This summer a couple of my friends and I attended DEF CON, a security conference in Las Vegas. We stayed at the Rio where the conference was being held. Unfortunately the Rio charges $15 for 24hours of Wireless access and obviously we didn’t each want to spend $60 for Internet. Since we were at a hacker gathering we decided to circumvent the system.
For those of you who don’t know every networked device in the world contains a unique MAC (Media Access Control) address which identifies the manufacturer and has a random component on the end. Some networks, like hotel wireless, grant access to your device if your MAC address is located in their database which is called a CAM table. Once you pay for access your MAC is inserted into the table for the specified amount of time. This is very annoying and presents two problems. One, we would rather not pay for network access and two, we have multiple devices that want to access the Internet all at once.
I’ll start with the first problem. In this particular case once you join the network you connect and receive an IP address on the network. You are allowed to ping other devices connected, paid or not. You can also ping websites. Iodine can come in handy if DNS resolution is allowed and there are no paid clients on the network but that is a little out-of-scope of this article (In other words, Google it, bitch (This is the DEF CON talking…)). Anyways, you are on the network but your MAC address is not authorized for wireless. In this scenario we can scan the network range for connected hosts and copy down their MAC addresses. If you are using Linux it’s simple enough to use MAC changer to spoof your unique ID to match the paid user.
ifconfig (interface) down
macchanger --mac 00:11:22:33:44:55 (interface)
ifconfig (interface) up
Now onto problem two. What if you have multiple devices looking for access and they don’t run Linux? In our case we used a router running DD-WRT in client mode. Using the same method to obtain a MAC address as before we switched it with the one located in the router configuration. After that we created a virtual secondary wireless interface on the router so we could connect but you could also just plug in. This method allowed all of our devices out to the Internet because some poor Apple user paid for the service. If we lost access, we simply started the process over and obtained a new MAC address.
I plan on eventually writing a more in-depth guide to the DD-WRT setup but in the meantime if you have any questions throw them in the comments.
Like every “computer guy” knows if your family and relatives know you’re into computers you automatically become their go to person when someone goes wrong. Don’t get me wrong, I really don’t mind this. In this case I thought I could share how I fixed my brother’s fiance’s laptop. Twice now on boot it has come up with this message:
Status: 0xc0000428. Info: Windows cannot verify the digital signature of this file c:\windows\system32\winload.exe
After some Googling and messing around with it for a bit, I found the fix.
1. Boot with Windows 7 Install CD
2. Select Repair your computer
3. Choose Command prompt
In the black window type:
4. bootrec /fixmbr and hit Enter
Then,
5. bootrec /fixboot and hit Enter
6. Restart the computer
7. Remove the Windows disk
At the beginning of this I mentioned this was the second time her computer came up with the Digital Signature issue. It ended up still being infected by some virus. Microsoft System Sweeper and Malwarebytes were able to clean it up the rest of the way. If it happens again I’ll wipe the laptop and re-install Windows.
Check out the gallery for pictures of some of the steps.
At work this weekend we were moving racks at our Co-location. We were getting away from a shared full rack and moving into our own half rack. Everything was going great until we got to the Cisco Servers. The first problem was the rails wouldn’t shrink enough to clip in properly. So…we removed the UPS and the SAN then extended out the back plates. After putting everything back in and clipping in the Cisco rails we found the door wouldn’t close because the stupid rails were too long. There was a metal piece on the end that was riveted in and with a little force we broke it off.
Sadly once we got to the other side the problem still existed and we couldn’t just snap off the piece. We put in a Dell SAN and server, UPS, IBM server, and the two Cisco servers. The Cisco ‘fails’ were the only ones that didn’t fit. So now they are just resting in there until we take some kind of saw to the rails.
Check out the pictures to see what I’m talking about.
As a young network technician I seem to run into a lot of servers with a C and D drive separated on a single RAID. We are constantly running into low disk space problems because the, now old guys, never thought Windows Server 2003 would use more than 20GB…
Well a few weeks ago I was handed a project to resize the server drives. Easy enough. Pop in Gparted shrink the D drive 10GB and expand the C. No problem, I’ve done it many time before. This time was different… After rebooting the server I was presented a black screen. “A disk read error occurred | press ctrl+alt+del to continue”. Pretty quickly I started to panic. Booting back into Gparted showed two drives separated properly with the correct usage information. Alright good. I started to calm down a little bit and threw in a Server 2003 disk with the IBM RAID drivers slipped streamed. After a lengthy Chkdsk /R rebooting presented the same message. Back to the recovery console. Fixmbr and Fixboot still no change.
It’s starting to get late. I was planning on being gone hours before this point. Deciding what to do next with a couple of my co-workers Skyping with me. I boot back into Gparted and run the built in repair tool. After rebooting the server told me the, “Operating system could not be found”. Finally some good news. I jump back into the recovery console and attempt Fixboot and Fixmbr but still get nowhere. We find a promising forum post about Gparted overlapping partitions and deleting the D drive would allow the server to boot. I really didn’t want to have to do this so I spaced the drives out and let the data move run over night, finally leaving at 11:30PM after starting my day at 8:00AM.
On my way home I started thinking what can I do now… if the partition move doesn’t work I need another plan tomorrow which by the way is Saturday and typically my day off. I decided I wanted a great backup.
The next morning I booted up Coldclone and start the process. 12% into it I realize my drive was plugged into a USB 1.0 port and this was going to take all day. I stopped it and started transferring the image to my laptop over the network. Thankfully this server wasn’t very big. Hours later still I pull up the VMDK file in VMplayer and it starts booting. Windows politely asks to Chkdsk D and I let it get started. Very promising, yesterday the Recovery Console wouldn’t even let me attempt to Chkdsk D. As that’s going I boot back into Gparted and load up Testdisk which I just read about the night before. After a long partition scan it finds some interesting things. It shows three records for the C drive, two for the D drive, and one for the blank space I made between the two. I set the correct entry for the C drive as primary boot and the D drive that doesn’t overlap as primary. After writing the partition table I rebooted the server one more time.
I’ve never been so happy! The physical server started booting and running a Chkdsk on D. I now had two great options for recovery. The server took a while but finally came up and was running great. Both drives showed no errors.
So the moral of the story. Testdisk is awesome, always have good backups, and stop splitting RAIDs up in such a dumb way. Oh, I also work with a great group of guys.
Recently I was looking around for the perfect remote to complement my home theater PC. There were a few good remotes and out of all of them my favorite was the Logitech diNovo Minibut it was kind of pricey. Then I came across the Boxee Remote which was over $80 cheaper than the Logitech. I also decided I liked the design a bit better. There was a lot of hype around this remote before Boxee was released and it was great seeing it being sold separately.One of the most unique features of the Boxee Remote is the fact it is two sided. On the top it gives you the ability to easily choose what to play and the ability to adjust volume. The bottom provides you with a Qwerty keyboard.Using the remote is very straight forward. It comes with a small USB dongle that Windows automatically picks up the drivers and it’s ready to go in seconds. I run Boxee on my HTPC so obviously the remote is compatible with it. Sadly I don’t know if it will be fully compatible with other software out there but I assume most of the features would work because it’s essentially a tiny keyboard.
My only complaint is the fact they made the top of the remote glossy since it will show finger prints and scratches easier. The underside is much nicer as matte black which will look cleaner, longer.
Bottom line is this is a great remote for any home theater setup and I recommend picking it up.
This summer I decided to pick up mountain biking. When I was younger we used to enjoy playing cops and robbers around the camp ground. Now years later I decided to pick up another bike and get back to riding. I picked up a 26″ Specialized Hardrock which is one of the entry level bikes from Specialized. I got a great deal by buying the 2010 model they were clearing out to make room.
A couple months ago I started getting back in shape by riding around on the streets and exploring some local sub-developments I haven’t been down before. That was great for a while but I started to get bored when I saw the same thing over and over. I decided I was up for the challenge and headed out to the local state park. Yankee Springs mountain bike trail was the most fun I’ve had outside in awhile. Every minute was thrilling and we didn’t know what we would come up against next. The 13 miles course provided a large variety of terrain and challenges. When we got to the end we were beat and it felt like a great accomplishment. While loading our bikes I was already looking forward to next time and it’s all I thought about during the week.
It’s been a few months since I started riding and about four trips out to Yankee. I’m still coming across things I don’t recognize while going faster and faster. Check out some pictures below, they don’t really do the sport justice. If you’re looking to get away from the computer I highly recommend picking up a mountain bike.
So today I had the ‘pleasure’ of doing some work on a Windows 2000 server. It was low on disk space and had some other issues. Back in the day, the now old, guys always thought it was a good idea to split the partitions. They would give the C drive a measly 5GB because no one would use that, right? Then the rest was given to the D drive where everything was stored. In this case Vipre was using 1.6GB for the definition files on the C drive…almost half of it. While doing some cleanup and file removal I came across this in the control panel.
That’s right, Java sitting there giving me the finger. I don’t want to hear you tell me, “No. That’s a thumbs up”. I think it’s been Java’s plan since Windows 2000 to create holes and other problems for people to exploit on our systems. They were just more blunt about it back in the day.
This summer I’m taking a couple of classes and one of them is a Security Class. Since its a condensed course there is an online aspect and the first week it involved watching a Def Con presentation. Awesome class, right? Who wouldn’t want to watch a great presentation without the class room requirements?
In the video Johnny Long, a ninja hacker, does a great job showing how flawed secure systems can be. Social engineering is one of my favorite types of “hacking” since it usually comes with a fantastic story attached to it. At the start of the presentation Johnny has the crowd guess on peoples status, where they work, and what they like just by looking at a few pictures. He goes on to talk about how easily badges can fool people and get access to areas you don’t belong. At the end of the presentation he talks about shoulder surfing and has a video of him getting the access code to a secure area at an airport just by sitting near a door.
Anyways you can check out Johnny Long’s “No-Tech” hacking video below:
It’s funny how instead of finishing my assignment for class I’m here writing blog posts…
Recently I decided to purchase a Drobo FS. In the past my storage has been multiple Western Digital external hard drives. While they have worked great an external drive provides no data redundancy or protection. So when I do something awesome like pull it off the back of my desk, I’m out of luck and I’ve lost lots of data. This is where the Drobo comes in handy. The model I purchased, the Drobo FS (stands for file share), is connected to my network so I can access it from anywhere in my house. If I choose to setup accounts my brother and parents can access it too. There are also other models that include USB or firewire which might be preferred in some situations. A Drobo provides you with RAID 5 redundancy out of the box which means when a hard drive fails due to a mechanical error the extra drive kicks in to allowing you time to pop in a new drive and rebuild the array.
Well, Drobo promises that my data will be safe and it looks great sitting on top of my entertainment cabinet. Was it really worth the cost?
Someone posted this on Facebook the other day and I just had to share it. Check out this rally driver and his Mitsubishi Evolution. Cars have come a long way in handling and control. I don’t want to give the video away so watch it for your self.
You can check out more Rally action over at Rally On.
This summer a couple of my friends and I attended DEF CON, a security conference in Las Vegas. We stayed at the Rio where the conference was being held. Unfortunately the Rio charges $15 for 24hours of Wireless access and obviously we didn’t each want to spend $60 for Internet. Since we were at a hacker gathering we decided to circumvent the system.
but it was kind of pricey. Then I came across the Boxee Remote which was over $80 cheaper than the Logitech. I also decided I liked the design a bit better. There was a lot of hype around this remote before Boxee was released and it was great seeing it being sold separately.One of the most unique features of the Boxee Remote is the fact it is two sided. On the top it gives you the ability to easily choose what to play and the ability to adjust volume. The bottom provides you with a Qwerty keyboard.Using the remote is very straight forward. It comes with a small USB dongle that Windows automatically picks up the drivers and it’s ready to go in seconds. I run Boxee on my HTPC so obviously the remote is compatible with it. Sadly I don’t know if it will be fully compatible with other software out there but I assume most of the features would work because it’s essentially a tiny keyboard.
