Skip to content

Monthly Archives: November 2016

Tradepub is Giving Away “Learning Network Forensics” For Free, Here’s the Link

I just got an email offer for a free digital copy of “Learning Network Forensics” by Samir Datt (2016).  This is a PACKT book that was just released this year.  It is currently selling for $49.99 on Amazon.  I have not read it yet, but it has been on my reading list.  Here is link I used to get it.

 

Full Disclosure:  I do not benefit from this in any way.  This was an offer I received on a daily email digest from “The Hacker News” website.  Tradepub is the company actually giving it away.  I’m pretty sure the link above somehow benefits “The Hacker News” but for free, I don’t mind.

Click Here To Keep Reading!

Installing SSHPT to Automate SSH Commands & File Transfers on Multiple Hosts

SSHTP is a great little Python script that will allow you to run SSH commands or transfer files on multiple hosts with a single command.  It’s simple to use.  You simply create a hosts file with all of the remote systems you want to execute a task on, then create a file with credentials to login and run the task.  You can even configure it to be executed via a website in multiple configurations (more info on that at the bottom).

 

sshpt_command_line_window

 

Click Here To Keep Reading!

How To Change The TCP/IP MTU On Windows Server 2016

Over the year’s I’ve had numerous occasions arise when I needed to change the MTU on a Windows based computer.  There are a million reasons why this is needed, such as the following.

  • Windows Servers deployed in an OpenStack environment require the MTU to be decreased to 1454 in order to work correctly with Neutron.
  • DSL very commonly uses a smaller 1492 byte MTU when deployed with PPPoE encapsulation, so performance can be significantly degraded if the router and computers are not decreased to match.
  • VPN connections over DSL and some WIFI networks are notorious for failing unless the MTU is adjusted.

 

What Affect Does MTU Have?

 

Packet size, also known as MTU or Maximum Transmission Unit, is the largest amount of data that can be transferred in one packet at the physical layer (OSI Layer 1) of the network. Ethernet’s default MTU is 1500 bytes without using Jumbo Frames.  For PPPoE the MTU is 1492 and dial-up connections typically used 576 back in the day.

Each transmission unit contains of header and actual data. This data is called the MSS, or Maximum Segment Size.  MSS defines the largest segment of TCP data that can be transmitted in a packet.  In a more summarized manner,

MTU=MSS + TCP & IP headers.

Click Here To Keep Reading!

Hacking In Windows Using Nishang With Windows PowerShell, Like A Boss!

As requested, this is the first post of many I’m doing on “hacking” and “pentesting.”  Many admins aren’t comfortable with Linux, or just want to use convenient Windows-based tools, so that’s what we’re going to do.  We’ll talk about a tool called Nishang, which you can use to do many different pentesting and security auditing techniques, using the Windows PowerShell 3.0.

To get started, you will need to download Nishang.  You can click here to go directly to the GibHub page or click the link below to download the latest version directly.  First, here’s a video the creator of Nishang gave at Defcon 21.

 

Download & Install

 

Click here to download the latest version of Nishang from GibHub (master.zip).

 

Once you’ve downloaded the zip file, extract it, rename the folder to nishang.ps and put it in the root of your c: drive.

 

snag-11-4-2016-3-52-07-pm

 

Open the Windows PowerShell command prompt as Administrator.  On Windows 10, click the start button and type “powershell” then right click and select “Run as Administrator.”

Click Here To Continue Reading!

How To Do A Search & Replace On Your Website’s MySQL Database

For year’s I’ve used the WordPress Plugin SyntaxHighlighter to display code on my site.  Yesterday I ran into a huge problem. I wanted to change the way code is displayed on my site, which required changing hundreds of tags. SytaxHighlighter uses bash tags in shortcode format, but I needed to change all of those to standard pre tags. Not a fun night!

Every plugin a tried to do a search and replace didn’t work. I’m pretty sure the plugins weren’t able to handle the special characters properly. I hosed my database a few times along the way. Everything from screwed up Primary Key’s to bizarre Auto Increment problems. In the end, simplicity prevailed.

 

Quick Tip:  Don’t forget to create a backup of your database before making changes.  Just click the “Export” tab and select “Go!”

How To Search & Replace In MySQL

 

Most every website these days has PHPmyAdmin installed.  If not, it’s easy to do so (I’ll write a post on that soon). This is precisely the tool to do this job quickly and correctly.

Go ahead and log into PHPmyAdmin and select your database in the left-hand column.  Then select “SQL,” which is located in the top row of buttons.

Click Here To Continue Reading!

Do You Have a Reliable IP Scanner Installed? Advanced IP Scanner is Quick & Easy.

Every Network Administrator or Security Administrator should have a few basic tools installed and ready to go at a moments notice.  Advanced IP scanner is a reliable and free network scanner.  It offers complete analysis of your entire LAN, showing live IP addresses and giving you the ability to remotely control systems with RDP and Radmin.  It’s installable or fully portable, so you can keep it in your Dropbox or NextCloud folder for convenient access.

 

Key features of Advanced IP Scanner include:

  • Remote Shutdown (and Wake-on-Lan)
  • MAC address to IP resolution
  • Exportable scan results via CSV
  • Quick access to discovered network shares
  • Remote Control via Radmin & RDP
  • Built-in tools such as SSH, tracert, telnet and ping.

 

Click Here to Keep Reading!