Dave Bullock / eecue

photographer, director of engineering: crowdrise, photojournalist, hacker, nerd, geek, human

Blog

Going to New Mexico to Visit Mom!!!

Early Saturday morning I will be driving out to new mexico (12 hour drive) to see my wonderful mother! She just moved in to her new condo in Albuquerque! It will be great. I went to High School in new mexico and I really miss it. They have the best green chile in the world there!

I'll take lots of pictures so you all can see pics of the Land of Enchantment.

Blog

Lightening the Load for My Japan Trip

I have selling a bunch of my stuff that I don't really need anymore. Check out all auctions and bid on them if you see anything interesting!

=]

thanks!!!!

Blog

my japan trip agenda

osaka (i'll be there for three days (new years eve day, new years day and the next day)

then on to a suburb of kyoto where i will stay with bree for a week in her place there. that will be the best part of my vacation and actually the whole point of my visit really.

then on to tokyo where i will stay for the final week of my trip. i plan on buying a nice older laptop (maybe 3 years old) as well as a smart card writer (usb) and maybe a little music playing device of some sort,

i plan on bringing $1000 for food, $1000 for lodging and $1000 for toys.

Blog

my new office....

ok I have a new office in El Segundo... Today I just got a plant! yay... it's really nice...I love plants! Check here for the picture section on junglescene.com. Or....

Blog

Cobalt RaQ4 Remote Root Exploit

The self contained, easy to set up Cobalt RAQ server appliance now maintained by Sun Microsystems is vulnerable to a remote root exploit which ironically affects the SHP (security hardening package). Grazer released the advisory along with an exploit on i-security.nl. A patch for the problem is available for download.

Blog

Total Information Awareness! AKA Big Brother is Watching!!!

The feds have some crazy idea in their minds that making a gigantic database of everyones information is a good idea. It's not. The feds can't even secure there own computers let alone a system with everybody's info on it... did i mention a convicted felon will be heading this project?

Blog

i'm going to japan in less than a month!!!!

now i just need to get my passport!!!! i will be paying extra for the rush version!

Blog

Los Alamos Sales Company AKA The Black Hole

When I first moved to Santa Fe, New Mexico in 1992 my dad worked for Los Alamos National Labratory in the ADP-4 dept coding old mainframes. He told me about, then took me to the most wonderful place I'd ever been...

I instantly fell in love as I am an avid junk collector. The black hole is an old supermarket, it's parking lot and the church next door along with it's parking lot (plus a house or tow a few miles away... which we once found a nice little disk (about 1 or 2 grams of weapons grade uranium! ) all filled up with piles of Lab suprlus.

See every first friday (or some day it's been a while) the Lab does somthing it calls salvage. Salvage is a silent auction where everybody gets a chance to inspect pallets of wonderful junk the lab no longer feels it needs. You can get anything from a pile of bolts to boxes of laser tubes. All for pennies on the thousands if not millions.

Blog

my fink package made it into the tree!!!

link to the package

NetBIOS Auditing Tool Release
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

As of February 16th Secure Networks Inc. has released a free (GPL`d)
NetBIOS auditing tool for use both on WindowsNT and UNIX platforms.
The tool itself is designed to test NetBIOS file-sharing configurations as
well as Password integrity of remote stations.

The toolset is available via the following channels:

ftp://ftp.secnet.com/pub/tools/nat10/nat10bin.zip (For NT and Win 95 binaries)
ftp://ftp.secnet.com/pub/tools/nat10/nat10.tgz (For full source)

http://www.secnet.com/ntinfo/ntaudit.html A technical description of how the NetBIOS auditing tool works follows.


The NetBIOS Auditing Tool (NAT) is designed to explore the NETBIOS file-sharing
services offered by the target system. It implements a stepwise approach to
gather information and attempt to obtain file system-level access as though
it were a legitimate local client.

The major steps are as follows:

A UDP status query is sent to the target, which usually elicits a reply
containing the Netbios "computer name". This is needed to establish a session.
The reply also can contain other information such as the workgroup and account
names of the machine`s users. This part of the program needs root privilege to
listen for replies on UDP port 137, since the reply is usually sent back to UDP
port 137 even if the original query came from some different port.

TCP connections are made to the target`s Netbios port [139], and session
requests using the derived computer name are sent across. Various guesses at
the computer name are also used, in case the status query failed or returned
incomplete information. If all such attempts to establish a session fail,
the host is assumed invulnerable to NETBIOS attacks even if TCP port 139 was
reachable.

Provided a connection is established Netbios "protocol levels" are now
negotiated across the new connection. This establishes various modes and
capabilities the client and server can use with each other, such as password
encryption and if the server uses user-level or share-level Security. The
usable protocol level is deliberately limited to LANMAN version 2 in this
case, since that protocol is somewhat simpler and uses a smaller password
keyspace than NT.

If the server requires further session setup to establish credentials, various
defaults are attempted. Completely blank usernames and passwords are often
allowed to set up "guest" connections to a server; if this fails then guesses
are tried using fairly standard account names such as ADMINISTRATOR, and some
of the names returned from the status query. Extensive username/password
checking is NOT done at this point, since the aim is just to get the session
established, but it should be noted that if this phase is reached at all MANY
more guesses can be attempted and likely without the owner of the target
being immediately aware of it.

Once the session is fully set up, transactions are performed to collect more
information about the server including any file system "shares" it offers.

Attempts are then made to connect to all listed file system shares and some
potentially unlisted ones. If the server requires passwords for the shares,
defaults are attempted as described above for session setup. Any successful
connections are then explored for writeability and some well-known file-naming
problems [the ".." class of bugs].

If a NETBIOS session can be established at all via TCP port 139, the target is
declared "vulnerable" with the remaining question being to what extent.
Information is collected under the appropriate vulnerability at most of
these steps, since any point along the way be blocked by the Security
configurations of the target. Most Microsoft-OS based servers and Unix SAMBA
will yield computer names and share lists, but not allow actual file-sharing
connections without a valid username and/or password. A remote connection to
a share is therefore a possibly serious Security problem, and a connection
that allows WRITING to the share almost certainly so. Printer and other
"device" services offered by the server are currently ignored.

For more information about NAT see:
http://www.secnet.com/ntinfo/ntaudit.html - Oliver Friedrichs

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Secure Networks Incorporated. Calgary, Alberta, Canada, (403) 262-9211

Blog

submitted my first package to Fink!!!!

yay that was fun!

check it out here

i wonder how long before it's in the tree?

1 | 2 | 3...84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92