Archive for November, 2007

Setup Remote Desktop in ubuntu 7.10

This is an in-depth tutorial covering the simple act of setting up Remote Desktop in 7.10 and forward the ports on your router so you may access your ubuntu machine from anywhere. I find this handy when in a different city and needing to access a file on my local network. I merely plug my USB thumb drive into the computer, run my portable Ultra VNC Viewer, and connect. I also use it to work in Linux instead of windows (because it is setup to the same screen size as my laptop. I just full screen the VNC connection and work in ubuntu; however I do have to stand connection issues).

So I will go slowly and step by step through this procedure as well. 7.10 makes it EXTREMELY easy to get it up and running, so you should be able to get it up and running in 5 minutes or so.

1. Boot up ubuntu of course and login.

2. As shown in the picture, on the ubuntu menu, go to System > Preferences > Remote Desktop.

gotordp

3. This will bring you to the Preferences window. Check “Allow other users to view your desktop”

4. Check “Allow other users to control your desktop” if you want the user to be able to actually control the mouse and keyboard once logged in. If you are merely letting people login to view your desktop then you can leave it unchecked.

5. Uncheck “Ask for confirmation”. If you have this checked it will make a confirmation window popup every time a user tries to connect remotely. The local user will need to allow them to connect before they can begin their remote session. If there is no local user to confirm this, and you are on a trip and forgot to uncheck it… you sir are SOL.

6. Check “Require the user to enter this password” and enter in the password in the text box below. The remote user will be prompted to enter this password before they are given access to the remote machine. This is a MUST. Otherwise, anyone who connects to that address will be able to control your machine remotely as they please.

rdp

7. Click the close button to close the Preferences window. Your remote connection is now setup for your LAN and you may access that ubuntu machine from any other pc on your network without port forwarding.

For those of you familiar with port forwarding, don’t bother reading the next section because it’s merely a step by step. Basically, forward a port of your choice to port 5900 for the ubuntu machine you are setting Remote Desktop on.

8. Now for some simple router changes. First, we are going to need to gather some information. The gateway and the IP address of the ubuntu machine. This is easy to find out. First, lets open up our network connection by going to System > Administration > Network.

9. Click on the connection type you are using. In my case I am using a wired connection. I would suggest using a wired connection if you are planning to routinely use this machine remotely because it tends to be a lot more reliable than wireless.

10. This will bring up a window with your connection settings. If you are using DCHP then you can’t gather much from this. I recommend switching over to Static IP address (but beware, that this must be enabled in your router, but is usually already enabled by default). I’m not going to go in depth with a lot of router settings, so if you have questions about functions such as router access or static configuration, Google it!

ifconfig

11. Write down the IP Address of your machine, and also the Gateway address. We will need this soon.

12. Open up a web browser and type in http:// and your gateway after. For example http://192.168.1.1 this should bring up the login screen.

13. You should be able to login now. Make sure you have permission to edit your router. If you have another LAN administrator, check with them before logging in and making any changes.

14. This is a part that is different for everyone depending on your router type and model. I am using DD-WRT on a crappy wireless router. All you need to do is go to the section regarding port forwarding.

15. Once you navigate to this section, we have a port to add (to allow the outside connections to this computer on your LAN). The default VNC port is 5900. Your router may have different names for some of this, but it all should be relatively similar. My example is listed in the picture below. So, let me explain what it all means.

portforward

Application: A brief description of what you are forwarding so that you can quickly reference it. I just named it ubuntu because I know that port 5900 is VNC so I don’t need to know the application.

Port from: this is the port the machine not on your LAN will try to make a connection from. It is suggested to make it something that is not the normal 5900 because this is a dead giveaway for attackers. I just made this one 8000. (Be careful, some ports are reserved for certain applications, so if you aren’t sure, Google the port before you choose for sure).

Protocol: TCP and UDP. Can’t remember if VNC needs both, so just go ahead and click both.

IP Address: this is where you will enter in the IP address you previously wrote down. This tells the router what machine to make a connection with.

Port to: set this to 5900. This is the port that the remote desktop application will connect on.

Enable: obviously we want to enable this.

16. After making the necessary changes, you will need to save the new settings, and most likely restart the router for it to take effect. It is a good idea to log back in and make sure the settings saved correctly.

17. Alright, so now you have setup Remote Desktop on your machine, and forwarded the port on your router so you may access from the outside. So, how do you connect? Well… this is a complex question. It really depends on your connection, and if you are on a residential where the external IP changes every few hours or days. If it does then you will need to find a solution such as NO-IP that sets a name while it tracks changes in your IP, and changes the name to that. I won’t go in depth with that so ill just post this link if you need more information. http://www.no-ip.com For a temporary test, lets just use www.whatismyip.com

18. Copy paste your external IP (given from the link above) and :port number into your vnc viewer and test. For example 12.35.33.58:8000 will be your connection if “12.35.33.58″ is your external IP. NOTE** you cannot connect to your external IP from a machine in your LAN. You must test from a computer outside of your network for it to work. After all, this is what you set up the port forwarding for.

19. At this point, if you have a successful test, you are setup and good to work remotely on your ubuntu machine. If you cannot connect, you may want to check that your IP has not changed, and go through our configuration process once again. If you have any simple questions you may refer to the ubuntuforums (which has great user support) or try googling some troubleshooting options.

Whew, that was a little more in-depth than I wanted to get with this simple procedure, but I do want to give as much detail and help for new users as possible. Hopefully this helps one or two of you. Please check back for further Ubuntu 7.10 user tutorials in the near future.

Here is the VNC Viewer I use and enjoy. RealVNC is decent as well. http://www.uvnc.com/

Cracking WEP – Some Words of Wisdom

wificards

Cracking WEP may be a little more difficult than you think. Yes, we’ve all seen the WHAX video of how to crack WEP in 10 minutes and said “yes I could do that if I had time to get the distro… but I have more important things to do.” Well, being a college student with no social life (during the week anyways), I have had the time to have some fun with cracking WEP. Of course, in a lab environment (using my own router to practice with…). Throughout my experimentation, being also new to Linux, I found a few things you may soon realize and should research before attempting to crack WEP that may either encourage you to continue with this activity or give up entirely (but let’s remember, that’s not how you solve problems : ).

Monitor Mode:
A lot of people new to this whole scene think that they can pickup any wireless card, pop in their super secret Linux distro they got from another “computer kid” and “crack the neighbors’ internet for downloading music!” First of all, those who are interested in WEP security and vulnerabilities for this purpose are idiotic and deserve to be caught and prosecuted. There are a lot of people who think that the term “hacker” is cool and buys them popularity points. These kids are easy to point out, and are easily exposed. Don’t get me wrong, I am on no soap box preaching to the naïve and ill informed underneath me…I don’t claim to have any extensive knowledge on this subject. I’m as lost as any other geek trying to get this security stuff figured out and trying to have a little fun with it and share my experiences.
Alright, back to the point I was trying to make before I went off rambling. Monitor mode. This is where the wireless card captures packets without associating with the AP. Monitor mode is only supported for certain cards, and I believe only certain chipsets, but I could be wrong on that one. My original card (Orinoco gold classic FCC ID#
IMRWLPCE2411R) was able to switch to this mode which was great to get started. Do a Google search and see if yours is supported by installing specific drivers or natively. If it doesn’t, you are probably out of luck. Don’t waste your time looking for a way to do it without monitor, in my opinion; you are better off spending that time finding the right card to get instead. I will talk about cards later on. This is usually the 1st issue where those new to WEP cracking get lost and trail off to their social bookmarking site instead.

Card support on OS and program:
This somewhat ties into the monitor mode issue in regards to having a working wireless card. There are a few ways to go about WEP cracking, but the fastest and most effective/popular method I have found is using the aircrack suite. With this you can do just about everything. You will need to capture the packets and use injection to make the process move along more quickly. So, you’ve got a card that supports monitor mode, great! Now is the other thing your card needs to be compatible with, aireplay (included in the aircrack suite). This is the application that will perform 802.11 packet injection. 95% of popular wireless cards are not compatible with this application. If you want to capture packets without injection, but be prepared to sit at that AP for 2 weeks to get enough IV’s for an attempt at cracking.

The other issue is OS support for your card. You may also be lucky enough to have a card that is natively supported in the distro that you choose to use for cracking. However, there are many that require patches, or special drivers. In fact, almost all of them do. Some distros are nice enough to include a patch for your (S-T-D for my Orinoco). Once again, if you are new to Linux, if you think you can figure it out go for it, but if you are running into this as well as the monitor mode and packet injection issue, head to the store, not the BackTrack2 forums for help.

Don’t know how to spoof a MAC? Learn or forget it!
 Not that I encourage any illegal activities, and I DO NOT, but to be a good security expert, you need to know what the attacker will do to be able to counter-act. MAC spoofing is a great way to stay anonymous. Now this is an easy thing to learn quickly, but if it’s forgotten or disregarded, then you aren’t really doing it properly. A great simple program I found for this purpose is macchanger. I simply type “macchanger -a eth1″ in my terminal before beginning my test cracking. Simple and effective. This is just kind of a general warning that if you don’t know what you are doing then learn before doing anything. I would love to hear the story of someone who used this knowledge for the wrong purpose and got caught because they didn’t know how to spoof a MAC.

How much are you willing to spend?
Is this just a “Saturday afternoon project” sort of thing? If so, and you are lucky enough to already have a supported card, great for you! If you are like the other 99% of us who had to troubleshoot, again, you may want to consider investing in the right card. I took this route, and just got a deal on eBay for a newer proxim 8470. There are also a few prism 2.5 cards with an amazing 300mW of radio output power. If you have the budget, I would highly recommend them! Also, and antenna is almost a must! These can be relatively cheap, but none the less, adds to your cost.

Do you know Linux?
If you don’t, well this is a great project to get started. However, it’s not exactly user friendly to get started! If you run into any snags you will need to troubleshoot. Following the YouTube video never works hehe. This is a great way to get more familiar with Linux. That is what I did, and I have loved the knowledge I’ve gained from it.

The monitor mode I spoke of earlier not supported with the windows drivers. You can buy an awesome adapter called AirPcap that is said to be great, and work swiftly with Cain. The catch: this adapter is $200. Yikes!

All of the other programs I have found in windows for WEP cracking really suck, and don’t work AT ALL. Like I said, the airPcap is the only one with a reputation of working well. Airsnort has a windows version, but I have tried that too and it didn’t work. Perhaps you can get it working though. I didn’t spend much time on the windows side to find out.

So that is my rant about some common issues with WEP encryption, kind of a heads up for hobbyists, as well as an outlet of frustration with my own experience. Perhaps I will crack a WEP cracking video tutorial once I get it all working correctly with my new card (which is on its way as we speak : ).

Once again let me say that I am no credible expert on this subject, merely a hobbyist and a geek wanting a new project. I’ve spent about a month involved in this topic, and thought it was a worthy entry to write. If I’m wrong on some of my facts, please correct me! Send me an email and I will make sure to change it. Thanks for reading.

Creating Backtrack 2 Live USB Drive

usbdrive

A quick How-To for creating a bootable USB drive to load Backtrack 2.

This is very easy in windows. I just wanted to note it so I could remember it in the future and so others might not have to dig through the loads of badly organized information on the BackTrack2 forums and wiki. As noted before, this is for windows XP, and I will go ahead and do it step by step.

1. Download the Backtrack2 ISO

2. Insert your USB drive, and note what drive label it is given (ex: “M:”)

3. Use THIS utility (not sure who made it) to format your USB drive.

4. Format a FAT partition and do not do a quick format.

5. Open ISO that you downloaded in WINRAR.

6. Copy the files from that ISO to the USB drive. Once that transfer is complete, open your flash drive in windows. There should be two folders “boot” and “BT”.

7. Go to Start > Run and type “cmd” without the “” and press enter.

8. In this first line, type in the drive letter of your USB drive. (ex: “M:” without “”) and press enter.

9. type in “cd boot” and press enter

10. type in “bootinst.bat” and press enter.

11. This will bring up a batch file that will format the drive to boot the distro. Press any key to continue (WARNING: make sure you are doing this on your flash drive. If you do on the same drive as your windows partition you will screw up your MBR, which makes XP unable to boot without being repaired.)

12. If there are no errors, and it says it is ready to boot, then simply press any key to exit the window. Also close your cmd window.

13. Now you are ready! Just reboot, and make sure you boot from USB instead of the hard drive your windows installation is on. You should be able to boot up Backtrack2 just fine now.

If there are any corrections with my method please send me an email and I will correct it. This is pretty simple stuff, and should take about 3 minutes (minus the download time for the ISO). Have fun!