After seeing some guys at Shmoocon 2010 with a neat Jasager BackTrack setup I thought I would go about creating a Mind Map on how to set this up.
So, I sat down with Robin Wood aka DigiNinja, the creator of Jasager for the day to go through how to set this up.
If you are new to Jasager be sure to read the original project pages to see what it can do.
Also, check out a recent Hak5 episode that shows Darren from Hak5 doing the Airport WiFi challenge.
This Mind Map takes you through how to create a cool Man in the Middle WiFi solution using a default install of both Jasager and BackTrack 4.
The Jasager responds to all WiFi probe requests and then the BackTrack 4 device allocates an IP address from its DHCP server and enables onwards routing to the Internet via a 3G modem or WiFi connection.
I built my solution using a Fon+ and an EeePC 900 running BackTrack 4. I have used both my 3G card and also my MiFi to provide onwards Internet. The solution works great and I have been able to do some fantastic demonstrations with this set up.
Click Here to Download the Mind Map and please let me now if you have any comments, good or bad.
Hot on the heels of my NetCat Mind Map I am happy to bring you my Wireshark Mind Map.
Wireshark is the advertised as the worlds foremost network analyzer. It is provided as open source software and is therefore free to download and use.
Wireshark used to be called Ethereal and it is a tool I have been using for a number of years.
Sometimes, when troubleshooting, the ability to capture packets from the network and analyze what is going on is the only way to truly get to the bottom of an issue. There have been so many times when I have fired up Wireshark and fixed a network issue in a matter of minutes.
This really is a tool that you MUST learn how to use if you are involved in any network, security, or sysadmin role. The capture and display filters can be tricky to learn so persevere to get the tool to do what you want it to.
Take a look at the Mind Map and I also suggest you download Wireshark and get testing it on your own network.
I am already working on some more Mind Maps and they will be published soon.
It has been far too long since I last posted a Mind Map.
I have recently started the Pentesting with Backtrack (PWB) online course from Offensive Security and I plan to sit the associated exam.
Therefore I thought it would be a great idea to create some more Mind Maps for some of the security tools covered on the PWB course.
So, here is my first of many Mind Maps.
This Mind Map is covering NetCat. NetCat is sometimes referred to as a network swiss army tool. It allows you to listen and redirect input and output to TCP and UDP ports.
Take a look at the Mind Map but the best way to learn this tool is to get a few machines hooked together and play.
Apologies for been away too long and I will ensure that I get some more Mind Maps online as they are created.
We have just uploaded the next Mind Map in our CEH series of Mind Maps.
This is the Mind Map covering Module 6 of the Certified Ethical Hacker, Trojans and BackDoors.
In This Mind Map we cover what Trojans are, how they propagate and also the most common types of Trojans that make up part of the CEH syllabus.
Trojans are a key topic to understand as part of your CEH study or general security knowledge. They have been a major issue in the security arena for quite a few years and have caused a lot of financial security breaches as well as mischief on industry.
Follow this link to download the Mind Map and please comment on this post to let me know any suggestions you may have on how to improve these Mind Maps.
Just returned from my holiday and just completed the next installment for the CISSP Mind Maps.
This Mind Map is for the CISSP Law, Investigation, and Ethics module of the CISSP common body of knowledge. This covers the mainly US laws that are tested on the exam as well as the ISC2 code of ethics that you do get asked about and as a CISSP, are expected to withhold.
Download the Mind Map directly from here and as usual, please comment on this post and let me know your thoughts..
I have just uploaded a Mind Map that I created that shows you how to crack WEP 64bit and 128bit using BackTrack version 3.
I regularly use BackTrack 3 as part of my penetration testing toolkit. I have a dedicated laptop built with BackTrack version 3 and use the various command line tools as part of my testing methodology.
This Mind Map shows you how to use the aircrack suite of tools that is included in BackTrack 3. With these tools you are able to crack a wireless WEP key in a few minutes.
I have had great success with this method and a 100% record of recovering the WEP key when asked to perform this for a client as part of a wireless assessment. I have managed to crack both 64bit and 128bit WEP for customers.
This Mind Map covers cracking WEP when a client is connected to the network. I will also be doing another Mind Map where there are no attached clients.
Obviously this tool and methodology can only be used on access points that you have the ownership, or permission to carry out such a test.
Download the Mind Map from this link.
Again, please comment on this post to let me know your thoughts.
After too long a break, we have uploaded the 5th installment of our CISSP Mind Maps, the CISSP Mind Map for Cryptography.
This Mind Map covers the basics of Cryptography and provides information on the cryptographic algorithms you need to know in order to achieve success in this CISSP Module.
Asymmetric and Symmetric cryptographic algorithms are explained and examples of each are given in order to help the student.
Again, all of this is presented in the Mind Map format which has been created in MindJet Mind Manager.
Download the Mind Map directly from this link.
The next in my Cisco Mind Maps is the Mind Map for the Cisco Lifecycle Services. Now, this is only really applicable to those of you who work for a Cisco partner.
With the updated Cisco partner program, they have introduced the Lifecycle Services exam into each job role, for all the specializations.
I had the pleasure of sitting the Lifecycle Services exam, 646-058, for the Advanced Routing and Switching specialization last week. Happy to say I passed it, but found it quite a challenge as it is more project management based than my usual technical exams.
The Lifecycle Services are Cisco’s model for engagement with a customer right through the implementation and optimization stage. The Services Model consists of six main phases. These are:
They make up the PPDIOO Model that is used throughout the Lifecycle Services Model.
Please have a look at the Mind Map and as usual, comments are welcome.
Now, this is a Mind Map I have just created for something else I am doing and thought I would share it. It is quite basic and one of many more Cisco ones that will follow. Well, I am a CCIE and published author of several Cisco Press Books 🙂
Anyway, this is right out of the Cisco CCNA level routing requirements. This is a very basic Mind Map that covers the real basics, I will be expanding all of these and aim to do a complete CCNA set of Mind Maps as I am doing for the CISSP and CEH.
Again, please let me know your comments. I do these because I like to think they are used. I love to hear who is using these and how.
Enjoy the Mind Map.
I have just been configuring SSH on some Cisco Routers so I thought I would Mind Map the process as I must admit it is a while since I have done it and I needed to think about the process.
As we all know, SSH should pretty much always be used when configuring Cisco equipment. In fact, I cannot think of any reason why you would not use it on a device which has the capability to be administered with SSH.
I still find core switches that have Telnet enabled and not SSH. Plucking the authentication passwords from the wire is child’s play, even in switched networks.
So, download and read this Mind Map and use it as an aid when you have to configure SSH on Cisco Devices.