Now that everyone and their mother has posted about Back|Track Final being released I feel that I am safe in disclosing that information. But on to the topic, with said release, the folks over at Paterva have released a “Community” edition of Maltego. Straight from the horses mouth, here are the limitations:

Limitations

The Community Edition is limited in the following ways:

• A 15second nag screen

• Save and Export has been disabled

• Limited zoom levels

• Can only run transforms on a single entity at a time

• Cannot copy and paste text from detailed view

• Transforms limited to 75 per day

• Throttled client to TAS communication

Also, directly on the heals of this release is a community forums! Which haven’t quite been linked to from the main site, but I HAVE AUTHORIZATION THIS TIME!… not going to make the same mistake twice. Anyways, go check it out.

So I had another one of my harebrained ideas and it goes something like this:

Do you use your “DMZ” feature on your router at home? If you do, you shouldn’t. It’s like putting your computer directly on the net. Bad idea all around. Well, instead of having all those packets hit a brick wall, why not put them to good use?

So, create a Virtual Machine that you have running on your system and point your DMZ switch at. Here are the specs:

1. Has an IP (duh?)

2. Low memory and cpu usage. You don’t want this thing inconveniencing the user, or else it will never be widely used.

3. At all costs, does not allow anything it sucks up to get out. Something like a hard iptables block of everything outbound except it’s packaged dumps

4. Has to be able intelligent enough to correlate streams and sessions

There are probably more things that it could do, but if this could be widely used, anyone trying to *ware analysis would have more data than they would know what to do with. You start to correlate data with mass amounts of people, you can make block lists, and virus definitions, and all kinds of good stuff. This is the kind of information that big vendors like Symantec and McAfee already have from their products being installed on your systems. Although, they don’t have the DMZ pointed at them.

Hmm, there would also have to be some kind of sanitization. That way no P2P or otherwise not so legal traffic would be published… If you have ideas on how that portion could be done, please post a comment.

So I was at a ‘talk’ recently where the topic was geared toward technically inclined, but the whole talk was geared toward managers and low level IT bubbas, if you will. But as I sat there stabbing myself in the eye with my pencil (hence the mad cow reference) I can up with some hair brained ideas. Now, some of these ideas might already be out there or thought of, and I haven’t googled any of them, just wanted to write them down somewhere for people to comment on.

1. Ringtone viruses: Now this was by no means an idea that I had but it was mentioned during the talk and I was intrigued how it worked or if the presenter just pulled it out of thin air. The reason I bring it up, other than for someone to explain it to me, but for reference later.

2. iPhone SDK based GPS hacking: So here is an idea, with the new craze that the new cheaper iPhone is going to create, what is stopping the mal-ware writers from writing an cool app that you can download, and now since you are connected to “MobileMe” it sends all of you email, contacts, files, and calendars to a new source. Plus now that it syncs everywhere, you think you are syncing with the “cool” apps servers and what they are doing a completely new form of spyware. They have a gps location on you, read your email, and have all of your corporate documents that you sync to iDisk. Talk about a Social Engineer/Phishers dream.

3. Contact Phishing: To keep going down the route we are already on, how often do you check to make sure that the phone number you have for “bank” is the correct number in your contacts list? What if someone using one of the previously mentioned avenues of attack, changed that number to another number and set up a Phishing 1800 line? Now, instead of having a browser to tell you that you are on the wrong server, you have to trust….. ? Exactly.

So to completely derail this post off the Mobile Hacking topic. I am looking for a good reference on Unix/FreeBSD crypto. I have a friend that is completely convinced that even if someone has your /etc/shadow file, that you are not in any danger. Help me out guys, a link, and explanation, anything would work.

This was originally posted at http://www.jpugh.org/2008/01/vonage-and-ekiga-on-suse-linux.html

I had to find it via google cache as the page is no longer there or has just been down for the past week. So I am reposting it for reference:

Vonage and Ekiga on SUSE Linux

For the first time ever, I lost my cell phone. No freakin’ idea where it went and this IS the first time I have every lost a phone. Quite pissed.

Regardless…in my searchings for a better way I figured I’d take a look at VOIP using Ekiga. I have been a Vonage user for several years now so that was my first stop. I found an article that outlined using kphone with Vonage so I started digging.

First, you must have a softphone number from Vonage. It’s 9.99 per month and you can register for one at Vonage (do email me as you will get me a free month and I can get you an extra month free!).

Once you have signed up for a softphone number and received all of the gory details simply open Ekiga and input the following into a new account:

Account name – I used Vonage

Registar – sphone.vopr.vonage.net:5061

User – enter your complete softphone number – don’t forget the “1″

Password – enter the password Vonage provided.

Once you click the checkbox to activate it you will see “Registered to sphone.vopr.vonage.net” and you are all set.

Enter in a phone number and enjoy calls through Vonage on Linux!!

A low doorway in the east wall allows access to the example room, a glowing

portal in the north wall leads to the mortal start area, and to the northeast

is the quiet room, the door of which is currently open.

The LIMA mudlib greeter stands here, smiling politely.

There’s a Camaro Z28 parked here.

Sco’s Pet

There are many clear bottles here.

A map of Lima Bean is pinned to the wall.

There’s a Camaro Z28 parked here.

Onoz the title-less [fully documented] [idle 1w]

Acidtrux of Anomaly [idle 3d]

The ghost of Jetboy [idle 1d]

Boo the title-less [idle 1w]

Lollerskater the title-less [fully documented] [idle 3d]

Xdne the title-less [fully documented] [idle 1w]

Mudos the title-less [idle 1w]

Rarry the title-less [idle 3d]

Skout the title-less [fully documented] [idle 1d]

Tuning in the newbie channel (newbie /on)

Tuning in the gossip channel (gossip /on)

get in Camaro Z28

You can’t get in Camaro Z28.

hello

Getting desperate?

no

I don’t know the word: no.

why not

You can’t be serious.

I am

I don’t know the word: I.

why

Gamedriver tell you, “Why the hell not?! Let’s shutdown…”

ok

You ok.

yes

You exclaim, “YES!”

eat Sco’s Pet

There is no Sco’s Pet here.

eat Sco

There is no Sco here.

jump

You jump up and down.

duck

You duck.

do the thriller

I don’t know the word: do.

cry

You cry.

Hi Ken Shoto… I know one of you is seeing this.

There is no Shoto… I know one of you is seeing this. here.

hahah

I don’t know the word: hahah.

why not

An interesting idea.

thank you

You thank you.

you’re welcome

There is no welcome here.

Now don’t start that again!

I don’t know the word: Now.

quit

You have left KMud.

Connection closed by foreign host.

So, I have to apologize to the whole Security community for my idiocy. Yesterday I was made aware of a post about Backtrack 3 Final coming out. The link I received was a link to Mut’s blog. While reading the post it mentioned something about an early IRC release. Proceeding to IRC I found a direct link to the ISO in the topic. Excited about the release I failed to read the rest of the topic in IRC mentioning that they wanted it to stay within the IRC community. I then started sending out a link to Mut’s post, and the link to the ISO out to my friends and the Wifi Sec mailing list.

Today at some point the ISO was pulled offline, according to an email I received, due to my Wifi Sec posting.

I am sorry to everyone in the Remote Exploit community, and especially Mutts, Max, and MjM. So, if you read this and see me at one of the conferences. Mention this post’s title and I owe you a beer.

Recently I have been hearing a lot of innovators posting to their blogs that they are pursuing new employment with Microsoft, and I wonder if they are making sneaky power plays into the Open Source market. Taking it’s best projects and plucking their leads. For example:

KnoppMyth Creator:

http://mysettopbox.tv/index.html#News

EDIT: The above article seems to be an April Fools joke that I was late to the party on. Thanks to Mark for calling me out.

Castle Cops – Owner/Operator – Paul Laudanski

http://www.castlecops.com/t223152-Must_Read_Important_Announcement.html

Now, don’t get me wrong, everyone needs their family and Open Source is a thankless job sometimes. I am not trying to dog on them for going Microsoft. I am just wondering if they are doing this to give these gents a job and make their product better, or just get rid of supporting competition.

Just my rant on what I am seeing. Sounds a bit like dvorak.org/blog eh?

— mubix

What happens when the lights go out. Power is gone and all you have left is your thoughts and a laptop that’s battery is quickly dieing? You write. Movies will take up too much power and it’s too dark to read so you write. What do you write about, does it really matter? You write.

I am a part of a great many projects but I can’t say that I have contributed to them very much. But I would like to in this post, since I have the time all of a sudden, take the time to acknowledge the real people who are making things happen:

First of we have Roelof Temmingh. His hard work and dedication to his project Maltego has created something as revolutionary as the search engine. Now, you may say that that is one hell of a statement and shouldn’t be tossed around like an Emmy. I am here to assure you I am not. Just as ArcSight, if implemented correctly and cared for is one of the greatest tools a Information System Incident Responder can have, Maltego is the information gatherer’s most valuable asset. From Intel bubbas to Social Engineers to Private Investigators. This tool is not something you can live without any longer. Why? Because your opponent is already using it.

http://www.paterva.com/

The next project I would like to talk about is the WiFi Security mailing list. Dninja and Joshua Wright as some of the brightest minds in the field of 802.11. Joshua Wright is well recognized, but I think Dninja is less so. Both Josh and Dninja are working on incorporating Karma into embedded devices, mainly the Fon Router. The Fon is a extremely small form factor router that still has enough embedded memory to be useful for modding. Their continued research, by all of those in the WiFi Security mailing list, directly impact the 802.11 field. That impact is seen in the increased security we are seeing in WiFi devices and software every day.

http://www.securityfocus.com/archive/137/description

The Mal-Aware team. Lance James and the gents over at Castle Cops are the main players in this team but collaboration from around the world is done on these mailing lists. Closely working with the FBI and other federal and foreign agencies. The brain power that make up the list of email addresses joined together in this list could swell any room. Like mythological super heroes, they dedicate their free time to making the internet a safer place each and every day. [

http://www.mal-aware.org/

](http://www.mal-aware.org/)

Last but not least is the crew over at Hak.5. Darren, Wess, Ally, Paul, and the latest addition Matt. I probably wouldn’t be as ingrained in the “Hacker” world as I am now without these guys. The videos they produce on such a limited budget are entertaining and, in my opinion, rival the professionalism of Hollywood. What they produce is always innovative and informative. Even if they mod the Guitar Hero guitar every other episode. Even though they criticism from all angles, they continue to produce and put out a video podcast that is as of yet unmatched in it’s market.

http://www.hak5.org

The reason I am writing this post, other than boredom, is to sort of tip my hat in humility to these innovators. Some of the readers of my blog think highly of me. I wish only to transfer that respect to those who deserve it. I am humbled to be apart of such amazing projects and be witness to their impact on the world.

— Rob Fuller (a.k.a. Mubix)

P.S. So basically, buy Maltego (or get your company/school to), join the WiFi Sec and Mal-Aware mailing lists, and watch Hak.5. Support these projects in any way you can, because they have already supported you in one way or another.

The videos from ShmooCon 2008 have hit the shelves. Go download them at:

http://www.shmoocon.org/2008/videos/

Digg It

EDIT: As of the time of this post, some of the videos are incorrectly named. Here is the 1-> 1:
Correctly Named:

1. 21st Century Shellcode for Solaris

2. Advanced Protocol Fuzzing – What We Learned when Bringing Layer2 Logic to SPIKE land

3. Backtrack Demo – “Hacking and Stuff”

4. Bake Not (Fried, spelling error on filename) Fired – Performing Unauthorized Phishing

5. Closing Remarks

6. Forensic Image Analysis for Password Recovery (same video is also under another name below)

7. Got Citrix Hack it!

8. Hacking the Samurai Spirit

9. Keynote Address – Alex Halberman

10. . Legal Issues for Bot-Net Researchers and Mitigators

11. . Malware Software Armoring Circumvention (same video is also under another name below)

12. . On the Social Responsbility of Hackers – Hacker Panel

13. . Opening Remarks

14. . Path X – Explosive Security Testing Using Xpath

15. . PEAP Pwned Extensible Authntication Protocol

16. . Practical Hacker Crypto

17. . SIPing Your Network

18. . The Geek and the Gumshoe

19. . They’re Hacking Our Clients – What are we focusing on Servers? (same video is also under another name below)

20. . TL1 Device Security (same video is also under another name below)

21. . Using Aspect Oriented Programming to Prevent App Attacks

22. . Virtual Worlds – Real Exploits

23. . VOIP Penetration Testing Lessons Learned

24. . Web Portals – Gateway to Information or Hole in Our Perimeter Defenses

25. . Why are Databases so Hard to Secure

26. Named: Flash Drives and Solid State Drives Data Recovery Comparison to Hard Drives

    • Actually: Hacking Windows Vista Security

27. Named: Active 802.11 Fingerprinting

    • Actually: Using Aspect Oriented Programming to Prevent App Attacks

28. Named: Own the Con

    • Actually: TL1 Device Security

29. Named: A Hacker Looks Past 50

    • Actually: RenderMan’s: How do I Pwn Thee

30. Named: I will be your Eyes and Hands

    • Actually: Malware Software Armoring Circumvention

31. Named: Intercepting Mobile Phone GSM Traffic

    • Actually: Forensic Image Analysis for Password Recovery

32. Named: Passive Host Characterization

    • Actually: They’re Hacking Our Clients – Why are we focusing on Servers

33. Named: Smarter Password Cracking

    • Actually: Practical Hacker Crypto

34. Named: Vulncatcher – Fun with Vtrace and Programmatic Debugging

    • Actually: Path X – Explosive Security Testing Using XPath

35. Named: When Lawyers Attack! Dealing with the New Rules of Electronic Discovery

    • Actually: Legal Issues for Bot-Net Researchers and Mitigators

36. Named: You Must Be This Tall to Ride the Security Ride

    • Actually: Closing Remarks

Oregon’s State Legislature passed a law that provides a full-tuition waiver for a bachelor’s or master’s degree at an Oregon University System institution for children or spouses of service members who died on active duty, became 100 percent disabled in connection with military service, or died as a result of a disability sustained on active duty

My home state rocks.
Military.com’s Writeup | digg this story