Wednesday, September 1, 2010

Things I want to do this winter....or probably won't.

Hack Lab.

It seams not a single person I talk to knows what a hack lab is, or why anyone would want to have one. Many see it as a way of teaching people how to break the law, or spread information that should not be shared.

However this is not the case for me. Its more of a way for me to learn from others and help others learn from me. Over the years I have kept up with a lot of stuff I never get to use, and a hack lab is the easiest and safest way to put those skills to practice.

What is a hack lab realy?
A hack lab is a small (or large) dedicated network complete with servers, switches, and whatever networking equipment you want to play with. Hack labs are usually not connected to the Internet to keep activity from leaking into the public networks.
A hack lab is setup like a game, one hack lab may focus on web application security where players are responsible for finding holes and security problems. Another hack lab may require files to be found and passwords cracked.

As text to many this may sound dull and boring, but a hack labs main purpose is to educate those playing. Each person thinks differently and may take alternate routes to the same goal. A hack lab may show that using a tool like wireshark is much faster then using tcpdump. Or that john the ripper is quicker at cracking zip files then a proprietary application.

What would my hack lab be like?
I have always had a fascination with wireless security and how people take most security as a hassle instead of a way to protect their files. So my hack lab would focus on these areas. An access point would be setup using a basic "WEP" based protection and possibly a MAC address filtering list. Players would then be tasked with gaining access to the wireless access point using several methods and collecting information. After accessing the wireless network they would need to keep other players at bay while not alerting the owner of the wireless network. So switching mac list, or encryption to WPA/WPA2 would not be an option.

Once into the network they would then have to gain access to a file server containing a protected data file. This file would be protected using methods that even hospitals have been known to use.

It sounds like a quick lab, but in reality it could take several hours if not an entire day to complete. Once finished players would be asked to explain how they obtained access to each section of the network and propose solutions to keep attackers out. As an extended game the newly secured network could then be attacked. However, the use of wpa/wpa2 would greatly increase the amount of time it would take to gain access to just the wireless section of the network.

This lab is just a basic example, there are even hack labs online you can play, or download and play. Most of them focus on security since thats the biggest problem facing any computer user, and of course its the funnest.

Online radio/web show.

When I was living in Quincy I had a small web show, it wasn't much but it was fun when I could do it. Many years ago I had a very small radio show online. I have always liked interacting with people and making things that entertain even if its just a hand full. And with the updates to some of the software I have been using, a live show would be pretty fun. I may eventually try to do another show, but it will require a lot of planning and content provided by listeners/viewers. Perhaps I'll start over the winter if i'm not swamped by work.

Lastly I'd like to get my business back up and running. After two weeks of being open we started to get a steady stream of customers, but scheduling problems and the city wanting another $100/$200 for a permit or re-zoning killed us quick. But we plan to move to a new location. Once done pricing will be cut way below local competition and we hope to build our business back up and beyond.

No comments:

Post a Comment