Evolution of Wedding Dance

First there was the Evolution of Dance. Now there's the Evolution of Wedding Dance. I nearly pissed myself watching this....

Christmas in July

There seems to be a load of christmas movies on TV at the moment. Apparently it's quite traditional over here - Christmas in July.

It is the middle of Winter but it's still a bit strange watching White Christmas when it's 23 degrees C outside!

Finally on ADSL

After 14 months of trying, we've finally been able to get ADSL. Hooray!!

I've been applying fairly regularly ever since we arrived in Oz but kept receiving the same reply - "no available ports on the exchange".

However, after being told ADSL had been activated for my line (it only took a couple of days), getting it working wasn't without a few hiccups. I spent about 5 hours on the phone to my ISP over the weekend trying to get it working. I'd configured my router exactly as instructed, and I could see from the logs that ADSL was active with the correct link speeds in both directions, it just wouldn't connect to the PPPoE Server at the ISP.

The first idiot that I spoke to at the ISP was certain that it must be a problem with my router. I new it was't, but they wouldn't escalate the call any further until I tried out another router. So I had to go out and buy a second router. I got it home, plugged it in and configured it and of course, still wouldn't connect. So I got on to my ISP again and then for about 3 hours they kept swapping me between customer services and technical support; technical support passed me to customer services because they thought the line hadn't been activated because they couldn't see any codes on the line (even though I could see it was activated from my own logs), and customer services passed me back to technical support because they had confirmation from Telstra that the line was activated. I got passed back and forth 3 times. I swear they do it on purpose to rack up the cost of my call to their premium number support line.

Eventually they realised it must be a problem on the line and they would need to escalate it to Telstra (similar to BT in the UK).

The next day, I discovered that my phone line was completely dead - couldn't even get a dial tone. So I got in touch with the ISP but they couldn't do anything and told me to ring Telstra. The thing is, Telstra aren't my phone company, my contract is with Optus. If I were to ring Optus and mention the problems I had with ADSL they would surely just tell me to ring my ISP as it must be related to that call. If I were to ring Telstra they would just tell me to ring Optus as I'm not a customer of Telstra. I decided to just wait and see what happens.

2 days later the phone line is still down, so I'm just about to ring my ISP when I hear on the news that the entire Optus network (phone, internet, mobile) is down in Queensland and parts of New South Wales. As it turned out a digger had cut through a fibre optic core line on the Gold Coast. It caused havoc - even to the point where Brisbane airport had to shut down operations due to no communications. What about the backup line you may ask, where was the resiliance? Well, this incident happened at exactly the time when their backup line was also down due to a completely unrelated hardware failure. A one in a million incident according to Optus.

When the Optus network came back up, I went home, checked my line and low and behold I had ADSL!

I've now ended up with 3 wireless routers. The third one is one I bought a couple of weeks ago after discovering that my Mac couldn't connect to my original wireless router due to a conflict between the chipsets. I still wanted to use my original router because it's a good one (Draytek Vigor 2600g) so I just went a purchased an extra wireless access point that I new I'd be able to connect to - an Apple Airport Express. What I discovered this week though, and I really don't know why this didn't dawn on me in the first place, is that just as my Mac can't connect wirelessly to my Draytek router, the Apple Express can't either because it uses the same chipset. The money I've wasted this week is unreal.

They other 2 routers won't go to waste though. I've decided on a configuration like this if I can get it to work:

Telephone connected into my Dlink wireless router downstairs.

Draytek router upstairs acting as a wireless client. This will have have a fixed ethernet connection to my spare PC (that I use for extra storage). It will also have a fixed ethernet connection to my SIP Voice over IP Phone so that I can make free calls to the UK. Furthermore I'll be able to plug in my printer to the USB port on the router so that I can do wireless printing.

As for the Apple router, this will also be a wireless client on the network and I'll be able to use the USB port on this to plug in my external hard drive so I'll have another wireless storage device. I use this in conjunction with Time Machine on my mac which automatically backs up my data every hour.

All very well in theory...

Let the torrent downloads commence (only for legal distributions of course :-})!

Google Street View

Google is facing a tough time when it comes to privacy. Only 2 days ago Google lost a court case with Viacom (the parent company of MTV and Paramount Pictures) where the judge ruled that they must hand over the log files detailing everyone who has ever accessed a YouTube video. This ruling could set a dangerous precedent. It effectively forces one company to hand over personal user information to another company (Viacom is a company after all, not a federal agency) containing personal information related to millions of users around the world. Google is appealing the decision and requesting that it be allowed to anonymise the data.

We may have the Privacy Act in Australia, and the Data Protection Act in the UK, but that means absolutely nothing when your data is hosted on a server in the US. It's clear to me that there's now a desparate need for international laws governing data privacy.

In another blow to Google, Google's plans to launch Google Street View in the UK is being referred to the Information Commissioner. Google Street View is criticised by privacy advocates because it could potentially show the faces of individuals. Google can remove the image on request, which it has done for many instances in the US, but in the UK there is an argument that this could breach the Data Protection Act because they're not getting the user's consent before using the image.

Google is currently trialling facial recognition software in the hopes of being able to automatically pixalate the face of anyone that might show up in it's images.

By the way, you may not have seen the following picture. Google have taken this down now but the original photo (below) accidentally caught someone pulling a gun out on a kid at the side of the road.



I personally think Google Street Views is amazing and I can't wait for it to come to Australia. If you thing Google Earth is good check out Google Street View!

BBC - Google Faces Street Views Block
BBC - Google Must Divulge YouTube Log

Jaxtr - Making International Calls Easy

I've finally found the perfect service for the Expat. Jaxtr is a service which makes international calls easier, cheaper and much more convenient. It basically means that I can now make calls to the UK from my Australian mobile phone at a cheaper rate than calling from my home phone - even cheaper than using a calling card!

It works by assigning you a local number in your country that you can call, which is then switched through jaxtr's VoIP network to the destination number you have assigned overseas. So for instance, I simply go in to Jaxtr and enter my Dad's phone number in the UK, it then assigns me a local Australian number that I can use that will get forwarded to my Dad's number. Calling UK numbers from Australia using Jaxtr costs 1 jax per minute, and you can purchase 1000 jax for $10 US, so basically it costs 1c per minute. Of course you still have the cost of ringing the local Australian number, but on my Vodafone plan I get $150 worth of call for $29 so that's also really good.


Jaxtr works with most of the countries around the world and from my tests the call quality is really good.

http://www.jaxtr.com

Home for a Short Weekend

I'm currently sat in the departure lounge at Canberra airport with a 3 hour wait for my flight. Luckily I'm sat at a table that's near a bar, and also has a power socket I can use, so the combination of my laptop and Crown Lager should see me through. It feels weird travelling home on a Saturday though. There won't be much of a weekend left when I get home.

I'm glad I stuck around for today's exercise as it was really enjoyable. The hacking exercise was a lot harder than I expected. The goal was to capture 4 flags. These were basically text files called flag1.txt, flag2.txt etc that were stored on the each of 4 servers on the target network. Each of the flags had a 'phrase that pays' and the end goal was to get the full phrase that pays and be the first person to whisper it into the ear of the instructor. Two of the servers were Windows servers and two were Linux. I was fairly confident I'd be able to handle the Windows Servers (I did used to be a Microsoft Enginner after all) but it was the Linux Server that worried me. My Linux skills are quite rudimentary and there were some really experienced techies in the class who I new I had no chance of beating. Suffice to say I didn't win the competition. Nor did I manage to get all the flags in the alloted time. I did manage to get 3 out of the 4 though.

The Windows servers turned out be fairly easy to exploit. The first one that I managed to connect to had the old null sessions vulnerability so I was able to connect to it using an anonymous account. Once I had a netbios session I was able to enumerate the accounts and grab a copy of the SAM password list. I then used a password cracker to crack an account that had admin privilages and then simply mapped a drive to it. Easy peasy.

The other servers weren't that easy. One of the servers had some firewall or routing restrictions so it was only accessible from one of the other servers. So I had to compromise one server and then use that has a launching pad to compromise the other server. To make things trickier still, it turned out that one of the flags.txt files was hidden. There's a thing called NTFS Alternate Data Streams on Windows where it's possibly to hide a file in the data stream of another file or directory. So when you browse the file directory it's completely hidden. You can't even use file comparisons to detect the hidden file has it doesn't affect the file size or checksum of the file that it's attached to. After a few hints I did manage to find it using a tool that discovers these hidden data streams, and also found a few other hacking tools hidden within the same directory that I could use to compromise one of the other servers.

One of the other servers had a buffer overflow vulnerability so I used Metasploit to exploit that server and get a command shell.

That's about as far as I got. 3 out of 4 isn't bad but I didn't get the full phrase. After the instructor explained how to do it I realised I could have been at it for days. One of the exploits was ridiculously hard. It involved carrying out a cross-site scripting attack (XSS), but it wasn't as simply as launching the attack from my PC against the server. No, it involved compromising one server, generating traffic from that server to another server, and then sniffing the traffic off the network to grab the session cookies and then using the session cookies as part of the attack. That would have took me days to figure out!

Anyway, the day was very geeky but thorougly enjoyable and challenging. The 6 days course has been great but no one can really come out of a 6 day course and become a professional hacker or penetration tester. We've covered dozens of hacking tools in the 6 days so of course there's a limit to the depth that you can go into for each tool given the alloted time. Now I have the fundamentals I'll need to dig into the tools and techniques in detail and keep practicing to hone my skills. Luckily these days with VMWare I can easily do that by simulating an whole network on my laptop. All week I was running Windows XP and Red Hat Linux in virtual machines as guest operating systems whilst still using my Mac OSX Leoopard operating system as the host, and didn't have any problems - basically running 3 different PC's on my one mac.

One of the things that I'll take away from this course is that it doesn't take the latest and greatest malware (viruses, etc) to compromise a system. Some of the best hackers simply use the in-built administration tools already resident on the systems. That way there's little danger of triggering off the anti-virus software or intrusion prevention software. For instance, the WMIC (Windows Management Instrumentation Command-Line) tool resident in all modern versions of Windows is a fantastic legitimate windows scripting tool that can be manipulated to do all sorts of nasty stuff.

Anyway, hopefully I'll be able to put some of these new skills into practice on some real clients some time soon.

Hacking in Canberra

This week I've made my first visit to our nation's capital - Canberra - for a 6-day course in Hacker Techniques, Exploits and Incident Handling.

Canberra is a strange little city. It seems to me to be a cross-between Washington and Milton Keynes, in that it's clearly a Government town; the Federal government being the largest employer in this capital city which has only a population of 300,000. Yet like Milton Keynes, Canberra has an artificial feel to it. You can see the planning and design - it's not a city that has grown organically like most others. It's even got some of the same 60's carbuncles as Milton Keynes!

I've come to Canberra completely ill-prepared for the freezing temperatures. It's about 13 degrees C in the day but it drops down to zero at night. I new what the temperatures would be before I arrived and I thought I'd be ok, after all I am from the UK! However, I didn't realise how much I've acclimatised to the Queensland weather over the past year. 13 degrees C feels to me like -5 did in the UK! All I've brought is a thin jacket and some jeans and t-shirts. I didn't even pack a jumper.

Because it's so cold, tonight has been the first evening that I've dared to venture out. I had a gander around the city centre (which isn't much bigger than Doncaster town centre) and then went to the flicks to watch Hancock. I had planned to see the Indiana Jones film but the timing didn't work out very well, so then it was a toss-up between Hancock and Sex and the City. No contest - I couldn't bear the thought of sitting through 2 hours of self-obsessed women talking about shoes and Prada handbags.

I was pleasantly surprised with Hancock. I thought it was just going to be just another dumb superhero movie but it was actually really good. Of course the action scenes and special effects were good, that's a given, but this added in a really funny script, as well as some character development and a few twists and turns to boot. Definitely one I'd recommend for 90 minutes of pure escapism. I plan on seeing Indian Jones tomorrow night, If I can be brave enough to go out into the cold again. I'm not expecting anything great from Indian Jones and the blah blah whatever-it-is as most of the reviews I've read have been pretty damning. I'll try and keep an open mind.

Being holed up in the National Convention Centre each days means I haven't had chance to take in any of the sights of Canberra. All the things I'd like to see are only open during the day. I'll probably come back here sometime in the future with Rach & Lauren. In particular I'd love to take a tour of Parliament House and the National Museum of Australia.

As for the course, i've really enjoyed it. Over the past few months I've been quite dissolusioned with my career and frankly have been getting bored to death of doing security compliance work. This course has re-awakened the geek inside me and allowed me to get back to my technical roots. Learning the technicalities of how to break into systems is much more fun that just learning how to defend them!

As much as the content of the course has been really good and up-to-date, the best bit about the course so far has been having access to the knowledge and experience of our tutor - Bryce Galbraith. Bryce is very much an expert in this industry and is a contributing author to the bestselling book 'Hacking Exposed: Network Security Secrets & Solutions'. He has worked with a ton of Fortune 500 companies and has also worked on Foundstone's world renowned Attack and Penetration team.

Of course I had a decent knowledge of hacking before I came on this course (you're not much of a security consultant if you don't know how the bad guys exploit the vulnerabilities you're telling companies to fix), but this course has significantly enhanced my knowledge and brought it up to date with the latest exploits and attack vectors. I'm looking forward to Saturday when we get to put all we've learnt into practice with a live 'capture the flag' exercise - where we all compete to hack into a system.

I tell you, there's some scary stuff happening out there and there's a good reason to be paranoid about your computer security. A lot of the myths around security have been dispelled this week. Do you think I can't get around your personal firewall? Think again! Do you think I can't sniff your traffic on a switched network? Think again! You think your wireless network is secure because you've enabled WPA2 instead of WEP? Think again!

It's a shame this damn code of ethics prevents me from using my knowledge for evil. I could be rich in no time!