Information Security

arping – Backtrack 5 – Information Gathering – Network Analysis – Identify Live Hosts – arping

The arping application is a simple command that will allow you to ping devices by hostname, IP address, or MAC address. The unfortunate part is that most device will not respond to the arp requests, which are directed broadcast ICMP echo requests, though there are some out there that do. I go into more detail below regarding pinging via MAC address by providing an example of the typical output, example output when a MAC address responds to the ICMP echo requests, and details about how to configure hosts to respond to these ICMP echo requests. I also show a couple of the switches available with arping and provide examples of using arping to ping devices by IP and host.

Information Security

genlist – Backtrack – Miscellaneous – Miscellaneous Network – genlist

Clicking on the genlist menu item in Backtrack Linux opens a terminal window and outputs the genlist help menu at the top. Genlist is a Perl script written to provide an easy way to generate a list of live hosts on a network or set of networks so you can then begin analyzing those hosts. All the genlist Perl script does is call nmap with the -sP switch and parse the results so only the live IP addresses are output and as simple as it seems its a handy little tool if you do penetration testing on a regular basis. Below we describe genlist in more detail and show an example of genlist in action.

Information Security

xplico – Backtrack 5 – Information Gathering – Network Analysis – Network Traffic Analysis – xplico

Xplico is a NFAT or Network Forensics Analysis Tool that is designed to either capture traffic in real time sessions or to provide an interface to upload PCAP (Packet Capture Data) files for analysis. The current version in Backtrack Linux 5 release 3 is 0.7 however the latest Xplico version is Xplico 1.0.1. I believe there are some dependencies required in the later versions of Xplico so I will write an updated article once Backtrack 6 comes up and the latest version of Xplico can easily be installed.

Information Security

Backtrack 5: Information Gathering: Network Analysis: Identify Live Hosts: 0trace

I remember being so happy about 0trace when I started to write some Backtrack related articles because even though 0trace is fairly simple it is really useful to locate the full path to devices you are investigating. In the article below I will explain the necessary 0trace input from the command line, what needs to be done to complete a successful trace to a target using 0trace, and provide some example of devices in front of and behind a firewall blocking ICMP or traceroute requests.

Information Security

pfSense IPSec Road Warrior OSX Client And Configuration

If you are not hip to pfSense I suggest you check it out. It is an open source firewall that is making waves in InfoSec. The pfSense guys have a great howto for configuring IPSec VPN on the pfSense firewall as well as making connections via a freeware Windows IPSec VPN client called Shrew Soft which can be read by clicking here. The only item lacking in the article is a recommendation for a Mac OSX client as well as configuration tips for a Mac OSX client which is the sole point of this article. Below is information about where to download a freeware Mac OSX IPSec VPN client and then the necessary configuration to make a connection to the suggested settings noted in the howto of the pfSense web site.