Sheesh!
I am very glad that only a few people showed up for the Fest at UAT on
Valentines Day ([I colored my hair like Leeloo in the 5th Element;vyou all
missed that amazing sight!] The UAT networking in the nice new lab-type room is
still problematic under UAT's recently updated network security).
We can now use all the power directly from the large tables, boot the nice
newer Dells from CD/DVD/USB (hit F12 at boot), assign static IPs subnets
[10.204.0.61 255.255.0.0 10.204.0.1 gw 10.204.0.100 int dns [and ext dns
{number escapes me} (however, MSDNS/DHCP and Cisco MAC connection controls are
in now place), so we are not getting DNS resolution outside (using the same
settings as the Dell workstations) or successfully able to use the proxy server
[configured to use the same settings as existing XP's] outside of Active
Directory/domain policy. While we might be able to clone the MAC address
(definately a grey area for Acceptable Use with UAT agreements), yet without
A/D auth, we are undoubtably going to have to engineer our own DNS/internet
gateway solutions.
We can use the UAT MS XP Dell desktop systems with their constrained domain
policies and local policy menu limitations to browse and surf, while using our
own Wireless or wired laptops to complete lab exercizes. THIS IS A HUGE
IMPROVEMENT over the shopping cart of old extension cords, switches, routers
and cables I was dragging in to setup starting at 10AM every month. The
InstallFests upstairs always suffered from being able to have more than a
handful of people connected to the network concurrently unless someone brought
in equipment.
Backtrack3 is not compatible with the Dell Keyboard/Mouse USB or PCI with
freeze during boot, which as yet needs to be resolved, however my Knoppix and
Ubuntu 8.10 tool USBs as well as the new Samari (ubuntu based) distro booted
easily - ping each other, but cannot get out (Dell desktops do not have
wireless at UAT.edu).
Of course, I can bring in my DELL PII and run both a ppp0 to Sprint EDVO, and a
wired connection, with port forwarding running a DNS server and everyone can
use it as a gateway; albeit SLOWLY - Laugh! Any such local HackFest DNS server
or laptop wireless/wired proxy will certainly work for external browsing.
However, we will coordinate with UAT's staff for solutions, as recommended.
We went over new subjects including KDE/Gnome .desktop "virus" attachment
security issues, XSS proxy description and dissection, disk/drive melting for
secure data protection, NTP via Netcat packet spoofing to misuse pool.ntp.org,
SHA1 Verisign certificates, MD5 entropy and DNS inherent protocol insecure bad
behavior as as well as learning a bit about botnet tracking and commercial
pentesting tools currently in place in Financial top shelf shops. PLUG
members wow'ed us with a breif introduction of the "Story of B" by Daniel Quinn
while also exchanging descriptions of geeky, eye glazing Valentines Day right
brained gifts [comix DVD's]. As usual, discussion evolved into limitations of
open source tools in a corporate environment, the irony of dumbing down wit via
American educational caste system, the nature of profit and profitability
within non-exempt federal employment standards balanced with employer/task
directed respect, and joked about whether the "PLUG best and brightest" from
the December Hamaci Hackfest might have actually taken more flags than
announced - and were now hiding out in pwnership of us all? We reminded
everyone to think outside the box, refuse to tow the stereotyped adages that
compare one distro to another favorably [Linux is "more secure" than
Microsoft"], always REPORT and solicit assistance (say from pool.ntp.org where
extensive rogue packets are plaging the nix network neighborhood).
Again, we have a call for presentations for HackFests from anyone. Youtube
exposure is of course, optional. The "Unknown Security Professional" plain
paper bag with eyeholes can be donned for corporate modesty!
NOTE: K. Westphals excellent video from January Hackfest is only available via
private access - so contact me for that good forensic training session vid.
obnosis.com | wiki.obnosis.com| (503)754-4452
PLUG HACKFESTS 2nd Saturday Each mo...@noon - 3PM
Date: Sat, 14 Feb 2009 12:43:06 -0500
Subject: Re: HackFest Today Room 107 at UAT.edu
From: [email protected]
To: [email protected]
I sure wish I could be there!
On Sat, Feb 14, 2009 at 12:12 PM, Lisa Kachold <[email protected]> wrote:
The shiny new UAT HackFest (InstallFest) lab room #107 includes bootable
workstations, power and networking!
Show up today (bring your LiveCD's) and help me check it out!
Open Presentation format - Loosely called Patch Procrastinators Recovery Group!
Noon - 3PM!
obnosis.com | wiki.obnosis.com| (503)754-4452
PLUG HACKFESTS 2nd Saturday Each mo...@noon - 3PM
Windows Live™: Keep your life in sync. See how it works.
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
--
:-)~MIKE~(-:
_________________________________________________________________
Windows Live™: E-mail. Chat. Share. Get more ways to connect.
http://windowslive.com/howitworks?ocid=TXT_TAGLM_WL_t2_allup_howitworks_022009---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
