This tutorial is based entirely on experience and not at all on technical insight, therefore I know this works fine and I will now share it with you.
There will be no pictures, just a step-by-step recipe on how to do the conversion.
You need:
1. PC with a DVD player installed
2. Any kind of DVD software player
3. The DVD you want to convert
4. The program “Smartripper 202”.
5. The program “Flask Mpeg 594”
6. Some kind of bitrate calculator, I prefer “Advanced DivX Bitrate Calc!Version 1.8”
7. The DivX;-) codec
8. And finally a MP3 codec. “Radium” is a good one.
Install all programs from number 4-8 on you computer according to the on-screen instructions.
Now the ripping and packing itself:
1. Insert the DVD to rip into your DVD-player
2. Start the DVD software player.
3. Let the film begin to play, be sure to get to the movie itself, commercials or FBI-ads and such in the beginning will not do.
4. Press “pause” !
5. Start Smartripper and wait for the user interface to come up.
6. Smartripper will know what to rip so you just have to point the “Target”-directory to some place on your hard disk that can hold some 4-8 Gb of data
7. Press “Start !”
8. After some time the Smartripper will inform you that the ripping is complete.
9. Close Smartripper.
10. Close Your DVD-software player.
11. Start Flask !
12. Press “File” and choose “Open File”
13. Browse to the directory where you saved the DVD-rip and point to the first file with the extension “.vob”
14. Flask will now analyse the file.
15. Depending on which language you want, you must choose audio-track. English is almost every time the track “0x80”
16. Press “Flask it!”
17. Start advanced bitrate calc
18. Choose what size you want the movie to be. ( 650Mb, 1 CD 74 Minutes is the most common format.)
19. Make input sound rate 96Kb/s Stereo and 1 audio stream.
20. Fill inn the length of the movie in minutes.
21. The number in Blue text will change as you do this. It is the bitrate you can use on this rip , remember this number.
22. Close Advanced bitrate calc
23. Go back to Flask Mpeg
24. Go to “Options” and “Output format options”
25. Press “Select video codec”
26. Choose “DivX;-) Mpeg4 fast motion” (“Slow motion” makes bigger files and are not specially designed for “calm” movies as some seems to think.)
27. Press “configure”, make key frame every 3 seconds and adjust the Data-rate to the number you remember from the bitrate calculator.
28. The “Smoothness-Crispness”-slider should always be at 100.
29. Press “ok”
30. Press “ok”
31. Press “Select Codec” for the audio.
32. Adjust to MPEG Layer-3 and 96kBits/s 48,000 Stereo
33. Press “ok”
34. Press “ok”
35. Go to “Global Project options”
36. Under the “Video”-tap tag the frame rate 23.976 if the source is NTSC and 25 if the source is PAL.
37. Tag “Reconstruct progressive images”.
38. Normally you do not need to tag “Deinterlace video”.
39. Tag “MMX iDCT” under “iDCT Options” everything else is bullshit.
40. Go to the “Audio”-tag and press “Decode” audio.
41. Under “Post Processing” you should tag “HQ Bicubic Filtering”, “Keep Aspect ratio” and “No letterboxing”
42. Under “Files” choose a name and a directory to drop the finished DivX;-) file into.
43. Under “General”, tag “Compile whole file” and you can also choose to shut down the computer after the job is done if you like.
44. Press “Show Output-pad”
45. Press “Reset Settings”
46. Under ”Output Size” press the ”Width” to be “672” ! (A lot of DivX-ing has taught me that this is the best format.)
47. Press the same amount of “-“ or “+” on “Height” to keep the aspect ratio right !
48. Tag Crop and adjust “Height” of the output picture and “Top offset” so that there are as little space black as possible both under and over the example-picture. The less black, the better quality on the finished movie.
49. “Left offset” and “Width” are best left untouched, but you can fool around with them if you like, remember the with to be “672” when you are finished.
50. Press “Hide”
51. Press “ok”
52. Press “Run” and choose start conversion.
53. Display output if you like but this increases the packing-time.
54. Setting the Priority to “High” also shortens the time, do not use “Highest” as this may make your computer so low on resources that it may crash if you try to do anything when the packing is going on.
55. If set to “Idle” the process gets much slower but you can use the PC to do other stuff and the DivX-ing is going on in the background.
56. Wait for the process-bar to hit 100 % and you have managed to convert a DVD to a DivX;-) movie.
VOILÀ !
This tutorial was brought to you by Zip Cracking Factories
A system
designed to prevent unauthorized access to or from a
private network.
Firewalls can be implemented in both hardware and software, or a
combination of both. Firewalls are frequently used to prevent unauthorized Internet users from
accessing private networks connected to the Internet, especially intranets. All
messages entering or leaving the intranet pass through the firewall, which
examines each message and blocks those that do not meet the specified security criteria.
There are several types of
firewall techniques:
·Packet
filter: Looks at each packet entering or
leaving the network and accepts or rejects it based on user-defined rules.
Packet filtering is fairly effective and transparent to users, but it is
difficult to configure. In addition, it is susceptible to IP spoofing.
·Application
gateway: Applies security mechanisms to specific
applications, such as FTP
and Telnet servers.
This is very effective, but can impose a performance degradation.
·Circuit-level
gateway: Applies security mechanisms when a TCP or UDP connection is
established. Once the connection has been made, packets can flow between the
hosts without further checking.
·Proxy
server: Intercepts all messages entering and
leaving the network. The proxy server
effectively hides the true network addresses.
History
Firewall
technology emerged in the late 1980s when the Internet was a fairly new
technology in terms of its global use and connectivity. The original idea was
formed in response to a number of major internet security breaches, which
occurred in the late 1980s. In 1988 an employee at the NASAAmes
Research Center in California
sent a memo by email
to his colleagues that read,
This virus
known as Morris Worm was carried by e-mail. The Morris Worm was the
first large scale attack on Internet security; the online community was neither
expecting an attack nor prepared to deal with one.
Background and
Firewall Basics
Before being able to understand
a complete discussion of firewalls, it's important to understand the basic
principles that make firewalls work.
What is a network firewall?
A firewall is a system or group
of systems that enforces an access control policy between two or more networks.
The actual means by which this is accomplished varies widely, but in principle,
the firewall can be thought of as a pair of mechanisms: one which exists to
block traffic, and the other which exists to permit traffic. Some firewalls
place a greater emphasis on blocking traffic, while others emphasize permitting
traffic. Probably the most important thing to recognize about a firewall is
that it implements an access control policy. If you don't have a good idea of
what kind of access you want to allow or to deny, a firewall really won't help
you. It's also important to recognize that the firewall's configuration,
because it is a mechanism for enforcing policy, imposes its policy on
everything behind it. Administrators for firewalls managing the connectivity
for a large number of hosts therefore have a heavy responsibility.
Why would I want a
firewall?
The Internet, like any other
society, is plagued with the kind of jerks who enjoy the electronic equivalent
of writing on other people's walls with spray-paint, tearing their mailboxes
off, or just sitting in the street blowing their car horns. Some people try to
get real work done over the Internet, and others have sensitive or proprietary
data they must protect. Usually, a firewall's purpose is to keep the jerks out
of your network while still letting you get your job done.
In a case where a company's
policies dictate how data must be protected, a firewall is very important,
since it is the embodiment of the corporate policy. Frequently, the hardest
part of hooking to the Internet, if you're a large company, is not justifying
the expense or effort, but convincing management that it's safe to do so. A
firewall provides not only real security--it often plays an important role as a
security blanket for management.
What can a firewall protect against?
Some firewalls permit only email
traffic through them, thereby protecting the network against any attacks other
than attacks against the email service. Other firewalls provide less strict
protections, and block services that are known to be problems.
Generally, firewalls are
configured to protect against unauthenticated interactive logins from the
``outside'' world. This, more than anything, helps prevent vandals from logging
into machines on your network. More elaborate firewalls block traffic from the
outside to the inside, but permit users on the inside to communicate freely
with the outside. The firewall can protect you against any type of
network-borne attack if you unplug it.
Design and Implementation Issues
What are some of the basic design decisions
in a firewall?
There are a number of basic
design issues that should be addressed by the lucky person who has been tasked
with the responsibility of designing, specifying, and implementing or
overseeing the installation of a firewall.
The first and most important
decision reflects the policy of how your company or organization wants to
operate the system: is the firewall in place explicitly to deny all services
except those critical to the mission of connecting to the Net, or is the firewall
in place to provide a metered and audited method of ``queuing'' access in a
non-threatening manner? There are degrees of paranoia between these positions;
the final stance of your firewall might be more the result of a political than
an engineering decision.
The second is: what level of
monitoring, redundancy, and control do you want? Having established the
acceptable risk level (i.e., how paranoid you are) by resolving the first
issue, you can form a checklist of what should be monitored, permitted, and
denied. In other words, you start by figuring out your overall objectives, and
then combine a needs analysis with a risk assessment, and sort the almost
always conflicting requirements out into a laundry list that specifies what you
plan to implement.
The third issue is financial. We
can't address this one here in anything but vague terms, but it's important to
try to quantify any proposed solutions in terms of how much it will cost either
to buy or to implement. For example, a complete firewall product may cost
between $100,000 at the high end, and free at the low end. The free option, of
doing some fancy configuring on a Cisco or similar router will cost nothing but
staff time and a few cups of coffee. Implementing a high end firewall from
scratch might cost several man-months, which may equate to $30,000 worth of
staff salary and benefits. The systems management overhead is also a
consideration. Building a home-brew is fine, but it's important to build it so
that it doesn't require constant (and expensive) attention. It's important, in
other words, to evaluate firewalls not only in terms of what they cost now, but
continuing costs such as support.
On the technical side, there are
a couple of decisions to make, based on the fact that for all practical
purposes what we are talking about is a static traffic routing service placed
between the network service provider's router and your internal network. The
traffic routing service may be implemented at an IP level via something like
screening rules in a router, or at an application level via proxy gateways and
services.
The decision to make is whether
to place an exposed stripped-down machine on the outside network to run proxy
services for telnet, FTP, news, etc., or whether to set up a screening router
as a filter, permitting communication with one or more internal machines. There
are benefits and drawbacks to both approaches, with the proxy machine providing
a greater level of audit and, potentially, security in return for increased
cost in configuration and a decrease in the level of service that may be
provided (since a proxy needs to be developed for each desired service). The
old trade-off between ease-of-use and security comes back to haunt us with a
vengeance.
What are the basic types of firewalls?
Conceptually, there are three
types of firewalls:
Network layer
Application layer
Hybrids
Network layer firewalls
These generally make their
decisions based on the source, destination addresses and ports (see
Appendix 6
for a more detailed discussion of ports) in individual IP packets. A simple
router is the ``traditional'' network layer firewall, since it is not able to
make particularly sophisticated decisions about what a packet is actually
talking to or where it actually came from. Modern network layer firewalls have
become increasingly sophisticated, and now maintain internal information about
the state of connections passing through them, the contents of some of the data
streams, and so on. One thing that's an important distinction about many
network layer firewalls is that they route traffic directly though them, so to
use one you either need to have a validly assigned IP address block or to use a
``private internet'' address block [5].
Network layer firewalls tend to be very fast and tend to be very transparent to
users.
Figure 1: Screened Host Firewall
In Figure 1,
a network layer firewall called a ``screened host firewall'' is represented. In
a screened host firewall, access to and from a single host is controlled by
means of a router operating at a network layer. The single host is a bastion
host; a highly-defended and secured strong-point that (hopefully) can resist
attack.
Figure 2: Screened Subnet
Firewall
Example Network layer
firewall: In Figure 2,
a network layer firewall called a ``screened subnet firewall'' is represented.
In a screened subnet firewall, access to and from a whole network is controlled
by means of a router operating at a network layer. It is similar to a screened
host, except that it is, effectively, a network of screened hosts.
Application layer
firewalls
These generally are hosts
running proxy servers, which permit no traffic directly between networks, and
which perform elaborate logging and auditing of traffic passing through them.
Since the proxy applications are software components running on the firewall,
it is a good place to do lots of logging and access control. Application layer
firewalls can be used as network address translators, since traffic goes in one
``side'' and out the other, after having passed through an application that
effectively masks the origin of the initiating connection. Having an
application in the way in some cases may impact performance and may make the
firewall less transparent. Early application layer firewalls such as those
built using the TIS firewall toolkit, are not particularly transparent to end
users and may require some training. Modern application layer firewalls are
often fully transparent. Application layer firewalls tend to provide more
detailed audit reports and tend to enforce more conservative security models
than network layer firewalls.
Figure 3: Dual Homed Gateway
Example Application layer
firewall: In Figure 3,
an application layer firewall called a ``dual homed gateway'' is represented. A
dual homed gateway is a highly secured host that runs proxy software. It has
two network interfaces, one on each network, and blocks all traffic passing
through it.
Most firewalls now lie someplace
between network layer firewalls and application layer firewalls. As expected,
network layer firewalls have become increasingly ``aware'' of the information
going through them, and application layer firewalls have become increasingly
``low level'' and transparent. The end result is that now there are fast
packet-screening systems that log and audit data as they pass through the
system. Increasingly, firewalls (network and application layer) incorporate
encryption so that they may protect traffic passing between them over the
Internet. Firewalls with end-to-end encryption can be used by organizations with
multiple points of Internet connectivity to use the Internet as a ``private
backbone'' without worrying about their data or passwords being sniffed.
What are proxy servers and how do they
work?
A proxy server (sometimes
referred to as an application gateway or forwarder) is an application that
mediates traffic between a protected network and the Internet. Proxies are
often used instead of router-based traffic controls, to prevent traffic from
passing directly between networks. Many proxies contain extra logging or
support for user authentication. Since proxies must ``understand'' the
application protocol being used, they can also implement protocol specific
security (e.g., an FTP proxy might be configurable to permit incoming FTP and
block outgoing FTP).
Proxy servers are application
specific. In order to support a new protocol via a proxy, a proxy must be
developed for it. One popular set of proxy servers is the TIS Internet Firewall
Toolkit (``FWTK'') which includes proxies for Telnet, rlogin, FTP, the X Window
System, HTTP/Web, and NNTP/Usenet news. SOCKS is a generic proxy system that
can be compiled into a client-side application to make it work through a
firewall. Its advantage is that it's easy to use, but it doesn't support the
addition of authentication hooks or protocol specific logging.
What are some reasonable filtering rules
for a Cisco?
The example in Figure 4
shows one possible configuration for using the Cisco as filtering router. It is
a sample that shows the implementation of as specific policy. Your policy will
undoubtedly vary.
Figure 4: Packet Filtering Router
In this example, a company has
Class C network address 195.55.55.0. Company network is connected to Internet
via IP Service Provider. Company policy is to allow everybody access to
Internet services, so all outgoing connections are accepted. All incoming
connections go through ``mail host''. Mail and DNS are only incoming services.
FBI Teaches Lesson In How To Break Into Wi-Fi Networks
FBI agents at a recent security conference demonstrated how they could break into a wireless network. They did it to prove how easy it was, and describe measures that users need to take to protect themselves.
By Humphrey Cheung, Tom's Networking Security Pipeline
Apr 7, 2005 09:25 PM
Millions of wireless access points are spread across the US and the world. About 70% percent of these access points are unprotected — wide open to access by anyone who happens to drive by. The other 30% are protected by WEP (Wired Equivalent Privacy) and a small handful are protected by the new WPA (Wi-Fi Protected Access) standard.
At a recent ISSA (Information Systems Security Association) meeting in Los Angeles, a team of FBI agents demonstrated current WEP-cracking techniques and broke a 128 bit WEP key in about three minutes. Special Agent Geoff Bickers ran the Powerpoint presentation and explained the attack, while the other agents (who did not want to be named or photographed) did the dirty work of sniffing wireless traffic and breaking the WEP keys.
This article will be a general overview of the procedures used by the FBI team. A future article will give step-by-step instructions on how to replicate the attack.
WEP Cracking - The Next Generation
WEP is an encryption scheme, based on the RC-4 cipher, that is available on all 802.11a, b and g wireless products. WEP uses a set of bits called a key to scramble information in the data frames as it leaves the access point or client adapter and the scrambled message is then decrypted by the receiver.
Both sides must have the same WEP key, which is usually a total of 64 or 128 bits long. A semi-random 24 bit number called an Initialization Vector (IV), is part of the key, so a 64 bit WEP key actually contains only 40 bits of "strong" encryption while a 128 bit key has 104. The IV is placed in encrypted frame's header, and is transmitted in plain text.
Traditionally, cracking WEP keys has been a slow and boring process. An attacker would have to capture hundreds of thousands or millions of packets—a process that could take hours or even days, depending on the volume of traffic passing over the wireless network. After enough packets were captured, a WEP cracking program such as Aircrack would be used to find the WEP key.
Fast-forward to last summer, when the first of the latest generation of WEP cracking tools appeared. This current generation uses a combination of statistical techniques focused on unique IVs captured and brute-force dictionary attacks to break 128 bit WEP keys in minutes instead of hours. As Special Agent Bickers noted, "It doesn't matter if you use 128 bit WEP keys, you are vulnerable!"
On With The Show
Before we get into the steps that the FBI used to break WEP, it should be noted there are numerous ways of hacking into a wireless network. The FBI team used publicly available tools and emphasized that they are demonstrating an attack that many other people are capable of performing. On the other hand, breaking the WEP key may not necessarily give an attacker complete access to a wireless network. There could also be other protection mechanisms such as VPNs or proxy servers to deal with.
For the demonstration, Special Agent Bickers brought in a NETGEAR wireless access point and assigned it a SSID of NETGEARWEP. He encrypted the access point with a 128 bit key—made by just keying in random letters and numbers.
Note that normally, you have to find wireless networks before you can crack them. The two wireless scanning tools of choice are Netstumbler for Windows or Kismet for Linux. Since the other WEP cracking tools are mainly Linux-based, most people find it easier to stick with Kismet, so they don't have to switch between Windows and Linux.
Another FBI agent started Kismet and immediately found the NETGEARWEP access point. Just for fun, a third agent used his laptop and ran FakeAP, a program that confuses scanning programs by putting up fake access points.
Attack!
After a target WLAN is found, the next step is to start capturing packets and convert them into pcap (short for packet capture) format. These pcap files will then be processed by other programs. Many programs, both commercial and open source, can be used to capture packets, but the two favorites seem to be Kismet or Airodump (now part of Aircrack). Ideally, one laptop should be scanning, while another laptop will be running the attack—which is what the FBI team did.
About half a dozen different software tools were then used by the FBI team, and they are listed—along with their download links—at the end of the article. Thankfully, the Auditor's Security Collection, which we reviewed last year, is a live CD that has all of these tools already installed. Even the FBI likes this distribution.
How To Protect Yourself
(Page 2 of 2) Apr 7, 2005 09:25 PM
If a hacker is lucky enough to find an extremely busy wireless network, passive sniffing should provide enough good packets to allow the WEP key to be recovered. In most cases, however, an active attack or series of attacks are needed to jump start the process and produce more packets. Note that active attacks generate wireless traffic that can itself be detected and possibly alert the target of the attack.
The FBI team used the deauth feature of void11 to repeatedly disassociate the laptop from the access point. Desired additional traffic was then generated as Windows XP tried to re-associate back to the AP. Note that this is not a particularly stealthy attack, as the laptop user will notice a series of "Wireless Network unavailable" notifications in the taskbar of their desktop screen.
Another attack method the FBI team used is a replay attack. The basic premise of this attack is to capture at least one packet traveling from the victim laptop to victim access point. This packet can then be replayed into the network, causing the target AP to respond and provide more traffic to capture.
Aireplay (also part of Aircrack) can perform a replay attack based on captured ARP (Address Resolution Protocol) packets, which are broadcast at regular intervals in wired and wireless networks and are easy to spot. Aireplay automatically scans a captured pcap file, pulls out the suspected ARP requests, and replays them to the access point.
After about three minutes of capturing and cracking, the FBI team found the correct WEP key, and displayed it on a projected notebook screen. Agent Bickers, still speaking to the audience, turned around, looked at the screen and was surprised, "Usually it takes five to ten minutes."
Countermeasures & Conclusion
So what can you do to prevent hackers from getting into your network? Special Agent Bickers and his team have some tips for wireless users. He stresses that these are mainly for home users and should not be considered as official FBI best practices for businesses.
1) Network segregation Put your access point on a separate subnet, with a firewall separating the wireless and internal users
2) Change the default settings on your access point Default settings (SSID, administrator password, channel) are well known and even included as part of some WLAN attack tools
3) Use WPA with a strong key WPA is a definite improvement over WEP in providing wireless security. But the version intended for home and SOHO use—WPA-PSK—has a weakness shared by any passphrase security mechanism. The choice of simple, common and short passphrases may allow your WPA-protected WLAN to be quickly compromised via dictionary attack (more info here).
4) Update your firmware This is helpful if your AP or client doesn't currently support WPA. Many manufacturers have newer firmware for 802.11g products that add WPA support. You may also find this for 802.11b gear, but it's not as common. Check anyway!
5) Turn off the WLAN when not in use A $5 lamp timer from your local hardware store is a simple, but effective way to keep your WLAN or LAN from harm while you're sleeping.
Bickers also said that if you have an access point that can swap keys fast enough, you may be able to stay ahead of an attacker. "Most likely they will get bored and attack someone else." But for most WLAN owners, this method isn't practical.
The FBI demonstrated this attack to the computer security professionals at the ISSA meeting in order to show the inadequate protection offered by WEP. It is one thing to read stories of WEP being broken in minutes, but it is shocking to see the attack done right before your eyes. It was fast and simple.
Thankfully, the FBI are the good guys.
Tools Used Auditor's Security Collection - Contains all the wireless hacking tools already installed
Kismet Airsnort Aircrack (includes Aireplay and Airodump) void11
Background
WEP: Dead Again, Part 1
This article appears courtesy of Tom's Networking.
