Hey Guys,
We are officially moved to the new website http://learnnetsec.com/ !
Join us over there. I Have imported all of the posts and comments from here to there!
Let me know what you think about the new sites! I appreciate the feedback!
Cya there!
Friday, June 14, 2013
Thursday, June 13, 2013
Updates: New Stuff!
Hey Guys,
So, I have decided to bite the bullet and buy a real Domain Name! www.LearnNetSec.com - was purchased today with some help from our ad's on the site and on youtube. This site here @blogspot will remain in use as we make a transition to the dedicated domain. I decided to do the dedicated domain so I can have more control over the overall website and blog content. I may also create a forum there for you guys to hang out, discuss, etc. I'd also like to get an IRC channel going but that is a lot of management (had one some years ago).
The second thing that is new, is that I finally joined us to Twitter today! I think twitter is a better avenue to give you guys updates than having to not only post it here, then facebook, and youtube. I have twitter linked with Youtube, so when new videos are uploaded I can quickly share them to twitter as well. So head on over to our Twitter Account HERE and follow us for news, and updates there as well as the blog here.
I am also proud to announce that we have reached 100 subscribers to Youtube! Saturday the 15th will mark the first 30 day mark since this project was created. We have 8 videos on Youtube, so on the average that is 2 new videos a week! It's hard work, but It's totally worth it if you guys enjoy them and learn from the series. And by the looks of things, it seems you guys do!
So, a HUGE THANK YOU to everyone who has contributed to growing this project with me. If it weren't for you, we wouldn't be here at all!
Here's to the future! You guys Rock!
So, I have decided to bite the bullet and buy a real Domain Name! www.LearnNetSec.com - was purchased today with some help from our ad's on the site and on youtube. This site here @blogspot will remain in use as we make a transition to the dedicated domain. I decided to do the dedicated domain so I can have more control over the overall website and blog content. I may also create a forum there for you guys to hang out, discuss, etc. I'd also like to get an IRC channel going but that is a lot of management (had one some years ago).
The second thing that is new, is that I finally joined us to Twitter today! I think twitter is a better avenue to give you guys updates than having to not only post it here, then facebook, and youtube. I have twitter linked with Youtube, so when new videos are uploaded I can quickly share them to twitter as well. So head on over to our Twitter Account HERE and follow us for news, and updates there as well as the blog here.
I am also proud to announce that we have reached 100 subscribers to Youtube! Saturday the 15th will mark the first 30 day mark since this project was created. We have 8 videos on Youtube, so on the average that is 2 new videos a week! It's hard work, but It's totally worth it if you guys enjoy them and learn from the series. And by the looks of things, it seems you guys do!
So, a HUGE THANK YOU to everyone who has contributed to growing this project with me. If it weren't for you, we wouldn't be here at all!
Here's to the future! You guys Rock!
Updates: Next Week
Starting Next Week:
I am going to begin compiling the data for the presentation on "Phases of NetSec" which will discuss all of the details, steps, etc in Network Security Auditing and Penetration Testing. So far it's 13 slides of just talking points, so there is a lot of ground to cover.
I am trying to figure out how to Produce the Video. Meaning it's obviously going to have to be done in parts since there is so much information to cover.
While I am working on that, don't forget to check out the newest video:
Tor-Buddy Script Demo Tor + Proxychains + Anonymous DNS:
https://www.youtube.com/watch?v=AedFlLSmJf8
Tor-Buddy Script Demo Tor + Proxychains + Anonymous DNS:
https://www.youtube.com/watch?v=AedFlLSmJf8
I will still be making Quick Vids based on your guys input on what you would like to learn in the interim. We have had 2 requests so far, 1 for nmap and one for VM-tools for kali linux. nmap will be included in the next video set: "Phases of NetSec".
Remember, please don't forget to like and share our videos, Facebook, and of course this very blog with all of your friends, family, and co-workers! Our presence on the web has been growing steadily, and that is great! The more people interested, the more creative I can be!
Thanks Guys! See you in the next Video!
Wednesday, June 12, 2013
Tor-Buddy Live
New Script: Tor Buddy! Now Live!
Available in our downloads section HERE
Demo Video:
Don't forget to Like, Subscribe, and Share!
Tuesday, June 11, 2013
Updated OpenVAS-6 OpenVAS EZ Startup Script
Updated OpenVAS-6 OpenVAS EZ Startup Script
I have updated the OpenVAS-6 EZ Setup script located HERE to include not only the startup script I wrote but also the Check-Setup script provided by OpenVAS for debugging purposes. I decided to do this to help users who are having difficulty getting it setup or running.
I am also working on the ToR auto script tonight as mentioned in the video "Installing and Configuring ToR + Proxychains as seen HERE so Stay tuned for that script and a video showing it's usages :-)
Enjoy! And Stay Tuned!
What's Up Next?
Hey Guys,
As I am sure most of you have already seen, I uploaded what was intended to be a new Video Intro last night that turned out to be more of a Trailer of what is to come in the next few videos. That Video is HERE in case you missed it.
We will be discussing the "Meat and Potatoes" of actually Hacking. Finally! But, it's way to much information to stuff in one video, even my infamous 45+ minute videos. We will start with an overview of what we are going to learn via Presentation slides and explaining each and every topic. Then we will move on to actually Hacking the Network. Explaining what to use, how, why, where, and when in great detail, as always. This is why it must be a multi-part video. We have a lot to cover!
Moving forward from that, we are going to go into Advanced Techniques, such as firewall/IDS/IPS evasion tactics, Packet Analysis, Reporting, Etc.
I will also be making a few videos in the interim, like, Building a real Virtual Lab using ProxMox (Free), Different types of attacks, like MITM, etc.
So Stay Tuned Guys! It's about to get really interesting!
As I am sure most of you have already seen, I uploaded what was intended to be a new Video Intro last night that turned out to be more of a Trailer of what is to come in the next few videos. That Video is HERE in case you missed it.
We will be discussing the "Meat and Potatoes" of actually Hacking. Finally! But, it's way to much information to stuff in one video, even my infamous 45+ minute videos. We will start with an overview of what we are going to learn via Presentation slides and explaining each and every topic. Then we will move on to actually Hacking the Network. Explaining what to use, how, why, where, and when in great detail, as always. This is why it must be a multi-part video. We have a lot to cover!
Moving forward from that, we are going to go into Advanced Techniques, such as firewall/IDS/IPS evasion tactics, Packet Analysis, Reporting, Etc.
I will also be making a few videos in the interim, like, Building a real Virtual Lab using ProxMox (Free), Different types of attacks, like MITM, etc.
So Stay Tuned Guys! It's about to get really interesting!
Update: New Intro
The New Video Intro:
Okay, Okay, so the new intro really didn't turn out to be a 3 minute or less intro like I planned, however it came out pretty awesome as a Trailer of things to come in the next few videos. It's basically me beating up some boxes on the LAN :-) Video link to follow post upload!
I do still think that the very beginning of the Trailer video has potential to be good footage for an intro to new videos. I just need to edit the intro start song to be 30 seconds but still sound good! I think I can, I think I can!
Rendering video now, and uploading soon!
Monday, June 10, 2013
It's Monday!
Hey Guys,
Hope you enjoyed your weekend. I apologize for making a post so late in the day, but, well, it's Manic Monday here!
The day is un-winding now. I am hoping to get the new intro done today/tonight. Then I want to move onto getting my virtual lab finished so we can resume Hacking the machines in there on the videos. I am going to redo the lab, because I want to further segment it, and put a Virtual Router/Firewall in place to simulate real world excersizes on how to perform firewall evasion.
I will also do a video on setting up your own Virtual Lab as has been requested by one of our members!
I am also thinking of creating a forum where we can ask questions, get help, etc. This idea I am not sure about quite yet.
Enough out of me! Back to work! :-)
EDIT:
I think what we are going to do is save the Virtual Firewall for the Advanced Video Tutorials.
I really want to get into showing you guys some examples of hacking machines. Then we will do a Virtual Lab setup, and then I will re-do the lab and setup the virtual firewall, fire it up on a Public IP, and show advanced techniques in terms of firewall evasion, etc.
Hope you enjoyed your weekend. I apologize for making a post so late in the day, but, well, it's Manic Monday here!
The day is un-winding now. I am hoping to get the new intro done today/tonight. Then I want to move onto getting my virtual lab finished so we can resume Hacking the machines in there on the videos. I am going to redo the lab, because I want to further segment it, and put a Virtual Router/Firewall in place to simulate real world excersizes on how to perform firewall evasion.
I will also do a video on setting up your own Virtual Lab as has been requested by one of our members!
I am also thinking of creating a forum where we can ask questions, get help, etc. This idea I am not sure about quite yet.
Enough out of me! Back to work! :-)
EDIT:
I think what we are going to do is save the Virtual Firewall for the Advanced Video Tutorials.
I really want to get into showing you guys some examples of hacking machines. Then we will do a Virtual Lab setup, and then I will re-do the lab and setup the virtual firewall, fire it up on a Public IP, and show advanced techniques in terms of firewall evasion, etc.
Sunday, June 9, 2013
New Video Intro
Hey Guys,
I am working on a new Intro to our videos. I find as I am becoming better with Video Editing, that the default intro is kinda boring. I am hoping that tomorrow I can get Win2k3 server installed on the VM server. Also, I need to reinstall win7 because somehow it decided to BSOD with the network config, Not even sure why, but that is MSFT windows for you. All of my UNIX/Linux VM's are chugging right along without a hitch. This is why I love linux!
Anyways it's Sunday and I am going to take the day to relax, it was a rough week! Of course though, my brain never shuts off, so I will be doing some reading on Techie stuff, etc LOL.
Enjoy the rest of your weekend. I will see you all tomorrow, and hopefully I can respond to any questions/emails in a timely fashion for the rest of today.
Also, again, Thanks for the feedback, and questions/suggestions you guys have provided so far! It really goes a long way for me to see people interacting and even helping each other on the comments! Our youtube channel now has 67 Subscribers so far! Not bad for under a month of the sites and videos being active (started this on May 15th). I have you guys to Thank for the fast growth of this project, so Thank You!
As always keep sharing our pages, videos, blog, etc. Thanks!
I am working on a new Intro to our videos. I find as I am becoming better with Video Editing, that the default intro is kinda boring. I am hoping that tomorrow I can get Win2k3 server installed on the VM server. Also, I need to reinstall win7 because somehow it decided to BSOD with the network config, Not even sure why, but that is MSFT windows for you. All of my UNIX/Linux VM's are chugging right along without a hitch. This is why I love linux!
Anyways it's Sunday and I am going to take the day to relax, it was a rough week! Of course though, my brain never shuts off, so I will be doing some reading on Techie stuff, etc LOL.
Enjoy the rest of your weekend. I will see you all tomorrow, and hopefully I can respond to any questions/emails in a timely fashion for the rest of today.
Also, again, Thanks for the feedback, and questions/suggestions you guys have provided so far! It really goes a long way for me to see people interacting and even helping each other on the comments! Our youtube channel now has 67 Subscribers so far! Not bad for under a month of the sites and videos being active (started this on May 15th). I have you guys to Thank for the fast growth of this project, so Thank You!
As always keep sharing our pages, videos, blog, etc. Thanks!
Saturday, June 8, 2013
Happy Saturday!
Hey Guys,
I hope you are enjoying your weekend so far! On Monday I am going to move forward with getting the rest of the Virtual Machines created and configured. I Have ran into a few snags, and that is to be expected since I have never used ProxMox to host VM's before. Since I am lacking the proper hardware to make windows play nicely in ProxMox, it's a bit challenging. I will however press on.
In the meantime, keep reading, and learning.
Do you guys have any suggestions for future videos? Let me know!
And as always Thank You for your feedback, and support! Keep sharing the videos, and our YouTube, facebook, and blog pages!
I hope you are enjoying your weekend so far! On Monday I am going to move forward with getting the rest of the Virtual Machines created and configured. I Have ran into a few snags, and that is to be expected since I have never used ProxMox to host VM's before. Since I am lacking the proper hardware to make windows play nicely in ProxMox, it's a bit challenging. I will however press on.
In the meantime, keep reading, and learning.
Do you guys have any suggestions for future videos? Let me know!
And as always Thank You for your feedback, and support! Keep sharing the videos, and our YouTube, facebook, and blog pages!
Friday, June 7, 2013
Good Morning Good People!
I am going to be out in the field today. I will do my very best to answer any questions you guys may have from my phone.
I hope you guys enjoyed the latest video on ToR and Proxy chains I did yesterday. Please keep spreading the word, Thumbs up the videos, share them, and our facebook page. Thank You!
Enjoy your day!
I hope you guys enjoyed the latest video on ToR and Proxy chains I did yesterday. Please keep spreading the word, Thumbs up the videos, share them, and our facebook page. Thank You!
Enjoy your day!
Thursday, June 6, 2013
New Video: Installing, and Configuring ToR Proxy with Proxychains + Exmaples
New Video: Installing, and Configuring ToR Proxy with Proxychains + Exmaples
Enjoy!
Not So Anonymous
First, let me start off by saying in no way to I condone nor condemn Anonymous in any way, shape, or form. That being said;
We have all heard about the Hactivist group Anonymous. And over the last few years many of them have been caught. Reason? They lack the common sense and ability to properly protect their identity, while conducting their "missions". Don't get me wrong, I have nothing against Anonymous, and that is not the point of this thread, however I will say that the main issue with Anonymous is the lack of properly providing information to their "Collective" members on how to properly disguise their identity when carrying out there attacks. Sure, they make it really easy for any kid with a PC to fire up an app and hack a server/machine, but doing so with no realization that they will likely be caught.
Sure, the Federal Government have a lot more tools up their sleeves these days in comparison to the days of people like Kevin Mitnik, etc., but for every action there is an equal reaction. And sure, proxies no matter they type are no longer the safest way of disguising your identity due to servers that log inbound proxy connections, DNS leaks, etc. However, that being said, there are ways around that too, to which I will not disclose here, nor will I entertain how it works.
The truth is, there have been "Hactivist Groups" around for ages, it's nothing new. But Anonymous has grown in leaps and bounds, and that is something we as netsec professionals should be concerned about; After all we are paid to prevent attacks, and find them before the bad guys do, right? But the ones that must harbor the fear of Anonymous are the ones that have something to hide. I Know there are rouge Anonymous members that don't abide by the creed of the group. And the only reasons that exists is because of the lack of management of Anonymous members. Imagine if Anonymous had an organizational structure? The world at large would be digitally doomed.
The reason I brought this up is because of this story here: http://gawker.com/the-fbi-raided-steubenville-anonymous-guys-house-here-511634071
Again, I do not Condone or Condemn Anonymous and their actions. We are here to train network security professionals, as spoken of in our disclaimers. Should you choose to use the information we provide for illegal purposes, we hold no responsibility or liability for your actions. We are simply a means and source of information for people seeking a Professional Career in Network Security.
The Next Video
Hey Guys! - New Video Coming!
The next video I am going to do is going to cover using ToR with Proxychains to tunnel your connections for applications over a proxy, without leaking your DNS!
The end of the week is usually crazy for me. I hope to have this done by Monday the latest!
Also, I have been really impressed with how fast this NetSecNow concept is taking off and growing! You guys are all awesome! Thank you very much for helping us grow and succeed! Please, keep spreading the word, sharing the videos, blog, facebook with your friends and co-workers, it helps a lot! I appreciate all feedback, good, bad, or otherwise! So Thank You for that!
And as always, Stay Tuned!
Wednesday, June 5, 2013
New Video: Setting up and Configuring Metasploit + Armitage and More!
New Video! First Look at Metasploit + Armitage!
Guys! It's finally done! The video on Setting up, Configuring and using Metasploit + Armitage, a look at nmap and zenmap. Also, discussion about up and coming videos!
Update: Video
I put together a video looking at an intro to setting up and configuring Metasploit + Armitage, as it will be needed for our next demonstration video. Also a quick look at nmap and zenmap! It's rendering now (takes about an hour or so) and once it's uploaded to Youtube, I will make a new post about it!
Stay Tuned!
Stay Tuned!
Round 3!
Good Morning,
Okay, so I am going to try this for the 3rd time! I am turning off the ringers on all of the office phones, cell phone, etc.
The video I want to produce today will be about the different phases of Network Security from a Professionals point of view.
I have most of the labs VM machines going, except win2k, as my old install media is messed up and will not work :(. Which is ok, because most of what we will be going over will apply to any machine that is windows based. I am going to fire in a few Linux based machines also, just to give us some more variety.
There is one thing to keep in mind guys; No audit is always successful, and you may not find anything worthwhile. Nothing is 100% guaranteed to succeed!
The video I may wind up producing before we get into this process may very well be setting up Metasploit Framework + Armitage. The only thing holding me back is that I have already went ahead and registered my community version of Metasploit, so I could get the most important updates for vulns. I need to find a way to reverse that so I can show you guys how to do this from scratch!
After that quick video, we will now have most of our more commonly used tools that need configuring setup, so we can dive into the meaty stuff, like actually doing some pentests on the lab! - Finally!
Operation: Get things in order - engaged!
Okay, so I am going to try this for the 3rd time! I am turning off the ringers on all of the office phones, cell phone, etc.
The video I want to produce today will be about the different phases of Network Security from a Professionals point of view.
I have most of the labs VM machines going, except win2k, as my old install media is messed up and will not work :(. Which is ok, because most of what we will be going over will apply to any machine that is windows based. I am going to fire in a few Linux based machines also, just to give us some more variety.
There is one thing to keep in mind guys; No audit is always successful, and you may not find anything worthwhile. Nothing is 100% guaranteed to succeed!
The video I may wind up producing before we get into this process may very well be setting up Metasploit Framework + Armitage. The only thing holding me back is that I have already went ahead and registered my community version of Metasploit, so I could get the most important updates for vulns. I need to find a way to reverse that so I can show you guys how to do this from scratch!
After that quick video, we will now have most of our more commonly used tools that need configuring setup, so we can dive into the meaty stuff, like actually doing some pentests on the lab! - Finally!
Operation: Get things in order - engaged!
Tuesday, June 4, 2013
Called away...
Right in the middle of the tutorial, phone rings. Incident response call. Will get back on the track first thing tomorrow, sorry guys! Such is the life of a netsec professional.
Im really excited about this next video. Looking at the phases of an audit. Presentation plus demo!
Good Morning Fellow Hackers of the World!
Good Morning Guys and Gals,
I am still setting up VM's in ProxMox so we can do a full on Tutorial on that. It may take a few more hours to get them all installed.
For now, we will be working with Windows 7 Ultimate, Windows XP Pro, Windows 2000 Pro, and windows 2000 advanced server. I Know what you are probably thinking "Windows 2000?! Who still uses that?!?!" but you would be surprised. A lot of manufacturers still use it because their old proprietary machinist software runs on that platform.
Using windows 7, I want to bring you into the realm of newer OS platforms that are still in wide use, due to the lack of adaptation of windows 8 in corporate environments. Most of the Vulns' and Exploits for win7 can also be applied to win2k8 server, so for the time being, in lieu of a legit copy of win2k8, we will go forward with this.
In terms of windows XP pro.. again you would be surprised on how many corporate environments still have a lot of these lurking around for what ever reason.
Keep in mind, I am funding this entire project out of pocket, so that is the reason for the ads on the blog and youtube. Also, there is always the donations button on the home page, if you feel so inclined :-)
Thanks!
Stay Tuned!
I am still setting up VM's in ProxMox so we can do a full on Tutorial on that. It may take a few more hours to get them all installed.
For now, we will be working with Windows 7 Ultimate, Windows XP Pro, Windows 2000 Pro, and windows 2000 advanced server. I Know what you are probably thinking "Windows 2000?! Who still uses that?!?!" but you would be surprised. A lot of manufacturers still use it because their old proprietary machinist software runs on that platform.
Using windows 7, I want to bring you into the realm of newer OS platforms that are still in wide use, due to the lack of adaptation of windows 8 in corporate environments. Most of the Vulns' and Exploits for win7 can also be applied to win2k8 server, so for the time being, in lieu of a legit copy of win2k8, we will go forward with this.
In terms of windows XP pro.. again you would be surprised on how many corporate environments still have a lot of these lurking around for what ever reason.
Keep in mind, I am funding this entire project out of pocket, so that is the reason for the ads on the blog and youtube. Also, there is always the donations button on the home page, if you feel so inclined :-)
Thanks!
Stay Tuned!
Monday, June 3, 2013
Update on Metasploit + Armitage Tutorial
Well Guys, in testing today with a WIN-7 image on my poor XP VM host box that also runs the Kali environment we have been working with, it has come to my attention that it would be a mistake to try and teach you guys that on this machine, because of the massive amounts of resources windows itself needs to run. The recording would turn out horrible.
So, because I want the best for our learning sessions, I am dedicating a physical machine to handle all of the VM's except for Kali. It will be running ProxMox as it's host OS, which is made to run a VM environment. I am installing it tonight and configuring it with the VM's of what I have; WIN7 Ultimate, Win XP Pro, Win XP Home, Windows 2000, and Windows 2000 server. I was unable to locate my old copy of windows server 2003, and I am still awaiting a donation of a legitimate copy of windows server 2008 for demo purposes. I really want you guys to get a feel for what you are up against out there in the wild, so I am taking my time to do it right, and make available to you as much as I can conjure up in my contacts.
I will be happy if I can get a video out on it tomorrow at least showing windows 7, and XP in the scans with metasploit and armitage,
On another side note, if all goes well with ProxMox (never used it), Perhaps I will setup an subscriber based private network environment for you guys to hack away at. That would be the best to simulate real-world road blocks that you may run into. I have 4 extra static IP's sitting here doing nothing, so why not put them to good use :-)
I apologize for the delay.
So, because I want the best for our learning sessions, I am dedicating a physical machine to handle all of the VM's except for Kali. It will be running ProxMox as it's host OS, which is made to run a VM environment. I am installing it tonight and configuring it with the VM's of what I have; WIN7 Ultimate, Win XP Pro, Win XP Home, Windows 2000, and Windows 2000 server. I was unable to locate my old copy of windows server 2003, and I am still awaiting a donation of a legitimate copy of windows server 2008 for demo purposes. I really want you guys to get a feel for what you are up against out there in the wild, so I am taking my time to do it right, and make available to you as much as I can conjure up in my contacts.
I will be happy if I can get a video out on it tomorrow at least showing windows 7, and XP in the scans with metasploit and armitage,
On another side note, if all goes well with ProxMox (never used it), Perhaps I will setup an subscriber based private network environment for you guys to hack away at. That would be the best to simulate real-world road blocks that you may run into. I have 4 extra static IP's sitting here doing nothing, so why not put them to good use :-)
I apologize for the delay.
Installing VM's
Just an update:
I am installing a windows 7 VM for testing purposes for the next Video Tutorial: Metsploit Framework + Armitage. I will also be installing a windows XP Pro VM to show you how to hack those as well. Most companies believe it or not are still running XP and server 2003. I need to find my old server 2003 disc and get that going too. I already have metasploitable installed as a VM so perhaps this session we can do one video on metasploitable, and one on windows 7 stock install. We shall see.I am realizing that my 45 minute videos are much too long for most people, so I am looking into ways of doing multi-part, shorter videos to keep you guys interested :-)
#busybee
As always, keep spreading the word about our project, our audience is growing, so the more the merrier! Keep up the great work guys! Thanks!
Latest kali Update Breaks zenmap
Latest Kali Update Kills zenmap
I just alerted the Kali Linux dev team that the latest apt-get update || apt-get upgrade kills zenmap. You will notice that it won't show up in the menu, or even be launch-able by a terminal command.The work around is apt-get install zenmap
It should now show back up in your menu and be launched from a terminal.
You're welcome :-)
Security Advisory - Debian Linux 6.0 XORG Exploit
Original Advisory: http://www.securityfocus.com/bid/60126/info
X.Org libXext CVE-2013-1982 Multiple Remote Code Execution VulnerabilitiesThere are no known available exploit code in the wild yet. Solutions are to update for this Debian 6.0 Se Here:
http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
Friday, May 31, 2013
New Video: How to use the OpenVAS-6 EZ Startup script
How to use the OpenVAS-6 EZ Startup script
It's Friday! Been a rough week, I am taking the weekend off for some R&R. Enjoy your weekend guys, see ya Monday!
Armitage + Metasploit
I spent quite a few hours last night working with armitage and metasploit. In some of my other videos, I mis-spoke about metasploit in terms of their business practices. And while it's true that they do have a paid model, that is really only for their fancy GUI front end. The old school framework is still free, and with armitage as the front end, it's still awesome.
I hope that on Monday or Tuesday I can crank out a video based on Armitage and Metasploit with at least 2 VMs of Metasploitable (a custom linux based server to learn exploitation with) and at least a bare bones stock install of windows server 2000, and 2003, and XP.
Also, if you have any video requests, please send them to learnetsec@gmail.com
Thanks and stay tuned! Oh, and remember like our videos and subscribe!
I hope that on Monday or Tuesday I can crank out a video based on Armitage and Metasploit with at least 2 VMs of Metasploitable (a custom linux based server to learn exploitation with) and at least a bare bones stock install of windows server 2000, and 2003, and XP.
Also, if you have any video requests, please send them to learnetsec@gmail.com
Thanks and stay tuned! Oh, and remember like our videos and subscribe!
Thursday, May 30, 2013
Update
I was going to do a video tutorial on metasploit + armitage. However, I need to setup some vm's to use for demonstration purposes and that takes some time.
I will be using metasploitable which is linux based, but I want some windows hosts too. I need to get my hands on server 2008, etc.
Anyone willing to donate a windows server 2008 iso please email me @ learnnetsec@gmail.com. Thanks!
I will be using metasploitable which is linux based, but I want some windows hosts too. I need to get my hands on server 2008, etc.
Anyone willing to donate a windows server 2008 iso please email me @ learnnetsec@gmail.com. Thanks!
Thanks Kali Linux
A HUGE Thank you to Kali Linux for sharing one of my videos on Facebook! Check out their facebook page https://www.facebook.com/Backtrack.Kali
Wednesday, May 29, 2013
New Video! Installing and setting up OpenVAS
Installing, Configuring OpenVAS 6 on Kali Linux. Setting up the WebUI. Also, including a FREE script for updating and starting the OpenVAS services for Web Access every time you boot up!
Script available @ SourceForge
Monday, May 27, 2013
New Video! Installing Kali Linux on VMware Step-By-Step + First Look!
New Video! Installing Kali Linux on VMware Step-By-Step Howto + First Look!
Friday, May 24, 2013
DNS Attacks - Hello Old Friend!
Some years ago there was an attack on BIND9 where an attacker would exploit the default values in the BIND9 config allowing for recursion, a blind recursive attack was placed, and it caused a server to overload and die, or lag really bad.
This attack was mitigated by custom ACL rule sets within the ACL of bind9. However, a new breed of attack emerged, and effectively does the same thing. I will explain how it works.
An attacker will send a spoofed dig command to a dns server with a source address of another dns server for a bogus domain that doesn't exist, or a blind "." request. Even with recursion off, this still creates an attack if sent in the masses. Why? Because even though the DNS server (if setup correctly), will respond with a fail or blocked reply, it will still send that reply to the spoofed source IP. It's kind of like an old ack/syn flood.
This attack creates load on the targeted server, and the spoofed server since they don't filter these types of requests. Now there are ways to defeat this, using iptables, or APF, and of course a properly configured dns server.
Here is what the attack looks like:
cat /var/log/messages
May 21 12:15:37 <your hostname> named[2158]: client 82.196.3.203#61935: query (cache) 'isc.org/ANY/IN' denied
Breaking this down;
The source attacker was IP under SRC= the Destination = DST and that is your IP. The packet length is LEN=64 the Time To LIve or TTL=117 Protocol is PROTO=UDP SPT = source port and DPT = Destination Port of 53 / dns. Len=44
We do syn_cookies on this server too, to block any spoofing attacks. This is what helps pick it up.
This is a live environment of a web hosting company that I maintain and monitor. The reason I picked up on this was because BIND9 kept crashing, SMTP/POP3/IMAP kept crashing, etc. This would cause the mail server queue to get stuck with un-deliverable mail because DNS was not running, and it had no way to route the mail messages to who ever the recipient was. So in the mail queue in their Plesk panel was shown as
from " " to " " subject " " date "December 31st, 1969 7:00pm" - obviously this is no good. However if you went into the mail queue in a terminal and manually opened the message, it had the correct headers, etc. So, I Knew this had to be an issue with dns, after I ruled out an attack on the mail server itself. Mail server is not a relay.
Further investigation into the logs showed the following in the hundreds at around the time the mail server was erroring, and other service were crashing.
May 21 12:23:19 u16937963 named[2158]: client 37.153.98.159#51340: query (cache) 'isc.org/ANY/IN' denied
May 21 12:23:19 u16937963 named[2158]: client 189.120.90.245#49940: query (cache) 'isc.org/ANY/IN' denied
May 21 12:23:19 u16937963 named[2158]: client 37.153.98.159#51340: query (cache) 'isc.org/ANY/IN' denied
May 21 12:23:19 u16937963 named[2158]: client 37.153.98.159#51340: query (cache) 'isc.org/ANY/IN' denied
This attack was mitigated by custom ACL rule sets within the ACL of bind9. However, a new breed of attack emerged, and effectively does the same thing. I will explain how it works.
An attacker will send a spoofed dig command to a dns server with a source address of another dns server for a bogus domain that doesn't exist, or a blind "." request. Even with recursion off, this still creates an attack if sent in the masses. Why? Because even though the DNS server (if setup correctly), will respond with a fail or blocked reply, it will still send that reply to the spoofed source IP. It's kind of like an old ack/syn flood.
This attack creates load on the targeted server, and the spoofed server since they don't filter these types of requests. Now there are ways to defeat this, using iptables, or APF, and of course a properly configured dns server.
Here is what the attack looks like:
cat /var/log/messages
May 21 12:15:37 <your hostname> named[2158]: client 82.196.3.203#61935: query (cache) 'isc.org/ANY/IN' denied
Now, if you were to run wireshark on this server, you would see that the protocol is UDP on port 53. The attacks have gotten more advanced, as the attacker will forge the packet size, etc to try and bypass filters/firewalls.
Now; what does it look like when it's blocked by APF/iptables?
tail -f /var/log/messages
May 24 11:28:06 u16937963 kernel: ** IN_UDP DROP ** IN=eth0 OUT= MAC=your:mac:here SRC=46.105.124.172 DST=your.ip.here LEN=64 TOS=0x00 PREC=0x00 TTL=117 ID=37644 PROTO=UDP SPT=28164 DPT=53 LEN=44
Breaking this down;
The source attacker was IP under SRC= the Destination = DST and that is your IP. The packet length is LEN=64 the Time To LIve or TTL=117 Protocol is PROTO=UDP SPT = source port and DPT = Destination Port of 53 / dns. Len=44
We do syn_cookies on this server too, to block any spoofing attacks. This is what helps pick it up.
This is a live environment of a web hosting company that I maintain and monitor. The reason I picked up on this was because BIND9 kept crashing, SMTP/POP3/IMAP kept crashing, etc. This would cause the mail server queue to get stuck with un-deliverable mail because DNS was not running, and it had no way to route the mail messages to who ever the recipient was. So in the mail queue in their Plesk panel was shown as
from " " to " " subject " " date "December 31st, 1969 7:00pm" - obviously this is no good. However if you went into the mail queue in a terminal and manually opened the message, it had the correct headers, etc. So, I Knew this had to be an issue with dns, after I ruled out an attack on the mail server itself. Mail server is not a relay.
Further investigation into the logs showed the following in the hundreds at around the time the mail server was erroring, and other service were crashing.
May 21 12:23:19 u16937963 named[2158]: client 37.153.98.159#51340: query (cache) 'isc.org/ANY/IN' denied
May 21 12:23:19 u16937963 named[2158]: client 189.120.90.245#49940: query (cache) 'isc.org/ANY/IN' denied
May 21 12:23:19 u16937963 named[2158]: client 37.153.98.159#51340: query (cache) 'isc.org/ANY/IN' denied
May 21 12:23:19 u16937963 named[2158]: client 37.153.98.159#51340: query (cache) 'isc.org/ANY/IN' denied
As you can see by the above, there is a query being sent to the dns server for records for isc.org and searching for any, or wild card. Obviously isc.org is not hosted by us, and the developer of BIND9 dns servers, which we use. You can see the request was denied, however, it still lags. Explaining further, lets do some research on that IP's who made the request;
using nslookup to resolve a hostname didn't give any results. Using GeoIpTool.com I could see this was coming from Switzerland. Umm, that shouldn't be..
So trying the other IP 189.120.90.245
# nslookup 189.120.90.245
Non-authoritative answer:
245.90.120.189.in-addr.arpa name = bd785af5.virtua.com.br.
Ok so opening a browser and going to that domain virtua.com.br at the time brought us to what looked like a web hosting company.
So knowing they probably are not attacking us, I noticed that they were probably being spoofed. So I flipped back on APF, enabled syncookies, and logging. Bingo, attacks blocked and logged.
Now the logs will fill up quick if this is a massive attack. So, if it's one IP doing the mass of the attack, just add them to the firewall to block all traffic.
That's all for now. This was a brand new server setup that I just started to admin. After I secured the box initially, I noticed all sorts of attacks coming its way. I believe we have mitigated at least 90% of that now.
You can get APF at RFX Networks
I also suggest you install BFD (Brute Force Detection) which works with APF to block any kind of brute force attempts. It's also available from their website.
Tuesday, May 21, 2013
New Video
Hey Guys,
I know that in our first video I said that the next video was going to be about Information Gathering, however I have had a lot of requests to make a video explaining how to install Kali Linux. So, I am in the process of making a video that will assist in downloading, installing, and configuring the basics of Kali Linux.
We will be installing in VMWare Player, which is free and available at The VMWare Website for free. However, this install that we will be showing would work on any stand-alone desktop/laptop.
Stay Tuned!
Thursday, May 16, 2013
Our First Video!
Well, I went ahead and made our first video. It's posted to youtube, but you can find it HERE in our Videos Section. Enjoy Guys! Don't forget to Like, Subscribe, and share the video!
Stay Tuned! - AfterBurn
Stay Tuned! - AfterBurn
Wednesday, May 15, 2013
Subscribe to:
Posts (Atom)