Not any more it seems, BT4 is Ubuntu(Debian) based:
http://remote-exploit.org/news.html

I enjoyed doing this a lot, but unfortunately life got in the way of submitting my entry. I would like to thank you guys for one of the hardest laughs I had in ages, I thought I'd pulled all the data out, cracked all the codes, found the murder etc but was sure I was missing something.

I didn't have my usual set up with me, so decided to  d/l a distro and setup a new VM for a final play, there were issues so long story short: I spent nearly 2hrs setting myself up for a rickroll.

Coffee. Everywhere.

I didn't stop laughing for a good five mins.

Thanks again

I'll concede the StN series are good, some of the other technical-fiction books Syngress have put out are really quite bad* (good from a technical point and have got me thinking, but not the easiest of reads)

I'll n-th Cookoos Egg, I need to get hold of it again as I'd like another read of it.

* other opinions are available

I use several of them at home (Devolo). The main concern I had with them is the signal leaking out on to the local grid or worse it leaking in and reducing my bandwidth! but from what I've read the signal is stopped by your meter so won't go beyond that, and I've never seen any other signals leaking in.

Localy, yes it should all be nicely encrypted as long as you've taken the time to set it up properly (this job took a few mins for me). And all though it would be possible in theory to sniff the power to grab the traffic and maybe decrypt it, if someone can do this they're in your house and you might have bigger issues.

As long as your wiring is good you should get a decent rate. Home Plug AV standard is 200Mb, I routinely get 180Mb, but this is shared with all devices (think of you house as one big hub)

HTH
Chan

Hey wirespeed, looks like we'll be doing it at the same time I've just done my VPN test and thrown a handful of cash at the offensive security guys.

Hoping I've done the right thing, although having a good few years IT under my belt, and more than a passing interest in Security I still feel lacking in hands-on time (one reason I chose OSCP). I'm sure we'll both be fine though


How much Python is actually involved? is it really for Metasploit development or is there more to it?

just in case you didn't know M$ extended the beta beyond the first 2.5mil to everyone who can get a copy before the 24th Jan.

Out of interest, can anyone tell me if disk encryption ends up requiring more writes to disk?

I think the "how secure is 802.1x" depends on how much 802.1x you're willing to implement, it's a bit of a broad standard from what I know.

You can require computer certificates, only available over an initial wired connection (if you're talking wireless) and a valid user cert once you've logged on before being dropped into the right valan etc all do-able with a 2k3 AD. Plus side of requiring both certs is you can revoke either

Yeah getting the initial comp cert could be a pain if you've got a huge amount of laptops to secure, but it only needs to be done once. I've seen it done with a couple of hundred machines in very little time.

This is all 802.1x for wireless connections, which seems fairly nails. - wired I've had no experience with.

Nice, I'd been wandering what other people put it theirs. Glad to see I was close to the mark with the one I came up with

Very helpful, thanks.

http://www.damnvulnerablelinux.org/ does what it says on the tin.

HTH

Chan

If you've not read it "the cookoos egg" by Cliff Stoll is a great read.

It certainly has a infosec/hacker story but it's not just a book for geeks.

http://oss.oetiker.ch/mrtg/ MRTG will cover 1) & 2) quite nicely, maybe even 3) if you're willing to put the time configing (and horse power!*) in.

We had one box graphing about 500 nodes for in/out bandwidth use over 3 or four time periods and it seemed to do its job fine.

It does need a bit of time setting up, but there's masses of config help and tutes online. I do have one or two gripes about it, but it has helped me get to the root of a couple of issues.


Might not be quite what you want, but I thought I throw it out there anyway.


*not just the processing on the monitoring box but the overheads on the network hardware

--edit--

while I think about it I've had sucess with observer http://www.netinst.com/products/observer/index.html for tracking down issues too, but it's not free.

If you want to check if it's destroyed the world yet there's a handy little site here: http://hasthelargehadroncolliderdestroyedtheworldyet.com/

 

Should he be sat in a jail cell for the next few years? Yes. Most certainly

Should he be extradited? No. According to UK law he committed the offence in the UK and should therefore be charged and tried in the UK courts. There have been many similar cases where extradition was refused. The only reason I can see that this is different is that he's been labeled a terrorist (which IMHO is BS).

Both sides have been guilty of this from day one "your going to serve 45yrs unless you come quitely" "Guantanamo Bay for you boy" etc.. but that's just lawyers for you.


The claim by the media that McKinnon is "worlds greatest hacker" is laughable. From what I've read he's one step up from a script kiddie, maybe not even a whole step, a skiddie with lifts in his shoes.

The UK really needs a Con, so I would be very interested.

Birmingham is good a place as any.


BrumCon?