So I have a piece of coursework for a CS module I’m taking at Queen’s University Belfast and one of the focal points of it is the recent RockYou! SQL-injection breach that released 32million passwords into the internet, and I thought I’d have a closer look at that list.
Last week or there abouts, there was a big buzz around the interwebs revisiting Dan Kaminski’s OzymanDNS tool, a perl based toolkit for tunnelling TCP traffic over DNS requests (technically its TCP over SSL over DNS but whos counting) That was originally released mid-2004.
I never really found the true source of the new hype surrounding a “old” project (it may have been HAK5′s episode 504 that demonstrated the tool, mubix has put the write up in at room362)
I then found that it had since been reengineered by Andreas Gohr and wrote a brilliant write up on its setup and use and i think is the best example for any skill level.
Long story short, i gave it a go redirecting dns requests from my andrewbolster.info domain using my main development box at home as a “server” and tested it using my Asus EEEpc from a guest wireless access point in work, and it works. Its VERY slow, but it works.
But that left me with a problem; I turn off my dev box as often as I can (Dual core CPU, 3 internal HDDs, Cooling systems, 6GB ram, Fatty graphics card, etc, kinda draw a bit of juice) and i definatly dont want to leave it on if i’m going to be away from the house for weeks. So i turned to my brilliant Western Digital MyBook World edition.
Problem was the Perl in optware aswell as the one that ships with the device, had no compiled threads support, and on a less technical point, running cpan would max our CPU and memory on this tiny box, all taken up by the perl processes. Long story short, perl was not the way to go ( I would have recompiled Perl as per the write up on mybookworld.wikidot.com, but with perl performing as badly as it was with relativly simple “one time” processes, i didnt want to have that running 24/7/356 ).
Tracing back through the history led me to dns2tcp, originally written by Olivier Dembour in C, my favourite language for small systems (duh) and i found it to be hurrendously under-documented. So below is a quick blow by blow of what i did to get dns2tcp installed, running and client configured
If you do not have access to a hosted or internet assessible DNS server / BIND system, you are screwed; Some people will let you use theirs, and if you ask really nicely I’ll put in a redirect on mine, but i probably wont.
Name: [ tunnel ].andrewbolster.info
Type : [ NS ]
Value: [ iwant2gohomenow.dyndns.org ]
If i was going it command line style in BIND I’d add
tunnel.andrewbolster.info IN NS iwant2gohomenow.dyndns.net
This basically mean that when you ask “What ip address does tunnel.andrewbolster.info have?”, the andrewbolster.info server says “pfft , i dunno, ask the guy at iwant2gohomenow.dyndns.org”.
Unfortunatly, Theres nobody he can talk to there.
ipkg install gcc
For debian based, its
apt-get install build-essential
cat > ~/.dtf2tcpdrc << EOF
listen = 192.168.1.3
port = 53
domain = tunnel.andrewbolster.info
ressources = ssh:127.0.0.1:22
EOF
Yes, i know, resources is spelt wrong, but it works, ok?
dns2tcpd -F -d2
The -F keeps it in the foreground instead of daemonising it, and the -d2 is a debug flag to give just a bit more info.
If it doesnt crap out, your good to move on to the client.
cat > ~/.dtf2tcprc << EOF
domain = tunnel.andrewbolster.info
ressource = ssh
local_port = 2222
debug_level = 1
server = bolster.homelinux.net
EOF
The local_port is completly arbitrary but 2222 is my default for remove shells
dns2tcpc -d2
And you should get no errors
Now go to a different terminal and log into the server like this
ssh testUser@localhost -p 2222
Whats that you say? localhost? dns2tcp has opened up a port on your client system that connected to port 22 on the server, so your logging into the server, but my going thru the client port first.
ssh testUser@localhost -p 2222 -D 8888
As with 2222, 8888 is arbitrary, but i use it for proxies.
ITS SLOW, I know, but then next time you miss a bus or a train or a plane and you are stuck in some god foresaken hell hole of a transit hub with only the expensive starbucks wifi to serve you, it is on your own conscious wether you use this too to accidentally GET AROUND PAYING FOR IT. Its illegal, how could you ever think about doing something like GETTING FREE INTERNET. I’m ashamed of you for even thinking about USING FREE TOOLS TO GET AROUND PROPRIATORY RESTRICTIONS TO THE FREE INTERNET. Go sit in the corner, the corner with the T-Mobile wireless access.
And, if you find this write-up useful or interesting, please a) repost it with credit b) comment
Also, big thanks to all the people whos tools I’ve used to demonstrate this, be sure to visit their websited and subscribe to their feeds.
Ok, got the 900, sorry this blog is very very late
Pros:
AMAZINGLY small, you wont believe how small it is until you use one
The keyboard is just managable
the Webcam is amazing quality when it works
More responsive than i imagined
The Extra 16GB SSD really helps
Wonderfully fast bootups (If you never plug it in to any accessories (other than charger) set the Boot Booster enabled under the BIOS, trims a second or two)
Cons:
Battery life less than expected
Wireless strength depends on the driver you use
Webcam and Webcam-mic not fully functional (currently) under Ubuntu 8.04
What I’ve done:
Managed to get a dual boot system between the Xandros OS and Ubuntu 8.04 by resizing my home partition on the 16GB SSD and installing in there (dont bother with a swap drive)
Grub works wonderfully and straight out of the install i still have both the standard and recovery boot options thru xandros.
As for install, use this
And for tweaking use this BUT to fix the sound you have to go back in and re fix alsa (the 700 tweak doesnt work for the 900)
sudo alsactl store
sudo alsactl restore
I think that was all i had to do for basic operations.
Also got Kismet and the Aircrack-ng suites working with a bit of giggery pokery with an aim of stealing my dads old GPS and getting gpsmap to work properly, My personal recommendation is to install both from source, in the case of aircrack, you need to go into the folder that was built and make sure that all of the generated binary files are copied to /usr/bin or /usr/sbin depending on how paranoid you are (I’m not) because the install script doesnt install airmon, aireply, ivstools, packetforge, and a few other things i cant remember off the top of my head
As for the kismet source, i use source=madwifi_ag,atho,atheros and instead of relying on kismet to open the card as monitor, i use airmon and wlanconfig to kill the other interfaces first, eg
sudo wlanconfig ath0 destroy
sudo airmon-ng start wifi0
kismet (i did the suidinstall of kismet so there is no need for sudo. for a single user system the suidinstall is probably easiest)
I cant really talk about the performance of aircrack because truth be told i wouldnt have the patience for a 900MHz to get thru that kinda work, i collect as many packets as i can and get my dual core 3GHz 64bit system to do the dirty work (also usually do this over ssh if i can get an alternate connection, am working on a system where the ivs file can be emailed and an email reply will be sent back, with either the key, or “MEGAFAIL”)
Anyway
Battery life. thats a joke. Its less that the 701 my dad has. yeah, yeah, i know, its more powerful, bigger screen, that wud be fine if it wasnt just the UK getting the kneecapped batteries:
List of countries getting 5200mAh battery:TW,HK,USA,CAN,IT
4400mAh:UK
If anyone is reading this please go to http://forum.eeeuser.com/viewtopic.php?id=27140 and make your voice heard, cus i want the battery that was handed out to reviewers! (the forum explains it better than me)
Just got a call from home saying that my EEE was delivered today, now thats what i call super fast delivery, kudos to clove for being so speedy
On another note my dad is cycling from ballymoney in northern ireland to montouliers in the south of france, he has an EEEpc 701 with him and hes been using it to make a blog here
Just off the phone with Clove saying that my shiny new black eee 900 is winging its way to my homestead, which unfortunatly is not wer i am, but at least i wont be losing any time for revision (read: have any other reasons not to study)
I have to say I’m really disappointed with Asus’s attitude to they’re british customers regarding the battery issue and i really cant say any more about it except that were paying above the board globally, and not getting an equivalent product and an even less equivilant service.
Nevertheless I’ll be installing Ubuntu as soon as i get my grubby little mits on it, and will hopefully get some pictures, maybe actually get off my ass and do a how to. Might install an internal bluetooth mod aswell…..
On a brighter note, i really have to say Clove have been fantastic, i ordered mine about a month and a half ago and called me back the next day telling me that they were looking at a mid may delivery date, and then called me when the white eee’s came in stock at the beginning of the month, i pointed out that i had previously changed my order to the black, and they were great about it. Highly recommended! Not expensive atall either!
DISCLAIMER : no i dont work for them
