Young David

Dear friends and family who don’t “get” twitter.. please watch this:

My wife gets excited about quilting, crafting, and baking. I get excited about geeking:

From http://www.dd-wrt.com/dd-wrtv3/index.php:

Highlights of DD-WRT v24:
- Virtual SSIDs, Virtual DHCP-Servers, PPTP over WAN enhencements, Bridging + VLAN support, VDSL Support, OLSR-Routing / Freifunk, My Ad Network (powered by AnchorFree), Quaqqa instead of Bird (in X86 + Xscale default),  PPPOE-Server, EOIP-Tunnel, Network configuration enhencements, UP-Downstream (QOS), New Packet Scheduler HFSC, Save & Apply, extended DDNS options, extended status information, New Languages, Sipwerk integrated Milkfish into the new release, turning every DD-WRT router into a SIP-aware firewall.

We had a few of these back in SA, configured with cunning international routing, VPNing, etc.

They weren’t that user-friendly though.. I think I’d rather setup a Tomato-based WRT54GL for regular use, and just play with the DD-WRT for specialized projects

Dear friends and family,

Before I address the main point of this rant, let me say this…

…while I appreciate the invitations you send me, I’d rather not become a werewolf, zombie, pirate, vampire, food-thrower, garden-grower, dragon-tamer, people-seller, lover-rater, cancer-hater, fish-giver, etc… Read the rest of this entry »

Thank you to all you Aucklanders who turned up for my humble presentation last night. I presented a few slides on the theory of wireless cracking, and then we jumped right into a practical demonstration. We failed to crack a WEP key with 400,000 IVs the traditional way (I suspect the firmware outsmarted us), but succeeded using PTW to crack WEP ARP data with 45,000 packets.

We moved onto a wordlist attack on a WPA network, which worked exactly as expected, kicking clients off the network with deauthentication injections, and snagging their WPA handshakes. It took less than a second to wordlist the WPA password, but the wordlist was rigged with only about 8 entries, one of which was correct

We finished off the evening by exploring OpenWRT, and flashing my WRT54GL back to Linksys firmware, and then back to OpenWRT again.

It was great to meet you all, and it’s my observation that Linux communities around the world share common traits – friendliness, geekiness (the good kind), and an excitement for technology

I’ve put the slides for last night’s presentation here

Below is a list of links for some of the software we discussed last night:

• OpenWRT (Alternative Open Source Router Firmware)
• BackTrack2 (Forensic Analysis Live CD)
• Aircrack-ng (Suite of wireless hacking tools)
• HostAP (Run a software access point with your Prism2 card)
• IPTables “Recent” (Glen Ogilvie introduced us to this – implements some “temporary blacklisting” functions in iptables rules without any additional software)

My wife and I differ on our Facebook philosophies. Maybe it’s one of those gender-specific things. Her rule is “don’t befriend me unless you really want to talk to me“. She’s a woman. She wants to connect. To relate. To be more than a status icon on somebody’s hundreds-of-friends list.

My rule is “befriend me. Maybe we’ll even talk“. It’s a sad fact that my daily life is so crowded, with so many actions, inputs, and open loops, that unless I notice you on Twitter, IM, email, Facebook, or “RealLife” (probably in that order of update frequency!), we’re going to miss each other.

So, the big personal advantages of Facebook for me, is my newfound ability to keep in touch with friends near and far, with minimal effort. I’ve found old school buddies, family members, and new friends. I check that handy little mini-feed, and now I know that my cousin is traveling, a friend is immigrating to Switzerland, my sister started teaching again yesterday, and another friend is currently in Peru.

So, if I befriend you, but don’t engage you, I’m not “using” you, I’m “hanging out” with you, mostly in comfortable silence

This page has moved to http://www.funkypenguin.info/blog/2007/07/11/prevent-openwrt-blocking-pptp-connections

I’m excited to be attending the WellyLUG ([[Wellington]] [[Linux Users Group]]) meeting on 20 Aug 2007. As discussed this morning on the LUG, I’ll be giving a presentation on penetrating WEP / WPA wireless networks, how to avoid said penetration with an open source, flashed, [[WRT54GL]], and how to integrate your [[Squid Cache]] with [[Active Directory]] to provide detailed user activity logs.

Please post any comments or requests here

I’m hoping to visit the various LUGs during our trip to New Zealand, and have noticed that a LUG sometimes has trouble in securing a speaker for a particular month. This lead me to thinking about the topics on which I could potentially speak. I’m hardly an expert, but I have enough experience in the following fields to give an interesting presentation:

• Creating a “super-router” with OpenWRT : How to take a regular Linksys router, flash the firmware with open source software, and end up with a far more powerful product, capable of enterprise WPA2->Radius authentication, WDS, VPN, etc.
• Penetration testing on a wireless network: How to break the encryption on WEP and WPA, via brute force or packet injection. How insecure is your network?
• How to secure your network against WEP / WPA intrusion by using Radius authentication, on your “super-router”. (above)
• How to setup a simple Asterisk PBX, using Trixbox.
• Setting up your PVR using MythTV.
• Run your own blog, using open source software.
• Setting up a Squid Proxy Server with Active Directory authentication to generate internet usage reports by user.

I could go on and on, but these were my initial thoughts, and probably the ones I’d have the most fun presenting

This page has moved to http://www.funkypenguin.info/blog/2007/07/09/8-greasemonkey-scripts-improve-your-facebook-experience

I found this CommonCraft video on Simon’s blog. It explains, with the use of simple, paper-based pictures, how social networking works, and why it’s a good idea. They also have tutorials on RSS, and Wikis. [gv data="6a_KF7TYKVc"][/gv]