Posted: Sat Feb 04, 2006 4:47 pm Post subject: Jan '06 SFDC Column
January í06 SFDC Column
A belated Happy New Year to all of you who celebrated it from us here at SFDC. It has been another phenomenal year for us. Not only in terms of growth, but also in terms of questions asked, and questions answered. We have seen quite a few new trusted sources, and moderators being offered positions. On that note several of our older moderators have had to move on due to increased demands in their real life. Though they are still around the forum we wish them continued success in all of their endeavors. With that said lets go back over some of last months posts.
This thread on Norton Ghost was started with the user asking what the compression rates were for this program. We can see from the answers supplied that there is a variety of conditions which apply to how much you can compress files. It is worth noting though that with the very inexpensive cost of hard drive space it is of little importance really the compression rate. Though it does make for an interesting Google search to find out the answer to it. One thing that was not noted is what system administrators already know. That being you must have backups or system images in the event of a hard drive failure, or other such calamity. There have been several times in the past that I have seen such occurrences. When the admin tried to restore from the backups he saw that the backup itself was corrupted in some way. You should ideally test out your backups to confirm that they are functional! Not everyone has the luxury of a test computer to do so, but if you do then make sure that your backup is just that, a backup.
An interesting thread was started on whether or not it was a good idea to use an unsecured WiFi point to launch attacks were you a malevolent hacker. The answer to that is a resounding yes. It is also one that is very much in use today due to the simplicity in finding one, and also the anonymity afforded by them. Having such an attack methodology as part of your hacking plan is not one that I have seen garner too much media attention as of late though. What would be an excellent idea for some of you is to perhaps try this at home to see exactly how it is done. There are a plethora of tools out there available for you to use that are win32. One of the best ones out there is Airsnort written by the fine folks over at the Shmoo Group You may recall we recently had an interview with the founder of the Shmoo group, Bruce Potter. If you have the time give the interview a read for Bruce is one seriously talented hacker. Back to this thread though. The only way you will truly understand something is by trying to do it yourself. So with that in mind try and see if you can hack you own WAP with say 64 bit WEP enabled. That will give you a fighting chance! Should some of you give it a try please post back in the thread shown in the title here with your results.
This post was split off from a separate query where the member was asking for an explanation on how NAT works. Well our very own M3DU54 took the time to write out an excellent reply detailing just how NAT works. It is these types of posts which really show the community spirit of SFDC ie: a talented member taking the time to write out a well explained, and detailed post for another member. That said this is one of those concepts that one really does need to understand firmly. Networking is of course one of those key concepts that you should really take the time to understand well. Once you have learnt the fundamentals such as this you will be able to make better sense out of other advanced networking topics. Here is a thought for you! Please consider this a challenge from me to all of you. Can any of you detail what exactly happens to a packet from the time it leaves your computers nic card to the time it arrives at the destinations nic card? Should you feel up to the challenge the please post your answer here in the networking forum. Lastly, no M3DU54 you need not apply to this competition .
In this thread the member is asking if it is possible to find a program which will recombine fragmented traffic for him. There is software out there which will reassemble traffic. MattA mentions the very good Chaosreader, and it is a tool I recently wrote about for Window Security. The article series I wrote there dealt specifically with packet analysis and that is why I included Chaosreader. It is an excellent tool to have, and I canít recommend it enough. That said one should also realize that there is fragmented traffic which cannot be reassembled. This is because the attacker deliberately decided to fragment his traffic with the intent of making it impossible to reassemble. For fragmented traffic to reassemble it must be fragmented in logical chunks. Should some of those fragments have overlapping offsets then you would get what is typically called a DoS should there be enough sent to the victim computer. Bundled into every operating system is the TCP/IP stack. Roll those two parts together and you get your kernel. Well within the TCP/IP stack itself are specific stack values which deal with fragment reassembly times and the such. A crafty attacker can take advantage of such values to inflict a Denial of Service condition upon that CPU. Well it appears I have veered off course from the thread in question, but you can now see that it is not always possible to reassemble fragmented traffic.
I will break off the column at this point with a few reminders. Should you wish to write an article for us please bear in mind that it should be between 700-1,000 words in length. If you feel you would like to hash out some article ideaís then please feel free to pm me with your thoughts. Lastly, donít forget to check out Window Security and Windows Networking for the many excellent articles that are there for you to read. Till next month have a great time guys and gals!
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum