In my earlier post “a better look at ntop – part 1“, I covered installing ntop, creating the ntop conf file and a few of it’s more interesting configuration options. Today in part 2, we will look at the web interface, plugins and an important command line option. After posting part 1, I thought it would be a good idea to let ntop run for a few days so I could collect some good graphs/data to share. However, it did slip my mind at the time .. ntop is serious resource hog. After 4 days of data collection, the hard drive in my debian box filled up and things were not so happy. Because of this, unfortunately I had to dump all the rrd graphs for those 4 days. But we must press on, with or without pretty graphs!

Let’s dive into a better look at ntop – part 2:

As I wrote in an earlier post, I’ve been working on a mobile version of my blog. The mobile version is now operational, and it looks pretty damn good on my mobile phone’s browser. I have been learning a lot about mobile content since the start of this project and I’m pretty proud of what I have accomplished; but there is tons more to learn about.

Which reminds me: mobi.trepullins.net is now deprecated. The new wordpress plugin I am using, will auto-detect and redirect based on browser user-agent. You only need to go to http://trepullins.net and you will get the mobile version on your phone and the full blown version on your workstation.

Earlier I wrote a post on an ethical view of nmap. Today I’ve had a few adult beverages and I thought it would be fun to give a little insight into an unethical use. I am not the first to say this, and will not be the last .. but nmap is just freakin cool and so,so useful. In this post we shall cover some of the more interesting IDS decoy and evasion methods available in nmap.

Are you ready to nerd it up?

I’ve been fooling around with some plugins for wordpress to detect and reformat my site to be phone compliant. I know .. it’s terribly nerdy and honestly it looks pretty bad on my Sony Ericsson w810i’s “media net browser” .. though it does look a little better in Opera Mini. I came across a site for emulating a few cellphones, while reading about formatting websites for mobile phones. Right now the mobile version is pretty crappy looking, but I will do my best to get it looking nice*.

* By looking nice, I mean nice on the few phones and emulators I have access to.

wife: What the hell are we watching?
me:  Death  Hunt.
wife: What’s it about?
me: Charles Bronson.
wife: What a detailed and rivoting synopsis.
me: It’s got Charles Bronson in it, what more do you need to know?
wife: *sigh*

Earlier this morning I read an article that came through my digg rss feed, entitled “Monitor network traffic with ntop“. Basically it went like this .. install ntop (from source) and then type some stuff and you have ntop .. reet! Suffice to say it left me wanting a little more depth. If you want something done right …

I’ve used ntop before in previous jobs, and I have used it on my home network. So today I decided after reading the above linked article, I would setup ntop on my debian box. I will preface this with a short explanation of how I have things setup network wise.

Let’s get ready to nerd it up:

This article was linked off of slashdot this morning .. great read for those wanting a nice detailed explanation of nmap and it’s uses (ethical or otherwise).

From the conclusion:

This should give you a great running start with Nmap. We covered not only what each scan does, but, more importantly, we gave you some valuable insight as to what an ethical hacker should be thinking when scanning. If the bad guys are thinking it, then you should, too. In Part 2 we will discuss all the special options we can add to our Nmap scans to really bring it to a much higher level.

One of the most useful scan types that I use on a regular basis is the RPC scan (-sR) a sample output that one might expect to see from a scan of this type: