Search My Blog

Saturday, August 28, 2010

A Productively Unproductive Month

So, its been like a month and I have not done a single technical thing. Baby Grayson has been occupying all of my time. (Don't get me wrong, I'm happy and gifted to spend time with him.) Thankfully, he is starting to get into a little bit of a rhythm, so I should be able to get back to my hobbies.

I will note that the new camera we purchased has gotten me interested in photography, a bit. So, I might be splitting my hobby time doing "computer stuff" and maybe some "photography stuff". Maybe I'll enter one of the Fark Farktography Competitions. I guess the "fun" thing about photography is that it gives you a good reason to go outside and do some traveling. :-)

So, we will see, maybe I'll finally get some "free time" in the next week or so. If I do, I will surely post something.....

Wednesday, August 18, 2010

Welcome Baby Grayson

Normally, I post stuff that is "technology based" as I spend a lot of time doing "nerdy stuff." Today, I figured I would talk about something not so....well.... nerdy.

My son, Grayson, was born Aug. 10th weighing in at a hefty 8lb. 7oz.  My life has changed quite a bit since my son’s birth. (Don’t worry… I enjoy the changes). Here are a few insights; I have gleaned over the last week of fatherhood.

Babies are not that fragile – I used to think babies were fragile. I know…it’s a “ridiculous phobia.” I would shy away from holding them because I didn’t want to “break” them. Over the last few years, many of my closest friends have had babies. I have held their kids…but felt uncomfortably nervous. Now that I have my own child, I have had to “face that fear”.  I can happily state that my fear is gone now…and yeah…babies are pretty robust.

Sleep is precious – newborns sleep like 18 hours a day. The 6 hours that are actually awake are spent eating, having their diaper changed, or playing. (Note: Playing at this point is really just them looking around and smiling at stuff.) Unfortunately,   1/3rd of the hours they are awake coincide with the hours you sleep. So, nap when he naps…otherwise you will be exhausted all of the time.
 
Buy an Awesome Camera – We have been taking photos like crazy. Most have turned out great…not because I’m a great photographer…but because we own a semi-pro camera. Let the equipment do the work :-)

Make formula in batches – Babies eat a lot, roughly every 2-3 hours. Mixing formula takes about two minutes.  During those two minutes, it is possible that your baby might be throwing a fit?. This will significantly increase the time it takes you to mix the formula and increase both of your stress loads. So, since you can refrigerate individual portions of formula for 24 hours, avoid the stress… mix enough in the morning to last the day….everyone will be happier.


Dishes and Laundry are a Daily Activity – Before Baby Grayson came along, we probably did dishes and laundry once...maybe twice a week. Now that he is here, we have a bit more stuff to clean. He eats like every 2-3 hours, so he goes through a lot of bottles. Bottles are not an endless supply, so we have to wash them sort of as we go. Otherwise, he will have nothing to eat out of.  Additionally, he dirties a lot of clothes. He probably gets changed like 3 times a day. He also gets changing clothes and other stuff dirty. So, we do a bit more laundry…a bit more frequently.

Lastly, some bodily related observations……

You will get peed on – I don’t know that this is a universal rule. I myself made it like 3 days before getting peed on. After that though…. I probably get peed on once a day. My wife has better luck, or skill… I guess. Basically, don’t let his “fire hose” hang out in the open air for too long… he will start peeing eventually….. on you…or everything around you

The #2 – I’m sure you know what I mean when I say #2. He has a lot of #2’s…… The funny part about them is that they are like a "delayed machine gun." Don’t change the diaper immediately…because like 1 minute into a diaper change… BAM! More #2. It will catch you by surprise…trust me.

Sunday, August 1, 2010

USB Install of Backtrack 4 and other good stuff

So, I decided in "preparation" for our Network Security and Vulnerability after-hours working group, I would setup BackTrack Linux 4 – Penetration Testing Distribution. (Who knows if I'll go this week, seeing as my wife might go into labor this week :-) ) This product is open-source and contains many packages that would be used to do network assessments and penetration testing. I wanted my setup to work on any machine and be highly portable, so I decided I would install it in a 16GB thumb drive.

Note: You can get by with only like 4GB (really 8GB to be safe so you can do all the updates), but those that know me have found, I like to go that extra mile.... :-) After, installing it, I planned on setting up some extra software packages and I hate to run out of space.....and conveniently I had a 16GB SanDisk laying around. After I was done, my ~14GB of space was left with ~6Gb free.

Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/sdb1             14713768   7681148   6285200  55% /

Note 2: This install is for mobile testing purpose to really test and educate one's self you would be best to install a copy on a real VMWare VM with a 40GB disk. I'm not going to go into how to do all that today. I will point you to http://www.offensive-security.com/metasploit-unleashed/ which is a really good tutorial on the MetaSploit framework (part of BackTrack). It will require a 40GB VM to do the whole tutorial.


I have never installed Linux to a thumb drive, so I did some Google searching. That resulted in a few links... most of which were just installing in "Live Boot" mode...which means you lose all changes between every reboot. "Live Mode" has its "upsides" for certain purposes, but I want to keep my stuff around for a while and don't plan on using it in "real on the job" work. The best instruction I found are here
http://www.infosecramblings.com/backtrack/backtrack-4-usbpersistent-changesnessus/
but, this guy wanted you to either have burned the BT-Final.ISO to a CD/DVD, then boot via the CD/DVD, then install to the the thumb drive. I didn't really want to waste a DVD/CD....plus he has A LOT of extra steps (since he wants to keep the multiple boot modes). If you want to do that, then great follow his instructions, they are good.

Here is the quicker way (well assuming you have VMWare or a DVD/CD). I already have VMWare running on my laptop. So, I created a VM with NO hard drive, mounted the BT-Final.ISO to the VM's CD-ROM. Started the VM. The VM will detect you have a thumb drive and you can use it as it's hard drive. (If you don't have VMWare..then you can still do it this way, but you have to burn a CD/DVD and then reboot your real machine with the CD/DVD in the tray.)

So, its all booted up, and you are sitting at the root@bt# prompt. (Default Login: root/toor)

Startup Networking Services

root@bt# /etc/init.d/networking start
This should go though all your interfaces and get them configured (provided DHCP is running on your network)

Start the Installer
root@bt# startx
(Loads the KDE Desktop)
double-click on the install.sh file on the desktop

Then, just click next on the installer screens until you get to (Step 4 of 7) you should be on the "Prepare Disk Space" screen. It should show your USB drive as the only drive available. (If you booted from CD/DVD, it will show your system disk DO NOT PICK THAT DISK, you will over-write your systems OS). Basically, make sure the disk you are installing to matches the same size as your thumb drive.

Also, take note of it "device mapping" should be something like (sda, sdb, sdc...etc). Whichever one is the thumb drive, take note of that. Mine was sda, since I booted from VMWare and it can't see any other drives.

Now, next on the installer screens until you get to (Step 7 of 7)  Click "Advanced" at the bottom of this screen. In the pop-up change the "Boot Loader" to install on "/dev/sda" (or whatever your Thumb Drive was (sda, sdb, sdc..etc)

Ok, this process takes a while. In my case, it took like 35 minutes or so. When done it is time to test the thumb drive. So, shutdown the VMWare box and your whole PC. Leave the thumb drive in (and provided your BIOS is set to boot from the USB) it should boot up off the thumb drive. (If you have VMWare, you can use the PLOP Bootloader ISO to boot the USB drive in a VMWare environment...saving you the trouble of rebooting your whole machine. Just mount the ISO in a VMWare Server CD/DVD drive and start it up.). PLOP Bootmanager can be found here: http://www.plop.at/en/bootmanagerdl.html


Customize the Install


So, login to the system as root and start KDE (startx).

Create a User Accoun
t

We need to create a regular user. Login into a system directly as root is a BAD idea. So, KDE->System->Users and Groups (or in a console window run 'users-admin') This will pull up the GUI and then you can create a user. You could use the command line 'useradd'...but that is no fun.

Now, add that user (in my case 'cpoma') to the /etc/sudoers file
root@bt# visudo
Add the following line:
    # Members of the admin group may gain root privileges
    %admin ALL=(ALL) ALL
    cpoma ALL=(ALL) ALL
You could just add 'cpoma' to the 'admin' group and avoid this step... same effect

NOW.. LOGOUT!!! AND LOGIN AS THE USER YOU JUST CREATED!!!

So, login to the system as 'cpoma' (or whoever) and start KDE (startx). Open a console, then sudo to root, since you have to be root to do the rest of this stuff....: (I know..why not just stay logged in as root. DON'T DO IT. IT IS A BAD SECURITY PRACTICE!)
cpoma@bt:~$ sudo su
Start Network
root@bt:/home/cpoma# /etc/init.d/networking start
Fix Networking to Start Automatically

Ok, this step is optional, but will save you the trouble of starting the networking stuff up manually every time you boot up:
root@bt:/home/cpoma# /usr/sbin/update-rc.d networking defaults
Wireless Card Configuration

Next issue I had was that the wireless card was not being detected correctly by the KDE Network Monitoring components. I checked that it was detected by the OS by looking at my ifconfig and though the use of Kismet. Kismet could see the card and other networks...KDE in general could not. I fixed this by removing..then reinstalling the "Wicd Network Manager"
root@bt:/home/cpoma# apt-get remove wicd
root@bt:/home/cpoma# apt-get install wicd
It will get installed (and probably remove some components) and it show up under the start menu KDE->Internet-> Wicd Network Manager. From there you can click the arrow down icon next to your SSID, click on Advanced, fill in your security info, Apply, check automatically connect to this network, and click connect.

Update/Upgrade the Image

Undoubtedly the image from the BT-Final.ISO will be out of date. So, we need to update the system and upgrade out-of-date installed packages. The upgrade step takes a while. To do this:
root@bt:/home/cpoma# apt-get -y update
root@bt:/home/cpoma# apt-get -y upgrade
root@bt:/home/cpoma# apt-get clean
Update the Pentesting Tools

Offensive Security provides an updater to keep Fast-Track, Metasploit, Aircrack-NG, W3Af, Nikto, Milw0rm Exploits, Kismet-Newcore, and SQLMap current. You need to run fast-track from it's own directory so make sure you CD into the /pentest/exploits/fasttrack directory.

Just run the following and pick the appropriate options in the updater prompts (I chose option 1(Fasttrack update) then option 12 (update everything)):
root@bt:/home/cpoma# cd /pentest/exploits/fasttrack/
root@bt:/pentest/exploits/fasttrack# ./fast-track.py -i
It will complain that you have never run setup during the update, the stuff is already installed, but doesn't hurt to run the setup utility to make FastTrack "happy":

root@bt:/home/cpoma# cd /pentest/exploits/fasttrack/
root@bt:/pentest/exploits/fasttrack# ./setup.py install
Oddly, if you run setup 1st, you will get stuck in a dependance loop and never actually complete setup... wierd.

SSH Setup

By default BackTrack has SSH setup so that the root can login over SSH. Personal Preference: Turn this feature off, login as a regular user and sudo tasks that require it.
root@bt:/home/cpoma# nano /etc/ssh/sshd_config
Change the parameter “PermitRootLogin” to no. It is around line #26

Next issue I had was that the RSA and DSA host keys didn't exist. When you create them leave the "passphrase" blank. So, to make them run:
root@bt:/home/cpoma# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
root@bt:/home/cpoma# ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
Ok, should be all set now, so start it and make it default to started at boot time. It shouldn't print any errors. If you don't want it starting a boot time, skip the second command:
root@bt:/home/cpoma# /etc/init.d/ssh start
root@bt:/home/cpoma# update-rc.d ssh defaults
Upgrade FireFox

Get the latest version of Firefox from Mozilla.org. For me it was 3.6.8. I download the TAR.BZ2 file and installed it.
root@bt:/home/cpoma# tar xvfj firefox-3.6.8.tar.bz2
root@bt:/home/cpoma# mv firefox /usr/lib/firefox-3.6.8
root@bt:/home/cpoma# rm /usr/bin/firefox
root@bt:/home/cpoma# ln -s /usr/lib/firefox-3.6.8/firefox /usr/bin/firefox
For reference the old pointers were:
lrwxrwxrwx 1 root root 11 2010-07-31 12:39 firefox -> firefox-3.0
lrwxrwxrwx 1 root root 32 2010-07-31 12:39 firefox-3.0 -> ../lib/firefox-3.0.15/firefox.sh
Add some Firefox Plug-in/Add-ons

Go to  https://addons.mozilla.org/en-US/firefox/collection/webdeveloper
and update or install enable/disable the following plug-ins:
FireBug (updated, enable)
PixIr (install)
ColorZilla - (install)
TamperData (updated)
ShowIP (install)
GreaseMonkey (updated, leave disabled)
WebDeveloper (install)
FireProxy Standard - (updated, leave disabled)
HackBar (remove)
MeasureIt (install)
Live HTTP Headers (install)
User Agent Switcher (install)
Random Other Browser Plugin Configuration Stuff

I wanted Adobe Flash and Adobe Air. So, I went to Adobe's website and downloaded the .deb files for each of the items. The Firefox NoScript Plugin is ON by default so you will have to enable scripts so the down-loader will work on Adobe's site. To install them, go to the directory you downloaded them to and run:
root@bt:/home/cpoma# dpkg -i install_flash_player_10_linux.deb
root@bt:/home/cpoma# dpkg -i adobe_air.deb
I also went to Pandora and download the Pandora One player (as I am a Pandora Subscriber and want to listen to music while I work). Basically, you download the .air file. Then, install it using the AIR installer: KDE->Utilities->Adobe AIR Application Installer

Install OpenOffice Office
I would like to use something better than a basic text editor, so I'm going to install OpenOffice. You don't have to do this, but it will be a lot nicer to have this than some random text editor.

This step didn't go so well. In hindsight, you should probably have just run the 'synaptic' installer and it would have probably grabbed everything correctly. I chose to go to OpenOffice.org and download it directly and just install it from the TAR file. It didn't work completely correctly. But, I did get it to work. So, you should probably just run KDE->System->Synaptic Package Manager..... but here is the convoluted set of steps I ended up performing....

Download TAR of the DEB Files directly then:
root@bt:/home/cpoma# tar -xzvf OOo_3.2.1_Linux_x86_install-deb_en-US.tar.gz
root@bt:/home/cpoma#cd OOO320_m18_native_packed-1_en-US.9502/DEBS
root@bt:/home/cpoma/OOO320_m18_native_packed-1_en-US.9502/DEBS# dpkg -i *.deb
root@bt:/home/cpoma/OOO320_m18_native_packed-1_en-US.9502/DEBS# cd desktop-integration
root@bt:/home/cpoma/OOO320_m18_native_packed-1_en-US.9502/DEBS/desktop-integration# dpkg -i *.deb
So, after all that it didn't work..... :-( No worries. Lets see if the GUI installer can help :-)
root@bt:/home/cpoma# synaptic
(will open the Synaptic GUI Software Configuration)

Search for openoffice.org  I get a list of a whole bunch of stuff, but notice while scrolling, that it has installed the OpenOffice parts I downloaded. However, there is a top level OpenOffice Suite, that is not installed, also it is missing the English Help and Thesaurus. So, I check them off and click "apply" in that top bar. It says, it will remove the "desktop customization menus" I installed above, and it needs to download like 41 things. Ok... can't hurt. Install.

At this point it was still not showing up in the menus.... OK, I'll just add the program group to the menu manually, I know the parts are all installed. So, right-click on the "KDE" tray icon, "Edit the Menu", and manually add the items. The run commands for the various parts of OpenOffice are the following and should each be an icon:
ooffice -writer %U
ooffice -calc %U
ooffice -math %U
ooffice -impress %U
ooffice -draw %U
Install Nessus

The Nessus vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs and across physically separate networks. Nessus can be obtained from Tenable Network Security at http://www.nessus.org/download/ Both the Client and Server are part of the .DEB a  single package as of version 4.2.
root@bt:/home/cpoma# dpkg -i Nessus-4.2.2-ubuntu810_i386.deb
Side Note: A Podcast with some of the guys from Tenable Network Security see PaulDotCom Security Weekly (http://pauldotcom.com/security-weekly/)

Ok, so to finish this up, we need to create a Nessus Admin user. Make his rules set EMPTY when asked:
root@bt:/home/cpoma# /opt/nessus/sbin/nessus-adduser
Now, in order for it to work properly, we need to register it by going to:
http://www.tenablesecurity.com/plugins/index.php?view=register
Register and get a key for home-use. It will be emailed to you. After you get it:
root@bt:/home/cpoma# /opt/nessus/bin/nessus-fetch --register [CODE HERE FROM EMAIL]
Lastly, it takes a little while for the Nessus Scanner to actually start (Like 10 minutes). So, to prevent it from slowing our boot, we will make sure it doesn't start at boot.
root@bt:/home/cpoma# /usr/sbin/update-rc.d -f nessusd remove
You can start it by-hand by running:
root@bt:/home/cpoma# /etc/init.d/nessusd start
It runs on port 8834. It will take a minute or two to fully start up. To check its progress run:
root@bt:/home/cpoma# netstat -napt
 Once the scanner starts, you can login to it at: https://localhost:8834/

And we are finally done. Well, at least with the stuff I felt like configuring today.