Your next PDU?
Taking the wall wart to the next level. I've been thrilled to see the little wall wart devices for the past 2 years or so and been saying how much fun they'd be in a Pen Test. While this one isn't one you'd want to abandon, due to the cost, it is the ultimate in stealth!
Nothing like having a PDU with a built in computer that phones home!
So many ideas, so little free time....
Subscribe To
Posts
All Comments
Monday, July 23, 2012
Thursday, July 12, 2012
DHCP dll for Satori updated
Quick note, updated the dhcp dll Satori uses. I'm getting ~10 times faster processing for DHCP fingerprints now!
Run the updater.exe and look for the latest!
Run the updater.exe and look for the latest!
Wednesday, July 4, 2012
Satori 0.7.4 released
Short Info:
- Had a request from Randy to add a "not" feature to the filter. Added that and fixed the fact that it only filtered existing packets, not new packets. Thanks for the suggestion! Usage is: ![var] or just [var], sorry no ability to use && or || type logic.
- Also fixed a bug he noticed in the MAC Vendor not showing up in cases where it did know it.
- Last but not least packaged Satori with InstallForge (http://www.installforge.net/).
Long Winded Info:
For those that don't want to do a full blown install, nice thing is InstallForge, while making it an .exe it is actually a .zip, so it can be extracted with any zip program. You'll end up with an extra dir, but works sweet even when using unzip.
I had a request to add the ability to do a NOT in the filter. Initially it was simple, the problem came with trying to get it to do more than just what was currently on the screen, ie all those new packets coming in at the same time. While the first piece of code was about 5 mins of trial and error and some logic issues, the piece to get it to update new packets was 3-4 of pain and suffering on my part. Nothing like have 7 year old code that you barely ever look at anymore and try to figure out everything that is actually happening there!
The same person pointed out a few other issues, one of which was that Satori sometimes shows the Vendor of a MAC, other times doesn't, with no rhythm or reason he could see. Initially neither could I, until I remembered that the DNS dll will put an IP down and if you end up going there later it will add the MAC. Problem was I wasn't doing a lookup then, just an update. Simple code change later and I think it is now fixed. Thankfully that was a 10 min fix!
And the last thing he noted was that the date/time stamp of files on my web server were sometimes older than local ones from an install. This has to do with doing the install via a simple zip file and when you extract it it takes "today's" date/time instead of the file depending on the zip program and its settings. It also has to do with the way I pull time locally vs remotely and GMT, so sometimes files are off by a day. While I didn't fix this entirely, I've wanted a decent and free installer program for a long time and I found InstallForge. Works nicely for what I need and I recommend checking them out and donating to them if you find it useful!
One cool feature of InstallForge is it is really a .zip file underneath, so for those of you that don't want to install Satori, you can still just right click on the .exe and tell 7zip, or whatever your zip program of choice is to unextract it and you should be good to go!
- Had a request from Randy to add a "not" feature to the filter. Added that and fixed the fact that it only filtered existing packets, not new packets. Thanks for the suggestion! Usage is: ![var] or just [var], sorry no ability to use && or || type logic.
- Also fixed a bug he noticed in the MAC Vendor not showing up in cases where it did know it.
- Last but not least packaged Satori with InstallForge (http://www.installforge.net/).
Long Winded Info:
For those that don't want to do a full blown install, nice thing is InstallForge, while making it an .exe it is actually a .zip, so it can be extracted with any zip program. You'll end up with an extra dir, but works sweet even when using unzip.
I had a request to add the ability to do a NOT in the filter. Initially it was simple, the problem came with trying to get it to do more than just what was currently on the screen, ie all those new packets coming in at the same time. While the first piece of code was about 5 mins of trial and error and some logic issues, the piece to get it to update new packets was 3-4 of pain and suffering on my part. Nothing like have 7 year old code that you barely ever look at anymore and try to figure out everything that is actually happening there!
The same person pointed out a few other issues, one of which was that Satori sometimes shows the Vendor of a MAC, other times doesn't, with no rhythm or reason he could see. Initially neither could I, until I remembered that the DNS dll will put an IP down and if you end up going there later it will add the MAC. Problem was I wasn't doing a lookup then, just an update. Simple code change later and I think it is now fixed. Thankfully that was a 10 min fix!
And the last thing he noted was that the date/time stamp of files on my web server were sometimes older than local ones from an install. This has to do with doing the install via a simple zip file and when you extract it it takes "today's" date/time instead of the file depending on the zip program and its settings. It also has to do with the way I pull time locally vs remotely and GMT, so sometimes files are off by a day. While I didn't fix this entirely, I've wanted a decent and free installer program for a long time and I found InstallForge. Works nicely for what I need and I recommend checking them out and donating to them if you find it useful!
One cool feature of InstallForge is it is really a .zip file underneath, so for those of you that don't want to install Satori, you can still just right click on the .exe and tell 7zip, or whatever your zip program of choice is to unextract it and you should be good to go!
Subscribe to:
Posts (Atom)