Friday, October 26, 2007

» Build the $340 NAS for half the price but double the speed | George Ou | ZDNet.com

» Build the $340 NAS for half the price but double the speed | George Ou | ZDNet.com:

The thing that has always bothered me with the NAS (Network Attached Storage) market for consumers is that it’s very high margin yet the products deliver very poorly on performance. While that might be great for the product manufacturers bottom line, it isn’t so great when you’re the consumer. Typical NAS devices that allow you to insert 4 to 6 drives cost anywhere between £240 ($500) to £490 ($1000) yet they only deliver between 15 to 30 megabyte/sec of performance when they imply gigabit (125 megabyte/sec) performance to the consumer in their advertising.

While I think most consumers don’t mind paying a small premium for something that is pre-assembled and easy to use out of the box, I don’t think they’re happy about paying a 100% premium while getting less than half the performance. I’ve come up with an alternative solution for half the price and more than double the network performance and you can have this solution so long as you’re willing to do a little PC building and you follow my parts list. If you’re not sure how to build a PC but you’re willing to learn, you can follow this step-by-step picture guide.

For £166 ($340) you will be able to build a NAS server running a free Linux server operating system from any of the major distributions like Ubuntu, SUSE, Red Hat, etc.

Part Price
G33 motherboard with ICH9R RAID controller 141
Intel 2140 1.6 GHz Core 2 Duo 75
1 GB DDR2-667 RAM 30
300W 80% efficiency silent PSU 43
Cooler Master Elite 330 ATX (£22 ($45) pickup at Fry’s minus £9.76 ($20) rebate) 51
Total (shipping included but not taxes) 340

With a slight upgrade to £216 ($442) you can get it with a 5-drive hot-swap SATA backplane cage which I reviewed here. Note that the SATA hot-swap cage requires some small modifications to the chassis since there is a small metal lip between each 5.25″ drive module.

AMS 5-drive SATA hot-swap backplane (model DS-3151SSBK) 102
Total w/hot-swap cage (w/shipping) 442

I do like the feature set and relative ease of use of Windows Home Server (for people not familiar with Linux), but I have been disappointed with the steep system builder price of £90 ($185) when the hardware is barely double the cost of the software. I’m sure the OEMs like HP are getting a much better price for Windows Home Server but that doesn’t really help the home system builders who buy one at a time.

Windows Home Server 185
Total w/WHS and hot-swap cage (w/shipping) 660

You could run Vista Premium which is around £54 ($110) OEM price and that will give you basic network file hosting capability along with the media center capability so this is a great option for people who want Windows. Linux plus MythTV will also let you do the network file sharing and TV recordings and that’s free if you can deal with Linux.

Windows Vista Premium 117
Total w/Vista Premium and hot-swap cage (w/shipping) 559

Double duty as a Media Center PC
Note that you’ll need to borrow a CD or DVD ROM drive to install the OS or you can just throw in a cheap DVD burner for £15 ($30). Having the optical drive might be useful since you can also stick in a TV tuner card and have this system perform double-duty as a NAS and Media Center PC which doubles your utility without spending a lot more money or using a lot more power. It makes little sense to buy a totally different system for the Media Center PC and waste the extra 60 watts of power to run a separate box. The nice thing about this arrangement is that you already have all the storage at your disposal for your video recordings and there isn’t a better place to put all your videos. The other great thing about having a system like this is that you can host additional virtual servers using free hypervisor software from Microsoft and VMware.

System power and performance specifications
This system without the hard drives will consume roughly 42 watts during idle and each hard drive you add will add roughly 9 watts to the idle power consumption. Peak power consumption in the system will be around 75 watts without the hard drives and each hard drive peaks at around 13 watts during busy read/write cycles. The peak power consumption fully loaded with 6 typical 7200 RPM hard drives is 153 watts during peak CPU and storage operation. During system power-up, each drive consumes up to 30 watts so it’s possible to see 200 watts of power consumption for a few seconds when the hard drives go from 0 to 7200 RPM so the 300 watt power supply (smallest ATX model you can buy) is overkill.

Note that Western Digital now sells hard drives with half the idle/peak power consumption and the 750 and 1000 GB drives are between £107 ($220) and £150 ($300). Compared to 500 GB drives you can buy for £54 ($110), the larger capacities are a bit expensive per GB.

Performance-wise you can expect to see about 70 megabytes/sec over a gigabit LAN which is twice as fast as the £490 ($1000) commercial NAS devices you can buy over the shelf. With the new ICH9R RAID controller you can actually expect to see close to 300 megabytes/sec of disk sub-system performance but you’ll be limited by the speed of the gigabit network when you factor in overhead to around 70 MB/sec. If you don’t have a gigabit switch, they’re as cheap as £18 ($36) with jumbo frame capability. For more on how to effectively configure and use all this capacity, you can read Best storage strategies for the multimedia PC.

Tuesday, September 25, 2007

Essential Bluetooth hacking tools - Security-Hacks.com

Essential Bluetooth hacking tools - Security-Hacks.com

bluetooth-logo.jpgBluetooth technology is great. No doubt. It provides an easy way for a wide range of mobile devices to communicate with each other without the need for cables or wires. However, despite its obvious benefits, it can also be a potential threat for the privacy and security of Bluetooth users (remember Paris Hilton?).

If you are planning to gain a deeper understanding of Bluetooth security, you will need a good set of tools with which to work. By familiarizing yourself with the following tools, you will not only gain a knowledge of the vulnerabilities inherent in Bluetooth-enabled devices, but you will also get a glimpse at how an attacker might exploit them.

This hack highlights the essential tools, mostly for the Linux platform, that can be used to search out and hack Bluetooth-enabled devices.

Discovering Bluetooth Devices

BlueScanner - BlueScanner searches out for Bluetooth-enabled devices. It will try to extract as much information as possible for each newly discovered device. Download BlueScan.

BlueSniff - BlueSniff is a GUI-based utility for finding discoverable and hidden Bluetooth-enabled devices. Download BlueSniff.

BTBrowser - Bluetooth Browser is a J2ME application that can browse and explore the technical specification of surrounding Bluetooth-enabled devices. You can browse device information and all supported profiles and service records of each device. BTBrowser works on phones that supports JSR-82 - the Java Bluetooth specification. Download BTBrowser.

BTCrawler -BTCrawler is a scanner for Windows Mobile based devices. It scans for other devices in range and performs service query. It implements the BlueJacking and BlueSnarfing attacks. Download BTCrawler.

Hacking Bluetooth Devices

BlueBugger -BlueBugger exploits the BlueBug vulnerability. BlueBug is the name of a set of Bluetooth security holes found in some Bluetooth-enabled mobile phones. By exploiting those vulnerabilities, one can gain an unauthorized access to the phone-book, calls lists and other private information. Download BlueBugger.

CIHWB - Can I Hack With Bluetooth (CIHWB) is a Bluetooth security auditing framework for Windows Mobile 2005. Currently it only support some Bluetooth exploits and tools like BlueSnarf, BlueJack, and some DoS attacks. Should work on any PocketPC with the Microsoft Bluetooth stack. Download CIHWB.

Bluediving - Bluediving is a Bluetooth penetration testing suite. It implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack, has features such as Bluetooth address spoofing, an AT and a RFCOMM socket shell and implements tools like carwhisperer, bss, L2CAP packetgenerator, L2CAP connection resetter, RFCOMM scanner and greenplaque scanning mode. Download Bluediving.

Transient Bluetooth Environment Auditor - T-BEAR is a security-auditing platform for Bluetooth-enabled devices. The platform consists of Bluetooth discovery tools, sniffing tools and various cracking tools. Download T-BEAR.

Bluesnarfer - Bluesnarfer will download the phone-book of any mobile device vulnerable to Bluesnarfing. Bluesnarfing is a serious security flow discovered in several Bluetooth-enabled mobile phones. If a mobile phone is vulnerable, it is possible to connect to the phone without alerting the owner, and gain access to restricted portions of the stored data. Download Bluesnarfer.

BTcrack - BTCrack is a Bluetooth Pass phrase (PIN) cracking tool. BTCrack aims to reconstruct the Passkey and the Link key from captured Pairing exchanges. Download BTcrack.

Blooover II - Blooover II is a J2ME-based auditing tool. It is intended to serve as an auditing tool to check whether a mobile phone is vulnerable. Download Blooover II.

BlueTest - BlueTest is a Perl script designed to do data extraction from vulnerable Bluetooth-enabled devices. Download BlueTest.

BTAudit - BTAudit is a set of programs and scripts for auditing Bluetooth-enabled devices. Download BTAuding.

What’s next? Let everyone know to disable Bluetooth until they really need it. Additionally, make sure to update your phone software on a regular basis.


CWNP Wireless Certification & Wireless Training - Resume Writing Fundamentals

CWNP Wireless Certification & Wireless Training - Resume Writing Fundamentals

Monday, September 24, 2007

NTPPoolServers < Servers < NTP

NTP Pool Time Servers

pool.ntp.org uses DNS round robin to make a random selection from a pool of time servers who have volunteered to be in the pool. This is often good enough for end-users. The minimal ntpd configuration file (e.g. /etc/ntpd.conf) for using pool.ntp.org is:

driftfile /var/lib/ntp/ntp.drift

server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
server pool.ntp.org

If you use only one pool server, we recommend you use the "bare" zone without a number, but if you use several, then use the numbered ones first.

ALERT! Any questions about the pool.ntp.org server pool should be directed either to the timekeepers@fortytwo.ch mailing list or to the comp.protocols.time.ntp usenet newsgroup.

IDEA! Time server operators are encouraged to visit the pool.ntp.org web-site to find out how they can join the NTP pool.

To make it possible to select a timeserver which is geographically close, we have sub-zones of pool.ntp.org. The "continent" ones are:

Area: HostName:
Worldwide pool.ntp.org
Asia asia.pool.ntp.org
Europe europe.pool.ntp.org
North America north-america.pool.ntp.org
Oceania oceania.pool.ntp.org
South America south-america.pool.ntp.org

There are also sub-zones for many countries. Click on your continent to see which country-zones are available there.

When using the by-country zones, be careful: some of them currently contain only one or two servers, so you are probably better off using either the zone of a nearby country, or using the continent or global zone (This is also valid if you live in a big country. For example, jp.pool.ntp.org has only one server!).

Friday, July 13, 2007

How to setup ssh key based login from SPLAT to another Linux Machine.

How to setup ssh key based login from SPLAT to another Linux Machine.

1) on the linux machine, run "ssh-keygen -t rsa"
2) on the secureplatform, in expert mode:
a) cd /root/.ssh
b) ssh-keygen -t rsa
c) touch authorized_keys
d) chmod 700 authorized_keys
3) copy the id_rsa.pub from the linux machine to the SPLAT machine.
(I had to do this via scp with password FROM the SPLAT box back
to the linux machine).
4) on the spat box, "cat id_rsa.pub >> authorized_keys"
5) modify the sshd_config file on the SPLAT box as follows:
DenyUsers shutdown halt nobody ntp pcap rpm
AllowGroups admin root
6) on the splat box, "service sshd restart"
7) from the linux machine, I can do this:
[root@linux-10g .ssh]# ssh -l root 192.168.1.2
Last login: Mon Feb 21 09:27:25 2005 from 192.168.1.100
[Expert@Checkpoint-cp01]#

Thanks to the firewall-1 mailing list for this helpful tip