-
How to enable 1280×800 resolution in Parallels for X11
January 31, 2008This topic really sucks to search for, way too many different results without any actual clarity, so here’s how I was able to get it working: Firstly, power down the image and edit the configuration options for your image, click on the “Video options”. Check ‘Enable custom screen resolutions’ and add the resolution (in this […]
-
Switching from fluxbox to wmii on Hex
January 30, 2008Don’t get me wrong, I love fluxbox, I just enjoy experimenting with other window managers and decided I’d finally try the daunting wmii (turns out, not very daunting at all). So, here’s a quick rundown on getting wmii working on Hex 1.0.3BETA (this will work on pretty much any other Hex 1.* release as well). […]
-
How to convert a non-SMP RedHat VM into a SMP RedHat VM
January 28, 2008Today I got an interesting request, a user needed to change his 64 bit non-SMP VM image (running RedHat 4.0) to a SMP machine, problem is, I don’t really want to have to go through reconfiguring the kernel and rebuilding it, so here’s the easy way to do it (it’s pretty simple): Power the image […]
-
Flowtime – Create a timeline for packet flow
January 24, 2008You can never have too many tools for pcap visualization Flowtime is a script written in Ruby that produces a timeline of the network flows in a pcap file. Everything is better with a picture, so here’s a picture: (warning, this picture is 3000×2000 pixels, kind of large) Each bar on the left is a […]
-
Screencast: Creating a module for NSM-Console
January 16, 2008It hasn’t been that long since my last screencast, but I thought I’d do another, this time showing how to create a module for NSM-Console (so now you have no excuse for not contributing!). You can get the screencast here (right-click and download, don’t stream): NSM-Console project page. It’s under 10 mb and clocks in […]
-
NSM-Console version 0.4 release
January 16, 2008Well, it has barely been any length of time and there’s already a new release of NSM-Console, there are so many features that I’ve been coding like crazy to get them all done. First, let’s start with the downloading: http://writequit.org/projects/nsm-console/files/nsm-console-0.4.tar.gz And, for anyone interested, here’s a rundown of the most notable new features: Additional encoding/decoding […]
-
Backdoors available for analysis
January 16, 2008Found a couple of backdoors that had been downloaded to a box of mine. They are available here for your convenience (if the links go down, I’ll put them up for download on a mirror): http://geocities.com/crewnewbie/tools/cbk.tar.gz http://geocities.com/evikhobare/chanarybot.tar.gz From my preliminary findings, they both contain the XHide process faker, one of them includes a remote-connect backdoor. […]
-
Decoding the SANS Christmas packet challenge using only NSM-Console
January 11, 2008In my never-ending quest to find justification for writing NSM-Console, I hereby present the following tutorial on how to decode the SANS Christmas packet challenge using nothing but NSM-Console: I’m going to be using NSM-Console version 0.4-DEVEL, which adds the features that allow this analysis to be performed without external tools. You can get the […]
-
Hex and NSM-Console source now browsable
January 11, 2008You can now directly browse the source code for both the Hex liveCD and the source code for NSM-Console directly from the Rawpacket Hex trac. If you’re interested in upcoming features in NSM-Console, you can check out the latest TODO file here. Thanks go to spoonfork who switched us over from CVS to SVN without […]
-
NSM-Console version 0.3 release
January 8, 2008Yep, I’ve just been cranking out code lately, so I am proud to present the 0.3 release of nsm-console! You can download NSM-Console here: http://writequit.org/projects/nsm-console/files/nsm-console-0.3.tar.gz This release was focused a bit more on usability, features and bugfixes rather than the addition of new modules, however, there were still a couple that were added. Since this […]