Posts

Scripting in Perl! [Linux/Windows]

So currently at school I'm taking a Scripting in Perl class, and I'm in absolute LOVE with this language. It's easy to understand, has very good English-like syntax, simple array and hash usage, built in BASH support (for all you Linux freaks!), easy GUI creation, and so many other things that we haven't even gotten into. I'll be posting examples based upon things in my lab and lecture, including full programs, certain syntax, and other cool things. My teacher is very good and explains many things, so you have him at your disposal (meaning, ask me a question I don't know and I'll ask him, learn it, then explain it back to you!). Lets get started with basic syntax then get into all the fun stuff.

BASH scripting in Linux: an introduction [Linux]

I've already used a bit of BASH scripting in my Wifi sniffing tutorial, but the importance of scripting in BASH and other languages such as Perl, Ruby, and Python is so great I need to write separate posts for them all. Bash stands for "Bourne-Again Shell" (you will see "sh" stands for "shell" in many places). Named aptly for being the successor of the Bourne Shell, it came into use in 1989 and has since been a main scripting language for Linux and has many different options such as piping (seen before on my blog), variables and control structures (like all good languages), file reading, and the Unix "wildcard" usage by the asterisk (*) key. Enough about stuff I'm sure you guys don't care about, lets jump right in!

Installing and using Nmap [Linux/Windows]

Image
I'm afraid I've been very busy lately with a new job working overnights and figuring out all my college needs for moving in next month, but I've been doing a lot of research and reading on a few interesting topics so hopefully the next few posts will be very interesting. I've also updated a few of my posts including my wifi sniffing and securing your home network posts, so check those out! Today's post is about one of the most important netsec tools you will have in your arsenal. This program is called Nmap and is a free, open-source network auditing and security tool that we will use quite often while looking for vulnerabilities on networks. I will be explaining how to install and do some basic usage on Linux AND Windows (yay Windows!). I will be using my Backtrack 5 for Linux and Windows XP and hopefully get a Vista/Win7 part up as well.

Securing your personal home network [Information]

Image
Today's the 4th of July so I'm throwing out a quick post since it's been a few days, but I hope all my readers will be happy with another informational piece about securing your own network since, after all, that's what netsec is about! Below is a simple guide to getting the most security out of your network to protect your information and the users of your network's information. Setting up your router encryption: If you've read my WEP/WPA2 cracking guide , then you understand how fragile WEP encryption is. In my tutorial I also explained how to crack WPA1/2 passwords, but explained that the passkey must be in the dictionary that you specified whilst entering the "aircrack" command. When you're selecting which encryption to use, don't even consider WEP. It can be broken in 30 seconds on a half-decent computer. I've successfully broken WEP in under two minutes sitting in a bathroom on a small dell laptop. As for what TO use, c

What is ARP? [Information]

Image
 Since I've explained now how to get Backtrack 5, if you're still not on Linux then go install it now before all the fun stuff starts! As for today's post I'll be explaining an important part about netsec: Address Resolution Protocol. Understanding ARP, or Address Resolution Protocol, is a key part in understanding how networks communicate.

[OLD] So you want to use Backtrack 5? [With Pictures/Windows/Mac/Linux]

Image
I'm seeing a lot of my viewers still use Windows, and since I haven't posted any Windows information yet (don't worry, I will!) I felt like posting a how-to on dual-booting (or single-booting) the penetration testing suite I use called Backtrack 5 would be very helpful to everyone viewing my blog. Here's a quick list of the things you'll need to install Backtrack 5: a USB stick with at least 2gigs of free space (mine is 8gigs), I would suggest 4gigs as a minimum. a computer to install it to (you can dualboot, or fresh install and overwrite a disk) an Ethernet Internet connection makes this easier in the updating stage.

[OLD] Installing SSLStrip [Linux]

I've written most of a how-to and explanation of how to use two programs, SSLStrip and Ettercap, to sniff networks and grab passwords even if a secure connection is used (HTTPS rather than HTTP), but I have to cover a few topics before I release it. First, I need to explain how to install SSLStrip for those people not using Backtrack 5, then I must explain ARP (Address Resolution Protocol) poisoning and spoofing, since this is an important part of using SSLStrip and Ettercap to grab passwords. If you're using Backtrack 5, like I mentioned before SSLStrip should be installed already and located in the "/pentest/web/sslstrip" folder and can be run by typing "python sslstrip.py" For the users not using Backtrack 5, follow the directions below: