GuardMoony
-
Posts
232 -
Joined
-
Last visited
-
Days Won
2
Posts posted by GuardMoony
-
-
In short the difference between tap and tun.
Tun:
This will create a seperate network(subnet) and you need to configure your device as a router to use it. What this means is that all broadcast traffic and special traffic like dhcp request will end at this point.
Tap:
This will create a extended network(same subnet) and you need to configure your device as a bridge to use it. What this means is that you can allow all traffic to pass over this device to the other side of the network.
Now you can use this mixed. Say you put a tap tunnel on your pineapple and a tun device on your VPS. This way you can get all the traffic of the pineapple clients towards your VPS. While your vps can play as a router and do dhcp,dns, firewalling, redirects, ... and all the other stuff.
If you want more info about this. Check the openvpn website.
-
First of all make sure you set the option "Route all trafic over PPTP VPN" is set on your client.
2nd make sure you put the ip of the pfsense as default gateway. NOT the PPTP server ip
The best resource is still the pfsense forum
-
On Tuesday, we dusted off the source code for early versions of MS-DOS and Word for Windows. With the help of the Computer History Museum, we are making this code available to the public for the first time.
The museum has done an excellent job of curating some of the most significant historical software programs in computing history. As part of this ongoing project, the museum will make available two of the most widely used software programs of the 1980’s, MS DOS 1.1 and 2.0 and Microsoft Word for Windows 1.1a, to help future generations of technologists better understand the roots of personal computing.
Code and info:
http://www.computerhistory.org/_static/atchm/microsoft-ms-dos-early-source-code/
-
https://forums.hak5.org/index.php?/topic/7499-read-me-first/
This is kinda like rules :)
-
First of all. Try using the correct URL's. Hotmail.com doesn't exist. Same for outlook.com. Those site both got rewrites towards https://login.live.com/login.srf%C2'> If you would use that url in squid-imposter it would work for hotmail/outlook/livemail whatever you want to call it.
Now for Yahoo. They dont got a http version only https. So i will not work on them. ( Actualy impressed :p , even gmail still got http )
-
I'm guessing you filled up your routers max sessions. Witch is sort of a DOS on your own router system.
Transmit rate (IMPORTANT!!)This program spews out packets very fast. On Windows, or from VMs, it can do 300,000 packets/second. On Linux (no virtualization) it'll do 1.6 million packets-per-second. That's fast enough to melt most networks.
Note that it'll only melt your own network. It randomizes the target IP addresses so that it shouldn't overwhelm any distant network.
Try dropping --rate150000 and do --max-rate 15000 or something like that. It will take a few days to scan the internet. But should not crash your local network. If it still does crash you need to keep lowering it till you find the right settings for your connection
-
Like didip said. Just was trying to point out that you need to watch what you post. The main reason i did it was for the last paragraph sentence in your first post.
Just to make a small example:
- I know you like gaming. Also hosted servers or tried to
- You have been recently looking into arduino
- Your interested in bitcoins but didn't really commit to it.
- Been using Tor a lot.
- From Canada
- First Name Stephen
This only took 10min of work. And its not even everything i found.
-
NTIA giving up controle over dns root in 2015
-
OMG just saw its a old thread.... GODDAMN can the new people stop making zombies :p
before doing anything make a full disk clone to be safe.The idea to run it virtually is your best bet for compatibility with new hardware. But you got the watch out for the hardware. Like if the server is controlling machines with a serial port or some special interface card. If that's the case then its gone be hard or not possible to make a VM -
You do know you just plead yourself as a potential criminal ?
-
https://wifipineapple.com/?flashing
Try the unbricking instructions
-
First of all. A short leastime does not mean your pc will get a new ip every time the lease time is over.
DHCP in short:
1) Client connects on the network.
2) Client sends a request for network settings. ( dhcp request ) broadcast
3) dhcp server offers 4 times the same settings ( dhcp offer )
4) Client accepts the offer and start using it( dhcp ack )
5) Server locks the ip/mac till releasetime
Now the dhcp settings offert by the server is not only the usual stuff: ip/mask/router/dns Its also release time AND renew time.
The renew time should always be lower then the release time. When the client reaches the renew time, it will send a new request to the server
but this time it will be a DHCP inform request. Asking the server to extend the release time for this address.
So basicly as long as your device is online and got a connection towards the dhcp server it should not change ip.
But the safest way: Set your device as a static ip on the network !
As of using broadcast addresses for your exploit. If could work but defiantly isn't stealthy and i think a lot of AV/firewall programs will not like it
-
-
So they've changed OS-X to Unix? Back in the day it was BSD based.
BSD is a child of unix ;)
http://www.unix.org/what_is_unix/history_timeline.html
-
You will need to add a way more stuff. Things like:
- OS check.
- Filesize ( kinda hard to believe if you download a exe of 15mb its done a few msec )
-
Like your post said. the battery did his job it worked the time it indicated in windows/linux. Wich would indicate the loader circuit/motherboard to be the problem.
Most company's place this on the main board. Only seen a few that placed them on the battery. If the laptop is under warranty just send it in. Most likely there gone replace the motherboard. If not then your unlucky. Where i work, we seen it a few times.
-
So you want to reproduce the response of the http server towards the client ?
if so capture a few of these issues and check if you can decipher the response. if its a decent program it will have validation checks/encryption. And then it will pretty time consuming to recreate this.
Then your better off getting a copy of the server. ( vmware clone for example )
-
Guys your posting in a zombie thread ;) its a post from 2009! think those job offers are passed already ;)
-
Digip is spot on. If you can combine it. You should try it. But that litle paper on the end of your education is so important for many companies. Like Digip i didnt finish my college. And it surely hurd when finding jobs. Even if i was allowed to do the test and got the better scores they still prefered the persone with that litle piece of paper.
Now on the other side. If you can combine it. And you can leave college with a nice degree and have experience because of combining. If you would need to find a other job. Youll have a hard to beat resume ;)
Mind all the IF's :D
Now the firewall part. My boss likes pure HW firewall ( wich actualy are mini pc's with software most cases ). Im more of a combination. Own hw with deticated firewall OS on it. ( mainly because good HW firewalls cost a lot. and needs support contracts ) For the other stuff ill leave it for the more educated under us. ( or people who actualy know the isps over there )
-
I was actually lucky, my laptop had a wifi chipset that supported monitor mode and packet injection. I do believe it's possible to remove the mini-pci card containing the wifi chipset and installing maybe an atheros 9k series chipset. Stuff you find on ebay :)
May i add. And try to avoid those awfull intel ones....
-
Yup same kinda stuff over here. At least with the change to docsis 3 there modems now starting to use nat. Before that you got a direct internet ip adres. And could even find like printers of the neighbors and such on that network ;)
-
Most of the time the defence for this is just using strong keys on the AP and disabling WPS but you could have an instance where the low level drivers are vulnerable in which case just sending traffic to the AP could exploit it. This happened with madwifi-ng drivers years ago when Karma was becoming popular. Lots of people showed up at a conference with vulnerable machines and got popped.
That's OK for a business environment. But over here the 2 biggest ISP set there routers to have a standard open wifi network. Like Fon. In such a case a city wide infection would just take hours?
-
Worst nightmare?!
-
Hmm, is the problem you want to connect to the device from outside?
If so. It can be that the provider is blocking this kind of connection. ( i know in my country that it was impossible with a non-busniness account to do ipsec/pptp vpn connections )
Also a few got the habbit over here to block sub 1024 ports for non-busniness.
PFSense PPTP
in Questions
Posted
Yeah, the best way is like barry99705 said. The most secure can be ipsec. ( if you add xauth and all that stuff )