YouReadMyBlog

Yes, after about 6 months of tumbleweed – 1 month or so of which was downtime – the blog is back in business.

I thought I’d compile a quick FAQ surrounding the events:

So you’ve thought of some interesting new things to post?

Well, no, not particularly – but some things are happening which I might deem postworthy at sometime.

Are you going to post more frequently?

With the best will in the world I hope I will; but probably not.

So why bring the blog back now?

I like having somewhere to occasionally write things down and I’m trying to get myself known in the world of IT security. I’ve also just finished Uni for christmas so have had some spare time to set up now that I’m not stressed with work anymore.

Why did the blog go down for a month?

Long story….short version = old server supplier went out of business so I had to get a new server.

Are you okay Craig? How’s life?

Thanks for asking – I’m good – as I say I’ve been a bit stressed with lots and lots of Uni work but I’m managing fine with it in general.

Any other questions?

I guess this is a little tutorial following what I’ve done this morning; should be handy since I couldnt find any good info in one place.

For those of you who dont know what opendns is: Google is your friend but basically it’s an alternative dns service from resolving addresses with some nifty extra features.

Now, lets get started, Tiscali are mean for the more savvy network dude and have locked the firmware on the SE587 to only include features that most users would want to use – unfortunately this does not include setting custom dns servers – meaning they are set automatically when the router is powered on and negiotiates an internet connection.

So using the web interface is out Lets fire up telnet

For telnet I used putty but you can use any telnet client (I’m not going into depth about how to connect to things using telnet – if you dont know how to do that, stop reading now).

Anyway; telnet into the router and you should see a nice connexant splash with some neat ASCII art, login with your normal username and password that you use for the web interface. There is a lot you can do with telnet here and I’ve spent hours going through different commands trying to get this to work properly – but in the end I discovered it can be done using the command:

dnsrelay

not dnsclient as I first thought – maybe it does work but it’s a lot of hassle and I couldnt get it to.

So type:

dnsrelay list servers

And you should see a few IP Addresses for DNS described as configured by PPP (Thats Tiscali)

Delete those by typing

dnsrelay clear servers

And add the new OpenDNS ones with

dnsrelay add server 208.67.220.220

dnsrelay add server 208.67.222.222

Now you need to save this so it’s not lost on reboot:

system config save

And finally:

system restart

Will reboot the router – wait a few minutes for it to come back up and telnet back in.

Re-issue the command:

dnsrelay list servers

Now you should see the 2 opendns manually configured IP’s as well as the ones PPP sent us. (You can change some config to stop PPP Sending it’s DNS but there was no need for me plus if left like this and for some reason opendns fails then the router should fallback – if you want to know how to stop auto discovery over PPP leave a comment)

Now to check that you are actually using opendns all you need to do is goto a random web address that you *mistyped* I like http://randomurl.cop – if you see the opendns search page then you’re all done and your router is now using opendns for its queries. If something went wrong just do:

dnsrelay clear servers

system config save

system restart

And the router will reboot and get new DNS from PPP again.

Oh…one more thing I did just for fun really I dont think its needed.

dnsrelay set landomain opendns.com

I think you can set this to any domain – the only reason I changed it was because I felt like it really.

Comments Appreciated Thanks for Reading

OK Perhaps the title is a bit over dramatic but I needed to grab your attention.

I was sitting watching TV in a thunder storm when it suddenly goes off and starts flicking between off and standby constantly – so obviously thinking it was a power surge i go and turn it off at the wall. I then wait ten minutes; thunder stops and try (not too eagerly) to turn the thing back on.

Guess what?…Its still flicking between off and standby and refuses to go on properly so my plan of attack is to leave it powered off for a few hours to drain any residual static and then try again.

On the upside atleast if it’s broken it’ll be an excuse to buy an LCD :P

Thats all for now – I’ll re blog and let you know how I get on.

Craig

P.S. I’m slowly starting to learn python

Yes folks, Its finally happened; I’ve jumped on the bandwagon that is twitter – still dont see the point of it totally but I’m sure it will grow on me as I get more followers and follow more people.

If you’re interested

http://twitter.com/CraigPaulBryson

NB: I might add my twitter feed to the sidebar of this blog (where facebook used to be). We’ll see if I can break out of my laziness long enough to install the plugin again.

Craig

Right folks I’ve just installed the wordpress app on my iPhone which is cool now I can blog on the move and (hopefully) more frequently

Yes that’s right; for those of you who do not know I now have an iPhone 3G and I’m really liking it although I cannot get into it properly as I’m using it as a 2nd phone until my 3-UK contract ends so I switch my contract to O2.

I have however had some problems with the iPhone – software update 2.2.1 somehow broke my microphone and people couldn’t hear me during calls but this seems to have fixed itself with v3.0 (which btw I love).

Nowadays I’m having some trouble with sometimes not receiving SMS straight away – often days late – but as I do receive them eventually I have marked this as a network problem and I’m hoping O2 will be able to solve it.

In summary: Have iPhone, like it, think it has potential to compete with big players like Blackberry once apple resolve all the kinks I also wish I’d held out for a 3GS but hey you cant have it all and the rate at which Apple pump out new revisions there’ll probably be a “Super Dooper” 3GS+ with bells and whistles attached coming out in a few months anyway and all of those people with a 3GS will be filled with regret and resentment.

I cant wait until my 3-UK contract ends in October so that I can use the iPhone full-time and really put it through it’s paces

Apologies for the downtime of the blog for the past few days – some of the unused plugins were causing a fatal error (i still dont know why) so I was forced to suspend the account until i could be bothered to fix it -  but anyway now they’re deactivated and all seems to be working?

Damn Vulnerable Web App (DVWA) is a web application that is damn vulnerable. Its main goals are to be light weight, easy to use and full of vulnerabilities to exploit. It has been developed for the use of information security professionals and students to test out their skillz and/or toolz in a legal environment.

‘

Damn Vulnerable Web App v.1 has just been released in the past hour. The BETA version has had over 500 downloads in the past couple of months so I thought I would further develop it and make it open source.

‘

Changelog:

Made command execution more realistic.

Added help buttons.

Added .htaccess file to turn magic quotes off.

Improved database creation with setup.php.

Amended installation instructions in README file.

Added GNU GPL license.

Added a robots.txt file with disallow all.

Removed link to www.ethicalhacker.co.uk in footer.

Added better error output on magic quotes.

‘

There are alternatives out there such as irongeek’s Multillidae and Andrew Kramer’s Peruggia. However DVWA is not meant to be as realistic as a real web app, it is meant to be as easy to use as possible for beginners to learn or for teachers to teach.

‘

To download and/or contribute to DVWA:

http://sourceforge.net/projects/dvwa/

‘

Thanks Craig for the guest post!

ethicalhack3r

Hi All,

Today I had what I guess you could call an inspiration to restart the old web development business to give myself something to do over my summer break, as you may know the last name of the business was CPB-Network and previous to that was known as WhirlWindWebSolutions (WWWS) but was closed shortly after Stu’s death as I had no motivation to continue at the time.

Now though I feel it may be time to dust off the old coding fingers and start again. I’m not sure whether or not to restart under the name WWWS or whether I should leave this to one side (as it was Stu’s domain) and start afresh. I have made contact with some old friends and got a little bit of work lined up. As of yet I’m still going at it from a freelance perspective as this offers minimal risk but should enough work come up I will seriously consider starting the firm.

If any of you are good and web design or development please get in contact by commenting on this post as you may be able to help me out in someway and if this is the case you will be paid.

Craig

Allow me to be extremely blunt with this blog. My exams and first year of uni will be over soon and I’m searching for a way to keep the money flowing over my 3month gap, one option I came up with is to revert to my old ways of web design and development – I haven’t fully coded a live website for a while but I still have a vast knowledge of PHP and application security (it’s my speciality… ). I also have some experience with linux server set up and maintenance both on dedicated and virtual platforms.

I guess what I’m asking is that if anyone has any jobs that need doing that you think I may be able to help with (no matter how small) please don’t hesitate to get in touch via email: Craig <> youreadmyblog <> info.

Cheers,
Craig