NSLU2 replacement?

[mvharley2 at gmail.com (MV)]

I have used old throw away PCs (bought at garage sales) with BackTrack boot
CD and vnc loaded.running that went completely off the company's radar.

I left them there like tics sucking information that I would retrieve when I
had time, one running windows, one running linux (backtrack) and checked in
on them while at SANS San Diego.

One such company was running infoblox and because of their configuration of
infoblox they never saw it, other 'IDS' types of devices were not aware of
the network subnet the "dropbox" was on and since the calls into the 'IDS'ed
subnets were on approved protocols NADA, nothing, zilch, zip happened, it
never alerted anything even when I used etherape and other fun tools.

Back to HW, costco has cheap XP machines that would not impact the budget
are very small, etc.

How about creating a 'dropbox' phenom and see how long a physical 'bot like'
network could stay in service, never mind who really has customers to throw
under the bus?

MV

2009/3/5 Adrian Crenshaw <irongeek at irongeek.com>

> I'm thinking of doing some research into drop boxes (please let me know if
> there is already a name for them), little computers you leave at a site that
> allow you to get into the network and pivot around firewalls by shoveling a
> shell back to your host outside of the network. The NSLU2 is no longer being
> made, and my understanding is the nas200 is not as hackable. Any ideas on
> other good dropboxes (by the way, have I coined a new term :) )?
>
> Adrian
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090308/42086acf/attachment.htm