Image
 
Latest Additions
 
EH-Net Login
Welcome Guest.






Lost Password?
No account yet? Register
Who's Online
We have 14 guests and 1 member online
EH-Net Donations

Enter Amount:
$

Google Ads
ChicagoCon 2008f
chicagocon2008f_125x200banner.jpg
ChicagoCon 2008f
EH-Net News Feeds
Latest Additions
Book Recommendations





 
Advertisement

You are here: Home arrow Forum
Ethical Hacker Community Forums
October 12, 2008, 04:24:20 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Registration Now Open for ChicagoCon 2008f Oct 27 - Nov 2! Visit www.chicagocon.com.
 
  Home Help Calendar Login Register  
  Show Posts
Pages: [1] 2 3 ... 30
1  Ethical Hacking Discussions and Related Certifications / OSCP - Offensive Security Certified Professional / Re: Next Up OSCP101 v2.0 on: October 08, 2008, 09:40:54 AM
Quote
# man host
...
SYNOPSIS
       host [-aCdlnrTwv] [-c class] [-N ndots] [-R number] [-t type] [-W wait]
            [-4] [-6] {name} [server]
...

so.. 'host -t ptr 1.2.3.4 ip.of.dns.server' is giving no joy?

Are you sure you've found a legit DNS server?
2  Ethical Hacking Discussions and Related Certifications / OSCP - Offensive Security Certified Professional / Re: Next Up OSCP101 v2.0 on: October 08, 2008, 02:29:23 AM
Make sure you add the DNS to your resolve.conf file...
...Just make sure you add it to the top of the list for speed

...or query the DNS server you found directly with the host command (nice opportunity to test your newly found bash-fu Wink )
3  Ethical Hacking Discussions and Related Certifications / Other / Re: Holiday Ideas on: October 07, 2008, 10:31:13 AM
I'm primarily looking for cool things to give adult males.  I have a number of co-workers who I need to get gifts for, and aside from a bigger lab with more toys in it, I need to find some reasonable things that I might like.  I'm completely out of touch with what cool new gadgets and toys are out there.

phn1x: I completely agree with you there.  I love the books.

I haven't got this myself yet, but I have heard good things about it:
Build Your Own Security Lab: A Field Guide for Network Testing (Paperback).
It's a book that could get people a bigger lab with more toys, two birds with one stone Wink
4  Ethical Hacking Discussions and Related Certifications / Programming / Re: find libraries include in c programming on: October 07, 2008, 05:38:15 AM
Nubie,

sounds like you are going down the right track. Basically find each *.h (along with asociated *.c) file that is missing and make sure the compiler knows where to find it. Once you've traced everything down it *should* compile.

I wouldn't recomment trying to recreate the libraries yourself.....
5  Resources / News from the Outside World / Re: Fyodor Explains TCP DOS attack on: October 07, 2008, 04:00:43 AM
Agreed this is a good article that goes beyond the media circus of 'Oh noes, the sky is falling'. I'm just waiting to see if there is any real impact from the findings once they release full details.

Think BillV beat you to the punch though....
6  Ethical Hacking Discussions and Related Certifications / Hardware / Re: Encryption on: October 06, 2008, 03:40:41 PM
Scucci,

I've only got limited experience as I've only used one of the products that you mention, and only from an end-user perspective. My employer recently rolled out CheckPoint PointSec, and I managed to get it to hose my laptop within a week. Hard-drive would not boot past the PointSec login, obviously HDD is encrypted, so recovering data was not possible. Thank goodness for good backup policies.

It seems the system didn't like being booted from a USB stick into BackTrack (disclaimr: may not have been the pen drive, however ran Windows [I know...], booted to Backtrack, back to Windows, dead box)

However, with the exception of my box, the system was successfully rolled out to many users without issue. Buyer beware, in this case backups and system restores covered my a$$.
7  Ethical Hacking Discussions and Related Certifications / OSCP - Offensive Security Certified Professional / Re: Next Up OSCP101 v2.0 on: October 06, 2008, 09:46:08 AM
Dark_Knight,

Hope you enjoy the OSCP. From my experience it was a great course and I learned a lot (and confirmed a lot of stuff I 'sort of' knew from other sources). My lab time (took 60 days) finished around a month ago and I have the exam scheduled *soon*.

I'd advise not taking your foot of the gas (as I did) if you start to get through the material quickly. Some of the final challenges and extra miles can be challenging and time consuming. Plus I would have liked to have spent more time 'playing' in the lab after completing the required exercises.

Let us know how you get on, specifically I'd be interested to see how the material compares to the CEH you've already got, as it's on my list of potential 'nexts'....

<Edit> as a side note, any advice from those already passed the exam would be appreciated as I'm starting to get slightly nervous...</Edit>
8  Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: What info can be obtained just from IP on: October 05, 2008, 03:32:21 AM
http://www.yougetsignal.com/ lots more functionality and tools though  Grin

Nice catch, hadn't found that one before, cheers Cheesy
9  Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: What info can be obtained just from IP on: October 03, 2008, 04:29:57 AM
The level of information often depends on the thoroughness of the organisation if they have provider independant (PI) IP space, or the thoroghness of the local internet registrar (LIR) if they have provider aggregated (PA) IP space.

From a whois search on the IP you should be able to get valid information for the organisation actually using the IP (this is a requirement made by the regional internet registrars (RIR) [at least in Europe, RIPE's authority]). However often these records are ambiguous or outdated as they are not updated as regularly as they should be. Also some larger LIR routinely assign IP space from a large allocation (typically a /19-/24) and only update the whois records for the parent block.

Another useful tool for recon work is myipneighbors/, as it allows you to find other domains using the same IP. This is useful for services running virtual hosts on the same server or shared colocation environments.

It's worth noting that the above techniques do not cause any traffic to reach the target from your IP address, so they are silent in that regard. Obviously once you start stepping up a gear with port enumeration and banner grabbing etc. this changes completely.

Hope this is some help.
10  Ethical Hacking Discussions and Related Certifications / Malware / Re: New DOS Attack Is a Killer.. (from Dark Reading) on: October 03, 2008, 04:17:23 AM
Nice article Bill, thanks for sharing.

It'll be interesting to see how close Fyodor has got once the full details of the 'new' attack are released.
11  Resources / Tools / SysInternals Update on: October 02, 2008, 03:55:46 AM
Guys,

looks like the SysInternals suite has been update. The ISC state it better than I could:
Quote
Christmas in October!

Frequent contributer Roseman pointed out the release of updates to the free SysInternal's tools.  For those of you who regularly use the SysInternals tools to debug and understand Windows you understand when I say this is like an early Christmas.  For those of you who are not yet enlightened about SysInternals...you should take a look.

The major change is a update to Process Monitor..."adds real-time TCP and UDP monitoring to its existing process, thread, DLL, file system and registry monitoring."

Get your stocking fillers HERE
12  Ethical Hacking Discussions and Related Certifications / Malware / Re: Whitehat rootkits to prevent theft? on: October 02, 2008, 03:23:34 AM
NickFnord,

just come across this story on Slashdot which may be of interst

Quote
After his computer was stolen, Jose Caceres used a remote access program to log on every day and watch it being used. The laptop was stolen on Sept. 4, when he left it on top of his car while carrying other things into his home. "It was kind of frustrating because he was mostly using it to watch porn," Caceres said. "I couldn't get any information about him." Last week the thief messed up and registered on a web site with his name and address. Jose alerted the police, who arrested a suspect a few hours later. The moral of the story: never go to a porn site where you have to register.
13  Resources / Tools / Re: ServifyThis on: October 01, 2008, 09:51:49 AM
Don,

nice heads up, my brains boggling with ideas

(all of them ethical of course Wink ....)
14  Ethical Hacking Discussions and Related Certifications / Malware / Re: New DOS Attack Is a Killer.. (from Dark Reading) on: October 01, 2008, 09:43:47 AM
Brian,

I read this over at DarkReading earlier today. I'm hoping it's more hype than substance as this could be fairly nasty if it lives up to billing. Can't see too much point in worrying at the moment though, as there aren't enough details release to the mainstream to work on a defence, and supposedly there are no work arounds at the moment.

Think I might start panicking if future developments on this go sour...
15  Resources / Tutorials / Re: Unfreeze The Deep Freeze - Step by Step tutorial to bypass Deep Freeze on: October 01, 2008, 03:07:10 AM
It doesn't really matter, considering that it's been patched.

Of course every system in the world is fully patched.....
Pages: [1] 2 3 ... 30
Powered by MySQL Powered by PHP Powered by SMF 1.1.5 | SMF © 2006-2008, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com
Valid XHTML 1.0! Valid CSS!
Page created in 0.051 seconds with 21 queries.
 
Polls
Why a Career in Ethical Hacking:
 
Support EH-Net
chicagocon2008f_125x200banner.jpg
ChicagoCon 2008f


Support EH-Net by
Buying all of your
Amazon items using
the search bar above.

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

Sadikhov.com
Top IT Cert Sites

binarica.com
Binarica Logo

Add to Technorati Favorites
technorati fave

chicagocon2008f_125x200banner.jpg
ChicagoCon 2008f
 
         
Advertisement

© 2008 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.