Month: June 2009

Open-Source Alternatives

Just recently I’ve devoted my extra time to finding and implementing open-source alternatives for common proprietary business applications. So far I’ve had great success in getting the solutions up and running, and I’ve been nothing short of impressed on how much community support they receive.

I will start writing comparisons on the Commercial VS. Open-Source solutions I’ve come across and tested, but for now i’ll simply list a few that i’ve been very happy with:

Commercial / OSS Alternative

Microsoft Exchange or Lotus Notes / Zimbra Collaboration Suite

Microsoft Live Communications Server / Asterisk + Openfire

Microsoft SharePoint / Alfresco (Not yet implemented)

Microsoft CRM / SugarCRM Community

Microsoft Office / OpenOffice or IBM’s Symphony

There’s still a few things that I cannot go without, which is Active Directory. SAMBA 4 will come with DC emulation built-in, but it’s still not out. Until then i’ll keep working on other OSS alternatives to see if i can completely eliminate Microsoft or otherwise commercial software in a small environment.

Zenoss behind Apache proxy

Pulling my hair out trying to figure out how to set the URI for Zenoss to work behind an Apache mod_proxy setup, I figured out the solution is to use a rewrite rule on the virtual host within Apache. Here’s the rule I’m using:

RewriteEngine on
RewriteRule ^/(.*) http://internalserver:8080/VirtualHostBase/http/externalserver:80/VirtualHostRoot/$1 [L,P]

Of course, change “internalserver” and “externalserver” for your hosts, and “externalserver” should match your ServerName definition in the virtual host config.

Messing with WEP – Part III

We left off at sniffing the packets, but unless you can spare a whole week if trying to get access to a mostly inactive network, we’re going to need to generate some sort of traffic to speed things up.

To do this, we are going to take advantage of packet injection, and only then we’ll see that Data counter jump up to a useable level.
Let’s open another terminal, and run the command:

aireplay-ng -1 1 -a 00:12:17:05:92:5D wlan0

picture-3

What this will accomplish is start a “fake authentication” to the access point. Most access points will respond to the auth request, thus generating data.

Once we’re authenticated, even with a bogus request, we should be able to start replaying ARP requests. To do this, we’ll run:

aireplay-ng -3 -b 00:12:17:05:92:5D wlan0

I suggest running it on another terminal window so we can see everything going at once. Up until now, we should have 3 terminal windows open, one with airodump-ng sniffing data, another with aireplay-ng doing fake auths and the last one replaying ARP requests.

Lastly, we’ll start our fourth last terminal window and run aircrack-ng, which will analyze the dump traffic, and hopefully get the key. Run:

aircrack-ng /root/*.ivs

This will read all files that contain IV captures, and start the cracking process. The program will retry the crack if unsuccessful over and over, so this can be left running in the background.
Within a few minutes, we get our prize:

picture-2

Now we know that my public wireless has the key of 1234512345 as expected. Note that if I had a 128 bit WEP key, the process shouldn’t take much longer than 64 bit. NOTE: we got a LOT more than 3110 IVs. I’m not sure why only 3110 are counted, but be sure that you will likely not get far with anything under 20k IV’s.

So, what have we learned from this?? DO NOT USE WEP!!!. At the very least, use WPA PSK with a unique AP name, as WPA PSK can also be cracked using huge pre-computed Rainbow Tables (I won’t go into this yet… plus you’d need my 64GB tables to do it). WPA Enterprise, or WPA2 Enterprise are the best way to go, but unfortunately many home environments don’t have a RADIUS server for authentication… so stick with WPA PSK and you should be fine.