Here I am assembling various things I want to share with everyone.  It will always be a work in progress.

Windows:

Things I do after a fresh install of Windows XP SP2:

1.)  As Windows XP SP3 has just been released it’s prudent to install that before connecting the computer to the internet.  (I will update this with a link when it’s actually available to the average joe in a few weeks)

2.)  In the control panel go to Add or Remove Programs, Add/Remove Windows Components, and uncheck the following:
- MSN Explorer
- Outlook Express (unless you actually use this)
- Windows Messenger
- Any games you don’t want

3.)  I always revert my theme to the Windows Classic theme (and turn on ClearType, but this is monitor specific advice).  I also right click on My Computer, and then to Properties.  I do the following:
- Under the Performance options, unless the computer is very old I just leave the Visual Effects tab alone.  In the Advanced tab I change my Virtual Memory to exist on one drive only, and set it to 1.5 multiplied by the amount of physical RAM I have, unless I have over 3GB in which case I disable the paging file altogether.
- Under Startup and Recovery I change the timeout to 10 seconds (I typically dual boot operating systems).
- I set Automatic Updates to download and let me choose when to install.

4.)  Update all drivers on the system.  Typically I already have these downloaded onto a thumb drive and they’re ready to go.

5.)  Install Antivirus.  Grisoft’s AVG Free Edition works for most people.  I use the Symantec Endpoint client the US Navy provides me and that works well.  If you feel like paying NOD32 and Kaspersky are both good, don’t bother with the whole “Internet Security” suites though, get the AV scanning software ONLY, anything else is bloat.

6.)  Under the Start Menu, click Run, then type msconfig and hit enter.  On the window that pops up click the Startup tab.  Here I generally slim down startup to just what I need.  I turn off everything else.  This will be specific to your system.

7.)  At this point it’s safe to go online.  Preferably you’re behind a router with NAT functionality.  If not, it’s not the end of the world though.

8.)  Some other software I always install:
- Daemon Tools
- TweakUI
- Launchy
- Digsby
- Skype
- WinSCP
- PuTTY
- Firefox
- HydraIRC
- Foxit PDF Reader
- VLC
- ffdshow
- WinZip, WinRAR, 7zip (trial versions of the first two are just fine, I don’t think they ever really expire)
- Alcohol 120% (I paid for this a couple of years ago.. amazing software, good for making images and burning them, lots of options)
- MS Office or Open Office

9.)  Some other misc tweaks:
- If you use Internet Explorer a great deal, go into the Options window and under Browsing History, change the option to “Every time I visit the webpage”, and for disk space to use, change it to 50MB (the lowest).
- I always set my homepage to about:blank
- Also set the option not to remember passwords.
- In any folder go to Tools, Folder Options and under the View tab, uncheck “Hide extensions for known file types”, as well as make sure “Show hidden files and folders” is bubbled in.  After these are done click Apply to All Folders to ensure this is consistent across your system.
- Disable System Restore
- Disable unnecessary windows services using Black Viper’s guide located here:  http://www.blackviper.com/.  The “SAFE” options are good enough for most of us.

I’m sure I will think of more later.  Ghost this setup if you want to so you don’t have to do it over and over again.

Thursday afternoon I ended up going into the hospital again for more post-tonsillectomy bleeding. It wasn’t as bad as it was on Monday but I still had to go under and they put another stitch in, along with the cauterization. I went from having 0 surgeries in my life to 3, all in the last 2 weeks. Hopefully this last one actually fixed the problem, but from what I am told the bleeding is purely random.

I picked up a couple more flash drives to replace the cheap ones I lost. A Patriot 8GB and a Sandisk 4GB (with U3). I was playing around with the U3 apps on Thursday before I had to abruptly head into the emergency room. I’ll be doing more of that today, and also fooling around with the Windows Server 2008 installation I did on a partition on my T61p. I used the guide at http://www.win2008workstation.com/wordpress/ to convert the install into a workstation with the full Aero experience along with wireless network connectivity. I haven’t created a virtual machine using the Hyper-V beta yet, but I did enable it, and will be doing that today.

I had my tonsils removed yesterday, which went surprisingly well.  I have a bit of a sore throat but other than that I am doing fine.  I can’t wait to eat solid food again though.  Matt was right when he told me you could start to count backwards from 6000 and not even make it to 5999 once they start to put you under.

While I was relaxing yesterday I put my 64 bit copy of Windows XP on the new thinkpad.  I also downloaded the 64 bit trial of VMware and I must say, it’s very noticible from the 32 bit counterpart.  I installed 32 bit XP Pro in a VM on it, and it’s literally like having a native install of it.

I succeeded in setting up a dual-boot of Windows XP and Ubuntu 7.04 on my laptop yesterday.  It’s an (almost) 3.5 year old Gateway M505XL (with an extra 256MB RAM, and an Intel 2200 B/G vice the stock 2100) but everything was recognized, no driver issues at all.

The main purpose was for the Hak5Live show coming up this Saturday where I will be demoing some homebrew emulation with my 360 controller.  Nothing too fancy really, but I think some folks will appreciate hearing about something a little out of the norm.

I went awhile without an update. The Ubuntu article before this was actually written about a week ago, but I had not gotten a chance to get on and publish it, and did end up publishing it a little incomplete, which is why I am going to do another update in a few weeks on Ubuntu.

The past two weeks have been pretty busy for me, both professionally and personally. I’ve been studying for Linux+, GCIH, CISSP, and now CEH. The basic plan is to have CEH and GCIH done by the end of next week if I hear back from EC-Council soon enough. I’m also looking at switching to AMU from Strayer because I feel their program will be a better fit for me.

I did a little packet analysis at home the other night for someone in an IRC room I frequent. A sysadmin from a university came in and was having trouble identifying some traffic on his network. A quick check of the pcap file that he sent me revealed it was simply CUPS traffic, whether or not it was authorized was another story since he did not appear to know what CUPS was, but did mention that his network had both Windows and Linux workstations. It was fun in any case.

Among the many projects I have, is a desire to setup another computer dedicated to running some virtualized servers in VMware Server, probably a bunch of Ubuntu LAMP setups from their server cd. The idea would be to go a route similar to how LSO (learnsecurityonline.com) does their capture the flag contests. Perhaps I will email them and ask how they set their boxes up, whether it is in a VM or not.

It’s been 3 weeks since I began using Ubuntu as my primary desktop OS, and so far I am loving it. I never claimed to be the expert on Linux, and had never really run it for anything other than experimentation before, so this has been quite a learning experience for me.

Obviously the best part is having that fine-grained control over every aspect of the OS and being able to readily access a wealth of software from the open source community with more often than not, a simple apt-get command.

Beryl is another reason I am loving Ubuntu. When I discovered the middle click function on the desktop, I was in awe. It literally throws you into a 3D mode where you can drag the cube around and see layers of windows on each desktop, stacked behind each other in the order they were opened.

I’m going to give another update here in a few weeks and decide whether to continue using it as a primary desktop OS.

So you’ve just gotten home from buying whatever wireless router your friends told you to get, well that or whatever the salesman suckered you into. (Subliminal message: Linksys WRT54G)

You want to setup a handfull of computers in your house to partake in the new wireless party, except for one little problem: you don’t know what you’re doing.

This is where we come in. This is a generalized article on how to setup a basic wireless network. I’m going to try to write it in a way that regardless of what router you have, you’ll be able to use this to figure yours out and get the job done. This is a pretty basic article, so i’m not trying to totally cover everything here. The best way to learn about things is to read and do them yourself. There is no better teacher than experience.

Routers:

Linksys WRT54 Products

A router, routes things. It’s pretty simple. You plug it in, and plug your computers into it via ethernet, or you let the wireless part take care of that, and from there it’s just a little configuration and boom, you can share files, browse the net, whatever you want. Enough on those.

Each brand of wireless router usually has a different method of configuration. This is everything from the IP you connect to it through, to the way the interface is laid out. They all usually use a 192.168.x.x IP, and all the interfaces have roughly the same kind of buttons, though.

The parts we’re concerned with deal with IP assignment, MAC filtering, and the type of encryption that’s active.

Hopefully all of you have a router that lets you use WPA. If not, please at least use WEP. It’s not much protection, but it’s something to slow a lazy wardriver down.

Quick Note on Wardriving:

Wardriving is basically the practice of driving around looking for wireless networks. Mapping them out, and even hacking into them if one is so inclined. You care about wardrivers because if you don’t secure your router, and they leech off of you, anything they do while they’re connected to your router is your responsibility in a court of law, not theirs. So if they like to download kiddy porn, you can get into trouble for them doing it.

DHCP vs Static IP:

Going to make this one quick. DHCP is automatic assignment of IP addresses. In this part of your control panel you can view who is currently assigned an IP on your network. You can control how long they get to use that IP before they have to renew it, as well as how many IP addresses the router will assign before it stops giving them out. This is important for securing the router, as it’s one step in the process. Always limit the number of available IP addresses to the number of machines you will be using. You can always add to this if a buddy comes over or what not, so don’t worry.

Static IP is even better, but a little more work in setting up. This allows you total control over the assignment of IP addresses, but still isn’t perfectly safe. Regardless, the additional setup requires you to use the router’s IP as your Gateway and DNS servers, so don’t forget that.

MAC Filtering

There is more information here than I can even think to type up. The concept however is simple. You can either deny certian MAC addresses from connecting to your router, or allow only certain ones and deny the rest. Obviously the second option is better and easier for us.

Encryption:

I’ve touched on this with my WEP vs WPA article, but configuration is actually pretty self-explanatory, and Firewalling.com has an excellent resource for virtually every router out there. You figure out whether you have WPA or if you’re stuck with WEP (NEVER use WEP if you have WPA or better available). It all works the same though, you generate a key, and you use that key in your wireless configuration in Windows or Linux to connect to the router.  Use this key generator to generate your keys.

Using the last 3 things separately is good, but using them together is outstanding diligence. You want to deter possible hackers as much as possible, so they move onto your neighbor’s unsecured network rather than yours.

Things to Note:

• Don’t try to connect 20 computers to the same 3mbps Cox connection. It just isn’t good.
• Weather can influence the quality of your wireless signal. So can living next to a whole bunch of transformers and power lines.
• Throughput on wireless isn’t quite the same as with a regular LAN. If you’re copying lots of files between computers, use a physical connection. It’ll save you time and grief.

Port Forwarding:

Gamers, this is your section. Port Forwarding is used instead of enabling the DMZ, because it still provides you with a good level of security. If you need certain ports available for certain applications, you can do that here. All you do is specify the port number, the protocol being used, and the IP address it’s going to forward to. Be sure you know which IP is what on your network, you might end up giving the wrong person the info.

Thoughts:

Most people don’t secure their networks. In my experience about 6 out of every 10 routers is totally wide open, just plugged in and never touched. Secure your networks!!

The Security Fix blog reports, along with the latest round of Microsoft exploits, that an anonymous hacker has won the iDefense Vulnerability Challenge.

What a payday eh? Ethical Hacking does have its uses!
Exerpt:

“Speaking of iDefense (scoop alert!) … remember back in February when I wrote about iDefense offering their “quarterly vulnerability challenge,” a $10,000 purse to anyone who could come to them with a previously unknown “critical” flaw in Windows? Well, iDefense paid that prize to the anonymous hacker who reported the .ART flaw.”