Monday, October 29, 2007

HeX-VA (Virtual Security Appliance)

I am pleased to announce the release of the HeX Virtual Appliance!

To facilitate quick and easy use of the tools that are built into the HeX Live CD, we have installed the Live CD on four Virtual Machines to create four Security Virtual Appliance Images. These images are intended to aide in the rapid deployment and usability of the HeX Live Toolkit and we are dubbing it HeX-VA. The images are designed for use with Parallels, Qemu, VMware and Virtualbox virtualization technologies. If you have any problems using these images or have any suggestions, please feel free to contact us or stop by #rawpacket on freenode.

Thanks to geek00l for the screenshots and continued hard work on this project! I have included the US Mirrors below for your downloading pleasure. If you are not US based, there are other Malaysian mirrors listed on the official rawpacket.org site under the Virtual Appliance project section.

HeX-Paralleles | md5 | sha256
HeX-Qemu | md5 | sha256
HeX-VMware | md5 |sha256
HeX-Virtualbox | md5 |sha256

I'll be posting some detailed directions shortly on the usage of NTop and some specifics on tuning it for your environment (by request).

Cheers,
JJC

Screenshots of various HeX-VAs:










Posted by at No comments:
Labels: , , , , , , , ,

Friday, October 26, 2007

HeX 1.0.1 Release (Bug Fixes)

So, due to several flaws that people were experiencing with HeX 1.0R we are releasing an updated version (1.0.1). The fixes in this version include increased bootup speed; during the extraction and loading of the data into mfs /var, the IO process of several different system types was causing an apparent system hang, this has been resolved.

Another major issue that was occurring was with the msfweb not loading properly or not functioning when loaded. It turns out that this was actually a firefox related issue; deleting ~/.mozill/firefox and using the global Firefox configuration fixed the problem (note that this also fixed javascript issues in ntop and darkstat).

As geek00l says, we are "shamelessly" releasing this fixed version. As always please give it a roll and let us know if you experience any issues. You can report bugs using our Trac interface, the Mailing List or via IRC in #rawpacket on freenode.

Download URLs:
Cheers,
JJC
Posted by at No comments:
Labels: , , , , , , , ,

Tuesday, October 23, 2007

Openpacket.org Beta

The openpacket.org beta site is live (and has been for a while, but I did not think to post about it) :-\

This site is the brainchild of Richard Bejtlich who announced the beta at http://openpacket.blogspot.com. Please swing by and drop some pcap data or just some comments / requests.

The site is located at http://beta.openpacket.org:8080

Cheers,
JJC
Posted by at No comments:
Labels: , , ,

Monday, October 22, 2007

InProtect, on track for alpha release

...We hope to have an alpha/beta release of the upcoming InProtect 0.80.0 within two weeks.

Good positive progress has been made tuning all of the elements of the engine itself for improved performance in lowering the overall load of the scheduling engine itself. We are currently working on migration scripts for users using both the 0.22.5 and 0.22.5JC versions.

You will see some big database changes and enhancements to the GUI in the form of role-based permissions, a per-user customizable dashboard at login, cleaned up table indexes and optimized queries and much much more.

Cheers,
JJC
Posted by at No comments:
Labels: , , , , , ,

Saturday, October 20, 2007

Ubuntu Upgrade...or not (with compiz)

Perhaps it was a lack of patience on my part, or poor forward planning on Ubuntu's part, but I could no longer continue to attempt upgrading after what was likely the 30th failed attempt. As a result of this upgrade attempt outcome I decided to backup the /home/* directories and perform a clean install.

As one would expect the standard install succeeded with no problem. The expected options were available from custom partitioning to setting initial user and permissions during the installation. The only real issue that I had was with the "seamless" compiz implementation that I had heard so much about.

For this installation I used an HP laptop that I have, this laptop contains an ATI X series video card and therefore supports 3D acceleration. I was disappointed that the compiz (3D) desktop acceleration did not work out of the box, so here is what I did to make it work: Initially I simply tried to enable Extra effects after enabling the proprietary video card. This only produced the error "Composite extension not found"...after enabling in xorg.conf (as described below) I received the fairly generic error "Unable to enable visual effects" or similar... So here are my steps to enable compiz on Ubuntu 7.10 with ATI drivers (what worked for me)


  • Enable all of the repos that have proprietary software and the like System -> Administration -> Software Sources.
  • Enable the proprietary video card driver from the Restricted Drivers Manager.
  • Make sure composite extensions are enabled : vi /etc/X11/xorg.conf
Section "Extensions"
Option "Composite" "1"
EndSection
  • Install xserver-xgl "sudo apt-get install xserver-xgl
  • Install compizconfig-settings-manager "sudo apt-get install compizconfig-settings-manager" *this is not a requirement but gives you a level of customization that is nice.
  • Restart X
  • Try it out System -> Preferences -> Appearance -> Visual Affects (select what you want here...I used Extra then Custom from the last apt-get install)
Everything else worked nicely, enabled the proprietary fwcutter for my wireless card and it worked, no more mucking with it as in previous versions, very nice!

All in all, I give this version a Thumbs Up despite the upgrade mess, seems more stable so far and clean.

Hope this helps someone out :-)

Cheers,
JJC
Posted by at No comments:
Labels: , , , , ,

Friday, October 19, 2007

Ubuntu Upgrade to 7.10 Strike 2

As I write this, I have attempted roughly 10 "upgrades" via the Update Manager with the same result each time as displayed below.


Obviously this is producing some anxiety on my behalf, as I am anxious to upgrade. That said, I fear that the upgrade process, much like previous upgrade processes from the Ubuntu folks, is a complete joke.

In preparation for the joke to be a fact, I kicked off the download and noted again that the servers are getting hammered... bitTorrent anyone?


Cheers,
JJC
Posted by at No comments:
Labels: , , ,

Thursday, October 18, 2007

Ubuntu 7.04 to 7.10 Upgrade Notes pt 1

Time to see if the Ubuntu folks have cleaned up their upgrade process. Previous upgrade attempts have been painful to say the least (this means pre-7.10).

I kicked the process off at about 21:30 EST by updating my existing 7.04 installation with all of the latest package updates as noted in the Ubuntu upgrade process documentation. The update went smoothly with the simple exception that a boatload of other users must be doing the same thing and loading up the repos. I did have to restart the updates a few times to get all files to download (again, likely related to repo overload, considering the fact that I regularly update my Ubuntu systems and this is not a normal occurrence). It should be noted that the Upgrade to 7.10 option was available prior to updating my packages, but IAW the upgrade documentation I performed the package update first.

The first thing we do after making sure all packages are updated is click on the Upgrade button to kick off the 7.04 to 7.10 upgrade process and again click Upgrade in the release notes. This kicked off the upgrade process and started to download the Upgrade Tool (again a little slow...likely load related). Once the Upgrade Tool finished downloading and kicked off, more downloading and waiting as the Upgrade Tool runs through upgrade preparations, software channel modifications, fetching upgrades, installing upgrades, clean up and system restart.

This is where the trouble began, again I suspect due to load on the distribution servers. After waiting for about an hour on file 50 of 56, I canceled the process and started again in the hopes that it would jumpstart the download. Unfortunately this did not work, so I left it to fetch overnight, and woke up to the screenshot to the right.

With all of the excitement and everyone else attempting to update and upgrade at the same time, I'll be intermittently trying to complete my upgrade over the next week in the hopes that it will complete. That being said, I have spoken with a few of my associates that were able to fetch all of the upgrade files (~6 hours of downloading at painfully slow rates) and they had their upgrade fail roughly halfway through the process, thereby rendering their system useless and forcing a clean install of 7.10.

The same associate of mine "giovani" also suggested using bittorrent for the mass distribution medium, to alleviate some of the pain that we are all feeling with the seemingly overloaded repos. Something definitely needs to be done, bittorrent or otherwise, to clean up these load produced upgrade and update failures.

More to follow...

Cheers,
JJC
Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)