Tuesday, July 23, 2013

Scrap and rebuild

All the time I spent on building my home lab was been scrapped.  With new plans in mind I've scrapped my linux environment in trade for a Windows environment.  It really saddens me to do so but with new goals in sight I have to realign my future and calibrate my focus.  I've picked up a third server a Dell PowerEdge805(IIRC) which will be my VMWare ESXi box to host all of my client\victim VMs.  My PowerEdge 2950 got a RAM upgrade to 32Gbs(Yum) and is my DC, DHCP, DNS and everything and anything else I want to throw at it running eval version of Windows Server 2012 Standard.  My tiny PowerEdge(somethings I can't remember) will continue to be my WebGoat box.

My home lab domain will continue to be Nerv.corp.  I'm not going to explain myself and Gainax is reading this um... What can I say, I'm a big fan.

Progress so far has been:

Installed ESXi on Melchior, but haven't configured
Installed Windows Server 2012 on Balthasar
     Working on Active Directory structure and how I want to organize everything.
     DHCP working... kinda.  - It's successfully assigning IPs so its good enough.
     DNS... role installed but I have to fiddle with this some more. I have never had to do anything with DNS.

Hope to get some VMs on Melchior soon and my old Webgoat box(Casper) is going to remain a linux box but I do plan on wipping it and reinstalling webgoat mainly so I can document the webgoat install on linux.  I know I made some posts here with the trouble I had with the install but now I want  a better install document on it for future reference.

Yes my servers are named after the MAGI Super Computers.

New blog layout is to make it easier to read.  Sometimes I was having a hard time with the small white font on black background.

Thursday, April 4, 2013

HomeLab Headaches Ep.9

I think I got this working now, the Webscarab that is.  I read the configuration part over and over and OVER AGAIN
"
During the actual tutorial at the conference, you will be in a dedicated wireless network where 
no such HTTP proxy is needed; accordingly, please delete the proxy settings in WebScarab at 
the start of the tutorial. However, to test WebScarab at your current location, you will need to 
enter the HTTP proxy settings that apply to you there (the instructor cannot help you to find 
out these settings; please ask a colleague or your help desk if you don’t know these settings). 
Here is an example for the HTTP proxy settings (do not copy: these are valid only within the 
instructor’s company network): 
"

Between that and reading the error message on the terminal window where I start the Webscarab I figured it out.  At first I started Googling the error messages on the page on Firefox errors below


WebScarab encountered an error trying to retrieve

GET http://127.0.0.1:8080/WebGoat/attack HTTP/1.1
Host: 127.0.0.1:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130308 Firefox/17.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Proxy-Connection: keep-alive
Cookie: JSESSIONID=608FFA0267805397313D8AB48E491DB6
Authorization: Basic Z3Vlc3Q6Z3Vlc3Q=

The error was :

proxy.proxy.com
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:175)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:384)
at java.net.Socket.connect(Socket.java:546)
at org.owasp.webscarab.httpclient.URLFetcher.connect(URLFetcher.java:368)
at org.owasp.webscarab.httpclient.URLFetcher.fetchResponse(URLFetcher.java:229)
at org.owasp.webscarab.plugin.proxy.RevealHidden$Plugin.fetchResponse(RevealHidden.java:100)
at org.owasp.webscarab.plugin.proxy.ManualEdit$Plugin.fetchResponse(ManualEdit.java:243)
at org.owasp.webscarab.plugin.proxy.ConnectionHandler.run(ConnectionHandler.java:233)
at java.lang.Thread.run(Thread.java:679)


I couldn't find a straight answer but everything kept stating "Creates a socket and connects it to the specified address on the specified port" so I start thinking "WTF! Am I? ME!? Going to have to setup and configure a local proxy on this machine for it to work?"  I go back to the Configuration instructions and something stuck out


During the actual tutorial at the conference, you will be in a dedicated wireless network where 
no such HTTP proxy is needed; accordingly, please delete the proxy settings in WebScarab at 
the start of the tutorial


A thought came to mind "Maybe, just maybe I DON'T have to setup a proxt in Webscarab.  My server is not connected to the internet or any network for that matter."  So I deleted the proxy settings in Webscarab and once again try to browse to http://127.0.0.1:8080/WebGoat/attack.  Webcarab opens as it does in intercept mode and then I hit "Accept Changes" and BAM! I get the Webgoat login prompt. YAY!!!!!!!!!!!

That's it for now, until I run into another issue to document. PEACE! (^__^)v

HomeLab Headaches Ep.8

Oh Webgoat, you have tricked me once again.  Monday night I thought I had it all done since I got the login prompt and was able to login.  I called it a night at around 0030 and went to sleep.  Last night I was excited to start learning what Webgoat had instored to teach me.  I get started on the General section and I get down to useful tools and come across Webscarab.  I know it was one of the required tools for Webgoat and had it downloaded and I had even tried running it once to make sure it was working(to the extent of my knowledge it was).

I read something about a proxy, which is Webscarab and it has a intercept mode, which if I understand this correctly all the http traffic goes through Webscarab and I can analyze it and edit it and\or pass it through.

First problem was setting up the proxy, I was setting proxy as proxy.proxy.com using port 1337.  Set Firefox to use proxy for http to the same and it would not allowed traffic through.  I played around with different settings and still couldn't get it to work or Webcarab to see the traffic either.  So I know it was something I was doing wrong with the proxy.  I kept going back to the OWASP page trying to find clues to what I am doing wrong.  The install for linux was simple just run

java -jar ./webscarab-selfcontained-[numbers].jar

Which to me just does look like an install, its just telling java to run this particular .jar file.  So I decided to look in the Windows installation instructions.  On there I got a clue as to what I was doing wrong, which was to proxy settings in Firefox.  I was setting the proxy to proxy.proxy.com but it looks like I'm suppose to set it to localhost, but I set the port to 1337 which is the port I set on the Webscarab. DIDN'T WORK.  I looked at the Terminal window and I saw "Listenner something something: 8008".  I thought "Why is Webscarab listenning to port 8008.  If Webscarab is suppose to intercept my http traffic then I should send it to that port"

So I did, I set the Firefox proxy to localhost port 8008.  YAY! That worked for Webscarab to intercept the traffic, but when I hit accept changes to let the traffic through to the server it vomits some java errors at me.

I toyed with some of the settings and can't get the traffic to pass through to the Webgoat server.  Tonight I shall do some more Googling to see if I can figure this out.

The hardest part of all of this is that I'm doing all of this by myself.  I have no one but Google to depend on for help.  Which is cool because it just helps me figure things out on my own which I like because I learn more that way, but when I get frustrated and get lost trying to figure something out or I fix something or find a fix but don't know how it actually fixed or what it does it sucks because then I'm not really learning.  I wish I had someone that I could bounce ideas off of or ask how and why.  MEH! Nothing I can do but keep on going.

One thing I created myself was a .sh to run the java command above so I can start Webscarab easier.  It was nothing special at all, all I did was put that command in the text editor and name it run_webscarab.sh.  To me I got excited because I've only created simple .bat scripts at work so for me to create something like this, in linux, on my own just by thinking about it and trying and it actually working on the first try, was pretty cool.  I didn't even know if it was going to work and if the correct file type that I had to save was .sh but I tried it anyways and BAM it worked. YAY!!!!

Wednesday, April 3, 2013

HomeLab Headaches Ep.7

For a few days I've been fighting with setting up WebGoat, this is how it went down

Day1:(Sometime last Week, prolly Monday because the wife-unit00 and I spent the rest of the week cleaning the apartment because of my parental-unit's were visiting) -  Server setup

Setting up server number 2 for web app pentesting, OS and I decided to just stick with CentOS, installed the WebServer option with Desktop which means I checked off WebServer and then customized it by adding everything in the desktop option minus KDE desktop since I prefer the GNOME desktop.

Downloaded everything that I needed for WebGoat which at first seems a bit trivial, but I found the SourceForge that had the web goat stuff.  Downloaded it.

I've never messed around with web servers and know absolutely nothing about them so this is completely new to me.

Next I downloaded Java which was abit painful to find, downloaded and installed Java1.5_11

I followed the instructions on WebGoats website to edit the .sh file
Change "1.5" on lines 17, 19, and 23 of webgoat.sh to "1.6".

After editing the webgoat.sh I ran sh webgoat.sh start8080, got error
Please set JAVA_HOME to a Java 1.6 JDK install or JVM Is not 1.6

So I thought maybe I don't have Apache installed even though I chose the "WebServer" install option.  I then learned that there are different flavors of Apache and I needed Apache Tomcat.  So here we go.

I download Tomcat Apache and installed it, to the best of my knowledge.  I reboot, for the sake of rebooting.


Once I again I run .sh webgoat.sh start8080, and again I got error
Please set JAVA_HOME to a Java 1.6 JDK install or JVM Is not 1.6

I then looked into setting the "JAVA_HOME", found this Cyberciti.biz post, I set my JAVA_HOME

export JAVA_HOME=/usr/java/jdk1.5.0_11/

export PATH=$PATH:/usr/java/jdk1.5.0_011/bin

Once I again I run .sh webgoat.sh start8080, and again I got error
Please set JAVA_HOME to a Java 1.6 JDK install or JVM Is not 1.6


I shutdown and called it a day... night.

Day2:(4/2) I said, lets try from the beginning again.  I noticed that I had installed jdk1.5.0_11 instead of a version 6.  This was probably due to tireness and close to mid night hours lol, whatever the reason may have been.
First thing first, remove old java, I used

rm -r -f /usr/java/jdk1.5.0_11


Downloaded jdk6(jdk1.6.0_20) and installed it following this post from stackoverflow, which covered install for both jdk and tomcat. COOL COOL.  I thought I had it figured out and was on my way to getting my webgoat on... yea ok, that was quickly shutdown by another "Please set JAVA_HOME to a Java 1.6 JDK install or JVM Is not 1.6".
NOTE: I didn't follow stackoverfollow's post to the letter.  I installed java just by running the rpm.bin.  Mostly followed it more for the variable sets JAVA_HOME, PATH, CLASSPATH, etc


export JAVA_HOME=/usr/java/jdk1.6.0_20
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.:$JAVA_HOME/jre/lib:$JAVA_HOME/lib:$JAVA_HOME/lib/tools.jar

export TOMCAT_HOME=/usr/local/tomcat
export CATALINA_HOME=/usr/local/tomcat
export CLASSPATH=$CLASSPATH:$CATALINA_HOME/common/lib


I then remember on the WebGoat install page mentioned that version 5 didn't need tomcat or java installed.  So I tried pointing the JAVA_HOME to the java folder in the Webgoat 5.2 folder, no luck.  Made no difference.

I started googling for answers or to see if anyone else had this same problem.  Some did, I saw a post about someone having the same problem in Ubuntu but was fixed by install Java... that didn't help. I was clueless but not THAT clueless.  I then came across WebGoat's GoogleCode page that had a newer version, version 5.4.  Looked in the README-5.4 and it mentioned that Java and Maven needed to be installed separately. Well Maven was just another Apache flavor and to my luck I had already installed Java1.6 and Tomcat.  I download Webgoat5.4 zip and extract it.  In "Option 4: Run from the WebGoat 5.X Standard distribution (Ubuntu)" all it said was run " ./webgoat.sh start8080".  I did and I got a "Permission denied"  WTF?!?!? Permission denied?  I'm fucking root.  I then remembered I had saw somewhere else someone mentioned chmod +x on the webgoat.sh file and I ran the chmod +x

chmod +x webgoat.sh

Once again I ran ./webgoat.sh start8080 and now I got the same error message that I've been getting the dreaded "Please set JAVA_HOME to a Java 1.6 JDK install or JVM Is not 1.6"

At this point I'm steaming and frustrated.  Once I again I go back to Google, but this time I come across my light at the end of the tunnel, carnal0wnage.attackresearch.com had an old post about the same problem.  So I followed their instructions and removed the Java check shit from the beginning of the webgoat.sh

Below is a copyPasta of my webgoat.sh file.  If anyone from webgoat wants me to take this down just email me.  I don't know if this is ok or not but just email me and I'll take it down, other wise it's here for my historical reference and to help others


#! /bin/sh

SYSTEM=`uname -s`
CATALINA_HOME=./tomcat
PATH=${PATH}:./tomcat/bin
export CATALINA_HOME PATH
export JAVA_HOME=/usr/java/jdk1.6.0_20
chmod +x ./$CATALINA_HOME/bin/*.sh


case "$1" in
    start80)
        cp -f $CATALINA_HOME/conf/server_80.xml $CATALINA_HOME/conf/server.xml
        $CATALINA_HOME/bin/startup.sh
        printf "\n  Open http://127.0.0.1/WebGoat/attack"
        printf "\n  Username: guest"
        printf "\n  Password: guest"
        printf "\n  Or try http://guest:guest@127.0.0.1/WebGoat/attack \n\n\r"
        sleep 2
        tail -f $CATALINA_HOME/logs/catalina.out
    ;;
    start8080)
        cp -f $CATALINA_HOME/conf/server_8080.xml $CATALINA_HOME/conf/server.xml
        $CATALINA_HOME/bin/startup.sh
        printf "\n  Open http://127.0.0.1:8080/WebGoat/attack"
        printf "\n  Username: guest"
        printf "\n  Password: guest"
        printf "\n  Or try http://guest:guest@127.0.0.1:8080/WebGoat/attack \n\n\r"
        sleep 2
        tail -f $CATALINA_HOME/logs/catalina.out
    ;;
    stop)
        $CATALINA_HOME/bin/shutdown.sh
    ;;
    *)
        echo $"Usage: $prog {start8080|start80|stop}"
        exit 1
    ;;
esac

Friday, March 22, 2013

HomeLab Headaches Ep.6

Meh, not really any head headaches today.  I got the MediaServer up and running since Tuesday night, with all my files available I took a few days to reap the fruits of my labor and watched a few of the videos and\or shows I haven't watched in a while, specially on a TV.

I have setup a WINXP SP2 and a WIN7 VMs.  Tried to setup a OSX 10.6 and it didn't happen.  I tried three times and once on my work pc and it still gave me the same error, which confirmed that my iso is BAD. : ( booooo So now I have to get my hands on a good OSX iso.

I attended Rapid7's "Using Metasploit on Kali Linux, the Evolution of BackTrack" webinar today.  It was pretty cool, from what I saw Kali Linux looks bad ass and I have downloaded the x32, x64 and the VM versions.  The x32 is going on my netbook that is collecting dust in my room, the x64 is just to have it and the VM may find it's way into my Virtualbox.  Also Rapid7 has a "metasploitable vulnerable machine" which I have downloaded as well to check out later.

One thing I liked about Kali Linux if I remember this correctly is that all of it's services are OFF by default so  its as the old slogan on Backtrack used to say "the quieter you become, the more you are able to hear...", so Kali is quiet by default lol.  Also the big change is from Ubuntu to Debian base linux, there was something about stream line updates, but I can't remember exactly what it was.

Next thing on the Home Lab is getting the network together.  Gotta bring out my Cisco bibles... i think they weight more then the router or the switch it self lol

Monday, March 18, 2013

Hitler and I feel the same about Google killing Google Reader


Poor Hitler, I too am pissed at Google killing Google Reader.  There are some alternatives I need to check out I can't remember them right now, but they are on my Twitter feed... somewhere lol.  I'm still very update that Google Reader is going to be gone in July.

SOURCE:... Twitterverse, somewhere there.

Media Server Headaches Ep.2?


Now the Media Server is giving me more and more NTFS problems.  I need to change the permission on it to allow owner full access which I don't need to change it, but I need to change the group and others permission and regardless of how I mount it or change permission or ownership or group ownership it will NOT allow me access.  So, I'm done

Mounted my new external 3Tb drive.  

Copied a whole folder from old 1Tb drive into new 3Tb drive as an initial test and I have ownership and full permission.  

It's so refreshing and out of my permission claustrophobia sorta say lol

I'll leave it copying the 400Gbs of data from the 1Tb drive to the 3Tb drive.  Tomorrow or the next day I will move just the media files I want the Media Server to have back onto the 1Tb drive which I will make sure that I have full permission even if I must blow away the partition and setup new partition on it.  This is once all my precious and sentimental data is safely stored away in the new 3Tb drive.

 

HomeLab Headaches Ep.5

Here we are back at it again

Figured something interesting out, if I mount my external drive using

mount /dev/sdd1 /mnt/ExtDrv

I can copy the data out of it that I need and paste it locally, but if I mount using

mount -t ntfs-3g /dev/sdd1 /mnt/ExtDrv

Which is suppose to help with ntfs permission I can't copy data off of the drive, but I did change the permission on the /mnt/ExtDrv using chmod like this

chmod 755 -R /mnt/ExtDrv

I use ss64.com as a reference for chmod, they actually have a little table that you can click on what access you want and it will spit out the numeric and symbolic permission codes.
I use ss64.com to cross-reference for alot of my commands since I don't know too many.  I google what I need done and when -h or --help doesn't give me enough explanation to what the command does I go to ss64.com.  Great site and from year ago or so to now they've added a few more languages like powershell.

So I don't know if it was the chmod that actually gave me the permission to copy data from the external drive or if it was using mount without the -t switch along with ntfs-3g

While I was in the chmod mood, I changed the permission on my iso repository which is /VM_iso_Repo to owner would be root, group vboxusers will have full, read, write and execute access and others only read access.

Changing folder group ownership use chgrp

chgrp -R vboxusers /VM_iso_Repo

Changing folder permission access is as above

chmod -R 774 /VM_iso_Repo

Need to learn how to allow only a group access to a program.

Now I finally spun up the first of many Windows VMs on this machine.

Wednesday, March 13, 2013

Crypto.cat

Crypto.cat, new secure chat venue.  This brought to my attention by a co-worker.  Great idea and I love the video below.  I don't go on chat rooms now adays, but this is a great idea for those who still chat.  So if you or anyone you know still enjoy chatting on chat rooms go check out Crypto.cat

  

HomeLab Headaches Ep.4

I'm just going to start calling my "Home test lab set-up progress part X" posts HomeLab Headaches lol

In tonight's episode, Virtualbox won't start.  It wouldn't start last night, so I just went to bed.  I thought maybe because my User account isn't a sudoer?  So I ran virtualbox in terminal as root and it opened Virtualbox BUT! I got an error

WARNING: The vboxdrv kernel module is not loaded. Either there is no module available for the current kernel (2.6.32-279.el6.x86_64) or it failed to load. Please recompile the kernel module and install it by

           sudo /etc/init.d/vboxdrv setup

         You will not be able to start VMs until this problem is fixed.
Qt WARNING: QGtkStyle was unable to detect the current GTK+ theme.
Qt WARNING: Qt: Session management error: None of the authentication protocols specified are supported

I tried the "/etc/init.d/vboxdrv setup" as it suggested but it failed and told me to look into the log

Stopping VirtualBox kernel modules                         [  OK  ]
Recompiling VirtualBox kernel modules                      [FAILED]
  (Look at /var/log/vbox-install.log to find out what went wrong)

I look in the "/var/log/vbox-install.log" and I get this

Makefile:181: *** Error: unable to find the sources of your current Linux kernel. Specify KERN_DIR=<directory> and run Make again.  Stop.

 So I rediscovered one of the sites I used alot when settings up a few things in linux, if-not-true-then-false.com.  It has an article which covers installing Virtualbox on CentOS\RHEL\Fedora(See Source at the end of the post for link).  I already have EPEL installed, but I followed the instructions step by step anyways.  I gave in a did the "yum update" which updated me to CentOS 6.4. Before I rebooted I did "yum install binutils gcc make patch libgomp glibc-headers glibc-devel kernel-headers kernel-devel dkms" and this is I think what I missed or the GUI didn't do on it's own when I was tired and decided to depend on the GUI to install Virtualbox properly.

Lesson learned: Don't be a bitch and depend on the GUI to do it right.  Do it on the CLI and even if you fail you won't feel as bad as depending on the GUI. lol
After that was done I tried the "/etc/init.d/vboxdrv setup" and it failed

Stopping VirtualBox kernel modules                         [  OK  ]
Uninstalling old VirtualBox DKMS kernel modulesError! There are no instances of module: vboxhost
4.2.8 located in the DKMS tree.
                                                           [  OK  ]
Trying to register the VirtualBox kernel modules using DKMS[FAILED]
Starting VirtualBox kernel modules                         [FAILED]

So I rebooted and tried again "/etc/init.d/vboxdrv setup" and this time it worked

Stopping VirtualBox kernel modules                         [  OK  ]
Uninstalling old VirtualBox DKMS kernel modulesError! There are no instances of module: vboxhost
4.2.8 located in the DKMS tree.
                                                           [  OK  ]
Trying to register the VirtualBox kernel modules using DKMS[  OK  ]
Starting VirtualBox kernel modules                         [  OK  ]

As instructed by if-not-true-then-false.com I added my User account to the "vboxusers" group, "usermod -a -G vboxusers User"

Double clicked on Virtual Box and it ran, no errors... so far

SOURCE:  Install Virtualbox with yum on Fedora, Centos, RHEL

Malicious Profiles - The Sleeping Giant of iOS Security



  As I'll further discuss in this post, there is another way to create havoc on one's device, which may be comparable to sophisticated malware, without actually installing a program on the device.
 
Malware is prevalent. Mobile malware is on the rise. We are used to the perception that Android users are always under the threat of being attacked by malware and therefore should be highly suspicious about the software they install, while iOS users are immune and can enjoy the freedom of installing whatever they want without hesitation, due to Apple's "walled-garden" approach. Well... this isn't exactly the case.


To read the whole article click on link above...
Source: Skycure Security

Adobe tells Windows and Mac users to install critical security updates for F...


via Naked Security - Sophos on 3/13/13

Computer users should be getting used to security updates for Adobe Flash by now - after all, this is the fourth in as many weeks. Make sure your computers are protected as soon as possible.

To read the whole article click on link above...

Tuesday, March 12, 2013

Home test lab setup progress part 3

Free RAM doesn't always work... that doesn't sound right for some reason, meh!

The RAM I got from work didn't work on the Dell 2950(Server#1), but it worked on my older server my Dell 850.  I don't know what I want to do with my 850 yet. No, no one can't have it.  

Figured out how to configure\edit the /etc/fstab so it auto-mounts my other drives

First I tried it on my own no knowledge just throw stuff at it and see what comes of it just by looking at what was in the fstab already. for some reason it had entries like this :

tmpfs      /dev/shm     tmpfs      defaults     0 0
devpts    /dev/pts      devpts     defaults     0 0
sysfs       /sys            sysfs        defaults     0 0
proc       /proc          proc        defaults     0 0

so I added

RnDm       /dev/sdb     ext4     defaults     0 0
RnDm2     /dev/sdc      ext4     defaults    0 0

Rebooted and it didn't work, so I found this post, How to add a new partition to the fstab file

OH! There's the formula, [Device] [Mount Point] [File System Type] [Options] [Dump] [Pass]

so then I changed the fstab to 

/dev/sdb     /RnDm       auto     defaults     0 0
/dev/sdc     /RnDm2     auto     defaults     0 0

Rebooted and BAM! they auto-mounted.  Actually it didn't the first time because I had made a mistake on the mount point but after fixing that it worked.

Now after all this I once again face NTFS permission road blocks in my CentOS server.  fuck it, copying iso's from external drive using cli.

Correction on yesterdays post, drive /dev/sdb which is one of the pair of 146Gb drives is setup as RAID0, not RAID1. This is so I can benefit the read\write performance, where I'm going to keep my VMs. The single 146Gb drive /dev/sdc is going to keep my isos.

Home test lab setup progress part 2

The other problem I ran into when setting up my Dell 2950 was mounting the other HDD's.  I have two 73Gb and three 146Gb HDDs, the two 73Gbs are set as RAID0 and used for OS.  The other three 146Gb drives, two are setup RAID1 where I will keep all of my VMs and the other 146Gb is where I'm going to keep my iso's.

I'm trying my hardest to not depend on the GUI.  So into the CLI I dive.  I finally figured out how to delete the partition on the drives, but still could not mount. Then I found the mkfs command.  Since I'm using the whole drive on both the RAID1 146's and the single 146, its easy to just make the whole disk a file system.  Made it ext4, but now I have to figure out how to make it mount everytime I reboot.  I'm currently having to mount it manually, but I know I have to edit the /etc/fstab.  That's what I'm going to try and figure out next is the /etc/fstab file.

Also have been setting up a Media Server on a older laptop.  Using LinuxMint as OS and Plex Media Server.  Plex is pretty cool and easy to setup, but again I'm running into NTFS speed bumps.  That's what I get for using Windows when I used to actually download movies and crap.  My problem with the Media Server is not that I can't mount the ntfs drives like in the CentOS.  The problem is that I can't edit the permissions.  For some reason in order for Plex to find the files, the files permissions for "Other" have to be set to read or read and write.  I figured out this was the problem because when I copied the movie files locally and changed the permission I was able to find and play them on the Plex server.  More NTFS speed bumps, but I just bought a 3TB external drives over the weekend.  I'm going to migrate everything to it from my current 1TB backup drive and format the 1TB to Ext4 and just put my music, movies in it for the Plex server and be done.  I was suggested to setup SAMBA, but I don't want to head down that road... yet.  We shall see what I come up with.

SSCC 104 - Probably (be fair, definitely!) the best 15-minute podcast you'll...


SSCC 104 - Probably (be fair, definitely!) the best 15-minute podcast you'll hear today

via Naked Security - Sophos on 3/12/13

Have your joined thousands of others, and become a loyal listener to the "Chet Chat" yet? Here's the latest Naked Security podcast, Sophos Security Chet Chat 104, discussing a range of recent and newsworthy topics from the world of computer security.


Monday, March 11, 2013

Home test lab setup progress

Last week I started setting up my test lab for me to play around and learn things on my own.

So far I've setup one of my servers, its a Dell 2950,

600Gbs of HDDs between all 5 drives, cool
4Gbs of RAM, Sad! I know

Installed CentOS 6.3, I know 6.4 just came out but I'm going to let that settle first. Let everyone get their bugs out then I'll update to it. In the mean time I'll rock 6.3

Other than the OS I installed VirtualBox, but when came time to transfer my OS ios's I ran into a problem. My only linux experience is with Ubuntu so I'm used to NTFS support being installed by default. Nuh-uh, not in CentOS. So I had to fight with getting EPEL installed. Having never dealt with rpm instead of my ususal apt-get. After googling I found someones post which helped me add the EPEL but they had a bad/wrong mirror address so they won't get mentioned. To install EPEL I did

Rpm -Uvh http://mirror.seas.harvard.edu/epel/6/x86_64/epel-release-6.8.noarch.rpm

Follow the prompt/s allow it to install

Now for the ntfs support

Yum install ntfs-3g

External drive still gave me a little problem but I got it to work. I would post what the problem was but I closed the terminal window.

I got some RAM upgrade from work. Will bump my RAM from 4 Gbs to 16Gbs. Whoot whoot, ahem ok enough of that lol

Thursday, March 7, 2013

Anatomy of a bug - the five minute insecurity window in the sudo command


via Naked Security - Sophos on 3/7/13

An authentication-related bug was patched recently in the Unix sudo command. Ironically, the bug was more likely to affect those users who were more security-conscious. Paul Ducklin explains...

Click on link above to read whole article.

Wednesday, March 6, 2013

White House agrees cellphone unlocking should be allowed, but jailbreakers left in limbo

via Naked Security on 3/6/13

The White House agrees with the 114,000+ US citizens who signed a petition to make cell phone unlocking legal. What they didn't address: the legality of jailbreaking and rooting.

Tuesday, March 5, 2013

Joe McCray, Building a Security Lab, Drunken Security News - Episode 322 - F...


Joe McCray is an Air Force Veteran and has been in IT security for over 10 years. His background includes both Network and Web Application penetration testing as well as incident response and forensics within the DoD and commercial sector.
Having a home lab is really key in our field. There always seems to be projects you want to work on that require a specific OS or software. You just need hardware at home, whether you are pen testing or doing security research. I grew tired of using laptops, and especially my own laptop. Having some low-cost servers will open up the possibilities.