[Pauldotcom] NSLU2 replacement?

Thu Mar 5 15:31:01 UTC 2009

Cool beans. I'm listening to ep 143 right now. By the way, since you are
talking about the topic of securing yourself on open wifi networks, check
out this tri-fold I made and tell me what you think:
http://www.irongeek.com/i.php?page=security/hacker-con-handout

Thanks,
Adrian

On Thu, Mar 5, 2009 at 10:28 AM, Paul Asadoorian <paul at pauldotcom.com>wrote:

> I've got one :)  Look for a tech segment coming soon that talks about
> how I built and configured it...
>
> Cheers,
> Paul
>
> Manley, Jim W wrote:
> > Have you looked at the Routerboard running something like the MikroTik
> > RouterOS (http://www.mikrotik.com/)?  Very selection of formats, with
> and
> > without mini-pci slots for wireless cards, etc.  The OS is Linux based
> and
> > runs IPtables for a firewall functions.  Very nice little piece of
> hardware.
> > An ISP I know uses them as the basis for delivering ISP services via
> radio
> > in an areas where DSL and cable don't exist.
> >
> > Jim
> >
> > 1st Immutable Law of Computer Security
> > If a bad guy can persuade you to run his program on your computer,
> > it's not your computer anymore.
> >
> >
> >> -----Original Message-----
> >> From: pauldotcom-bounces at pdc-mail.pauldotcom.com [mailto:pauldotcom-
> >> bounces at pdc-mail.pauldotcom.com] On Behalf Of Paul Asadoorian
> >> Sent: Thursday, March 05, 2009 9:05 AM
> >> To: PaulDotCom Security Weekly Mailing List
> >> Subject: Re: [Pauldotcom] NSLU2 replacement?
> >>
> >> Hey Adrian,
> >>
> >> Can you define "drop box"?  In other words, what are you requirements
> >> for the device that you would plant inside the target network?  There
> >> is
> >> a chapter in our book on how to do this with a WRT, and I've spent some
> >> time thinking about these devices (as has Larry).  Some of the
> >> functionality that we've discussed includes:
> >>
> >> - Reverse connecting shell (perhaps tunneled over DNS or HTTP)
> >> - Web proxy for attacking internal web applications
> >> - VPN connection to bridge the attacker's remote network to the network
> >> you are attacking (then run Nmap and other tools and let VPN do the
> >> work)
> >> - Sniff packets (on the wireless and the wired network) - This also
> >> depends on how it is deployed, will you use wireless to connect to it,
> >> or Ethernet and tunning back to a remote machine?  This defines if you
> >> need one wireless card/Ethernet port or two.
> >> - Launch attacks directly from it - If you want to load something like
> >> Metasploit on a remote device you will need CPU, RAM, and Flash that
> >> can
> >> handle it, this drives up the cost.
> >> - Other protocols - Do you want to be able to analyze bluetooth, RFID,
> >> wireless spectrum, etc..?  This determines if you need USB.
> >> - Architecture - Most embedded systems run MIPS or ARM, which somewhat
> >> limits the software and drivers that you can use (or forces you to do a
> >> lot of cross-compiling, which is doable, but a PITA sometimes), when
> >> compared against a small x86 platform.
> >>
> >> I've had a tough time finding a device with enough resources (mini-pci
> >> slots, wireless cards, USB ports, RAM, Flash, and CPU) for under $300.
> >> At the $300 pricepoint you can find something that ideally coul dbe
> >> battery powered and small enough to hide inside a remote network.
> >> Thing
> >> is, for a pen test, you may have to be willing to lose a few in the
> >> process and you will need to make sure you put some extra $$ in the
> >> budget to cover your losses.
> >>
> >> Let me know what you think, I am willing to work with you on this
> >> project.  My suggestion is that we define the requirements, select the
> >> hardware, then select and configure the software.
> >>
> >> Cheers,
> >> Paul
> >>
> >> Adrian Crenshaw wrote:
> >>> I'm thinking of doing some research into drop boxes (please let me
> >> know
> >>> if there is already a name for them), little computers you leave at a
> >>> site that allow you to get into the network and pivot around
> >> firewalls
> >>> by shoveling a shell back to your host outside of the network. The
> >> NSLU2
> >>> is no longer being made, and my understanding is the nas200 is not as
> >>> hackable. Any ideas on other good dropboxes (by the way, have I
> >> coined a
> >>> new term :) )?
> >>>
> >>> Adrian
> >>>
> >>>
> >>> ---------------------------------------------------------------------
> >> ---
> >>> _______________________________________________
> >>> Pauldotcom mailing list
> >>> Pauldotcom at mail.pauldotcom.com
> >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> >>> Main Web Site: http://pauldotcom.com
> >> --
> >> Paul Asadoorian
> >> PaulDotCom Enterprises
> >> Web: http://pauldotcom.com
> >> Phone: 401.829.9552
> >> _______________________________________________
> >> Pauldotcom mailing list
> >> Pauldotcom at mail.pauldotcom.com
> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> >> Main Web Site: http://pauldotcom.com
> >>
> >> ------------------------------------------------------------------------
> >>
> >> _______________________________________________
> >> Pauldotcom mailing list
> >> Pauldotcom at mail.pauldotcom.com
> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> >> Main Web Site: http://pauldotcom.com
>
> --
> Paul Asadoorian
> PaulDotCom Enterprises
> Web: http://pauldotcom.com
> Phone: 401.829.9552
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090305/efb22ef3/attachment.htm 