Day one of PWN2OWN was unsuccessful, which is no big surprise. But today, I am really hoping for something -- otherwise we'll have to wait until tomorrow for the third-party clieint-side exploits. Here's a little summary I wrote a bit back on how to [...]
Posted by Dre on Thursday, March 27, 2008 in
Apple,
Conferences,
Hacking,
Linux,
Security and
Windows.
I've been doing some work lately with text files and have been using various shell command techniques to manipulate them for whatever purposes I need. This isn't a HOWTO guide as much as it is a reference for myself and others that just need something [...]
Posted by Marcin on Friday, March 7, 2008 in
Hacking and
Linux.
Marcin and I were talking a bit about mainframe security today. I recalled how fantastic mainframes were while he had his hands in the trenches. Yes, I know that IBM renamed MVS to z/OS (as well as other things) years ago. However, the concepts remain [...]
Posted by Dre on Tuesday, February 5, 2008 in
Hacking,
Linux,
Security and
Tech.
Lesson 3: After the first few days, we've covered securing WiFi, as well as basic software assurance tools to get you started with a web browser and crawler. This is just the beginning. Part 1: Information assurance vulnerability assessment — Sandboxing [...]
Posted by Dre on Wednesday, January 9, 2008 in
Defense,
Hacking,
Itsm,
Linux and
Security.
So this week, we've had a roundup of posts on Apple's latest OS X release, Leopard, and the security "features" that went into it, where they fall short, and what's missing. Thomas Ptacek has a great post over at Matasano with even more insightful [...]
Posted by Marcin on Thursday, November 1, 2007 in
Apple,
Linux,
Security and
Windows.
I recently upgraded my laptop to Ubuntu 7.10 'Gutsy Gibbon' from 7.04 'Feisty Fawn' and needed to install VMware Server again. Since my previous post was very popular in helping people get VMware Server installed on Feisty, I thought I would do the same [...]
Posted by Marcin on Thursday, October 25, 2007 in
Linux.
Add this to your .bashrc to make tab completion with bash more useful when handling multiple files with similar names: bind '"\t":menu-complete' Ctrl-D can be used to exit Bash. This can be very convenient and then again, almost too convenient. Specify [...]
Posted by Casey on Thursday, August 23, 2007 in
Linux.
C'mon guys, what in the hell are you releasing a .1 for just to fix four lines of code. I realize that an exploit in netfilter could be a serious issue, but netfilter doesn't belong in the kernel to begin with; it should be userland code. Grrrr. This is [...]
Posted by Casey on Wednesday, July 11, 2007 in
Linux and
Security.
I went ahead and tried to run Burp suite on my laptop running Ubuntu today. First, check the readme.txt, which says I need JRE 1.4 or later installed. marcin@thinker:~/burpsuite_v1.01$ java --fullversion java full version "gcj-1.4.2" Okay... 1.4.2, but [...]
Posted by Marcin on Sunday, June 17, 2007 in
Linux.
Over the course of a day, I could log in to five different systems I'm currently working on. On each I'll get a Bash or Tcsh shell and it's almost guaranteed I'll need to edit a text file at some point during the day. On my home system, my choice of [...]
Posted by Marcin on Sunday, June 10, 2007 in
Linux.
Installing VMware Server is pretty straight-forward on Ubuntu 7.04 (Feisty Fawn). Make sure you have the build-essential package and the correct linux-headers for your kernel. $ sudo apt-get install build-essential linux-headers-`uname -r` Download [...]
Posted by Marcin on Sunday, April 22, 2007 in
Linux.
To get Kismet to run under the ipw2200 driver, simply edit /etc/kismet/kismet.conf. Here is the diff -u output: --- kismet.conf.orig 2007-04-03 13:51:29.000000000 -0700 +++ kismet.conf 2007-04-03 13:53:55.000000000 -0700 @@ -7,10 +7,10 @@ [...]
Posted by Marcin on Thursday, April 12, 2007 in
Linux and
Security.
While at ShmooCon, I saw a fair share of rogue ap's pretending to be shmoocon ap's. We worked to pull down these access points, but you can never be sure. To help keep yourself from getting pwned, disable wireless upon startup by commenting out your [...]
Posted by Marcin on Sunday, March 25, 2007 in
Linux and
Security.
Thanks to the amount of feedback on Ideastorm, Dell is seriously considering pre-installing Linux on desktop systems. Having had the chance to play with the Core 2 Duo systems Dell puts out, I can definitely say they are pimpin'. I want one, but my main [...]
Posted by Marcin on Thursday, March 15, 2007 in
Linux and
Tech.
While in L.A. at SCALE, I attended "Admin++, What root Never Told You," by Ron Gorodetzky, sysadmin for Digg.com and Revision3. His presentation gave some insight and tidbits on the things you forget when you have your own startup, and the other problems [...]
Posted by Marcin on Monday, February 12, 2007 in
Linux and
Tech.
I'm heading out to Los Angelos for the 5th Annual Southern California Linux Expo. I'll try and post inbetween sessions (that is... whenever I can). I'll be attending these talks: Leveraging the IT Community (This talk is focused on a building a new broad [...]
Posted by Marcin on Friday, February 9, 2007 in
Linux,
Security and
Tech.
