LPI) exam Tutorials

Knoppix:Live CD to the rescue

2006-02-18T22:30:00.000+05:30

Here are two very good articles of using the Knoppix Live CD in a rescue environment.A corrupted MBR,data loss,problems with authentican cause of wrong or forgotten password are just a few example of common problems anyone can face.

But if you have a Live CD of Knoppix(almost any Live CD could be used IMHO but Knoppix being the Godfather in Live CD's both in functionality & hardware detection,makes Knoppix a suitable choice) then with a little knowledge you could get that broken system up & running in a jiffy.
Keeping a hard copy of these two article is highly recommended.

Fixing Linux with Knoppix

Fixing Windows with Knoppix

Market share for Top Servers

2006-02-15T20:23:00.000+05:30

I was checking with Netcraft for information regarding what a website was running & I stumbled across this news on their website.

Market Share for Top Servers Across All Domains August 1995 - February 2006

VOIP in India Part II

2006-02-13T23:52:00.000+05:30

Continued from VOIP in India...

So finally I get a call from SpringTel Voice,Bangalore (at the time of writing the website wasnt opening up,maybe the coders took a leave for valentine's day lol).

It seems if one has to make calls outside of India say for example United States,you'll have to shell out roughly around 4k(for one line) a month for Unlimited calls apart from the Refundable Advance of 5k per line,Installation Charges of 2.5k per line & the travel charges you gotta pay for the Field Engineer who will be coming all the way from Bangalore for the installation in this case.
I've also been told the problems if any can also be rectified remotely from the Internet.Oh btw dont forget to add Linksys PAP2 ATA with 2 phone ports in that list.Phew !

Lemme upload the Chart they sent me to make things a lot more colourful & easier to understand.

Incase you want to buy the Linksys PAP2 separately,you could opt for that too & just take their VOIP service.

I've uploaded their brochure incase anyone is interested.You can download it from here

One thing though the guy on the other end of the phone wasnt too keen when I asked him about deploying VOIP for residential customers.Corporate sector please!!
IMO its right on their part too,since to my knowledge way too many complications to provide service offsite.

I'll try getting more info from other providers if possible & get back here.Until then Adieu !

Phishing to a newer level

2006-02-12T20:48:00.000+05:30

Now here is something spooky..

Websense® Security Labs™ has received reports of a new phishing attack, using the brand name of Adobe Systems Incorporated. Users receive a spoofed email that provides a link to the phishing website, which is designed to mimic the Adobe online store. Users are given the option to buy and download Adobe products at substantially discounted rates. The site has links to awards hosted locally, which supposedly prove its veracity. When checking out, the user is prompted for credit card information.

This phishing site is hosted in China and was up at the time of this alert.

Check out the screenshots & other info here

OpenWRT

2006-02-12T01:21:00.000+05:30

Now you might have read my posts on 3rd party firmware available for Linksys WRT54G,the problem with that is you dont get everything that you want in a single magic firmware.

What I'm trying to say is,a particluar ver of Alchemy firmware might not have extended Port Forwarding options which you might find in the HyperWRT firmware (I've given a example here without checking whether what I've written is true).
The result of this is compromise in features.

But like most things in GNU/Linux,there is a widely explorable solution : OpenWRT

OpenWrt is a Linux distribution for wireless routers. Instead of trying to cram every possible feature into one firmware, OpenWrt provides only a minimal firmware with support for add-on packages. For users this means the ability to custom tune features, removing unwanted packages to make room for other packages and for developers this means being able to focus on packages without having to test and release an entire firmware

I've not not tried personally on my WRT54G,I'm game for this one,but before that I need a bit of reading & understand what I want to achieve through this.
My little experience with flashing firmware tells me to read,read & read & make sure you have all the text material needed incase anything goes wrong.

Caution:A wrongly carried out firmware flash can result in a brick.

You can find more information of OpenWRT from here

VOIP in India ?

2006-02-10T15:16:00.000+05:30

I dont know what got me suddenly but yesterday I wanted to know all that is legal & available w.r.t VOIP.So I made a call to Mr.Adil.Doctor who is the Linksys Sales Manager(India) & is located at Cisco Systems Pvt Ltd,Mumbai.

After getting a brief idea about where VOIP is in India he informed me that a call from a VOIP phone to a PSTN/Mobile isnt legal in India.International calling is legal through the calling cards which can be got from Internet Telephony Service Provider such as Phonewala.com.

Although he couldnt provide all the information I was looking for but he has promised he will forward me to someone from the Cisco Bangalore office so that I could get my doubts cleared.

I'm expecting a call sometime this evening.Oh btw this Linksys PAP2 Phone Adapter with 2 ports costs 3.5K !!
Sweet deal considering some of the Sipura 2 port ATA's costing somewhere between 5-7k on ebay.

Update:I recieved a email from Mr.Adil that a authorised dealer of Cisco/Linksys is gonna call me tomorrow.

WiFi for dummies

2006-02-09T23:34:00.000+05:30

An excellent article for people who use Wi-Fi in public places like hotspots & coffee shops.I would highly suggest this to anyone who cares about his privacy,data & security overall.

Wi-Fi for Dummies

Process Explorer 10 released

2006-02-08T21:05:00.000+05:30

This is a must have program for everyone.ver 10 has just been released.

Head over here for the Changelog as well as more information regarding Process Explorer.

Download ProcessExplorer 10 for 32-bit NT/2K/XP

Hacking the Dlink DSL 502-T router

2006-02-08T02:30:00.000+05:30

If any of you own the Dlink DSL 502-T ADSL router then you would love to have a look at some fun things you can know about it.

Hacking the Dlink DSL 502-T

Life as a Linux/Unix admin in a Windows world

2006-02-05T21:02:00.000+05:30

I'm sure Linux/Unix admins will have their say here hehe.

Life as a Linux/Unix admin in a Windows world

Is Your Website Hackable?

2006-02-02T19:32:00.000+05:30

Acunetix,a Company which makes Web Security products is offering free security website audit.

" In an effort to stem the fast-growing tide of web application security breaches, Acunetix today announced that it is offering free website security audits to 5,000 enterprise organizations.

The company believes that these audits will prevent hundreds of security breaches that would otherwise have led to valuable customer details, credit card numbers and proprietary corporate data being exposed.

The free security audits will be performed by Acunetix staff using Acunetix Web Vulnerability Scanner, a comprehensive tool that automatically audits websites for SQL injection, cross site scripting, Google hacking and other vulnerabilities. "

Remember though this is a limited period offer security audit for free.Make sure you apply as soon as possible to get your website(s) audited by them.

Apply for Free Security Audit for your website from here .

Homepage: Acunetix

Cisco Packet Magazine

2006-02-01T19:37:00.000+05:30

Those who are interested in Cisco & its Products,here is their Cisco Systems Technical Users Magazine.Subscription is free.

You can subscribe from here

Back Issues can be downloaded from here

Free One minute call to a landline

2006-02-01T19:07:00.000+05:30

Yesterday I came to know of a company (VOIPStunt) which offers free 1 minute call to a landline in select countries.Since I've a few buddies in the States,I decided to give it a try.Anyone using Skype/Gizmo or any other Computer softphone will know that to make calls you need to pay for Outgoing calls to Mobile/Landline.
I had to download their application which btw is still under BETA phase.Upon installation I had to choose a non-existent Username & a password ofcourse.Users who have used Skype or Gizmo will be familiar with this process.

After the validation process was over it was just dialing the number & talk,as simple as that.Ofcourse the call lasts just one minute.If you need more then you gotta pay for their rolled out tariffs.
Oh one small note here,when you call anyone on his/her cellphone,the phone display will just show as "Call" & not display any number(thanks neme aka vivek for informing me about this).

The voice clarity isnt superior & a second or two lag was throughout the call.

You might say whats the fuss about this free one minute call,well I feel if you were here in India where VOIP has yet to make inroad & calling someone who stays for example in the United States,then this one minute call really helps :)

RAID for the noob

2006-02-01T01:41:00.000+05:30

Here are a couple of links for RAID:Redundant array of independent(sometimes also called inexpensive) disks.

RAID

RAID@Wiki

Understanding the Subnetting Math

2006-01-27T21:23:00.000+05:30

Anyone who is in the Networking field or anyone who has taken up Certifications like for example CCNA,MCSE.. will agree with me that Subnetting is a very important subject when it comes to IP Addressing.

I myself took more time understanding subnetting than the latter topics in the course for that matter.I'm sure the below links would help for a newcomer to subnetting.

Introduction to Subnetting Part I

Introduction to Subnetting Part II

Introduction to Subnetting Part III

Introduction to Subnetting Part IV

Subnetting Math

Anonymise your Internet Experience !

2006-01-27T19:45:00.000+05:30

When anyone talks of being anonymous in the big bad Internet the first thing that comes to mind is publicly available free Anonymous Proxies.But I've already written about why one shouldnt use free anonymous proxies.If anyone missed that post then you can read it here.

Here is a very good alternative to insecure proxies: Tor

The way Tor works is,it doesnt carry packets from source to destination directly,rather the packet route is taken through a tunnel "tor network " .Plus Tor is Free Software.

More information regarding how Tor works can be found here : How Tor Works

Tor FAQ

Reverse Engineering Malware

2006-01-26T18:26:00.000+05:30

A very interesting article on reverse engineering malware can be found here.

Although the article is a bit old,I believe the techniques still apply now.

(IN)SECURE Magazine issue 5 released

2006-01-26T17:55:00.000+05:30

The covered topics are:

* Web application firewalls primer
* Review: Trustware BufferZone 1.6
* Threat analysis using log data
* Looking back at computer security in 2005
* Writing an enterprise handheld security policy
* Digital Rights Management
* Revenge of the Web mob
* Hardening Windows Server 2003 platforms made easy
* Filtering spam server-side

You can download it from here.

FTP:File Transfer Protocol

2006-01-25T22:21:00.000+05:30

Anyone wanting to know & understand the FTP protocol may find these links useful.

Understanding the FTP Protocol

Active FTP vs Passive FTP

Belenix : SUN Solaris Live CD

2006-01-22T11:12:00.000+05:30

BeleniX is a *NIX distribution that is built using the OpenSolaris source base. It is currently a LiveCD distribution but is intended to grow into a complete distro that can be installed to hard disk.

BeleniX has been developed out of Bangalore the silicon capital of India and it was born at the India Engineering Center of SUN Microsystems.

Download

Rescue stuff with Knoppix Live CD

2006-01-21T23:59:00.000+05:30

A link for everyone who use windows operating system,cause you reach a point where you just cant reach the windows desktop without a hitch.

Although there are various ways to recover or get back to a dead windows install depending on the problem at hand,most of the solutions posted at the Microsoft Knowledge Base website.

The information given in the link below provides ways to get back to a working OS with the help of a Knoppix Live CD.I'm sure this is one link to bookmark & keep a hard copy of for future reference.

Computer First Aid Using Knoppix

Skype Dalliance !

2006-01-21T00:36:00.000+05:30

Its been a long time I used Skype primarily because there are already IM's (Yahoo & MSN ) bloated on my computer.With both having incorporated better voice functionality I decided to stay away from installing & trying Skype again.But a recent article situated at TomsNetworking made me feel I should give it another shot.And I'm glad I did.

Although I havent used the voice capabilities present in Yahoo or anything else for that matter but the voice was really sweet,clear & crisp (my friend would love me for saying "crisp" :-P)

Talking about crispness a couple of long distance calls to my bro in the U.S.The clarity was absolutely terrific.Apart from this I have called my buddy Sohail who is in Delhi.The result was impressive.
Oh but also dont forget I have a 256kbps ADSL internet connection.

Enough said,you just gotta try it to know it. :)

For the more technically challenged: How Skype Works

GNU Free Software Licensing Quiz

2006-01-18T18:39:00.000+05:30

Haha I was going through Mark Jensen's signature at Neowin's ,who btw is a Moderator there & I stumbled upon the GNU Free Software licensing quiz link.

Although I've yet to take the test the funny thing is the sentence on the extreme bottom of the page,it says

The source code for the quiz is available here :-p

Shmoocon 2006 features : Anonym.OS

2006-01-16T20:57:00.000+05:30

I just came across Anonym.OS LiveCD courtesy a search for details of Shmoocon (a East coast hacker convention )

Their blog says :

Anonym.OS is an OpenBSD 3.8 Live CD with strong tools for anonymizing and encrypting connections. Standard network applications are provided and configured to take advantage of the tor onion routing network.

Anonym.OS was first suggested by kaos.theory at Interzone 4 in Atlanta, March of 2005. Nearly a year and a lot of marathon coding sessions later, it's a reality and was released by elmore, fade, arcon, dr.kaos, digunix, atlas and beth of kaos.theory at Shmoocon 2006.

The iso image of the bootable CD can be downloaded from Sourceforge.net.Though I had trouble with mirrors from Asia & some others as well.But I've put it for download.Its a 500 odd MB download afterall.Will post my views after I get a chance to play with it.

GNU/Linux Resources for the n00b/expert

2006-01-15T23:49:00.000+05:30

Here is a small list of GNU/Linux links that provide useful information with updates.

LinuxHomeNetworking

Linux Google Search

LinuxQuestions Discussion Board

nixCraft Blog

Networking/Security podcasts needed !

2006-01-13T20:44:00.000+05:30

There is this dead time you have when you are fed up of music & want to listen to stuff that would really help you in a certain way.I have "dead times" a lot these days,mostly when I'm outdoors.So if anyone has any suggestions for good podcasts then do post here.

This is what I've got so far,i'll add as when I find more.

GRC SecurityNow

Bluebox Podcast

Network Security Podcast

Asterisk Part II

2006-01-13T14:19:00.000+05:30

I've been particulary interested in this open source project of "customising" your own PBX system so much so that I was thinking of deploying it as a "fun project" at my dad's office.
But one reason out of the many I hate to be in India is computer hardware,its so damn expensive !! Anyways whining for another post.

Back to asterisk,upon going through the Asterisk Handbook & the high quality Asterisk Video which btw is available on torrents as well as a http download I had given up all hope with the hardware cause I didnt think ATA[Analog Telephone Adapters & all would be available here plus the taxation part freaks me out.

But I did a casual search at Ebay India & to my surprise I found Sipura
Sipura btw is a company which primarily deals with VOIP hardware along with DSL Modems/Routers.

So there is some hope left for me.Anyone wanting to sell their hardware which is compatible with asterisk do let me know.

Asterisk @Wiki

GNU/Linux & Wi-Fi is poop !

2006-01-12T23:20:00.000+05:30

GNU/Linux has come a long way when you talk about hardware support.Although configuring internal modems is still sucky & the bottom line is it wont work at all.

But the one thing thats keeping me away from using Linux & it pisses me off[when I say "linux' its Redhat/Fedora/RHEL what i'm talking about,since my work revolves around those distros] is my laptop wi-fi not being detected but any of those distros.Now thats a fudd !

The laptop is a Acer Travelmate 2312 which has a Atheros wi-fi chipset.Although it detects as "unknown network controller" I've tried enough to load/remove modules & similar stuff but it aint working.
Above that I also have a Linksys WPC54G 802.11g PCMCIA which also aint working in either of those btw.

Upon researching it a bit,it seems wireless in linux scene is indeed poor.I came to know of Ndiswrapper [Network Device Interface Specification] which makes use of windows driver i.e it emulates windows wi-fi driver.But the major concern is upon fiddling with it for days it aint stable & i'm more skeptical that it might break something else in the kernel.

Now the only distro out there which detected my onboard wi-fi as well as the external pcmcia was Ubuntu 5.10[Breezy Badger].Although it works 95% of the times,sometimes it doesnt show the wireless network interface at all.
Upon further investigation to make it work 100%,I found that it actually makes use of
Madwifi.

I did a lsmod at the shell to find out which all modules were getting loaded.

#lsmod

3 Modules for my onboard wi-fi get loaded,& sometimes there are two instances of the same module,thats when the 5% fudd happens.

Upon removing & loading the modules again,everything seems to be fine.

#modprobe -r ath_pci

#modprobe ath_pci

I need to get this sorted but if any of you have got wi-fi to work under redhat/fedora/RHEL then do let me know.

Indian ISP info/solutions

2006-01-11T21:15:00.000+05:30

The BSNL DataOne factor is hitting everyone around,here is a good discussion board which has pretty neat sections to Indian ISP's problems/solutions/information.

Mind you though the discussion board is in its early stages but its the only place you could find quick info with Indian ISP's unless ofcourse someone else points me to somewhere else.

VinuThomas Discussion Forum

O3 Magazine Issue 2 has been released

2006-01-11T16:36:00.000+05:30

Just to let you guys know Issue 2 of a very promising open source e-zine has been released.The pdf can be downloaded from here

The Anti-spyware business

2006-01-09T19:06:00.000+05:30

Mark from Sysinternals has a very interesting article on the similar conspiracy[that anti-virus co. pay to write virus,worms] existing in the anti-spyware cirlce.

The only Anti-spyware products that I trust are Microsoft Anti-spyware,Spybot S&D & Adaware.

Bangalore,War Driving & New Year blast at my place !

2005-12-29T21:05:00.000+05:30

Yes you've read it right,its very much possible that the house besides yours is hosting a open wireless access point/router & you thought you need to be in the states to go war-driving.This is exactly what happened in my case,I discovered it early this month when I had come for the FOSS[which btw stands for Free Open Source Software,a annual GNU/Linux/Open Source conference].

The place where i stay when i turn up in Bangalore is,Cormangala,St,John Wood's,Deodar 9th Floor,its near FORUM[the only place in bangalore where you can see a jatra].Anyways back to the point,the first time I came to know about this insecure free open wireless access points I wanted to let the owners know about this stuff but unfortunately it was late in the night & I had to leave early in the morning to catch hold of a friend whom I was gonna meet after a very long time.Above that I left for Belgaum the very same day.

So this time I decided the moment I land in Bangalore I will let those people know of wireless security[call it ethics or whatever but hey, i know what it is to be taken for a ride !]
This time I found 13 open wireless access points & some of them had been configured with a static IP[mostly you find these in the corporate world as it costs money].
Out of the 13,I could login into 8 routers which had default username/passwords which are set as factory defaults.They were from all brands Netgear,SMC,Linksys,Dlink & a couple of chinese ones which I failed to read & understand. :)

So with my laptop in hand & netstumbler loaded I went in search of the owners,but to my dismay the experience was a fudd !
Instead of taking stuff like this seriously & caring about one's personal stuff these morons didnt give a damn.
So I've decided to pay my respects to schmucks,

I would like to cordially invite you all on New Years eve at my place.Free Wireless Internet Access will be provided FREE[Free as in beer & not as freedom ].Food & vodka would be from the visitors own pockets.

Pre-requisites:Wireless ready laptop,food,vodka,sprite & a Ipod Nano 4GB Black for me

Asterisk™ - the Open Source PBX!

2005-12-13T00:45:00.000+05:30

I had stumbled upon this piece of "magic" at the recently held FOSS India.Here have a look at what its got ..

Easily build your own multiprotocol PBX on Linux!
Asterisk

Asterisk is a complete PBX in software. It runs on Linux, BSD and MacOSX and provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in many protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware.

ASterisk

If you look at the features then this can compete with the proprietary solutions available in the market as of now.
The important part I would like to know is whether the hardware is available in India,if yes then a brief idea bout prices would be much appreciated.

FOSS 2005 Part II

2005-12-11T17:49:00.000+05:30

Since the pics i had taken are getting delayed here is something for you to look at till then.Its the official FOSS rambling website which is kinda cool.They've got it all pretty much covered.Oh before i forget they have a huge picture gallery put up which is what I was looking forward to.

Photos
PlanetFOSS

The FOSS logo taken from FOSS India website

O3:The Open Source Entreprise Data Networking Magazine

2005-12-11T12:01:00.000+05:30

Here is a cool Open Source magazine which I found courtesy JoatBlog.
The magazine can be got from O3Magazine.Issue 1 has just been released.

My First FOSS Experience !

2005-12-05T21:00:00.000+05:30

Before I start rambling about my likes & dislikes at the recently held FOSS its time
for some pics first...more to come in a couple of days.

The Conference Expo...place where the Sun Solaris pretty chix were hanging out.

Me in a group discussion with James Morris[left],extreme right there is Jonathan Corbet.

Alan Cox[left] having a feast on a pizza while James Morris relaxes on the chair.

More pics to come soon...

DNS Root Name Servers Explained For Non-Experts

2005-11-21T11:25:00.000+05:30

A excellent paper on the inside-out of root DNS servers.The paper can be downloaded in pdf format also.

DNS Root Name Servers Explained

Free Music for Everyone !

2005-11-14T17:39:00.000+05:30

Since a couple of days I've been hooked to incredible a free music discovery service, Pandora

Pandora is a music discovery service designed to help you find and enjoy music that you'll love. It's powered by the Music Genome Project, the most comprehensive analysis of music ever undertaken. Just tell us one of your favorite songs or artists and we'll launch a streaming station to explore that part of the music universe.

The songs are searched from a large database & are played directly from the browser,no need to install any software or plugins !!
The best part is registration is free,offers personalised playlists.So I take my favourite music where ever I go, virtually.

Hacking the Linksys WRT54G !

2005-11-11T00:31:00.000+05:30

If you have ever had a taste of this little piece which runs on GNU/Linux you'll never want to buy any other brand/model thereafter.

If my above statement seems exaggeration then please have a look at the various options this router can incorporate itself with due it its "Open Source" nature.

The place where I work has 13 Linksys WRT54G's deployed by myself.Each running through Linksys WAPPOE [Power over Ethernet] adapter kit which is separately installed.
Although installing & configuring & making them work as Access Points[AP's] was a walk in the park,the biggest challenge was to make these AP's work in accordance to the network infrastructure already setup.The network was segmented into a number of VLAN's[Virtual LAN's].
For any version of the Linksys WRT54G,the default firmware doesnt support VLAN,QOS,WDS & a lot more entreprise features.

With a little searching I was onto a number of Open Source firmware's which supported the "extra" features I was looking for.The Alchemy firmware was the one which caught my eye cause of the "VLAN" feature exclusively needed for this setup.

With a little caution & study of flashing firmware all the 13 AP's have been setup with VLAN support & all of them are working like a charm.
IMHO the Linksys WRT54G is a pretty ordinary router out of the box when it comes to features as compared to the other brand competitors but due to its Open Source nature there is vast amount of flexibility which comes with it that puts it in a class of its own !

Sveasoft Firmware:The Sveasoft firmware is a replacement firmware upgrade for Linksys WRT54G or WRT54GS wireless routers. Our firmware adds dozens of sophisticated features to these sub-$100 routers turning them into the equivalent of products costing hundreds or thousands of dollars.

OpenWRT:OpenWrt is a Linux distribution for wireless routers. Instead of trying to cram every possible feature into one firmware, OpenWrt provides only a minimal firmware with support for add-on packages. For users this means the ability to custom tune features, removing unwanted packages to make room for other packages and for developers this means being able to focus on packages without having to test and release an entire firmware

DD-WRT:DD-WRT is a 100% free firmware for the Linksys WRT54G/GS and the Asus WL-500 deluxe 802.11g wireless routers (which run off a minimalist Linux OS).

The WRT54G Revival Guide: A lifesaver when your box gets "bricked"

WRT54G.NET: WRT54G Inside out !

Sony sells Rootkits too !

2005-11-02T23:35:00.000+05:30

Last week when I was testing the latest version of RootkitRevealer (RKR) I ran a scan on one of my systems and was shocked to see evidence of a rootkit. Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden (see my “Unearthing Rootkits” article from thre June issue of Windows IT Pro Magazine for more information on rootkits). The RKR results window reported a hidden directory, several hidden device drivers, and a hidden application:

Read the entire article with analysis by Mark Russinovich of SysInternals.com here

(IN)SECURE Magazine Issue 1.4 is out !

2005-11-02T20:29:00.000+05:30

The covered topics are:
Structured traffic analysis
Access Control Lists in Tiger and Tiger Server - true permission management
Automating I.T. security audits
Biometric security
PDA attacks, part 2: airborne viruses - evolution of the latest threats
Build a custom firewall computer
Lock down your kernel with grsecurity
Interview with Sergey Ryzhikov, director of Bitrix
Best practices for database encryption solutions

Download it from here:http://www.insecuremagazine.com/INSECURE-Mag-4.pdf

Free Tux Magazine Subscription for starters !

2005-10-20T23:53:00.000+05:30

Tux Magazine a free e-zine with subscription is available for download in pdf format.The latest issue during the time of writing was October 2005.

Download the latest issue or previous issues from here.

NAS a old box !

2005-10-20T01:14:00.000+05:30

NASLite v1.x is a collection of single floppy disk based Network Attached Storage (NAS) Server Operating Systems designed to transform a basic computer into a dedicated file server. NASLite v1.x is intended primarily for use in a small business or home office network. By design, NASLite v1.x is a community file server and does not support features such as user management , the ability to join domains or disk quotas. However, it is very easy to set-up and use.

Basic System Requirements

NASLite v1.x is a network file server, so a fast computer is usually not necessary. Basic requirements are:

* 486DX or better processor
* PCI bus
* 16M or more of RAM
* 1 to 4 IDE fixed disk drives (any size)
* PCI or on-board network interface adapter
* 3.5" floppy disk drive

NASLite

Bluetooth & wi-fi attacks

2005-08-25T00:55:00.000+05:30

Excellent info regarding bluetooth & wi-fi attacks.
A must see for wireless entusiast: Bluetooth & Wi-fi Attacks

(IN)SECURE Magazine Issue 3 is out !

2005-08-23T23:45:00.000+05:30

ISSUE 1.3 (August 2005)

DOWNLOAD ISSUE 1.3 HERE

The covered topics are:

* Security vulnerabilities, exploits and patches
* PDA attacks: palm sized devices - PC sized threats
* Adding service signatures to Nmap
* CSO and CISO - perception vs. reality in the security kingdom
* Unified threat management: IT security's silver bullet?
* The reality of SQL injection
* 12 months of progress for the Microsoft Security Response Centre
* Interview with Michal Zalewski, security researcher
* OpenSSH for Macintosh
* Method for forensic validation of backup tap

The brave story of Michael Lynn

2005-07-31T16:26:00.000+05:30

The Internet Security world is keeping a close eye on the Lynn-Cisco issue.The cause being Lynn being a security analyst that he is found a way to get root access in a Cisco router which obviously has Cisco IOS[Internetworking Operating System].

While Lynn did not provide a step-by-step on how to break into Cisco routers, he provided enough details for experienced professionals to figure out the rest of the process. In this report, I will show you some of the slides used during his talk and give an outline of the steps.

Cisco’s Internetworking Operating System, or IOS, is the intelligence behind most of the networking devices on the Internet. Most computer users worry about their PCs being compromised by viruses and worms, but in the grand scheme of things on the Internet, these sorts of attacks are relatively unimportant. They make the user’s individual life painful, but they don’t generally have much impact on the rest of the network.

But routers are the glue that holds the Internet together – especially Cisco’s gear, which is by far the most prevalent router hardware. A successful attack on Cisco routers can impact well, nearly everything.

Essentially, routers connect networks together. Just as there are multiple ways you can get to work, there are many ways a packet can cross the Internet. With the help of IOS, the main purpose of routers is to direct traffic across the Internet by deciding the path packets should take.

The entire article can found along with a few screenshots that were taken at Blackhat Conference : here

Blog appearance make-over !

2005-07-27T03:32:00.000+05:30

Ok this blog needs a serious make-over.So I'm not gonna post till I've done enough I feel its fresh.Please bear till then.

Elizabeth Hurley talks of Cisco 2600 series

2005-07-26T06:02:00.000+05:30

Yes you've read it right.Liz Hurley talking of Cisco 2600 router series.Still cant believe me?

Here is the conversation:

Erwin
Hey Liz! How about telling us about the Cisco 2600 series routers!

Liz
Well, let's see, where to start. Very well, the 2600 series is a product aimed at branch offices. They come with RISC processors and have 2 WAN card slots and 1 Network card slot.

Erwin
Not too shabby, 2 WIC slots.

Liz
Oh, I forgot, the 2600 WIC modules can also be used in the 1600, 1700 and 3600 routers, this way you can stock fewer WICs if you have these routers in your enterprise.

Erwin
How much memory do 2600s come with?

Liz
8 Megabytes of Flash and 32 Megabytes of RAM.
Erwin

The model numbers are kinda confusing, how do you know what the numbers mean?

Liz
First off, they all start with the number 26, so we can set that aside. If the last 2 digits are in the 50s that means a high performance CPU. If the last number is a 1, that means it has 2 Ethernet Ports.

The 2610 is the basic model with one Ethernet port, the 2611 has 2 Ethernet Ports.

Erwin
Can you show us a product matrix?

Liz
Sure, here goes:

Find the rest of the conversation & other celeb networking god & goddess :) here

To stealth or not to stealth

2005-07-26T04:43:00.000+05:30

Hansen makes a perfect point which I've been making a number of occasions in discussion boards,blogs & various other places.I'll speak no more but instead let the article do the talking.I coudlnt have put it much better than this.Over to Hansen....

Stealth, when it comes to computer security, is when the computer (or other network equipment) does not issue any sort of reply to connection attempts, including ICMP echo requests (ping). I guess the idea was that if there's no response, they can't see that anything is there, and therefore you're "stealthed" from the outside world. For some reason, this was assumed to be a security enhancement because you cannot attack what you cannot see... Oh boy, is that ever wrong. "Stealth" doesn't mean you are invisible at all. Instead, it makes you stick out like a sore thumb.

A simple "ping" from the attacker travels through the cloud, and to the router in front of your firewall. Next, the echo request gets to your firewall. A stealth firewall will simply drop the echo request, and no reply is sent back to the attackers' computer. So, you're invisible, right?

Read the remaining rest from here.

It feels great when you are on track. :)

Running Windows with No Services

2005-07-25T03:59:00.000+05:30

I stumbled across this cool piece of information.I've seen people asking for help regarding services.This piece of article should help them out.

A Windows service provides functionality to the operating system and user accounts regardless of whether anyone is logged into a system. Windows XP comes with around four dozen services enabled by default, including ones that many people consider superfluous like Remote Registry, Alerter, and SSDP Discovery (Universal Plug and Play). A question many Windows administrators commonly have is therefore, which services can I safely disable? What if I told you that for at least basic functionality like Web surfing and application execution, Windows doesn’t need any services? In fact, you can also do those things without system processes like Winlogon.exe, the interactive logon manager, and Lsass, the local security authority subsystem.

The following steps, which you must follow carefully to achieve a minimal Windows system, were derived by Dave Solomon through experimentation, and when he discovered that Windows was usable without all the core system processes we were dumbfounded. After figuring this out he and I polled senior Windows experts like the vice president of the Core Operating Systems Division, the technical lead of the Virtual PC team, and a lead Windows security architect to see if they thought that Windows would function at all, much less if Internet Explorer would work, without the support of Winlogon, Lsass, and services, and the unanimous answer was ‘no’. Even after we showed them the demonstration I’m about to share with you they all thought that we’d staged some kind of trick.

You can read the entire article here.

Drop My Rights

2005-07-22T01:16:00.000+05:30

In a couple of earlier posts I had written about the advantages of not running as a admin use.Well here is read made tool to make things easier if they werent just incase.

DropMyRights is a tool written by Michael Howard that allows administrators to run internet-facing applications (such as email clients and web browsers) as a non-administrator. You can read about it and download it from his MSDN article "Browsing the Web and Reading E-mail Safely as an Administrator".

Since DropMyRights is a simple command-line tool, it can also be used to create "safe shortcuts" that always bring up an application as non-administrator:

You can download the tool from here: Drop My Rights

Other similar useful tools can be found here: Useful Tools

Phrack is no more

2005-07-17T21:11:00.001+05:30

The in-house magazine of the digital underground, Phrack, is closing after 20 years as its editorial team steps down.

As much manifesto as hacking handbook, the magazine was hugely influential in the early days of hacker culture.

It was very closely associated with legendary hacking groups such as the Legion of Doom that were the first serious explorers of cyberspace.

As hackers moved from dial-up bulletin boards on to the net, the magazine kept its place as a knowledgeable, and often scurrilous, source of security information.

For instance, issue 62 of Phrack contained articles about getting round Windows buffer overflow protections, advances in Windows shellcode, attacking Apache and hijacking wireless base stations.

contd..:BBC News

The fond memories that I've of phrack would be surely the hackers manifesto,which I still have it saved in a text file dumped in my hard drive.

The Hackers Manifesto

Another one got caught today, it's all over the papers. "Teenager
Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"...
Damn kids. They're all alike.

But did you, in your three-piece psychology and 1950's technobrain,
ever take a look behind the eyes of the hacker? Did you ever wonder what
made him tick, what forces shaped him, what may have molded him?
I am a hacker, enter my world...
Mine is a world that begins with school... I'm smarter than most of
the other kids, this crap they teach us bores me...
Damn underachiever. They're all alike.

I'm in junior high or high school. I've listened to teachers explain
for the fifteenth time how to reduce a fraction. I understand it. "No, Ms.
Smith, I didn't show my work. I did it in my head..."
Damn kid. Probably copied it. They're all alike.

I made a discovery today. I found a computer. Wait a second, this is
cool. It does what I want it to. If it makes a mistake, it's because I
screwed it up. Not because it doesn't like me...
Or feels threatened by me...
Or thinks I'm a smart ass...
Or doesn't like teaching and shouldn't be here...
Damn kid. All he does is play games. They're all alike.

And then it happened... a door opened to a world... rushing through
the phone line like heroin through an addict's veins, an electronic pulse is
sent out, a refuge from the day-to-day incompetencies is sought... a board is
found.
"This is it... this is where I belong..."
I know everyone here... even if I've never met them, never talked to
them, may never hear from them again... I know you all...
Damn kid. Tying up the phone line again. They're all alike...

You bet your ass we're all alike... we've been spoon-fed baby food at
school when we hungered for steak... the bits of meat that you did let slip
through were pre-chewed and tasteless. We've been dominated by sadists, or
ignored by the apathetic. The few that had something to teach found us will-
ing pupils, but those few are like drops of water in the desert.

This is our world now... the world of the electron and the switch, the
beauty of the baud. We make use of a service already existing without paying
for what could be dirt-cheap if it wasn't run by profiteering gluttons, and
you call us criminals. We explore... and you call us criminals. We seek
after knowledge... and you call us criminals. We exist without skin color,
without nationality, without religious bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to us
and try to make us believe it's for our own good, yet we're the criminals.

Yes, I am a criminal. My crime is that of curiosity. My crime is
that of judging people by what they say and think, not what they look like.
My crime is that of outsmarting you, something that you will never forgive me
for.

I am a hacker, and this is my manifesto. You may stop this individual,
but you can't stop us all... after all, we're all alike.

+++The Mentor+++

Administrator Account Lock Out !

2005-07-15T23:19:00.000+05:30

Here is a excellent piece of info regarding as to why anyone shouldnt use the administrator account for ample things that a average joe does daily.

Here is a quick excerpt from the article:

The #1 reason for running as non-admin is to limit your exposure. When you are an admin, every program you run has unlimited access to your computer. If malicious or other “undesirable” code finds its way to one of those programs, it also gains unlimited access. A corporate firewall is only partial protection against the hostility of the Internet: you still browse web sites, receive email, or run one or more instant messaging clients [added 2004.06.25] or internet-connected games. Even if you keep up to date on patches and virus signatures, enable strong security settings, and are extremely careful with attachments, things happen. Let’s say you’re using your favorite search engine and click on a link that looks promising, but which turns out to be a malicious site hosting a zero-day exploit of a vulnerability in the browser you happen to be using, resulting in execution of arbitrary code. When an exploit runs with admin privileges, its ability to compromise your system is much greater, its ability to do so without detection is much greater, and its ability to attack others on your network is greater than it would be with only User privs. If the exploit happens to be written so that it requires admin privileges (as many do), just running as User stops it dead. But if you’re running as admin, an exploit can:

* install kernel-mode rootkits and/or keyloggers (which can be close to impossible to detect)
* install and start services
* install ActiveX controls, including IE and shell add-ins (common with spyware and adware)
* access data belonging to other users
* cause code to run whenever anybody else logs on (including capturing passwords entered into the Ctrl-Alt-Del logon dialog)
* replace OS and other program files with trojan horses
* access LSA Secrets, including other sensitive account information, possibly including account info for domain accounts
* disable/uninstall anti-virus
* cover its tracks in the event log
* render your machine unbootable
* if your account is an administrator on other computers on the network, the malware gains admin control over those computers as well
* and lots more

The entire article is situated over here: Why you shouldn't run as admin...

OSSTMM - Open Source Security Testing Methodology Manual

2005-07-15T17:18:00.000+05:30

The Open Source Security Testing Methodology Manual (OSSTMM) is a peer-reviewed methodology for performing security tests and metrics. The OSSTMM test cases are divided into five channels (sections) which collectively test: information and data controls, personnel security awareness levels, fraud and social engineering control levels, computer and telecommunications networks, wireless devices, mobile devices, physical security access controls, security processes, and physical locations such as buildings, perimeters, and military bases.

The OSSTMM focuses on the technical details of exactly which items need to be tested, what to do before, during, and after a security test, and how to measure the results. New tests for international best practices, laws, regulations, and ethical concerns are regularly added and updated.

Download there latest manual:OSSTMM 2.1

More Information can be got from here: ISECOM

Security Hardware :Innominate mGuard PCI

2005-07-05T19:39:00.000+05:30

I was reading Tao Security blog yesterday & I noticed his post on Innominate mGuard PCI.Thought I would share this with you all.
The Innominate mGuard PCI can be operated using two different modes:

In the first, the PCI bus serves exclusively as the power supply - a driver installation is therefore unnecessary. In connection with the patented stealth mode, the Innominate mGuard PCI can be integrated not only without a driver, but also completely transparently in network structures.

In the second mode, it works as a conventional security router. In this functional mode, the Innominate mGuard takes on security and network card functions.

The Innominate Security Configuration Manager enables the convenient configuration of the Innominate mGuard PCI. The tool offers state-of-the-art management of security policies via a central, graphical interface based on well proven Solsoft technology. The Innominate Security Configuration Manager offers multi-vendor support, enabling the administrator to configure and manage. At the same time, the Innominate mGuard PCI can easily be integrated in SNMP-based management systems such as HP OpenView and IBM Tivoli.

Quote:
Technical Specifications

HARDWARE
# Low profile PCI card
# Intel IXP 42x processor with 266 MHz or 533 MHz
# 32 MB RAM or 64 MB RAM
# 16 MB Flash
# 2 x 10/100 Mbit Ethernet

SECURITY FUNCTIONS
# VPN connection, Shared Secret
# VPN connection, internal and external X.509 certificates
# IPsec protocol
# 3DES, AES hardware encryption up to 70 Mbit/sec
# L2TP
# Stateful inspection firewall
# Transparent mode

OPTIONAL VIRUS PROTECTION
# Hardware virus protection with Innominate mGuard
# Daily updating of signatures
# Email scanning

FURTHER FUNCTIONS
# Browser-based administration
# Copy-protected file system
# Secure boot loader
# DHCP client and -server
# DNS cache
# Remote administration via SSH and HTTPS

Its truely a interesting piece of hardware.

You can find more useful information on this product here.

Computer Forensics:Links & Resources

2005-06-28T16:11:00.000+05:30

Here are a couple of links & reference material I found while wandering about on the internet.

Digital Forensics

Honeynet Challenges: This is truly a amazing source of resource for forensic wannabes with forensic challenges & solutions,presentations.This one helluva link to bookmark.

Incident Response & Computers Forensics Live CD : Currently downloading this so no comments till I have a hands on experience with it.

Security Focus Resource :This is one of the best resources that you will find,written by people of quality.Some of the articles situated there present you a hands on experience like the Web Browser Forensics article.

(IN)Secure Digital Security Magazine

2005-06-28T04:27:00.000+05:30

I yesterday stubled upon (IN)SECURE Magazine,a free digital security agazine.The issues published till now have quite interesting articles.

You can download the latest issue here :

ISSUE 1.2 (June 2005)

RSS is here !!

2005-06-27T02:17:00.000+05:30

Now you peeps can keep track of the happenings by subscribing to †è¢h båbblè RSS

Ipod Slurping !

2005-06-26T03:39:00.000+05:30

Here is a quite interesting read on the use of Ipod's & other similar portable devices which function as storage devices in certain cases too in workplaces.

Ipod Slurping

Interview with Marcus Ranum

2005-06-21T20:00:00.000+05:30

Here is a two page Interview with Marcus Ranum.For anyone who doesnt know who he is,he is the Chief Security Officer of Tenable Network Security, Inc., the producers of the Nessus vulnerability scanner and a suite of security vulnerability management tools.

An excerpt from the interview:
Could you introduce yourself?
I am Marcus Ranum, Chief Security Officer of Tenable Network Security, Inc., the producers of the Nessus vulnerability scanner and a suite of security vulnerability management tools. I've been working in the computer security arena for about 20 years, now, and was the designer and implementor of a variety of security solutions in the past, including firewalls, VPNs, and intrusion detection systems. I like to think I've been around long enough and done a wide enough variety of things that I've achieved a pretty good perspective on the trade-offs inherent in security technology.

I was the designer and implementor of the first commercial firewall product, the DEC SEAL, in 1990, and was the "inventor" of the proxy firewall concept. In 1992 I wrote the TIS Firewall Toolkit and Gauntlet firewall, and set up and managed The President's email server (whitehouse.gov) during its first year of operation. I was founder and CEO of Network Flight Recorder, an early innovator in the IDS market, as well.

You can read that entire interview Security Focus

2005-06-20T15:46:00.000+05:30

Well I for one was in need of making the most of what I had apart from the main rig which I use for all purposes.

With a couple of old machine lying around I couldnt store them there lying dust can I?
Mission: I wanted one machine to act as a firewall
The machine specs are a Pentium 120Mhz,cd writer,10Gb hard drive,48MB SD RAM.After a bit of research to what I wanted from them I landed up with three solutions & oh did I tell you they are OpenSource

1.

Quote:

SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Linux is the ideal choice for security systems; it is well proven, secure, highly configurable and freely††† available as open source code. SmoothWall includes a hardened subset of the GNU/Linux operating system, so there is no separate OS to install. Designed for ease of use, SmoothWall is configured via a web-based GUI, and requires absolutely no knowledge of Linux to install or use.

Smoothwall is the best option out there.Also recommended by MVP's.Btw notice the text in bold,with myself still being on the linux learning curve this is just the option I wanted right now.It contains enough documentation & manuals to get you started already.

Info & Download

2.

Quote:

ClarkConnect is a powerful yet easy-to-use software package that transforms off-the-shelf server hardware into a dedicated Internet firewall, gateway or server. The software is a great solution for schools, businesses, organizations, and home offices.

Info & Download

3.

Quote:

IPCop Firewall is a Linux firewall distribution geared towards home and SOHO (Small Office/Home Office) users. The IPCop interface is very user-friendly and task-based. IPCop offers the critical functionality of an expensive network appliance using stock, or even obsolete, hardware and OpenSource Software.

OLD PC + IPCOP = Secure Internet Appliance

IPCop lets you take an old PC and convert it into an appliance that will.

1. Secure your home network from the internet.
2. Improve the performance of web browsers (by keeping frequently used information)

All this functionality can be managed from a simple to use web interface, even updates and patches can be installed using a web browser.
Remember IPCop works with most home networks and small office networks, dial up modems, cable modems, ADSL, Leased lines and ISDN. It also lets several PCs share connections to the internet. If you have an always on connection to can even use IPCop to protect your web and email servers. IPCop also has remote management meaning you can securely update and reconfigure your IPCop firewall from anywhere with an internet connection!

Info & Download

Though I've yet to try the above two they surely look promising

Building a Server

2005-06-11T01:17:00.000+05:30

The time has just arrived with my order of Antec 3000B Chassis reaching home today evening.After all the research & effort that went into buying a perfect chassis which I could afford,I fell for the Antec 3000B primarily because of the offer the Bangalore distributor offered me.
The 3000B is without the power supply,but since I was in need of one,he offered me 350W SMPS Smart Power for a cool price.Other options were the Kunhar ZB01 Server chassis which was available to me for 4k including shipping & without the power supply.

Hardware Part:

ASUS A7N8X-VM/400
Athlon XP 1700+ running at stock 1.46Ghz
256 DRR @400Mhz
Seagate PATA 80 GB & a seagate 40GB PATA :My backup disks
Two 20GB Seagate PATA's in RAID 0
Promise RAID Controller Card 2 port
DLINK 8 port Switch
Intex 8 port Hub
Lotsa network adapters lying around

Apart from this,planning to get a chip of RAM 512MB with RAM prices falling down & a couple of Gigabit Ethernet cards.

Software Part:

I've yet to decide on the NOS[Network Operating system] but most likely than not its gonna be Windows 2003 Server [Standard Edition].This is going to be a domain environment.
The rest of the systems on my network are pretty old so i might have to stick with a Linux option which I hope will provide me knowledge regarding the same.I'm thinking of playing around with various distros.

Productivity:

The most important part.There is no fun in doing anything without a reason.Otherwise its just a waste of time & money.
Also no rants please as to why I'm doing this.I'm no joe who carves for frequent hardware upgrades or someone who is a zealot when it comes to collecting the latest gadgets in the market.Not that I dont want to be one :) but all that costs money you see which I will have one day, loads of cashto spend lavishly.
But right now the need of the hour being my certifications for which I've to study I may as well spend them on such small things which I hope they will land me certifications CCNA,RHCE & CISSP ....

The time is just right for me to build my first server !!

Books !!

2005-06-10T04:40:00.000+05:30

Offlate I've been pretty busy with books[no I'm not a bookworm & I hardly read my engineering books :)] Books related to Netwokring & Security.Here is a list of what I've been upto for the last couple of days.

1.New Riders - Hackers Beware Defend Your Network
2.Addison Wesley-FileSystem Forensics
3.John Wiley & Sons-The Art of Intrusion by Kevin Mitnick

This has kept me engrossed for sometime now.Definately review these books in my freetime,especially the one by Kevin.Mitnick.

Untill then Adios !

Shopping online in India?

2005-06-05T01:02:00.000+05:30

The title will given away for people who live in India or have interacted with Indian Online Shopping Mals.The situation is pathetic here.I wont stress more on this subject.Have a look at the proceedings then which happened after a technical blunder or purposeful ploy to attract consumers?
Here is a screenshot I took of the offer posted on Indiatimes.



I had placed an order on behalf of my cousin but was hesitant to make the payment.Thank God I didnt !The fact of the matter is even after the early mistake which can be let go but the issue was further proceeded by the people from indiatimes after I & many others recieving a call to make the payment so that they could process the order.Also a couple of emails insisting the same. I mean WTF !
Though the page was taken down for a couple of hours it was later available but guess what,the error hadnt been rectified.
For a paranoid joe that I'm who didnt make the payment,others who have made the transaction have yet to recieve the money.Dont know how uch time & money has gone by but these guys should be royally screwed.
If this would have happened in some country with proper laws for e-commerce I wonder where Indiatimes would have been now.Perhaps the mela every year would suit Indiatimes!!

Anonymous Proxy: Demystified

2005-05-15T02:29:00.000+05:30

Well if you have ever considered hiding your system from the internet then anonymous proxy are the first things that will pop-up that list.There are different types of proxy like content filtering,the one that can be used to share a single internet connection to many computers..blah blah & anonymous proxy which we will be talking about.
This is how it works,any information that flows through the anonymous proxy first, then reaches the destination,so this means the IP[32-bit address] address of the proxy machine gets logged where ever I go & not my IP address.This seems all Oober & make a everyday joe feel ultra cool at first but if you think logically then this is a stupid mistake.Agreed you arent stamping your authority everywhere you go when you log-in to the internet but what about the machine through which information is flowing[anonymous proxy machine] ? Can you trust that machine? Anyone with administrator priviledges on the machine can make a profile out of your internet activity,you ask how? Well since the information is flowing through that machine anybody with a decent amout of knowledge & proper tools[Ethereal] can sniff every single piece of information thats flowing & easily make a port folio of you for malicious purposes.
What more scares me is that there are more such free services available lying around the internet than any reputed paid service.Incase there are then please do let me know.But the practical aspect still remains the same for both.

What seems more amusing is why do people wanna hide? My point is if you got nothing to show then why worry about someone who has your IP address?
Below are a fewbasic pointers to secure your machine,
1.Disable un-necessary services.
2.Close open ports.
3.Install a firewall possibly a hardware since that would take the load of your processing which would otherwise be required in the case of software variants.
Btw a hardware firewall doesnt have to be a appliance firewall like Cisco PIX... but even a old machine lying around can perform firewall like capabilities.The definitions are changing my dear friend.There are freebie solutions like Smoothwall,Clarkconnect which are based on GNU/Linux can pretty much help you in getting what you want at a 0$ price.Some may say even routers can perform firewall like functions,which is true under certain products & rest plain vanilla routers are just NAT routers which block everything that isnt requested from the inside.
4.A good Anti-virus which is frequently updated really helps catching the malicious code.
5.Oh how did I miss this? scumware,its all about spyware,adware,dialers,trojans which all collectively qualify as scumware.The new threat on the internet these days.
There are few programs which like Spybot Search & Destroy,Adaware & MS Anti-spyware[this is a really cool product,i'm mightly impressed] which are must haves !
6.And most importantly common sense & you should be on your way to safe hex !

Google going the manera común ?

2005-05-10T05:46:00.000+05:30

My experience with google has been great.Their services offer so much: google search,gmail,orkut ..etc These are my daily bread & butter when it comes to knowing,learning,accessing,having fun & getting stuff.Athough I very well know how google adsense works the ads in my email dont bother me much,what the heck those are just ads put up by intelligent machines[thats what google says] ! And as if other email providers are providing fool proof user privacy,checked any email provider EULA while registering yet ?
All this was fine until I downloaded Google Web Accelarator,another free creation by google labs to improve broadband internet speed.Although still being in its infancy[read as beta] stage I as usual was happy to play around with it.
After installing the software I loaded ethereal & windump & started capturing packets & analayzing them just in case if some backdoor calls back to everyday joe's computer who is ready to make my internet profile !
You know I always do this,I'm paranoid alright or a security buff who likes to see the inner workings of information flowing,either way I'm learning but thats a different story.
Back to the topic, few packets flow while I access a couple of pages through Opera,nothing in it,
Google is clean as usual! I knew it,its my faithful google afterall...but wait a minute a RSS feed from a Tech Site had its title : Google Web Accelerator sparks privacy fears !
This virtually shook me for a minute & rest as they say is making rounds in the internet.
One user wrote,allow me to quote:
"I went to the Futuremark forums and noticed that I'm logged in as someone I don't know. Great, I've used Google's Web Accelerator for a couple of hours, visited lots of sites where I'm logged in. Now I wonder how many people used my cache. I understand it's a beta, sure, but something like that is totally unacceptable."
Contd...

WTF !! More was soon to follow for me,my cousin just came home to access a few important emails since his internet connection had gone bad.After opening webmail yahoo & entering the authentication informatiom required the next screen led to "Your Session has been logged out.Please log-in again" Thinking that its a browser cookie problem I cleared them all,the same thing continued though no matter what.
Disable google web accelerator,refresh the page & KABOOM !! he has been logged in.
Well I for one can adjust with Indian Broadband standards rather than installing pieces of code that could very well erase my online life[Oh btw i've very little social life,so burial of my online life would indeed mean I'm dead !].This has put me off from using their services on the 0th day[in the process of the first day].Its the last thing I want to see google going the manera común !

Windows XP SP2 Firewall doesnt offer egress filtering !

2005-05-09T17:28:00.000+05:30

Yes I very well know it doesnt offer any egress filtering but what about people who are not looking for egress filtering at all? All that matters for them is ingress filtering which they have very well in place.I've always said & will defend my words,the windows firewall is for a particular audience !

If your not from that species then go get a software firewall & make merry.I've seen similar windows bashing in quite a number of security forums as well as other forums like Neowin.People do not consider the other aspect of using it.I also admit that windows firewall isnt too great in defending attacks,software variants arent too behind either,just check bugtraq & you'll find large number of exploits for software firewalls including the most trustable zone alarm[moral of the story:software code cannot be perfect],but the very reason of not using it since it lacks outbound protection is very lame.Its a matter of choice & personal requirements to say the least.
Well this is just my stand on it,majority will disagree but thats just me !
Absolute security is a Myth !!

Pure bliss or placebo foo effect ?

2005-05-09T05:18:00.000+05:30

For the basic level audiophile[I said "basic",I love the 30gigs music collection I've, but not all are ripped,encoded professionally]listening to music has been only through Winamp-the number one music player.
For decades now winamp has ruled the best music player spot & still continues to be number one for many.Its GUI,shortcuts,the music that came out of it & oh most importantly the huge database of plugins that are available for it...btw my fav was DSP plugin.There was simply no need for alternative to look for.
All this changed suddenly when the creators of winamp decided to stop providing further versions of the player.Although new versions still continue pouring in,that desire & passion is not there anymore.To put it in simple words:Winamp is dead & burried for me !
30Gigs of music is raw scum if there isnt a music player to make the best out of it.Further other factors matter too like GUI,plugins,support & most importantly it should sound good !
My quest with foobar started hereafter.Although I must admit its GUI sucks[it somewhat reminds me of Windows 3.11,my first operating system :) ].Above all that if you finally decide to customise it,the pain & agony of putting it all together is just too much.
I've never been able to distinguish between foobar & winamp w.r.t the music that came out of both,but recent happenings,low resource management has made foobar my favourite music player afterall.
Here let me quote from the official foobar faq:

Does foobar2000 sound better than other players?

No. Most of "sound quality differences" people "hear" are placebo effect (at least with real music), as actual differences in produced sound data are below their noise floor (1 or 2 last bits in 16bit samples). Foobar2000 has sound processing features such as software resampling or 24bit output on new high-end soundcards, but most of other mainstream players are capable of doing the same by now.

Why use it then? Well it does mostly everything that winamp used to do for me & more.Plays music the way I want it too,well organized,plenty of visual customisation,minimizes to system tray,very light on resources,plays every file format that I've.. jeez what more does it need to have?
All in all call it a placebo foo effect or blame it on me for writing this at 5:50 AM IST,but hell yeah foobar rox.Afterall once a change is good for health :)

Does this qualify as spam ?

2005-04-22T01:17:00.000+05:30

Beep Beep ! I got up with a bit of urgency,it was 2 o'clock in the night & I was having a sound sleep when my cell phone woke me up.It was a sms by someone whom I've never known & I curse him/her/them even till today.My pals never send me chain forwarded sms's at 2'o clock in the night.It could be my family but only if it was urgent.In my half awoken eyes which were screaming for sleep I clicked on the yes button on my SE T230,the heading of the message read "Valentine-Wanna take your valentine date on a limo drive?" At this time of the night I whispered to myself?Forget about the time,I dont even have a valentine now. Did I miss something; when I read at the bottom,it was from my cell phone operator-Airtel ! Phew what do you call this? Spam via cell phone? Yep I thought to myself this is the new form of business tactics cell phone operators must be using.I'm not sure though whether its the operator who are rendering these services or advertising for some company.From that day onwards I've occasionally recieved sms's such as "win tickets to a movie,know your future,blah blah ! My question is doesnt this qualify as something equivalent to spam we recieve in our inbox frequently? Sending stuff which I've not requested qualifies as spam as far as I know in the online world & moreover there is nothing mentioned in the form we fill for getting a new connection.My operator calls these services as "value added services" I say hell its crap.I'm fearing this may become a new ground for advertisers apart from the value added services that my operator provides .All in all I will loose sleep if this happens in the near future. Sheesh !! time to makeup for the priceless sleep I will have to sacrifice in future.
Do post your comments regarding this article.

Somebody Stop meeeee !!

2005-04-22T01:10:00.000+05:30

Woohoo I'm here after all! i'm sorry if I disappoint you,this is my first blog btw.lol