- add autoscan: http://autoscan.free.fr/
- add LATEST java && LATEST jre
- strip all browsers and add LATEST firefox with some extensions like AniDisable, Bandwidth Tester, Disable Targets For Downloads, downTHEMall, Image Zoom, Print Preview, SecurePassword Generator, Wikipedia, Dict, DictonarySearch, U.S. Homeland Security Threat Level, ForecastFox, Timestamp, MapIt, Translation Panel, Html Validator (based on Tidy), Nuke Anything, ChatZilla, Adblock, User Agent Switcher, Iget, Gmail Notifier, Nuke Image, ViewSourceWith

- LATEST eclipse for java developers: http://www.eclipse.org/
- hping: http://www.hping.org/
- rdesktop: http://www.rdesktop.org/
- Maybe a GUI Explorer like XFe: http://roland65.free.fr/xfe/
- scite: http://www.scintilla.org/
- FOX: http://www.fox-toolkit.org/
- IglooFTP: http://www.littleigloo.org/
- GIMP
- Hydan: http://www.crazyboy.com/hydan/
- Afick: http://afick.sourceforge.net/
- WiFi Scanner

- There are many others that I would like to include into the list ... will update on the next post.

- These are just suggestions and nice tools to have so sorry if I offend anyone.

r00t

the second thing how can i get a sockit source

I'm dual booting windows xp, and ubuntu, booting off the knoppix live cd.

I'm following this guide from a textbook using knoppix to access the shadow file, that stores the root password.   So, I start up my command line shell, and fdisk -l doesn't work.. however, because it's my laptop, i know the password, i logged on, and checked that i'm using the sda2 partition for linux (sda1 for windows).

next step is to mount the sda2,

# mount /dev/sda2 mountpoint

(where 'mountpoint' is a empty directory i made)..
I've checked in the /dev/ folder that i do have sda1 - sda15, however
i get these two errors:

modprobe: Can't locate module block-major-8
mount: /dev/sda2 is not a valid block device

I have checked after I rebooted that sda2 is my partition for linux, and it exists in my /dev folder, so I'm confused.  I did see a post with a similar question, but nobody responded, and it was really old.

As for the block-major-8 error, a lot of posts were talking about booting from their usb and having issues with that, so that seems very unrelated.

Thanks in advance.

Basically you have a corrupt iso... but all is not lost.

S-T-D offers torrent download of the S-T-D iso. Torrent for those that dont know is kinda like Kazza in that it is peer to peer so you download the iso from lots of people that already have downloaded it. For us this is great as it reduces bandwidth costs.

Thanks to tlm-project.org we offer torrent download of the iso.

So to repair your iso do this...

get a copy of azureus from http://azureus.sourceforge.net/ (both windows and linux can use this client)

once you have this installed go to the downloads page linked from out homepage and click on the torrent download.

and download the torrent file

then open azureus and select => File/Open/No default save

choose the torrent file you just downloaded.

You will now be asked to slect where to save the S-T-D iso to. Pick a memorable location.

Azureus will now start downlaoding the iso.

Immediately stop the download.!

Go to the location you told Azureus to save the iso to and replace this copy with the corrupt copy of S-T-D you already downloaded.

Go back to Azureus and right click on the S-T-D download.

Now select recheck.

Start the torrent download and you should have to wait very little time have your iso repaired.

If all has gone well your corrupt iso will have automagically given a huge boost in your torrent download (likely 95+%) !

Please for the sake of the community let the torrent seed for as long as you can to help others download.

In the future torrent will be the principle method of S-T-D download

but as I understand it's very hard to crack NTLM hashes

So my first question, does S-T-D come with a dictionary file?

Secondly, which program should be used to brute force WEP like this?

I thank you all in advance for your help.

Kismet has a lot of uses, and it depends on what your needs are. To be safe, it would be easiest to just log everything by enabling it in kismet.conf  The config file is located in /usr/local/etc in recent versions. As mentioned, the dumps can be large. If you don't need a pcap, turn off the .dump option. Here are some different uses besides pcap, and what logs are helpful. To avoid a lot of config editing, it may be useful to test multiple config files, and then call them as needed with the -f <config name> switch.

You can also combine multiple .dump files with the mergecap program included with Wireshark.

Wardriving: csv, gps, and xml files. I wardrove for five years only uploading csv files to Wigle.net before I discovered that .gps and .xml files have differing information in them. Upload .xml and .gps files also! Here is an easy way to consolidate the three filetypes,  upload them all, Wigle will sort them out:

 tar cfvz filename_to_upload.tar.gz *.xml *.csv *.gps

While wardriving, it is best to disable the pcap/dump file. You are on the move, and won't capture anything relevant. In the USA it is completely legal to wardrive with Kismet. In some jurisdictions storing the data (aka the dump option of logging) could be construed as an illegal wiretap. Play it safe, turn it off. Be sure to join the S-T-D group on Wigle and contribute your wardriving talents to S-T-D. We are currently #23 of 150 groups.

You can also use the Python script later in the article here to create an 'ap.kml' file for use with Google Earth.

While wardriving, the .gps and .xml logs can be used with Gpsmap (comes with Kismet) to make various maps of your drive.

Sniffing for breaking WEP:
In kismet.conf you mostly need the dump file and perhaps the cisco file. Aerodump can do this nicely as well, but some prefer Kismet. Set channelhop=false and put the one channel you need in defaultchannels. These settings are needed for any use where you need a dump of one channel.

Rogue AP Detection:
In kismet.conf you can set a FIFO named pipe instead of a log, and feed it into Snort. In the config file, look for:

#fifo=/tmp/kismet_dump

Uncomment this line, save the configuration file, and start Kismet. Once started, Kismet will hold the /tmp/kismet_dump file until it is hooked by Snort. Now start Snort. Configure it to your liking, but add a

-r /tmp/kismet_dump

switch when you run it, so it will read data from the FIFO feed of Kismet. You can then have Snort email you, notify pagers based on events, or anything else within the limits of Snort. If you detect active wardriving (such as Netstumbler) it could be interesting to have Snort fire off an instance of FakeAP. If one access point is good, then 53,000 must be better.

Wireless IDS: Client/Server architecture allows multiple clients to feed a single Kismet server simultaneously. You can configure Kismet to use multiple drones in kismet.conf to monitor a perimeter of an area. Using Snort as above, you can take many different actions based on the event. Kismet supports 17 types of alerts.

Kismet Log Viewer: Using the .xml files only, KLV can produce a nicely formatted map of AP and clients seen, along with a (US-only) Tiger map of the AP's locations. This is more useful in a mobile/wardriving situation.

Kismet is so flexible there are surely many more ways to use it, these are just a few.

One of the things in the to do list is to acquire a dedicated server on a high tear internet connection.

We have three ways of doing this:

1. public donations and private funding to rent a dedicated server + bandwidth
2. public donations and private funding to purchase dedicated server and donated rack space at an academic institution
3. donated server and rack space

obviously option 1 is very constly and will take some time to fund.

Since we will never be offering the iso directly to the public from our domain the bandwidth requirements will not be vast. Also the server requirements will be moderate as well requiring only apache, php, mysql, ssh, ftp etc  running on Linux (debian prefereably).

As such this is a request for assistance for option 2 or 3.

This is the first big request we have ever made and are not holding out much hope.

open discussion is invited for ideas but can we keep this very important thread on topic please

I have checked all the Fluxbox FAQ and Read me's and they all say that there in the /home directory.  I looked and it wasnt there, I dont know if S-T-D uses it at all....

What Im trying to do is to get my slit to load up with all my dockapps when I boot up and all the webpages I need to edit the .xinitrc file.  If anyone else knows how to configure the slit or point me to another thread it would be much appreicated 

/etc/john/john -user:Administrator hashes

i get

loaded 2 passwords with no different salts
fopen: /etc/john/lanman.chr: No suh file or directory

how can i fix this?

HP Compaq nc8230 - Pentium M2.0ghz - 1GB-Ram - 64/2048kb (L1/L2 cache) - 15.4"TFT - IntelPRO (wireless) and Broadcom NetXtreme Gigabit NIC - ATI Mobility Radeon X600 64mb Video

I've been unable to boot knoppix from the downloaded and burned CD. The MD5 checks out perfectly.  I've only tried Knoppix-S-T-D 0.1 because I am attending a training course that utilizes this specific version of Knoppix S-T-D for some of the lab sessions.

When just using 'knoppix' and boot comand, I get...

Loading vmlinuz..............................
Loading miniroot.gz.........................

then the screen goes blank with no activity (left for five min's).

After that, I went on to try multiple cheat codes.  The following list is complete.  If it's not on this list, then I haven't tried it yet:

knoppix screen=800x600
knoppix screen=1024x768
knoppix fb1024x768'
knoppix nohwsetup
knoppix acpi=off pnpbios=off noapic noapm
knoppix acpi=off pnpbios=off noapic noapm failsafe
knoppix noapic noapm nodma nomce nofirewire nopcmcia noscsi noswap nousb nosmp noaudio
knoppix debug -b 3
knoppix failsafe debug -b 3

The three above mentioned cheat codes all hang at the same line, and turns off the screen.

Continued to try the following cheat codes:
knoppix vga=normal
knoppix vga=0
knoppix vga=0 failsafe
knoppix vga=0 acpi=off pnpbios=off noapic noapm
knoppix vga=0 acpi=off pnpbios=off noapic noapm failsafe
knoppix vga=0 noapic noapm nodma nomce nofirewire nopcmcia noscsi noswap nousb nosmp noaudio
knoppix vga=0 noapic noapm nodma nomce nofirewire nopcmcia noscsi noswap nousb nosmp noaudio failsafe
knoppix vga=0 nohwsetup
knoppix vga=0 nohwsetup failsafe

These lines helped get one line further, and then the machine hangs at:  'Uncompressing Linux . . . Ok, booting the kernel.'   (I should note that the display stays on, so I think the 'video' issues are countered by any of the above cheat codes...that's all good)

Continued with the following cheatcodes
knoppix vga=0 debug
knoppix vga=0 debug -b 3
knoppix vga=0 debug -b 3
knoppix vga failsafe debug -b 3

A bunch of ASCII text floods quickly by, but it hangs when it gets to the following block of text:

Using local APIC timer interrupts.
calibrating APIC timer . . .
. . . . . CPU clock speed is 1995.0756 MHz
. . . . . host bus clock speed is 0.0000 MHz
cpu: 0, clocks: 0, slice: 0

then it hangs, again without turning of the screen.

For the record, the same CD boots fine on multiple other "desktop" computers, so I am relatively sure I'm running into a hardware compatibility that I seem unable to get around with cheat codes.  As I post this, I am currently downloading Knoppix 4.0.2 so that I may attempt "remastering" a new S-T-D disk.  Not only am I relatively convinced that I do not have the skillset necessary to pull this off (bah, when has a lack of skills ever stopped me from trying before?), I am also unsure if a new version of Knoppix will "break" the planned lab work in the course I'm taking.

Having said all of that....if anyone already has a remastered ISO that contains all of the tools that 0.1 S-T-D contains, please please please would you be willing to share it with me posthaste?

Or, does anyone have any suggestions?  I think I've tried to be diligent about "self-help" before turning to yet another post about booting this CD on a laptop. 

Let me know, and thank you for your time.
cheers,
Hayzeus