Episode 605 – Three VPN Servers and a Kindle Console
This week Shannon taps into a hidden Kindle serial port using a inty bitsy ribbon cable, a USB to Serial TTL cable and some jumpers in an attempt to hack root and finds herself upon the bootloader and nearly at a bash prompt. Darren guides you through the installation of VPN servers on Windows XP, Windows Server and Linux so you can keep your traffic secure in an encrypted tunnel while on untrusted networks.
Download HD Download MP4 Download XviD Download WMV
Hacking into the Kindle Bootloader Part 1
This week, I’m introducing the bootloader Kindle 1st gen hack.
Equipment:
Kindle 1st Generation
A computah!
USB to Serial TTL Cable
20 pin 0.5 mm flat cable
1 pin Jumper cables
Programs:
Putty
Igor Skochinsky explains how to hack into the bootloader of the Kindle very nicely on his blog, Reverse Everything. He includes screenshots, photos, and descriptions of everything you need to know to do this hack.
Part 1
Part 2
If you have any questions, you can email me at snubs@hak5.org!
Windows VPN Servers
In this segment I demonstrate setting up a VPN server in Windows XP which is rather limited at 1 concurrent connection. I also demonstrate building a Routing and Remote Access VPN server in Windows Server 2003.
Open Source VPN Server
I’m a big fan of open source. I’m also an overwhelmed systems administrator that likes easy. And when it comes to VPNs in Linux, OpenVPN is the go to solution. That’s why I’m excited about OpenVPN Access Server — an set of installation and configuration tools that simplifies rapid deployment of a VPN solution.
In this segment I demonstrate setting up this nifty, lightweight and powerful server in a typical home user scenario. I also speak to the fact that it can integrate with Active Directory via LDAP or even a RADIUS server for authentication. The web based backend makes administration a breeze and the web frontend makes client setup even easier. All the clients have to do is login to a website and download a prepackaged and configured connection app for Windows, Mac or Linux.
This package makes it incredibly easy to deploy a VPN server. But it comes at a cost. OpenVPN-AS requires a license key for each concurrent connection. Two are provided for free and additional licenses are $10 ea. Still a far cry from a windows Client Access License!
In future segments we’ll be getting our hands dirty with OpenVPN standard as well as some other interesting VPN technologies so be sure to send your feedback, requests and flames to darren@hak5.org
Woot
Great episide. And where can I download the perty desktop wallpaper I can see in the background at the start of the show?
DEAD LINK
Why is http://www.gotoassist.com/hack5 dead??
Need Help Finding Something?
The page you requested could not be found. You may have typed the URL incorrectly, used an outdated bookmark or followed an outdated link from an email or another Web site. If you arrived here directly from GoToAssist.com, please report the missing page.
You might find what you were looking for here:
Home Solutions Help & FAQs Site Map
WOW, great Episode, can’t seem to pause this one tho !
OpRiMe – the correct address is http://www.gotoassist.com/hak5
Nice work on starting up a VPN server. Any interest in expanding on network access controls for VPN clients?
Thanks.
I don’t think http://www.hak5.org/labs works.
Should be all fixed Gabriel.
Matt
If you want a root shell on the kindle, try adding init=/bin/bash to your boot options.
Can we get a listing of your C:\tools directory?
I might setup OpenVPN Access on my remote VPS in the USA.
Is there a reason that the answer to trivia questions are always C.
I installed OpenVPN on my Ubuntu machine at home and through much blood and sweat (not really the sysadmin type) I made it work.
However I realized that I don’t send all my traffic through the VPN when browsing when I’m using it — which was part of the whole point. I tried uncommenting the statement in my server.conf file, but then I’d lose my internet connection even if my shares still worked.
I don’t know what I did wrong, but it’s something with my iptables for sure.
Soooo, all this to say that I loved the episode. And if you do continue explaining OpenVPN, please take your time when it comes to setting up that part
I’d love to see a segment on setting up OpenVPN on a Linksys WRT54G. I’ve successfully installed DD-WRT on a WRT54GL (with the OpenVPN modules), but all the OpenVPN config stuff is new to me.
Francois: You’re going to love OpenVPN-AS. One radio box in the web admin interface (VPN Settings, Routing, Should client Internet traffic be routed through the VPN?) is all it takes to turn on the kind of functionality you were tearing your hair out to get. It takes a combination of client and server configuration magic to make this “bridging” work. Darren glossed over this a bit, but he did show it, and it works awesomely. The other VPNs shown also route all traffic over the VPN.
Passivekid: I did set this up on my VPS in the UK (I’m in the US) and it is working well.
You need to use a breakout board to reduce bad connections or soldering mistakes in the kindle segment. I think it would make your life/ mod a lot easier.
[...] Read the rest here: Hak5 – Technolust since 2005 » Episode 605 – Three VPN Servers and … [...]
Just a note about the Kindle DX and PDF conversion. Since Kindle 2 and Kindle DX are virtually the same thing with the exception of native PDF support on the DX. However, with Kindle 2 (as mentioned in the previous episode) you have the option to send an email with an attachment to @free.kindle.com and they will convert it to the Kindle format and email it back to you. This process of course works with Kindle2 or DX. What Amazon does NOT tell you is that for the Kindle DX, they will not convert a PDF that is emailed to @free.kindle.com or @kindle.com. The reasoning I have been given by tech support is because of course DX supports PDFs natively. However, as a native PDF file, you do not have many of the cool features such as Text Zooming, Wikipedia lookups, note taking and highlighting, etc.
I could not find this documented ANYWHERE that states if you own a Kindle DX, you have NO option to have Amazon convert PDFs for you!! Very frustrating – pay premium for DX and not have this documented anywhere. Of course MobiPocket Creator can convert PDFs to MOBI which will support these additional features, however, I mainly use my KindleDX for reading technology books. When I try and convert these PDFs, it looks like I ran a nicely formatted PDF through a garbage disposal and makes a mess of it trying to read it.
Arrrggggg!!
Bob
Great show!
I like the VPN topic a lot. The thing is not a lot of us don’t run a dedicated home server… I have heard about a way to essentially turn a Linksys WRT-54G router into a VPN server with OpenVPN, by flashing the router with DD-WRT and running some simple scripts.
To me this seems the utmost of elegance, a stand-alone VPN device that a road warrior can access from the road. The router stays on all the time anyway so it ends up playing on the “green”, save the earth stuff, by not keeping a home server churning away 24-7.
It’d also be easy enough that people can use free wi-fi safely by tunneling securely out to the net from back at their house while on the road. Who needs to pay for Hotspot VPN and other such pay solutions?
Can you look into this???
Thanks!!!!!!!!!!!!!
Great episode as always. Can anybody tell me where the options for setting up the pptp vpn in windows 7 are? Would be very gratefull!