Had some drinks at Hamilton’s in South Park. Seemed like a pretty nice place. Even if it weren’t, I had a few beers and a lot of friends there and those things alone would have made it a good time.
Jason Mansfield is a software engineer, security enthusiast, and crazy thinker living in San Diego.
Friday, April 30, 2010
Thursday, April 29, 2010
Droid Incredible - Not Seeing MP3s
Dropped a bunch of MP3s in the exiting Music folder in an organization structure similar to the existing one. It’s seeing none of the files that I added. If I figure out the issue I’ll post the solution. Sending the sound output playing the songs that were there to my care stereo via bluetooth went seemlessly.
Oh, it was me be stupid. I was using Amarok to copy media to it and adjusting the naming. I failed to put .mp3 on the end of the naming template. I don’t think I should have to. After all, what if I’m copying media of different formats?
Droid Incredible
Got a Droid Incredible this morning, upgrading from a first grn iPhone. This thing is sweet. Hopefully it will still be after the honeymoon is over.
Oh yeah, except that the mail app silently errors how when connecting to my mail systems which have certs signed by my private CA. and it won’t let me click through. People on the tubez say it won’t do self-signed either. I’ve imported my CA cert into the browser but that has not affected the mail application. And since I don’t know which CAs the mail client trusts I don’t know where I can try to get a free/cheap cert for my mail servers.
Friday, April 23, 2010
Tuesday, April 20, 2010
Monday, April 19, 2010
AssRace: Possible Advantage For A Rogue DHCP Server
One method for MITM attacks is to set up a rogue DHCP server. In this situation you’re in a race with the real DHCP server and you may not always (if ever) win.
I’ve been sitting on an idea for a couple weeks where under certain circumstances you could have a distinct advantage in the race. Specifically when the DHCP client is on WiFi. Before WiFi clients pull DHCP they usually have to associate with the access point which involves an exchange of packets. The idea was that you could have your rogue DHCP server listen for clients associating then immediately start spamming the client with appropriate DHCP replies. In this scenario you may be able to get your reply in before the client has even finished sending the request. The cool thing here is that if the network is encrypted but you’re wired in and the wireless just bridges to the wired network you don’t necessarily need the encryption key. You can see the association in the clear then start sending your DHCP messages on the wired network destined for the new client on the wireless network. Because that MAC address hasn’t been seen yet the switching infrastructure should just unicast flood the message everywhere so it should get to the target.
This morning I realized I’d probably never get around to actually implementing this idea, which is a shame given the snazzy name. I was looking at the RFCs for DHCP and it looks like the client picks an ID number and if your replies didn’t have that ID number then the attack probably wouldn’t work. Since you’re sending replies before you’ve seen the request you can’t know what the request is. Perhaps if you’re on the wireless network and the DHCP server is on the wired network you have a few microseconds of a head start. Perhaps you could guess the ID number the client will use somehow. Perhaps I’ve misinterpreted the RFC, I didn’t read through it closely. All that aside, maybe this will give someone else some workable ideas.
Sunday, April 18, 2010
Gentoo is Dead, Long Live Debian!
I had decommed my old gentoo home server that hadn’t been patched in around three years a few weeks ago. A week or so ago I wiped the drives as best I could since they were malfunctioning. I installed my new drives this evening: 2 80GB and 2 500GB SATA drives. They’re RAID1 together in pairs. The 80s will hold the OS and home directories, the 500s are all for media. Right now I have everything on another box with home directories on a VMWare host, media on a USB drive attached to the host, and all the services running in guests. I’m looking forward to migrating things back so I can rebuild the host as Debain 64 bit with VirtualBox.
I wrote about this before. Gentoo was great when I was in college and had plenty of time to muck about with things and get it just the way I want it. Having a full-time job I just don’t have the time.