« January 2010 | Main | April 2010 »

March 25, 2010

Windows Phone 7 Quick Tip: Disable Hamachi [Tips & Tricks] | Posted at 8:59 PM

I ran into a problem while playing with the Windows Phone 7 CTP the other day. I was trying to use the Google data services via the WebClient object. It was throwing exceptions no matter what I did. I noticed it threw exceptions on ANY Google-hosted URI.

Long story short: disable Hamachi or any other potential virtual network adapters. VMWare seems to not interfere but Hamachi enjoys taking over connections sometimes and will hijack your phone emulator.

You can view the details of my adventure right over yonder.

One Sentence Review: New Super Mario Bros. [Wii] | Posted at 8:51 PM

image

Title: New Super Mario Bros.
Platform: Wii
Blurb: IT'S MARIO. WHAT DO YOU EXPECT? GUNS?
Review: If you have friends, sign a contract saying whatever happens while playing, you never really meant to hurt them.
Grade: A

Buy it on Amazon

One Sentence Review: Mass Effect 2 [PC] | Posted at 8:46 PM

image

Title: Mass Effect 2
Platform: PC
Blurb: More hooligans messing up the damn galaxy.
Review: It's like they took the first Mass Effect, dipped it in sugar, spice, and everything nice, then lined it with crack.
Grade: A

Buy it on Amazon

One Sentence Review: Battlefield Bad Company 2 [PC] | Posted at 8:42 PM

image

Title: Battlefield Bad Company 2
Platform: PC
Blurb: NOT A WORLD WAR II SHOOTER.
Review: Engaging singleplayer experience and awesome multiplayer… I was brought back to the time I first played through CoD.
Grade: A-

Buy it on Amazon

One Sentence Review: Pokemon HeartGold/SoulSilver [DS] | Posted at 8:39 PM

http://gamerant.com/wp-content/uploads/Pokemon-Heart-Gold-and-Soul-Silver.jpg

Title: Pokemon HeartGold / SoulSilver
Platform: DS
Blurb: If you don't know what Pokemon is then you probably shouldn't be alive.
Review: Brings back old memories and melds retro with modern to create love incarnate.
Grade: A+

Buy it on Amazon

One Sentence Review: Just Cause 2 [PC] | Posted at 8:33 PM

image

Title: Just Cause 2
Platform: PC & Xbox 360
Blurb: Who the hell cares about the story.
Review: I am 3% done with the game and I can already tell you it's the greatest thing since Cinnamon Toast Crunch.
Grade: A+

March 10, 2010

How To: OS Fingerprinting Using Wireshark Capture and p0f [Security] | Posted at 4:00 PM

In one of my classes this week, a project we had to do entailed analyzing a Wireshark packet capture to determine what kind of attacks were being used and to identify not only the tool being used to perform the attacks but the attacker's operating system.

I will not go into detail on how to analyze a Wireshark capture nor the specifics on operating Wireshark. I only want to show you how to use p0f (Passive OS Fingerprinting software) to analyze and spit out the signatures from a capture file.

This is specific to Windows. Chances are, if you have Linux you can probably figure out how to do it…

Here's what you need:

  1. Capture file (either *.cap, *.pcap). Use Wireshark to save the output.
  2. Windows PowerShell or Command Prompt
  3. p0f.exe

I will assume the capture file is in the same folder as p0f.

image

Open up PowerShell and navigate to your p0f directory (using the cd command).

image

Now just run this command to output the analyzed results to a file. To paste into PowerShell: Right-click titlebar, Edit > Paste.

&".\p0f.exe" -s attacker.pcap -o analyze.log -l

This command will execute p0f against the "attacker.pcap" (your capture file name) and output the results to a file named analyze.log.

The –s switch causes p0f to scan the capture file. The –o switch will output to a file. The –l switch will format every entry into one line.

You should open up analyze.log and look through it!

That will display the signatures p0f found (if any).

image

In my case, the perpetrator (192.168.0.9) was using Linux 2.4/2.6 and was using Nmap to scan the target. Keep in mind that p0f doesn't identify all Nmap scans… there were four total types in my capture but p0f just had one type.

Bonus

This command sequence works for my capture. It takes the output of the analysis, selects the pertinent information (regex), displays the matches, groups it, then displays it in a nice handy list. No need to look at the thousands of lines in analyze.log!

This may or may not work for you (PS. this is my first attempt at really trying PowerShell… so this probably sucks):

&".\p0f.exe" -s "attacker.pcap" -l | select-string "(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})(:\d{1,5})? - (.*?)(?=->|$)" | %{$_.Matches} | %{$_.Value} | %{$_ -replace ":\d{1,5}", ""} | group-object | Format-table Name

It will take a few seconds depending on how large your capture is. Alternatively, just replace the call to p0f with "get-content analyze.log" if you used the above method and it will be much faster. The output will look like this:

PowerShell to the rescue

A neat little list that will display unique signature/IP combinations.

March 5, 2010

How To: Get Tversity to Stream MKV Files to Xbox 360 [It Works] | Posted at 10:55 AM

The other day I successfully got a 720p MKV file to stream to my Xbox 360. Before I get into the details, I can't guarantee this will work for you. It did for me and it could be any one of these things that will make it work for you.

The last thing I did that made it work was to go into ffdshow audio decoder settings and set it to downmix decoded audio to stereo (NOTE: before I had it set to 2.1, that didn't work!). Here's the screenshot:

image

Just try doing that. If it doesn't work, then try the rest of these steps that I did.

  1. If using Vista/7, make sure you have Windows Media Player 11 installed.
  2. Download the K-Lite MEGA Codec Pack
  3. Let it uninstall all the things it warns you about.
  4. Restart
  5. Now go into the ffdshow audio decoder settings and make these changes: change WMA 7 and WMA 8/9 to use libavcodec.

image

Go into the Tversity settings Transcoder page and change it to my settings:

image

If Windows Media Video 8 doesn't work, 9 works for me. You can change your connection speed accordingly.

These are the changes I made and it worked. If they don't work for you, just make sure you can actually watch the mkv files on your own computer. If you can't, you must be missing something.

Note: While this DID work, my computer was not fast enough to transcode a 720p file into HD WMV so it buffered a lot and was choppy. For low-end machines, I'd recommend lowering the video resolution. Also, forget about rewind/fast-forwarding… that just didn't work for me.