Author Archive

« Older Entries

Moar BackTrack 4 and eeePC

Tuesday, December 8th, 2009

I re-did my eeePC 701 last night and now have BackTrack 4 pre-final booting from a 2GB USB drive and using the 4GB SSD for persistent changes.  My process is very similar to what the guys from Offensive Security showed.

Items I used:

  • bt4-pre-final.iso
  • 4GB SSD (/dev/sda)
  • 16GB USB (/dev/sdb)
  • 2GB USB (/dev/sdd)

Here are the steps:

  1. Follow the video but substitute the proper device paths where applicable
  2. When editing the menu.lst, add this to the KERNEL line:  changes=/dev/sda1
  3. ?????
  4. Profit

Post questions, complaints, etc in the comments.

Tags: , , , ,
Posted in Cincinnati 2600 | 2 Comments »

More fun with Excel, vim saves the day

Monday, June 1st, 2009

My fun with Excel continues.  I exported a sheet to a CSV and it had lovely Microsoft formatted characters such as ” and ” that needed replacing.  When you look at these in vim or less, you will see items like <92> and <93>.  To replace these, just do:

:%s/Ctrl+V x 92//g

That’s hold Ctrl and hit v, then release Ctrl, hit x, and type 92.  You will see vim respond accordingly.  MS DIAF IMO.

Tags: , ,
Posted in Cincinnati 2600 | No Comments »

Replacing wildcards in Excel

Tuesday, May 26th, 2009

I have the joy of working on an Excel spreadsheet right now.  To replace an asterisk or wildcard, you must escape the character with a tilde.  For example, changing all * to .+ would be Ctrl+H to bring up the Replace window, then use ~* for your search character and .+ for your replacement.

Tags: , ,
Posted in Cincinnati 2600 | No Comments »

DNS Offenders

Thursday, March 12th, 2009

I noticed some interesting DNS error messages in my syslog and wanted to find out who the biggest offenders were.

sudo grep named /var/log/syslog | awk -F”: ” ‘{print $3}’ | grep ‘^[0-9]‘ | sort > dns_harass_ip.txt
for ip in $(uniq dns_harass_ip.txt); do echo -n `grep -c “$ip” dns_harass_ip.txt` && echo ” — $ip”; done | sort -nr

Let’s break these down and explain.

  1. sudo grep named /var/log/syslog: Show any syslog messages from named
  2. awk -F”: ” ‘{print $3}’: Using the characters colon-space as a delimiter, print the third field (IP)
  3. grep ‘^[0-9]‘: Only show fields that start with a number (IP)
  4. sort > dns_harass_ip.txt: Sort and dump the IP addresses
  5. for ip in $(uniq dns_harass_ip.txt); do: For each unique IP address
    1. echo -n `grep -c “$ip” dns_harass_ip.txt`: Print, without a newline, the number of occurrences
    2. echo ” — $ip”: Then print, with a newline, the actual IP address
  6. sort -nr: Sort by numeric value in reverse, or descending, order

That’s all.  From there you can firewall any outstanding offenders or select a different course of action.

Tags: , ,
Posted in Cincinnati 2600 | No Comments »

BackTrack 4 on eeePC 701

Monday, March 2nd, 2009

Here are the quick steps for installing BackTrack 4 (beta) to an SDHC card on your eeePC.

  1. Download BackTrack 4 ISO
  2. Create a bootable USB (thumb) drive with UNetBootin
  3. Partition the SDHC card for at least one FAT32 partition
    • Partition type 0xC in fdisk
  4. Format the FAT32 partition
    • The apt package dosfstools contains mkfs.vfat
  5. Mount the new FAT32 partition to /mnt/bt
  6. Mount the ISO on loopback
    • mkdir ~/lbt && sudo mount -o loop ~/bt4-beta.iso ~/lbt
  7. Copy the boot and BT4 directories to the mounted FAT32 partition
    • sudo cp -Rv ~/lbt/* /mnt/bt
  8. As root (sudo), run the script /mnt/bt/boot/bootinst.sh
  9. If no errors occur, reboot the computer and hit ESC on boot to boot from the SD slot
  10. Make a ‘changes’ directory on the card (alongside boot and BT4) where modifications can be stored
    1. sudo mkdir /mnt/sdb2/changes
  11. Edit /mnt/sdb2/boot/syslinux/syslinux.cfg and modify this block:
    • LABEL BT4
    • MENU LABEL BT4 Beta – Console
    • KERNEL /boot/vmlinuz
    • APPEND vga=0×312 initrd=/boot/initrd.gz ramdisk_size=6666 root=/dev/ram0 changes=/dev/sdb2 rw quiet
  12. Save the file and reboot

You can start with a simple test to see if it worked.  Add a user for yourself and put yourself in sudoers.  Reboot and if the new user account is still present and has sudo access, then it worked.  I am pretty sure it took longer to type this than it did to install BackTrack.

Tags: , ,
Posted in Cincinnati 2600 | 5 Comments »

Notacon 6

Monday, March 2nd, 2009

Notacon is April 16th through 19th in Cleveland, Ohio.  As in previous years, some of us are planning to go this year.  Normal con admission is $75, but this year there is a reduced rate of $50 for bulk registration of 6 or more people.  If you are interested in the group rate, please bring your money to the March meeting or get in contact with me to PayPal it.  We have a hotel reserved as well, so if you want to split that cost with us, please discuss with us at the March meeting or again get in contact with me somehow.  The cut-off date for group registration is later this month, and we already have enough people; so decide quickly if you don’t want to pay an extra $25 for admission.

Tags:
Posted in Cincinnati 2600 | 1 Comment »

« Older Entries