Information Security

dnschef – Backtrack – Privilege Escalation – Spoofing Attacks – Network Spoofing – dnschef

If you want to spoof some DNS requests then dnschef is the tool to do it. I can never get enough of redirecting innocent Internet surfers to random locations. The main key for dnschef to be extremely useful is the fact that you will have to somehow get the traffic to the Backtrack Linux server running dnschef which could be done by gaining access and modifying DNS entries on a single server or by poisoning the real DNS server on a network. Below we show a couple examples of dnschef in action but overall it is really easy to use and the hard part will be figuring out the method you use to get the DNS (Domain Name Server) traffic to the Backtrack server running dnschef.

Technology Insights

Linux Create Fake Ethernet Interface

There could be numerous reasons to create a fake Ethernet interface on a Linux server though I have heard that people might do so to get around licensing of software that is tied to the MAC address of a specific Ethernet port. You really just enable a dummy Ethernet interface and assign the MAC address to it which is explain in more detail below. The easiest way to do this is to simply assign a MAC address to an Ethernet interface you are not using on your server where the drivers have already been installed automatically. If you do not have a spare Ethernet interface then the instructions below will assist you to accomplish your goal.

Technology Insights

List Of Ubuntu snort debconf Variables

I find myself on a regular basis looking for various debconf variables to set before installing packages on Ubuntu. This is typically to not have to type in the answers on the various configuration screens or because I want to script an install of some package. If the package has never been installed before on that specific server then the debconf variables will not display. You can always login to another server where the package is installed to see the variables but I am going to start posting information for common packages here so others can easily find them when searching.

Information Security

0trace Error In Backtrack 5: 0trace.sh Probe Rejected By Target

Previously I wrote a brief article on 0trace in Backtrack 4 which can be located here however in the process of writing an updated article for Backtrack 5 I noticed that 0trace was no longer working. Every single time I would attempt to run an accurate trace through a firewall the results would come back empty and display “Probe rejected by target.” At first I was thinking maybe companies have really tightened down their firewalls however that didn’t make any sense because of how 0trace works using a standard port such as port 80 to allow traffic to pass because the servers function is to serve web pages. Below I describe the error in more detail and how you can resolve it.

Technology Insights

How To Find Out the Link Speed of Your Interface on Mac OSX 10.6

Alex and I rewired our entire network the other day with cat 6 cable and new gigabit switches. Once we got it all set up we decided to do some testing. One of the tests we ran was transfer speeds from our file server to our laptops. We were trying to determine the network linkspeed when all of a sudden I realized that I had no idea how to do this on my mac. We decided to figure it out, and when we did, we of course wrote a article to help every one else. Below I will outline the simple steps to view your link speed in Mac OSX.