This April 1st we bring you a gem* from the archives. Recently digâd from a super VHS tape itâs Hak5 episode 507 from 1995. We take a peak at a Windows 95 âchicagoâ beta build, get our phone phreaking on, and review one of the latest SNES games.
This episode was a blast! Although I got sick over the weekend (and I’m still recuperating), I still had a great time putting together a partially improv sketch and helping Darren with his animation. I hop you enjoy it!
Enjoy!
Shannon takes the spotlight and opens the show. Darren threatens to vote her off the hakhouse. We postponed the open sourcing of the missile launcher due to finals. Thanks Jason Appelbaum. Our friend Mubix has a great article on Multi-Boot Security Live CDs that makes last weeks pick, UNetbootin even more amazing.
Our next LAN Party will be Half-Life 2 Deathmatch on Saturday, December 13 at game.hak5.org. Prepare to get smack in the face with a flying toilet! Check out all the details at our brand spankin’ new Hak5 LAN Site (with leetness by Squarespace)
Public Key Encryption
In this segment we show you how to setup public key authentication between a windows and a linux host. There are many different software packages through which to accomplish this but we used openssh and putty.
Requirements:
Linux machine or VM running OpenSSH (most distros have it in their repository, or you can find it here: http://www.openssh.com/portable.html
Windows machine with putty software (download the whole package) http://www.openssh.com/portable.html
Installing openssh on linux is relatively straightforward. Refer to their site for details. Once that’s setup, we generated a key using the command “ssh-keygen” and specified the filenames. You can customize the keys you generate as you wish, but we went with the defaults. After entering a passphrase twice, you’ll have a public and private key file, with the public having the extension .pub. The private key file stays on the server but we copy the public key over to our windows machine and convert it into putty format using Putty Generator. After you have the key, you can either pass it with scp using scp -i (pscp in our example since we’re using putty’s scp executable), or you can use the putty ssh client in order to pass the key instead of just a password to authenticate to the server. This makes an easy two-factor authentication mechanism. 
–Chris
Driver Backup
After installing a fresh copy of your Windows OS of choice, the biggest headache for most of us is the arduous task of trying to locate drivers for all of our different components. So this post is all about making your reinstall a little less troublesome.
HereĂs a list of some of the better driver backup utilities!
DriverBackup2 is a lightweight driver-backup tool. The application is portable with a caveat: youĂll need administrative privileges for full use. You can opt to backup one or all of your drivers, the backed up files are dumped into a tree structure based on driver name. DriverBackup2 also allows you to restore and delete unnecessary drivers. If you ever hunted for obscure drivers online, when installing legacy or obscure hardware for instance, DriverBackup2 will save you the hassle of searching them out again.
Double Driver lists all the hardware drivers installed on your system and creates backups of both the actual drivers and lists of the driver names. While handy with any computer, Double Driver really shines if you have a computer that came with pre-installed drivers that are hard if not impossible to come by. With a few clicks youĂll have those archaic laptop drivers backed up and ready to put back to work after a fresh install.
DriverMax allows you to easily reinstall all your Windows drivers. No more searching for rare drivers on discs or on the web or inserting one installation CD after the other. Simply export all your drivers (or just the ones that work ok) to a folder or a compressed file. After reinstalling Windows all drivers can be back in place in less than 5 minutes.
DriverView is a helpful upgrade from looking through devices individually in the Device Manager, but the real value here is in the list generation. Create an HTML-formatted backup list for your future troubleshooting needs or export to text to show friends or forum members just whatĂs gone wrong. While it doesnĂt actually backup drivers, if youĂre still into doing things the old fashion way, DriverView is a great choice!
Now that weĂve got all of the corporate slogans and descriptions out of the way, my personal favorite is the first link weĂve talked about here. The interface is the least cluttered, and the process really couldnĂt be any easier. For those of you who are looking to deploy driver backups in an automated fashion, thereĂs a built in commandline builder! Like I said, IĂve personally used it and really does make life alot easier after a reinstall.
So check it out and if you have any questions, remember: matt@hak5.org – Revision3 Forum or Hak5 Forum
–Matt
Congrats to Mesartwell who correctly answered last week’s trivia. Answer: “Tom is king” and “Jules sucks”. Grab yourself a copy of the Doom alphas
“Hackers Are People Too”
Ashley Schwartau joins us via skype to talk about her documentary Hackers Are People Too
–Darren
Music Organizers
I have thousands of songs on my computer and some of them are missing titles, artists, etc. So when I hop on iTunes to download my feed of podcasts (like Hak5!), I use TuneUp Media to clean up some of my music.
TuneUpMedia
TuneUp Media has the ability to find your songs basically by listening to them, and tell you the information for each one. You simply drag your song over to the clean up bar on the right, and TuneUp finds your songs info in a few seconds. It even gives you a choice of album art you can use.
I like TuneUp simply because IĂm really organizational. There are a few bugs thoughĂ Firstly, once you download TuneUp, you donĂt have the option to close it while in iTunes (unless this has changed recently). Second, there are two versions – free and not free. With the free version, you only have 500 songs to clean up. In the payed version- you can clean up as much as you want.
TagScanner
The second one is TagScanner. Tagscanner is good for someone who doesnĂt like iTunes. In tagscanner, you can not only clean up the names and artists on your music, but you can also fix up the ID3 tags for each song, down to lyrics and album art. You can also export your music into a .txt or excel spreadsheet, which is pretty neat.
–Shannon
2
Questions
Skybar Baron writes I have a computer from my school and was wondering if there was a way to wipe everything but like Microsoft Office and the OS?
Darren recommends Sdelete.
Until next week we welcome your feedback and remind you to Trust your Technolust
Show Notes
Is WPA Broken? Interesting stuff coming out of PacSec this year. Ars has a great writeup about it our check out Martin Beck and Erik Tewsâ paper Practical attacks against WEP and WPA (PDF). There is a proof of concept tool available from the Aircrack-NG folks. Take a look at Tkiptun-ng. At time of writing the tool is not fully functional. Something to keep an eye on.
Steve P. writes to us about the Helmer beowulf cluster. This 6xCore2Quad is sure to make any geek smile. Kitty approved too! While stuffing a personal cluster into an Ikea cabinet is novel in and of itself the mad scientist behind it has thought some insane cluster designs including the 50 tflop Helmer 2 and the 4 pflop Helmer 3. All I can say is I want one. Thanks for the links Steve.
Darren enjoys a Bondagesâ No Problem while Matt and Shannon stick with the margaritas.
More importantly Darren talks about Session Hijacking and demos a tool from Errata Security called Hamster and Ferret that, in conjunction with the latest 2.0 build of Jasager, an ICSâd EVDO connection and Tftpd32 weâre able to âsidejackâ with our little man-in-the-middle setup. Lesson learned? Be suspicious of any wifi. Check for signatures of trusted networks and tunnel your traffic. Weâll come back to this topic with a more indepth segment on Jasager detection and traffic encryption soon.
A note on trivia. Please answer trivia questions on the Hak5 forums from now on. We would love to continue doing dual winners but with growing prize costs we cannot. Also, if youâre interested in volunteering to help with trivia code challenges lend a hand in the Dev5 board.
Matt shows us how to convert a physical server into a virtual server locally using the free VMware converter tool and talks about some of the concerns you must consider when preparing to virtualize. If you have virtualization questions hit up Matt and weâll cover âem on future segments. Matt at Hak5 d0t org.
Alex W. writes with a question about screen recording. We highly recommend the open source Camstudio as well as FRAPS and Techsmithâs Camtasia Studio (warning: sticker shock may occur at techsmith.com). Paul (our âcamera guyâ) suggests checking out the new screen capturing functionality of the latest verison of VLC, especially if youâre on the Linux or Mac side.
As always weâd love to hear your feedback. Your questions, comments or concerns can be directed to HakHouse.com. Itâs a crazy interactive project weâre working on. Just wait âtill we get the web-enabled robots up in there. 
Trust your Technolust
Download it here! http://revision3.com/hak5/Phreaknic
The gang heads to Phreaknic in Nashville Tennessee and in Hak5 tradition brings you a sampling including interviews with Russell Butturini about his U3 Incident Response Tool, Adrian Crenchaw, aka Irongeek, about Keyloggers and other embedded hacking, Daniel Hooper about Software Defined Radio and GNU Radio, Eighty of Dual Core, Droops from Hacker Media, and more. Yeehaw!
Russell Butturini shows us the U3 Incident Response Payload for the USB switchblade. Code and tutorial on the forums.
Adrian Crenchaw, aka Irongeek talks about Hardware Keyloggers and other geeky bits.
Daniel Hooper explains Software Defined Radio, GNU Radio, and the universal software radio peripheral.
Plus talks with Nerdcore star Eighty of Dual Core and Droops from Hacker Media and Hacker Public Radio.
Matt shows us how to turn anything into a service and provide a web frontend to manage them windows server, great for game server administration. Chris Gerling wraps up his three part series on Packet Sniffing with Wireshark techniques for packet filtering. Darren harnesses the CPU power of the HakHouse for good or evil to demonstrate cluster computing. Plus details on our Hak5 Halloween LAN Party!
Matt Lestock turns any windows application into a service using instsrv and srvany and demonstrates how we use this technique, coupled with Panel Daemon to delegate game server administration at the Hak5 playground.
Chris Gerling shows us some packet filtering techniques using the network analyzer Wireshark. He covers capture filters, display filters, colors and statistics. Read more on packet sniffing on his blog at ChrisGerling.com
Darren Kitchen talks about parallel computing. He touches on grid computing and massively parallel processors though he mainly focuses on clustering. Darren demonstrates simple windows password cracking techniques using an openMosix based image and discusses the theory behind setup. Darren has a lot of further reading for you to check out on his blog and would like to hear your feedback about building the Hak5 beowulf cluster!
And on a production note: We’ve switched over from a standard-def composite based video mixing solution to a high-def HDMI based system. Unfortunately until we get a Mac Pro and switch to Final Cut Pro for editing we’re unable to release a 720p version of Hak5. But we’re well on our way to bringing you guys truly high def technolust thanks to everyone who has continued to support this cause. Thanks!
Thanks for watching Episode 409! <3
Hak5 ep 408 – Building Packets
Chris Gerling breaks down IP and TCP headers with Wireshark and building blocks. Shannon Morse shows us DosBox, a free IBM PC DOS emulator. Christine Bourquin talks about Alice, a teaching programming language for beginners. Darren Kitchen summarizes his experience at Day-Con and answers some questions about Fon batteries.
Chris Gerling dives into the structure of IP and TCP headers in part two of his three part series on packet sniffing. He covers everything from source ports to checksums and everything in between offering insight into TCP packets in plain English. Then in part three he covers basic Wireshark usage and advanced techniques. Read more on packet sniffing on his blog at ChrisGerling.com
Shannon Morse shares with us DosBox, the free and open source IBM PC emulator that allows you to break out those old floppies and play your DOS games once again. While we wait for DNF, anyone for a Duke Nukem 3D deathmatch?
Christine Bourquin demos Alice, an innovative 3D programming language that makes it easy to teach programming using a simple drag-and-drop interface. Perfect for the next generation of computer scientists.
Darren Kitchen brings us his review of Day-Con with photos courtesy of the security twits. He also talks about Jasager batteries both big and small.
And on a production note: We’ve switched over from a standard-def composite based video mixing solution to a high-def HDMI based system. We’re not ready to release the full 720p quite yet as we’re ironing out (read: developing on the fly) the post production process but in the mean time we’ve got damn good looking 480p and we’re looking for your feedback. Thanks a million to everyone who has donated and helped make this happen!
On my segment, I chatted with ya’ll about Dosbox. The first time we shot the segment, we had such bad audio quality that I had to go back and shoot the segment again late into the night… /sigh. Such things happen when you work on a show.
Dosbox is a totally nifty creation that emulates an IBM pc compatible computer running MSDOS. Although dosbox is basically intended to run old school video games from the late 80’s and early 90’s, it can take on other tasks.
One of the key features about Dosbox is it’s ability to run peer-to-peer and internet/intranet video games. It simulates an entire modem, so you and your friends can play those old TCP/IP or IPX network multiplayer games easily with each other.
You can also take simple photos of your gameplay or video footage which is created with the ease of the click of a button. Hit CTRL+F5 for your photo, or CTRL+ALT+F5 to begin a video then again to end it. This makes for easy tutorial building, as well as nice video clips to share. The video is recorded into a folder called captures.
I found lots of good information about Dosbox at this wiki: http://en.wikipedia.org/wiki/DOSBox, as well as their main site: http://www.dosbox.com/. Here, you can find a HUGE list of games that are supported by Dosbox as well as FAQ’s, their own wiki, and forums.
Oh, and did I mention it’s open source and free? Yup
