Slashdot Mirror

← Back to Domains

Domain: shmoo.com

Stories and comments across the archive that link to shmoo.com.

Stories · 24

  1. Free Rainbow Tables Looking For New Admin

    It · Security · · posted by kdawson · from the all-the-colors dept. · 95 comments
    lee writes "After almost three years online, the admin of Free Rainbow Tables has decided to call it a day, citing a lack of time to keep it running. (I'm sure that you all know a rainbow table is essentially a giant list of precomputed hashes.) This is a shame, as the site is a useful resource for those occasions when you really need an existing password exposed, rather than simply changing it. I'm a Windows admin, and this site has come in very handy in the past. The currently computed tables weigh in at well over half a terabyte, are available as torrents from the site, or from a couple of mirrors (and alternatives are available). When the site was active, it featured a downloadable BOINC client to put your idle cycles to work computing ever-greater tables, and a space-saving format for storing the tables. The admin is willing to hand over source code if you wish to take over, though I suspect hosting is not included!"

  2. Shmoo Group Finds Exploit For non-IE Browsers

    It · Security · · posted by Hemos · from the even-mozilla-is-guilty dept. · 621 comments
    shut_up_man writes "Saw this on Boing Boing: East coast hacker con Shmoocon ended today and they had a nasty browser exploit to show off... using International Domain Name (IDN) character support to display fake domain names in links and the address bar. Their examples use Paypal (with SSL too) and this looks very useful for phishing attacks. Interesting note that it works in every browser *except* IE (which makes this exploit a lot less dangerous in the end, I suppose)."v The reason IE isn't vulnerable is because it doesn't natively support IDN; with the right plug-in, it too is vulnerable.

  3. Two Wheeled Wi-Fi Sniffing Robot

    Hardware · Wireless · · posted by CowboyNeal · from the tom-servo-totally-jealous dept. · 81 comments
    paulnuyu writes "ZDNet/MSN has an article about a robot that detects Wi-Fi vulnerabilities and intrusions. The two wheeled robot made by the Shmoo Group cruised around the DefCon convention in Vegas last Sunday, picking up telnet and POP passwords. Though still a prototype, the shipping version is projected to have autonomous steering capabilities."

  4. Known-Good MD5 Database

    It · Security · · posted by timothy · from the damn-good-idea dept. · 307 comments
    bgp4 writes "Have you ever examined a system you thought was broken into but you weren't sure? If only you had run an integrity verification program like osiris or Tripwire first you could have figured out what programs had been changed. In an effort to help out in the instances when you can't answer the question "what was this like before?" we've constructed a searchable database of MD5 and SHA-1 hashes for files in many standard operating systems. You can search using the filename or the checksum and see if you have a trojaned binary or an overactive imagination. Currently at knowngoods.org we have many FreeBSD, OS X, Linux, and Solaris installations checksummed and cataloged. If you have other programs or distributions you would like to see in the database, please let us know."

  5. Known-Good MD5 Database

    It · Security · · posted by timothy · from the damn-good-idea dept. · 307 comments
    bgp4 writes "Have you ever examined a system you thought was broken into but you weren't sure? If only you had run an integrity verification program like osiris or Tripwire first you could have figured out what programs had been changed. In an effort to help out in the instances when you can't answer the question "what was this like before?" we've constructed a searchable database of MD5 and SHA-1 hashes for files in many standard operating systems. You can search using the filename or the checksum and see if you have a trojaned binary or an overactive imagination. Currently at knowngoods.org we have many FreeBSD, OS X, Linux, and Solaris installations checksummed and cataloged. If you have other programs or distributions you would like to see in the database, please let us know."

  6. Mega Public WAN In Sydney

    Internet · · posted by ryuzaki0 · from the annoyance-is-the-mother-of-invention dept. · 162 comments
    Chris Meder writes: "As posted on CFGN - The Nation , gibed by the recent unreasonable price hikes in Broadband connectivity in Australia, which come already after a strained relationship between Broadband users and the major telco/ISP Telstra BigPond Internet, a group of people in the largest Australian metropolitan city of Sydney have decided to form a city wide amateur wireless network. The team behind this clever idea have also put up a detailed graphical database of people interested and are still looking for more numbers to get this off the ground." This last part reminds me of the Global Access Wireless Database, as featured here. Update: 01/23 18:53 GMT by T : Reader Peter Mann wrote to point out that "there's a mailing list for a similar wireless project in Sydney at http://sydney.air.net.au."

  7. DEF CON "Capture the Capture The Flag" Data

    It · Security · · posted by Hemos · from the come-and-analyze dept. · 107 comments
    pablos writes "Each year DEF CON hosts the famed Capture The Flag contest. Hackers from all over the world duke it out on the network for 72 hours, hacking for the title. The Shmoo Group diligently logs every packet for posterity, we "Capture the Capture The Flag." Now is your chance to download by far the most interesting, 'sploit ridden, 5.8GB of intrusion collusion ever published. Free for the bandwidth endowed, this is the ultimate IDS testbed."

  8. DEF CON "Capture the Capture The Flag" Data

    It · Security · · posted by Hemos · from the come-and-analyze dept. · 107 comments
    pablos writes "Each year DEF CON hosts the famed Capture The Flag contest. Hackers from all over the world duke it out on the network for 72 hours, hacking for the title. The Shmoo Group diligently logs every packet for posterity, we "Capture the Capture The Flag." Now is your chance to download by far the most interesting, 'sploit ridden, 5.8GB of intrusion collusion ever published. Free for the bandwidth endowed, this is the ultimate IDS testbed."

  9. DEF CON "Capture the Capture The Flag" Data

    It · Security · · posted by Hemos · from the come-and-analyze dept. · 107 comments
    pablos writes "Each year DEF CON hosts the famed Capture The Flag contest. Hackers from all over the world duke it out on the network for 72 hours, hacking for the title. The Shmoo Group diligently logs every packet for posterity, we "Capture the Capture The Flag." Now is your chance to download by far the most interesting, 'sploit ridden, 5.8GB of intrusion collusion ever published. Free for the bandwidth endowed, this is the ultimate IDS testbed."

  10. DEF CON "Capture the Capture The Flag" Data

    It · Security · · posted by Hemos · from the come-and-analyze dept. · 107 comments
    pablos writes "Each year DEF CON hosts the famed Capture The Flag contest. Hackers from all over the world duke it out on the network for 72 hours, hacking for the title. The Shmoo Group diligently logs every packet for posterity, we "Capture the Capture The Flag." Now is your chance to download by far the most interesting, 'sploit ridden, 5.8GB of intrusion collusion ever published. Free for the bandwidth endowed, this is the ultimate IDS testbed."

  11. Where's Your Nearest Wireless Access Point?

    Tech · Technology · · posted by CmdrTaco · from the now-thats-a-clever-idea dept. · 88 comments
    bgp4 writes "The Global Access Wireless Database (GAWD) is a search engine that allows you to find your nearest wireless access point. It also allows you to search for access points based on provider such as PersonalTelco or Seattle Wireless. The catch here is all the access points are added by the community. If you are invovlved in a wireless project, feel free to enter the information on your AP's into GAWD. Even if you're not in a project, if you know of an access point somewhere (good examples are locations in airports, bus stops, locations on the BART, etc) feel free to enter them as well. The more AP's that are in GAWD, the more useful it will be to everyone. GAWD is still under active development. If you have any feedback or ideas for improvements, please let us know." Its still a little new since it doesn't have any significant amounts of data yet, but this is a really cool idea. Especially when everyone leaves unencrypted 802.11 lans hanging around their houses and you can simply ping your way to infinite bandwidth *grin*

  12. Where's Your Nearest Wireless Access Point?

    Tech · Technology · · posted by CmdrTaco · from the now-thats-a-clever-idea dept. · 88 comments
    bgp4 writes "The Global Access Wireless Database (GAWD) is a search engine that allows you to find your nearest wireless access point. It also allows you to search for access points based on provider such as PersonalTelco or Seattle Wireless. The catch here is all the access points are added by the community. If you are invovlved in a wireless project, feel free to enter the information on your AP's into GAWD. Even if you're not in a project, if you know of an access point somewhere (good examples are locations in airports, bus stops, locations on the BART, etc) feel free to enter them as well. The more AP's that are in GAWD, the more useful it will be to everyone. GAWD is still under active development. If you have any feedback or ideas for improvements, please let us know." Its still a little new since it doesn't have any significant amounts of data yet, but this is a really cool idea. Especially when everyone leaves unencrypted 802.11 lans hanging around their houses and you can simply ping your way to infinite bandwidth *grin*

  13. Where's Your Nearest Wireless Access Point?

    Tech · Technology · · posted by CmdrTaco · from the now-thats-a-clever-idea dept. · 88 comments
    bgp4 writes "The Global Access Wireless Database (GAWD) is a search engine that allows you to find your nearest wireless access point. It also allows you to search for access points based on provider such as PersonalTelco or Seattle Wireless. The catch here is all the access points are added by the community. If you are invovlved in a wireless project, feel free to enter the information on your AP's into GAWD. Even if you're not in a project, if you know of an access point somewhere (good examples are locations in airports, bus stops, locations on the BART, etc) feel free to enter them as well. The more AP's that are in GAWD, the more useful it will be to everyone. GAWD is still under active development. If you have any feedback or ideas for improvements, please let us know." Its still a little new since it doesn't have any significant amounts of data yet, but this is a really cool idea. Especially when everyone leaves unencrypted 802.11 lans hanging around their houses and you can simply ping your way to infinite bandwidth *grin*

  14. Where's Your Nearest Wireless Access Point?

    Tech · Technology · · posted by CmdrTaco · from the now-thats-a-clever-idea dept. · 88 comments
    bgp4 writes "The Global Access Wireless Database (GAWD) is a search engine that allows you to find your nearest wireless access point. It also allows you to search for access points based on provider such as PersonalTelco or Seattle Wireless. The catch here is all the access points are added by the community. If you are invovlved in a wireless project, feel free to enter the information on your AP's into GAWD. Even if you're not in a project, if you know of an access point somewhere (good examples are locations in airports, bus stops, locations on the BART, etc) feel free to enter them as well. The more AP's that are in GAWD, the more useful it will be to everyone. GAWD is still under active development. If you have any feedback or ideas for improvements, please let us know." Its still a little new since it doesn't have any significant amounts of data yet, but this is a really cool idea. Especially when everyone leaves unencrypted 802.11 lans hanging around their houses and you can simply ping your way to infinite bandwidth *grin*

  15. Where's Your Nearest Wireless Access Point?

    Tech · Technology · · posted by CmdrTaco · from the now-thats-a-clever-idea dept. · 88 comments
    bgp4 writes "The Global Access Wireless Database (GAWD) is a search engine that allows you to find your nearest wireless access point. It also allows you to search for access points based on provider such as PersonalTelco or Seattle Wireless. The catch here is all the access points are added by the community. If you are invovlved in a wireless project, feel free to enter the information on your AP's into GAWD. Even if you're not in a project, if you know of an access point somewhere (good examples are locations in airports, bus stops, locations on the BART, etc) feel free to enter them as well. The more AP's that are in GAWD, the more useful it will be to everyone. GAWD is still under active development. If you have any feedback or ideas for improvements, please let us know." Its still a little new since it doesn't have any significant amounts of data yet, but this is a really cool idea. Especially when everyone leaves unencrypted 802.11 lans hanging around their houses and you can simply ping your way to infinite bandwidth *grin*

  16. Capture The Capture The Flag

    It · Encryption · · posted by Hemos · from the meta-hacking dept. · 39 comments
    bgp4 writes: "During DefCon 8, the Shmoo Group sniffed all the Capture the Flag network traffic. For those that don't know, Capture the Flag is weekend long hacking contest held at DefCon each year. The network dumps have now been posted and are available here. Hopefully by making this data available to the public, software developers will become more aware of how vulnerable their software really is and fix the root of the problem. Better intrusion detection isn't the answer ... Secure software is. We're looking for mirrors, so if you'd like to host the data, please let me know."

  17. Capture The Capture The Flag

    It · Encryption · · posted by Hemos · from the meta-hacking dept. · 39 comments
    bgp4 writes: "During DefCon 8, the Shmoo Group sniffed all the Capture the Flag network traffic. For those that don't know, Capture the Flag is weekend long hacking contest held at DefCon each year. The network dumps have now been posted and are available here. Hopefully by making this data available to the public, software developers will become more aware of how vulnerable their software really is and fix the root of the problem. Better intrusion detection isn't the answer ... Secure software is. We're looking for mirrors, so if you'd like to host the data, please let me know."

  18. Capture The Capture The Flag

    It · Encryption · · posted by Hemos · from the meta-hacking dept. · 39 comments
    bgp4 writes: "During DefCon 8, the Shmoo Group sniffed all the Capture the Flag network traffic. For those that don't know, Capture the Flag is weekend long hacking contest held at DefCon each year. The network dumps have now been posted and are available here. Hopefully by making this data available to the public, software developers will become more aware of how vulnerable their software really is and fix the root of the problem. Better intrusion detection isn't the answer ... Secure software is. We're looking for mirrors, so if you'd like to host the data, please let me know."

  19. Capture The Capture The Flag

    It · Encryption · · posted by Hemos · from the meta-hacking dept. · 39 comments
    bgp4 writes: "During DefCon 8, the Shmoo Group sniffed all the Capture the Flag network traffic. For those that don't know, Capture the Flag is weekend long hacking contest held at DefCon each year. The network dumps have now been posted and are available here. Hopefully by making this data available to the public, software developers will become more aware of how vulnerable their software really is and fix the root of the problem. Better intrusion detection isn't the answer ... Secure software is. We're looking for mirrors, so if you'd like to host the data, please let me know."

  20. RSA Party Planner

    Yro · Encryption · · posted by michael · from the party-hat dept. · 12 comments
    bgp4 writes "The patent on the RSA encryption algorithm is set to expire on September 20th, just a few weeks away. Cypherpunks around the world are preparing to celebrate the ability to use RSA without restriction. In order to increase awareness of the patent expiration (as well as attendance at the parties), we've put up an RSA Party Planner page. That way folks can find out where/when their local party is, or if there isn't a local party, they can throw one of their own. If you know of any parties that we haven't listed, please let us know."

  21. RSA Party Planner

    Yro · Encryption · · posted by michael · from the party-hat dept. · 12 comments
    bgp4 writes "The patent on the RSA encryption algorithm is set to expire on September 20th, just a few weeks away. Cypherpunks around the world are preparing to celebrate the ability to use RSA without restriction. In order to increase awareness of the patent expiration (as well as attendance at the parties), we've put up an RSA Party Planner page. That way folks can find out where/when their local party is, or if there isn't a local party, they can throw one of their own. If you know of any parties that we haven't listed, please let us know."

  22. RSA Party Planner

    Yro · Encryption · · posted by michael · from the party-hat dept. · 12 comments
    bgp4 writes "The patent on the RSA encryption algorithm is set to expire on September 20th, just a few weeks away. Cypherpunks around the world are preparing to celebrate the ability to use RSA without restriction. In order to increase awareness of the patent expiration (as well as attendance at the parties), we've put up an RSA Party Planner page. That way folks can find out where/when their local party is, or if there isn't a local party, they can throw one of their own. If you know of any parties that we haven't listed, please let us know."

  23. Caught Before the Act

    Science · Science · · posted by michael · from the Enemy-of-the-State dept. · 399 comments
    bgp4 writes "New Scientist has a report on advances in video surveillance. Researchers in the UK have determined ways to pick out a criminal before he has actually committed the crime." Surveillance systems sound the alarm if you deviate from the routines expected of "law-abiding" citizens and track people from one camera to the next.

  24. SETI@Home Says Client 'Upgrades' Are a Bad Idea

    Science · Science · · posted by Roblimo · from the keeping-data-pure dept. · 250 comments
    bgp4 writes "New Scientist has an article on how 'upgrades' to SETI@Home clients are causing some trouble. Even though the upgrades speed the client up, SETI reps don't want people using them because they may induce bad data. If SETI@home just open-sourced [the SETI@home client], they'd have better PR and a better client." Amen! SETI@home, are you listening?