2009
07.01
A while back I was at a college campus library trying to get online while I waited on some friends to do homework. Like most colleges, this one was using a captive portal that required you to login and register your computer to get access to the Internet.
Since I was bored and had little else to do I did what I usually do on a wireless network: lurk and see what’s going on. While running tcpdump to see what was going on on the network, I noticed some icmp6 messages. Now to me many aspects of IPv6 is very interesting, for example anycast addresses. For those unfamiliar to IPv6, and I am writing this for all of you 
, IPV6 has done away with broadcasts. Instead an anycast is used and works more like a multicast in IPv4. I’ll leave the details of IPv6 to you, there are tons of good resources on line. If you need help finding them just ask.
One of these anycast addresses is ff02::1. This address allows for communication with entire local network at once. By pinging this address several OS X machines with names like jims.macbook responded. I also got a response from a router. I’m not trying to call out Apple for turning on IPv6, because I know Microsoft also ships with it turned on by default now, too. They may want to turn the firewall on by default like Windows though. Having IPv6 enabled isn’t really a *bad* thing like I said, I like IPv6 and I run it at home. The real issue is with how many computers have it turned on and how so few know much if anything about it. IPv6 is rarely secured or protected at all. I have found that most systems will have incredibly restrictive firewall rules and no filtering at all for IPv6.
In this case all I needed to do was request an IPv6 address and there DNS server was even able resolve IPv6 addresses for me allowing me to get on the Internet and completely bypass all of their firewall rules and the captive portal.
![[Post to Twitter]](http://www.send4help.net/wp-content/plugins/tweet-this/icons/tt-twitter-micro4.png)
![[Post to Delicious]](http://www.send4help.net/wp-content/plugins/tweet-this/icons/tt-delicious-micro4.png)
![[Post to Digg]](http://www.send4help.net/wp-content/plugins/tweet-this/icons/tt-digg-micro4.png)
![[Post to StumbleUpon]](http://www.send4help.net/wp-content/plugins/tweet-this/icons/tt-su-micro4.png)
2009
06.30
Wireshark, formerly Ethereal – Everyone’’s favorite packet sniffer just released version 1.2
Among the changes are the ones pointed out by all of the big online news networks: Mapping functions, x64 installer, etc.
But I did happen to see support for the World of Warcraft protocol under the new protocols section.
Check the release notes for yourself
Subscribe to our RSS feed for more information – maybe a few example packet dumps, etc.
2009
06.29
Sometimes it’s necessary, or at least preferable, to have multiple presences on Twitter. I had to start a Twitter account for this very blog, and in order to do that I used a GMail trick I remembered from a while ago.
To set up multiple Twitter accounts on one email account using GMail:
Read More >>
2009
06.25
A good friend of mine recently had his iPhone stolen. At WWDC a new feature was released that would have helped him, had he been a member of MobileMe. But here’s a solution for those without MobileMe.
If you have a jailbroken iPhone, it’s possible to run an application available by default on Cydia called “findmyi”. Using the web interface you’re able to mark your iPhone as stolen and review a map with it’s location. The findmyi GPS agent runs in the background and contacts the server at the interval specified in the options menu to record its location. Free accounts are given an estimated location, and upgrading appears to be rather simple. It also allows you to place a message on your iPhone asking for the current user to contact the owner should you wish to.
Read More >>
2009
06.25
I experienced an issue with a file share on Windows Server 2008 not prompting for login from a Windows XP client. Instead, it simply gave an access denied error. Neither device was on a domain. The firewall appeared to be configured properly, and when guest logins were allowed the client successfully gained access.
In order to work around this issue I found the following work around:
1 – Use “net use” commands to delete the open sessions from the client (”net use” and “net use <UNC Path> /delete”)
2 – Use the credential manager to add stored credentials for the resource (Start > Run > “rundll32.exe keymgr.dll,KRShowKeyMgr”)
Feel free to pass on any hints about this in the comments section.
2009
06.24
Here is a simple Powershell script to modify a User’s UPN in Active Directory. To use this, you must install Quest’s Active Directory commandlets. Obviously you should always be careful when modifying active directory, and the author isn’t responsible for what you break.
Read More >>
2009
06.24
Continued From First Page
First, I had a look at my DHCP server. Controlling what address are assigned to devices that aren’t mine makes firewall rules simpler. Not the best way, but I’m going for layers. The DHCP server I am using is also integrated with the firewall so abandoned and unassigned addresses are tracked. Since I don’t have a VLAN capable wireless access point I can’t VLAN but I can segment the network a bit. Small problem though. I have tried a similar setup to this before and forgotten all about this issue. OpenBSD’s dhcpd only has a global allow or deny for unknown hosts, meaning I can’t assign unknown devices to one IP range and known to another. I’m still working on that…
Read More >>
2009
06.24
When most of us think of running a wireless network at home we starting thinking of all the buzzwords and acronyms we can use to secure them. But not me. I like to take a different approach to my wireless. Instead of thinking of it like “No one but me should be able to surf porn on my wireless” or “Those hackers are going to drive by and send spam”. None of that.
I like to think of my wireless as more of a honeypot. I know everyone gets on “free”, open wireless networks. If not because they don’t know it’s illegal but because it’s easy and, well, free. Almost an evil twin setup but it’s not pretending to be anything. It’s also an interesting challenge to keep a network functioning and protect my somewhat important things in a somewhat hostile environment. I don’t know if anyone that is connecting to my network is malicious or infected with confliker. But most importantly it gives me a reason to practice some offensive security.
Read More >>
2009
06.24
Problem:
User receives the error: “The connected state of Office Add-Ins registered in HKEY_LOCAL_MACHINE cannot be changed.” in Outlook 2007
Solution 1: (For Search Add-In):
- Click Start
- Click Run
- Type: net stop wsearch
Read More >>