My Portable Travel Stick

Published on June 29, 2007 under Tech Blog

This will be my last post from Taiwan, and I'm placing it in my tech section. Shortly I will be flying to Hong Kong, and then traveling into China. I'm not bringing my laptop with me. I'm always a little wary of using public computers, especially in many of the ... Read more.

Another Amazon Phishing Attempt

Published on June 4, 2007 under Tech Blog

46 hours ago I received an email from Amazon. Things looked somewhat official, although my tech "sixth sense" told me it was a phishing attempt. Maybe it was the poor grammar, yet still not particularly obvious when I skimmed quickly through the email. Naturally I ... Read more.

PSAD and Syslog-NG

Published on April 18, 2007 under Tech Blog

I really like using PSAD, both on my server and my laptop. You never know where the mean people are. I also seem to use syslog-ng quite often, meanwhile PSAD seems oriented to syslog. This is fine, and I'm pretty sure the install.pl for the source built will configure syslog-ng.conf ... Read more.

One More Point Linux

Published on March 15, 2007 under Tech Blog

It should come as a surprise that I enjoy using Linux. For the record, the first time I booted into Linux on my own was 1997, this was just before entering high school. So, while some of my tech friends played with NT, I was rumbling with the Penguin. Starting ... Read more.

Hamachi Rules

Published on Feb. 27, 2007 under Tech Blog

I've been playing around more with Hamachi, and have decided that it officially rules. Since I'm a big Linux guy I don't have access to some features, but the program seems to be a gem. It is brainlessly easy to install (even when doing 20 things at once), and ... Read more.

Darn You HiNet

Published on Jan. 24, 2007 under Tech Blog

As you may know by now, I'm in Taiwan.  Live is pretty good here, especially the internet -- I'm sitting on a pretty decent 12M/1M connection.  But the company I have my internet through seems pretty laid back about network usage -- which for me isn't good.  Their ... Read more.

Lightweight Detection

Published on Jan. 23, 2007 under Tech Blog

I love my Snort, I really do.  But sometimes, I just don't need all the extra overhead -- sometimes the resources on a server are somewhat, limited.  Looking for a solution I stumbled upon PSAD , a way to detect port scans.  Since port scans are often one of ... Read more.

Three Little Commands and a Pen-Test

Published on Oct. 15, 2006 under Tech Blog

Yea, you read that right. Three commands and you can run a pen-test on your website/webserver. So, how? kelvin@home:~$ sudo apt-get install nikto kelvin@home:~$ sudo nikto -update kelvin@home:~$ nikto -h www.thoughtdeposit.net As you can see, Nikto is a web server scanner, apparently for over 3200 dangerous ... Read more.

Hunt the Anomaly

Published on Sept. 1, 2006 under Tech Blog

Information is power, or so many of us think. As an I.T. administrator, no matter what the level, it is of my opinion that knowing what your network is doing is important. This includes regular operation, what it could do in the event of a disaster, or when it is ... Read more.

Cisco IPSec Tutorial

Published on April 5, 2006 under Tech Blog

The following sites might be helpful to configure IPSec again, or on a more complex basis: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_60/ipsec/conipsec.htm http://www.cisco.com/warp/public/707/overload_private.shtml Read more.

Hamachi

Published on Jan. 23, 2006 under Tech Blog

My friend Ian told me about this originally, but my pen-testing cousin just send me the link as well. p2p VPN, w00t. Hamachi is a VPN alternative that does not have the normal router problems associated with IPSEC and PPTP vpns. That is good because of firewalls and nat ... Read more.

Another VPN Node

Published on Sept. 8, 2006 under Projects

Status: After consulting several vendors in Kuala Lumpur, I was able to get the right Cisco with the right IOS. One of their technicians came and installed it, and that night I hooked it up to our VPN. Besides the fact that the internet distribution is ... Read more.

Monitoring Traffic Usage

Published on Aug. 29, 2006 under Projects

Status: One of the greatest benefits, in my opinion, of Cisco routers is the ability to generate netflows. In a lot of ways, I would prefer to do this than implement some appliance (say, using ntop). The ability to analyse the amount of traffic becomes extremely ... Read more.

Tunneling over SSH

Published on June 7, 2007 under Notes and Tutorials

As a rule, whenever I'm online I'm logged into my server back in the States. I'm also usually wireless, which we all know is beyond insecure -- I've found it especially useful to tunnel firefox over SSH. I try my best to tunnel stuff over SSH back, and if you ... Read more.

Simple Chrooted SSH

Published on March 29, 2007 under Notes and Tutorials

You might be asking: why would you want to chroot ssh? Why use ssh anyways? Here are the quick answers: FTP usually sucks. Unless sent over SSL, all information is sent cleartext. SSH usually rules. SSH sends all data over an encrypted channel -- the main drawback is: you ... Read more.

Quick n' Dirty Firewall

Published on Aug. 15, 2006 under Notes and Tutorials

Abstract The following is a Quick n' Dirty method at implementing a very simple firewall. Locate IPTables Depending on your server, first locate iptables: [root@vps /]# which iptables Create IP Based Accept/Deny Create a whitelist (ignored by firewall) or blacklist (packet dropped) if you ... Read more.