linux manually start eth0? [Archive] - Glock Talk

PDA

View Full Version : linux manually start eth0?


Cochese
11-13-2005, 19:26
Burned an ISO of Auditor, the Kanotix based security Linux with all of the cool suites and programs to scan wireless networks, etc.

This is on my Dell Latitude CPxJ. I am using a PCMCIA Orinoco Gold 802.11B card and it's a live Auditor cd. When I start it and load auditor, it does not automatically start and configure my orinoco card like Kanotix and mepis do. With those, I just load the cd and when linux finishes loading, it autostarts the orinoco card and I can access the internet with firefox.

With Auditor, it does not. I am not linux savvy enough to get it to start manually. Right now, when auditor loads, I try to run Kismet and some of the other utilities and they do not work. I load firefox and nothing...

I googled and came up with...

root@kanotix# ifconfig eth0 up

That didn't work either..

Anyone walk me through it?

DC?? ;f

Washington,D.C.
11-13-2005, 19:34
Use a terminal,sudo or su and root password,then netcardconfig or netconfig or maybe networkconfig.One of those should bring up the network card configuration tool.

Washington,D.C.
11-13-2005, 19:36
I have Auditor on my hard drive.Let me know which version you have.I'll burn it to CD and try it out.I find Helix about the best of those security testing CD's.

Washington,D.C.
11-13-2005, 19:39
http://forum.remote-exploit.org

Cochese
11-13-2005, 19:47
Originally posted by Washington,D.C.
I have Auditor on my hard drive.Let me know which version you have.I'll burn it to CD and try it out.I find Helix about the best of those security testing CD's.

It's the newest one available on their mirrors page. I just downloaded it tonight.

I will try the commands you suggested, but it takes a while, because the only machine working is this one and the internet is only working in XP at the moment, so each time I want to try something, I must reboot on the live auditor cd and when it doesn't work and I need more info or help, I have to reload in XP to use the internet!

Washington,D.C.
11-13-2005, 19:51
Okay newest one I have.

Here's a list of security live cd's.The list is a bit out of date.Some are no longer around.


http://www.frozentech.com/content/livecd.php?pick=All&showonly=security

Washington,D.C.
11-13-2005, 19:53
Oh and Auditor is based on Knoppix which Kanotix is based on Knoppix too.There are no Kanotix commands but there are some Knoppix commands in Auditor.

Washington,D.C.
11-13-2005, 19:56
There is now a super new security Linux CD.Troppix.It's really up to date.



http://troppix.net/

Cochese
11-13-2005, 20:00
my connection is not reliable enough to download another ISO at the moment, although I am totally up to trying them if need be. I know that auditor does work and would like to get it running tonight. I won't be able to download other ISO's until tomorrow.

Should I reboot auditor and try netconfig?

I tried running the wireless lan config tool through the K menu and all it did was ask me what ssid, channel and another question and wouldn't do anything.

Washington,D.C.
11-13-2005, 20:02
Yes I didn't think you wanted another iso tonight.I was just passing the info if you were interested.Yes you can try the netconfig or wait for me to reboot and try mine.Either way.

Cochese
11-13-2005, 20:05
Originally posted by Washington,D.C.
Yes I didn't think you wanted another iso tonight.I was just passing the info if you were interested.Yes you can try the netconfig or wait for me to reboot and try mine.Either way.

Cool. I will wait for you to reboot and try yours. I know beggars can't be choosers :)

I just don't want to have to keep switching back and forth to xp from linux for the internet..

Give it a try and gimme some hints on how to make this thing work! :)

Cochese
11-13-2005, 20:10
troppix looks SWEET!
I will be burning that tomorrow..

http://troppix.net/images/screenshot.jpg

Washington,D.C.
11-13-2005, 20:11
There is also ifconfig and iwconfig I don't use much wireless.

Washington,D.C.
11-13-2005, 20:14
I'm booting the CD on the other PC right now.

Cochese
11-13-2005, 20:15
Originally posted by Washington,D.C.
There is also ifconfig and iwconfig I don't use much wireless.

Tried both. Didn't work. Then again, I've no idea what I am doing.

Washington,D.C.
11-13-2005, 20:17
I used my Knoppix CD not the Auditor CD.It has the tool under "Knoppix"(might be "Auditor") in the menu,Configure,Network,The tool can also be accessed from terminal "netcardconfig".

Washington,D.C.
11-13-2005, 20:18
If you have a few minutes I'll burn the Auditor iso on my hard drive to CD.

Cochese
11-13-2005, 20:18
Originally posted by Washington,D.C.
I used my Knoppix CD not the Auditor CD.It has the tool under "Knoppix"(might be "Auditor") in the menu,Configure,Network,The tool can also be accessed from terminal "netcardconfig".

Going to try. Be back soon

Washington,D.C.
11-13-2005, 20:22
iwconfig and ifconfig both give a response on Knoppix.iwconfig is not hooked up.ifconfig says card is working.It might be best to run in terminal,"lsmod" and see if it reconizes your network card in the hardware list.

Cochese
11-13-2005, 21:01
Originally posted by Washington,D.C.
iwconfig and ifconfig both give a response on Knoppix.iwconfig is not hooked up.ifconfig says card is working.It might be best to run in terminal,"lsmod" and see if it reconizes your network card in the hardware list.

none of the commands worked. At least to the point of giving me internet.

I did;

ifconfig eth0 down
iwconfig eth0 essid linksys mode managed
ifconfig eth0 up
dhclient eth0

This tried finding a DHCP client and then said:

... No DHCP offers received
no working leases in persistent database

Sleeping.


!!!

Frustrating.

Washington,D.C.
11-13-2005, 21:06
If it's wireless it might not be eth0.Something like wlan0.The commands should be alone anyway.Just try netcardconfig without eth0.Also try lsmod.It should list the hardware it sees.

Cochese
11-13-2005, 21:11
The only other thing that came up was 'lo' which appeared to be some type of 'localhost'.

eth0 came up when I typed eith iwconfig or ifconfig by itself. This is weird. I'm going to try and download some of the other security suite linuxes at work tomorrow. Hopefully one of them will automatically set it up for me.

There is something else I (we) are not seeing. I'm not sure what it is. It has worked automatically with Kanotix and Mepis without me having to do anything.

I tried Lsmod and it gave me a big list of stuff. In there I noticed orinoco_cs, and some other similar entries..

I'm lost.

Washington,D.C.
11-13-2005, 21:12
I see if there is built in ethernet and you have a wireless card it can switch the labels (numbers) assigned to them,eth0 and eth1.

Washington,D.C.
11-13-2005, 21:14
It sounds like it sees your network card.Hopefully it's supported.Let me know tomorrow or whenever you get working on it again.I'm going to buy more blank CD's tomorrow ;f .

Cochese
11-13-2005, 21:34
Originally posted by Washington,D.C.
It sounds like it sees your network card.Hopefully it's supported.Let me know tomorrow or whenever you get working on it again.I'm going to buy more blank CD's tomorrow ;f .

Sounds good. I'm going to bed for now. Have to get ready for work at 0440 hours.

I am also going to experiment with aircrack for windows as well..

nite!

Cochese
11-15-2005, 07:36
Well, as my luck would have it, I can't get Auditor to work. I managed to download INSERT security linux and get eth0 up manually with it and actually get it to broadcast DHCP, but that was about it.

I'm waiting for Troppix to download and I'm going to give it a shot. It seems more GUI based and friendly toward idiots like me.

In the mean time, I got the XP suite of Airodump/Snort, etc to recognize my orinoco card after patching the agere driver in. It is successfully capturing packets. Once I have 1-1.5 million, I'm going to try the crack prog and see how it works.

Wish me luck!

Washington,D.C.
11-15-2005, 07:53
Whax(formally Whoppix) and Auditor are getting ready to merge in to one.So might be a new one from them sometime.Troppix is very new.Whax has been a round a while.It doesn't have much buffer so it takes a lot of memory to run live but there are now two current versions depending which wireless card you have because they couldn't get both on the same CD to work together.The beta version of Troppix which is 1.1 has some wireless problems and they will revert back to an older kernel.Troppix 1.0 may work.It really depends which ones work with your wireless card.Try and see is likely the best way.

Washington,D.C.
11-15-2005, 07:57
If you get a chance you might want to try Phlak.

PHLAK (Professional Hacker's Linux Assault Kit) is a modular security distribution, geared to be used as a live CD. PHLAK was created to become the only tool security professionals would need to perform security analysis, penetration testing, forensics, and security auditing. PHLAK comes with two light GUIs (fluxbox and XFCE4), packages for printing, publishing, a little multimedia, many security tools, and a file cabinet full of security related documentation for your reading/educational purposes. This distro is based off of Morphix.


http://www.phlak.org

Cochese
11-15-2005, 13:00
Originally posted by Washington,D.C.
Whax(formally Whoppix) and Auditor are getting ready to merge in to one.So might be a new one from them sometime.Troppix is very new.Whax has been a round a while.It doesn't have much buffer so it takes a lot of memory to run live but there are now two current versions depending which wireless card you have because they couldn't get both on the same CD to work together.The beta version of Troppix which is 1.1 has some wireless problems and they will revert back to an older kernel.Troppix 1.0 may work.It really depends which ones work with your wireless card.Try and see is likely the best way.

Trying and seeing is basically what I am doing. What do you think about Airodump 2.1 for WinXP? In the same "suite" is airdecap, aircrack, and wzcook.

The "target" AP is not generating packets to get the key at the moment. I think this is due to light traffic. I am thinking of a more invasive approach including another computer to send requests with, etc. to generate more packets. I have not even close to enough packets at the moment. Another weird thing is the same ESSID is displayed 3 times. Same BSSID and different "station" numbers. What does this mean?

Washington,D.C.
11-15-2005, 14:17
I haven't tried it with Windows but here are some details.


Crack WEP keys on Windows

Download aircrack/airodump/ [http://www.cr0.net:8040/code/network/aircrack-2.3.zip]
Download cygwin library for aircrack [http://100h.org/wlan/aircrack/cygwin1.zip]
Unzip aircrack, unzip cygwin library in the same folder as aircrack.exe
Download peek.dll [http://100h.org/wlan/winxp/Peek.zip]
Unzip peek.dll in the same folder as aircrack.exe

Here are the basic steps to crack a WEP key:

* airodump: dump WEP IV packets to crack the WEP key
* aircrack: use the dump file from airodump to find the WEP key (takes seconds!)
* 802ether: enter the WEP key to see all the traffic on the wireless network

NOTE: your wifi network card has to be supported by the peek.dll [http://www.wildpackets.com/support/product_support/airopeek/hardware]

Washington,D.C.
11-15-2005, 14:19
http://www.cr0.net:8040/code/network/aircrack/



http://primary0.blogspot.com/2005/06/wep-cracking-fbi-way.html


http://www.tomsnetworking.com/Sections-article118.php


http://www.tomsnetworking.com/Sections-article120.php


http://www.syserr.com/?page_id=6


http://freshmeat.net/projects/aircrack/?branch_id=52141&release_id=211737

Washington,D.C.
11-15-2005, 14:23
http://www.securityfocus.com/infocus/1814

http://www.securityfocus.com/infocus/1824


http://linox.be/index.php/wifi_explorer/

Cochese
11-15-2005, 17:19
Originally posted by Washington,D.C.
I haven't tried it with Windows but here are some details.


Crack WEP keys on Windows

Download aircrack/airodump/ [http://www.cr0.net:8040/code/network/aircrack-2.3.zip]
Download cygwin library for aircrack [http://100h.org/wlan/aircrack/cygwin1.zip]
Unzip aircrack, unzip cygwin library in the same folder as aircrack.exe
Download peek.dll [http://100h.org/wlan/winxp/Peek.zip]
Unzip peek.dll in the same folder as aircrack.exe

Here are the basic steps to crack a WEP key:

* airodump: dump WEP IV packets to crack the WEP key
* aircrack: use the dump file from airodump to find the WEP key (takes seconds!)
* 802ether: enter the WEP key to see all the traffic on the wireless network

NOTE: your wifi network card has to be supported by the peek.dll [http://www.wildpackets.com/support/product_support/airopeek/hardware]

Hmmm.

That is exactly what I did. I used the same program suite as well. The only problem is how to generate WEP IV packets on a slow network.. using windows. I understand there is a process in Linux to do it, but I'm not sure how to in Windows. I'm thinking about giving up on Linux. The only one of those Linux Security cd's I could get to detect my Orinoco Gold card was INSERT Linux, and I couldn't figure out the Kismet program in it...

I hate being a noobie.