I wrote a function that writes packets to the wire. It takes the source IP, destination IP, and destination port. The fucntion, writePackets(), uses the libnet headers. On ArchLinux these can be installed with pacman -Sy libnet. I was inspired to write this because I am in the process of reading Hacking: The art of exploitation by Jon Erickson. It covers a lot of the basics of reading assembly as well as some often over looked programing flaws that lead to buffer overflows.

To crack a zip file password there are many tools out there. Since I'm primarily using Linux I went with a quick Google search and came across fcrackzip. This is a free program that allows for both dictionary and brute force cracking of zip file passwords. It is not difficult to use and offers a wide range of options.

Everyday, life gets easier for script kiddies. These days everything is pretty much automated. I came across the db_autopwn feature of the Metasploit Framework a few semesters ago and I think it's definitely something that security professionals should know about and administrators should use as a quick way to find holes in their network. Try it now before someone else on the Internet does.

The semester has been closing in. Graduation is almost here and I've been extremely busy. I've launched a new project that hopes to push open source software into more widespread use in the load balancing department. The idea is to do a bunch of research on the benefits of load balancing in trying to keep availability during a DDoS attack. I've been working on a Python script to do the DDoS simulation as well as setting up a small test environment with the equipment I have on hand.

The Western Regional Collegiate Cyber Defense Competition took place last weekend and I'm proud to announce that my team, UAT, took 2nd place. The competition was a total of 29 hours including a 24 hour session where we were given plenty of tasks. Everything from setting up an E-commerce site to giving a presentation on multi-factor authentication. The team consisted of myself and 7 other UAT NetSec students.

This year I will be joining a team of 8 fellow network security students on UAT's Cyber Defense team. We will be taking a road trip to sunny Pomona, California to compete in the Western Regional Collegiate Cyber Defense Competition.

We will be competing with 4 other Universities at California State Polytechnic University. The winner of this can then move onto the nationals in San Antonio, Texas.

I was leaving a movie theater in Tempe last night and my friend Sean noticed this:

The other day I decided to partition out a tiny bit of my hard drive (10 GB) to install Windows XP. I figured it was good to have around to play games in my spare time. No big deal, the install went fine. Then I realized Windows likes to take over the MBR. Grub was no longer my default boot loader. So in order to boot back into Ubuntu I needed a live CD. Honestly, any live CD should work fine for this (try Ubuntu's if you don't have a preference).

Once in you're in your live environment, you need to go into grub's console with the following command:

$ grub

This has been known for quite some time. Avahi is used service discovery like finding printers. It's similar to Mac OS X's Bonjour service. Unfortunately, when you have a .local domain (which I do) it seems to mess with things. For example, I cannot refer to anything in the .local TLD by name. So to fix it I've been just stopping the service.

sudo /etc/init.d/avahi-daemon stop

This works but isn't a permanent solution. To fully remove Avahi from startup use the update-rc.d command.

<

pre>
$ sudo update-rc.d -f avahi-daemon remove