GuardMoony

Do not forget most keyloggers only send the things they capture at certain times. Like when there capture is x size or at specific times in there config. So you will only see a connection to the destination at those times.

So any1 from europe going to BruCON 2013? http://2013.brucon.org/

DOH. forgot to press post when i typed my message :( Euhm just wanted to say. That security on WPS has increased on most new routers. ( they start blocking on to many attempts ) also make sure your wireless does not start to connect to a other network.

Can you try a telnet to the server on port 53. Just to see if the Firewall isnt blocking. Also make sure the virtual server isnt NATed to the testnetwork.

Mincecraft is fun for a while. Then you get bored of it. Esp if you keep stock vanilla. Only way to keep things intresting is using mods. @computerguy: you can keep the servers private... And every game got 12y olds running arround

The more newer routers got extra protection on there WPS. They would stop reacting after X attempts in X time. This could have happend in your test. Other things could be. Your wireless got disabled. Mayby some other attack did a wireless connection to a other network or so.

Realy sounds/reads like a add commercial. It should help for vps and other small single machines with no firewall in front. You should say its mainly for red hat based OS

If the admin questions you again. Record it on your phone. Just audio recording is enough. At least you got some proof. And if they wont let you, then they just have to wait till your parents are there.

Yeah i understand it digiP. Atm im setting up my own server to put in a datacenter.

Yes i have read all of that DigiP. But i wonder if its possible for a pfsense plugin that does those detection. And send the information towards you guys. Because its way easyer to put something like this on the firewall of webservers. Then to add it on every site itself.

Anyway to implement it into pfsense? Mayby by using snort ?

Verry nice research :) Only 1 small thing crossed my mind reading the Attack Analysis. Your accepting any kind of connection. No check for users or unique codes ? Wont you run the risk of getting false info spammed ? Anyways ill mayby look to set a small honeypot for it :)

If you mean from your internal network. Then yes. Mostly your default gw will be the ip of your router. Its just the way networking works.

Sweet. Now to find some time to get a look at it :)

The only real weird thing i see is: Checking `z2'... user "USERNAME" deleted or never logged from lastlog! - The packet sniffer ( witch really isn't a sniffer. its for WPA/dhcp on wlan ) - The java you installed yourself - The Android stuff seems to be false positive. ( just google for it ) - The PUA. ( Potentially Unwanted Application ) There probably needed by some wine program your running. Or for a website ( PUA.JS.Xored is just a javascript, probaly false positive )

Mayby add DeepFreeze or something simular to the list ( reset everything back on reboot ) http://www.faronics.com/en-uk/products/deep-freeze/standard/

Dont know if its the wrong forum place. But there's a incorrect url on the cloud.wifipineapple.com page. The "Bug Submission" url is incorrect :p

Gone give BackBox a try. Seems to be up to date.

Stop trolling digip :p Just want to know if people are running other stuff out there. That might work for me. Think ill have to wait on blackbuntu update :(

Hey guys, I am kinda looking for a new distro. I used to run BT5 R2 but the look is not really costumer friendly ;). I Tried the nodezero ( way of of date ). Its a pain to getting it to work with newer hardware :( Does any1 of you got any advice on a pre-build security linux. ( doesn't have to be as extensive as backtrack ) Its mainly for linux use and basic security testing. ( wireless, network, password, ... ) Prefer with kernel 2.6.35+ ( for hardware ) Thx, Moony

Or use directional antenna on your alfa and triangulate where it comes from? ( its harder if the other persone is using a directional antenna to attack ) And make sure it isnt your neighbor who is sending all the crap :p

To use paypal. Pls use the Button on the full story page. Hope he gets well. Regards, GuardMoony

http://www.defensecode.com/public/DefenseCode_Broadcom_Security_Advisory.pdf

@Digip most tracking for those things are: A Done by a gps signal thats build in the phone and is in the connection to the satellite. B Get a device and drive/fly around the area and see if you detect a strong signal. Witch only can be done when you use. @Jason A that's true. that's why i added if you could. And don't think real criminals would look at that ( just thinking its the best option out of normal inet, 3G and satellite ) B I was more thinking in the lines of only using it when needed like 3G. And putting it on a mobile home, or trailer or something... C Nearly impossible. Because a cloud could push your ping up by 10ms wich is like the difference range between south and north america... For the rest you still be using proxy and all that stuff. But hey just theory crafting and trowing something in there :)

Going back to the internet connection. Think the best is satelite internet ? If you could get with fake id / untraceble payment. This would be the best way. Because its near impossible to trace the location of it. the satalite covers multiple country's / states. Also you get decent speed.