Wednesday, July 21, 2010

WildPackets Using OmniPeek

Today I had a training related to network analyzer using a WildPackets Product knows as OmniPeek.

This OmniPeek network analyzers perform deep packet inspection, network forensics, troubleshooting, and packet and protocol analysis of wired and wireless networks. TimeLine network recorders and OmniEngine software probes monitor and analyze NetFlow, sFlow, and packet data at remote locations.

About this Omnipeek is part of a network analyzers tools in network troubleshooting's and reporting purposes.There are a lot of product available in the markets right now and I used this as part of network monitoring especially for the customers.

OmniPeek is easily to be installed and MUST have a compatible network card that supported by them or else it will be useless buying this product.

As far as I review and attending the trainings today.Its shown a lot of reporting and deep packets inspection for a network and also VOIP.Its also can have a playback sound and I love it..har har har.. As part of the network forensic I do recommended this for low budget or SME companies to used it for network analyzer.


Bad things is OmniPeek natively supports WLAN adapters that utilize the Centrino 3945 chipset for a/b/g wireless analysis. A custom driver is not needed for these adapters as the application will automatically recognize the adapter. Intel driver version 10.5.1.72 or higher is required. At the present time, the 3945 chipset is only supported on the Windows XP platform. Other Intel chipsets such as the 4965 and 5100 cannot be supported by OmniPeek until Intel adds ISV promiscuous mode to their feature set. It is incumbent upon Intel to make these changes, as OmniPeek already has the ability to recognize and work with chipsets that have this capability.

Some pic to be view as below : -




More details are at http://www.wildpackets.com/

Saturday, July 17, 2010

Broadcom Wireless BCM4312 on HP Compaq Error and How to resolved it.

Today I install Ubuntu in my new box and I got below error message :-

"b43-phy0 ERROR: Firmware file "b43/ucode5.fw" not found"


The error "b43-phy0 ERROR: Firmware file "b43/ucode5.fw" not found" should mean that b43-fwcutter is not installed yet on your pc. And that means that the Broadcom firmware for your wireless card is not loaded or installed yet.

Please proceed with running the following Terminal commands:

sudo aptitude update
sudo aptitude install b43-fwcutter

b43-fwcutter exists in the Ubuntu repositories, but you will need a working wired Internet connection in Ubuntu in order to locate it and install it.

Wednesday, July 14, 2010

How to Install Metasploit in Ubuntu.

Installation on Ubuntu Linux

The Metasploit Framework is well-supported on the Ubuntu platform. The following instructions should also apply to Kubuntu, Xubuntu, and Debian.

If these instructions do not work for your version of Ubuntu, please try the Generic Linux instructions instead.
Dependencies¶

Install the Ruby dependencies:

$ sudo apt-get install ruby libopenssl-ruby libyaml-ruby libdl-ruby libiconv-ruby libreadline-ruby irb ri rubygems

Install the Subversion client:

$ sudo apt-get install subversion

In order to build the native extensions (pcaprub, lorcon2, etc), the following packages need to be installed:

$ sudo apt-get build-dep ruby
$ sudo apt-get install ruby-dev libpcap-dev

Database support¶

In order to use the database functionality, RubyGems along with the appropriate drivers must be installed:

$ sudo apt-get install rubygems libsqlite3-dev
$ sudo gem install sqlite3-ruby

Or for MySQL:

$ sudo apt-get install rubygems libmysqlclient-dev
$ sudo gem install mysql

Framework¶

Once the dependencies have been installed, download the Unix tarball from the download page and run the following commands:

$ tar xf framework-3.X.tar.gz
$ sudo mkdir -p /opt/metasploit3
$ sudo cp -a msf3/ /opt/metasploit3/msf3
$ sudo chown root:root -R /opt/metasploit3/msf3
$ sudo ln -sf /opt/metasploit3/msf3/msf* /usr/local/bin/

Extensions¶

The framework includes a few native Ruby extensions that must be compiled in order to use certain types of modules.

To enable raw socket modules:

$ sudo apt-get install libpcap-dev
$ sudo bash
# cd /opt/metasploit3/msf3/external/pcaprub/
# ruby extconf.rb
# make && make install

To enable WiFi modules:

$ sudo bash
# cd /opt/metasploit3/msf3/external/ruby-lorcon2/
# svn co https://802.11ninja.net/svn/lorcon/trunk lorcon2
# cd lorcon2
# ./configure --prefix=/usr && make && make install
# cd ..
# ruby extconf.rb
# make && make install

Updates¶

The Metasploit Framework is updated daily with the latest exploits, payloads, features, and bug fixes. To update your installation of the framework:

$ sudo svn update /opt/metasploit3/msf3/

This can also be installed into the root user's crontab:

$ sudo crontab -e -u root # enter the line below
1 * * * * /usr/bin/svn update /opt/metasploit3/msf3/ >> /var/log/msfupdate.log 2>&1

You are advice to DOWNLOAD Latest Ruby 1.9 to avoid error in certain ruby script.

$ sudo apt-get install ruby1.9.1

EOF
=====

Tuesday, July 6, 2010

Asal Usul PEWANGA ..har har har





Definition PEWANGA


Pewanga came from combination of Malay word "Pewangi + Mangga". This is a highly illustrated as a future perfume design specifically to make people hallucination.Its came across this afternoon by a professor of science from Bukit Jalil also known as Routermen.

Hope you all can try it.

Monday, July 5, 2010

The opensource TFTP server

Tftpd32 was introduce by my Cisco Instructor a few years back while on CCNA training at that time.This software if easily to used just like plug and play.I used it most of the time to backup all my CISCO Device Config and also wireless controller flash & configuration file that being used in my Enterprise Network.Its not only act as ftp,its also can copy a file to your hardisk but can also transferred a data or maybe a movie.

A simple introduction of Tftpd32.
---------------------------------

Tftpd32 includes DHCP, TFTP, DNS, SNTP and Syslog servers as well as a TFTP client.
The TFTP client and server are fully compatible with TFTP option support (tsize, blocksize and timeout), which allow the maximum performance when transferring the data.

Some extended features such as directory facility, security tuning, interface filtering; progress bars and early acknowledgments enhance usefulness and throughput of the TFTP protocol for both client and server.
The included DHCP server provides unlimited automatic or static IP address assignment.

Tftpd32 is also provided as a Windows service.

An Image of Tftpd32.
--------------------




Link to download as below.
--------------------------

http://tftpd32.jounin.net/tftpd32_download.html