Playing with libnet

I wrote a function that writes packets to the wire. It takes the source IP, destination IP, and destination port. The fucntion, writePackets(), uses the libnet headers. On ArchLinux these can be installed with pacman -Sy libnet. I was inspired to write this because I am in the process of reading Hacking: The art of exploitation by Jon Erickson. It covers a lot of the basics of reading assembly as well as some often over looked programing flaws that lead to buffer overflows.


Easy Pentesting: Metasploit's db_autopwn

Everyday, life gets easier for script kiddies. These days everything is pretty much automated. I came across the db_autopwn feature of the Metasploit Framework a few semesters ago and I think it's definitely something that security professionals should know about and administrators should use as a quick way to find holes in their network. Try it now before someone else on the Internet does.


Open Source Load Balancing Project

The semester has been closing in. Graduation is almost here and I've been extremely busy. I've launched a new project that hopes to push open source software into more widespread use in the load balancing department. The idea is to do a bunch of research on the benefits of load balancing in trying to keep availability during a DDoS attack. I've been working on a Python script to do the DDoS simulation as well as setting up a small test environment with the equipment I have on hand.


UAT Places 2nd in Western Regional CCDC

The Western Regional Collegiate Cyber Defense Competition took place last weekend and I'm proud to announce that my team, UAT, took 2nd place. The competition was a total of 29 hours including a 24 hour session where we were given plenty of tasks. Everything from setting up an E-commerce site to giving a presentation on multi-factor authentication. The team consisted of myself and 7 other UAT NetSec students.


Cyber Defense Competition, Pomona

This year I will be joining a team of 8 fellow network security students on UAT's Cyber Defense team. We will be taking a road trip to sunny Pomona, California to compete in the Western Regional Collegiate Cyber Defense Competition.

We will be competing with 4 other Universities at California State Polytechnic University. The winner of this can then move onto the nationals in San Antonio, Texas.


Recovering GRUB after accidentally writing to MBR

The other day I decided to partition out a tiny bit of my hard drive (10 GB) to install Windows XP. I figured it was good to have around to play games in my spare time. No big deal, the install went fine. Then I realized Windows likes to take over the MBR. Grub was no longer my default boot loader. So in order to boot back into Ubuntu I needed a live CD. Honestly, any live CD should work fine for this (try Ubuntu's if you don't have a preference).

Once in you're in your live environment, you need to go into grub's console with the following command:

$ grub


Avahi daemon ruins .local domains

This has been known for quite some time. Avahi is used service discovery like finding printers. It's similar to Mac OS X's Bonjour service. Unfortunately, when you have a .local domain (which I do) it seems to mess with things. For example, I cannot refer to anything in the .local TLD by name. So to fix it I've been just stopping the service.

sudo /etc/init.d/avahi-daemon stop

This works but isn't a permanent solution. To fully remove Avahi from startup use the update-rc.d command.


$ sudo update-rc.d -f avahi-daemon remove



Subscribe to Allan Feid RSS