firebrand

Why is it that when you talk about the tv show you call it Pure Ownage? But when you use the word "pwn" as in "I'm gonna pwn that n00b, he's such a pwnable fool," you say "pown"? What's up with this split-personality? Are you some kind of psychopath who thinks consistency is what you examine in the toilet pan each morning? Oh yeah, and what happened to the beardie guy who was doing all that virtual machine stuff? It's not like I miss him or anything - I like VirtualBox, and he's a VMWare boy. But when folk disappear without a trace, it gets me looking up at the night sky, you know? I don't wanna be anally probed again...

In the OP it says Now, I'm going to get a FON router to pineapple up. But the one I'm planning to buy is the Fonera+ because: 1. It's only £29.99 plus shipping; 2. It's the only FON router I can find (apart from the Fonera 2.0N which I believe cannot do the jaseger thing). So can you just clarify for me: does this HOWTO not work with the Fonera+? Or have I misunderstood this? And, if it doesn't work with the Fonera+: can someone point me in the right direction for a HOWTO that will work?

I don't have a contract. This is a pay as you go deal. The terms of service are very clear - I must prove I'm over 18 by producing a credit card if I want them to lift the Content Control. Look, they are not going to lift the Content Control. So I want to bypass it.

Thanks moonlit, I'll check that out. Unfortunately I can't use this particular method to solve my particular problem. DNS tunnelling will involve having access to another computer, and my only internet access is via the HSDPA dongle or a cellphone. Has anyone looked at the packet capture file I posted and seen how I might defeat the content lock?

I am very interested in unlocking this dongle. It's a Huawei K3565/e160, currently locked to Vodafone (UK). i've looked into this before, but the only solutions I could find was to pay Vodafone or some third party to do it for me - and for the money they want to charge I could buy a new dongle. But if you know of a way I can unlock this dongle myself, please fill me in.

Maybe you'd already proven your age to them in some way? For instance by registering a card with them for top-up purposes? When I log in at online.vodafone.co.uk, there is a link labelled "Manage settings for call barring and content control". But when I click on it, I get the message: "Unfortunately your request cannot be processed". From reading the faq I have concluded this is because I need to prove my age by giving them a credit card number. It's definitely not due to some temporary glitch in teir web site - I've tried clicking that link many times on many different days over the past few months.

Thanks for the suggestion. But I wouldn't want a friend or family member to do anything that's going to connect them to an internet connection of mine. What I'm really hoping for is some technical advice. That's why I posted the link to the packet capture file.

Incidentally, nmap has an option whereby you can set 'decoy' ip addresses that appear to be the source of your scan. Using the -D option enables you to make it look like your scan is one of several, the others coming from ip addresses that you specify. Thus the target won't know which ip address is the actual source: yours, or one of the other addresses you are spoofing.

I don't want to switch to a different provider. I've bought this HSDPA dongle, I want to use it. I can't afford to just dump functional hardware. But unfortunately Vodafone's Content Control stops me browsing certain sites. Using a proxy slows connection speed right down. So I'd like to find out if I can do something to swerve the Content Control. Anyone got any ideas how I might do that please? I've posted here a Wireshark capture file of traffic when I try to browse a banned site and get redirected to the Content Control page. EDIT: Oh, I forgot to mention, I can ping www.hackerthreads.org. Like so: user@ubuntu:~$ ping -c 5 www.hackerthreads.org PING web3.redbarncomputers.com (64.128.121.254) 56(84) bytes of data. 64 bytes from grendel.redbarncomputers.com (64.128.121.254): icmp_seq=1 ttl=49 time=539 ms 64 bytes from grendel.redbarncomputers.com (64.128.121.254): icmp_seq=2 ttl=49 time=469 ms 64 bytes from grendel.redbarncomputers.com (64.128.121.254): icmp_seq=3 ttl=49 time=449 ms 64 bytes from grendel.redbarncomputers.com (64.128.121.254): icmp_seq=4 ttl=49 time=459 ms 64 bytes from grendel.redbarncomputers.com (64.128.121.254): icmp_seq=5 ttl=49 time=449 ms --- web3.redbarncomputers.com ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4000ms rtt min/avg/max/mdev = 449.332/473.519/539.550/33.868 ms user@ubuntu:~$ So DNS resolves to send ping packets at the site, but trying to browse the site gets me redirected to the Content Control page. Does this suggest there might be a way to avoid the Content Control? Or is it just wishful thinking?

Irongeek has studied a number of keyloggers. Here he details Keymail, a keylogger for Windows that emails the logs to you; and here is a video in which he covers a number of hardware keyloggers. But, to repeat a point that you've already been told several times: no matter how sneaky you or your client are, there's still the possibility that one of the employees will discover the logger on his computer. Obviously he will feel aggrieved; and if/when he realizes that he isn't being targeted specifically and that all his colleagues' machines are also being keylogged, he'll see the potential value of this logging and may decide to get revenge by copying the logs for himself. And then your client will really be screwed. Maybe the employee wasn't doing anything underhand; but once he learns he's being spied on, he probably will get up to some bad stuff, possibly using his boss's spying utilities against him. I know, you've already said that you've told your client all this and he doesn't care. But I'd suggest that the fact he doesn't care indicates that he doesn't really understand the risks. So maybe you need to tell him some more. Explain to him that you cannot make the spying 100% secure, and that if it backfires it could cost him big time. And there are other ways to monitor his staff's activities - ways that do not involve installing spyware on individual computers that the employee may discover. But hey, you know all this already, right?

I am over 18. But Vodafone require me to prove this by having a credit card. And unfortunately, I don't have a credit card. It's a real pisser, actually, that Vodafone will only remove Content Control if I can provide a credit card number. But that's their rule, and according to everything I've read, they will not make any exceptions. Other mobile service providers offer other ways to do it - for instance I was able to get T-mobile Content Control removed by going into my local T-mobile store and telling them who I was; they only need to see me to know I'm not a minor - but Vodafone won't play nice. Which means I've got to remove the Content Control myself. If I can.

Apparently, the AWUS036H works with Backtrack okay (I don't know this from personal experience: I was looking for a wireless adapter with directional antenna that would work with Backtrack, and my online searching led me to the AWUS036H). So your sister could, for instance, (and *hypothetically* speaking) boot into Backtrack, use airodump-ng to find her laptop (by mac address) then home in on it by use of the directional antenna and keeping an eye on the signal power. To do that she's going to need to read up on using aircrack-ng; and, as has already been pointed out, these actions would probably be illegal - so when she tells the cops where she thinks the laptop is, and they ask how does she know that, she's going to have some problems. Also, the stuff you said about her having admin privileges on the router definitely smacks of illegal activity. She logs onto that router to block the laptop's mac address, that's a crime right there (in the uk it's a violation of the Computer Misuse Act - substitute with the relevant US law to discover how many years in prison she might get!). Just like other posters here, I am suspicious about this whole story. I thought that to get an ISP to reveal details about who used a particular ip address at a particular time, the police would need a court order. But they didn't, did they? And if the police really encouraged your sister to track down the thieves herself, that means they're encouraging vigilantism and computer crime - which isn't usual police behaviour. It's all very well you saying "Instead of questioning the story, can we put our brains together", but by asking for our help you are asking us to aid and abet a crime, which is a crime in itself. If you really want complete strangers to implicate themselves just to do you a favour, you could at least try to convince us that you're for real. Everything I have suggested to you is entirely hypothetical. By no means do I suggest that you or your sister should actually do any of this. To track down this laptop, you or your sister would have to break the law. Which is why I have serious doubts about the story. In my experience, the police do not encourage citizens to break the law. Locating a stolen computer is the police's job, not your sister's.

Hi, I've got a problem which I don't know how to resolve. When I use my Vodafone (UK cellphone network) HSDPA USB dongle to browse the internet (using Firefox on my Ubuntu Jaunty computer), I get a Content Control screen blocking me from viewing certain kinds of sites - pr0n, sites related to "crime" (like hacking, damn them!), sites that offer rival services like VOIP... I know I can get round this by using some sort of proxy; but when I do so, the connection speed gets really low. So I'd like to bypass the Content Control screen. (Incidentally, I'm not stopped from accessing hak5.org - maybe because of the spelling "hak"?) To try and see what happens when I try to access a banned site and get redirected, I fired up Wireshark and captured the traffic exchange (capture file here). In the capture, 10.97.81.227 is me. 64.128.121.254 is the IP address of www.hackerthreads.org (the banned site). 195.232.193.8 belongs to online.vodafone.co.uk - when I get redirected there from the banned site, I get the Content Control screen (see attachment); if I just type '195.232.193.8' into the URL bar, I get Vodafone's homepage for customers. I'm afraid I don't know much about Wireshark and packets. All I can make out is that I exchange some packets with 64.128.121.254 (which I don't really understand - how am I sending packets there without getting a DNS from its URL first? I typed 'www.hackerthreads.org' into Firefox, not the IP address); then there is DNS traffic between me and 10.205.65.68 (which I assume is Vodafone's DNS server); and then I send packet to 195.232.193.8! If anyone can explain what's going on, and maybe how I can bypass this, I'll be really grateful.

Thinking about it, I wouldn't have to set up the reverse ssh at home before I leave. If I can email my ip address at the hotspot to my home machine, I'll be able to have it automated, have a script set it up for me. Wouldn't I? My ignorance is making it very difficult to see what is possible and what is just coming out of my butt. I'd love it if someone here with more knowledge of this stuff could give me some feedback on what I'm talking about. Please?

Thanks for the tip. I'll check it out properly when I get home. One question though: I just looked through that page you linked to, please tell me if I've got this right - do I have to establish an ssh connection between my home machine and my laptop before I go out, then maintain that connection all the time until I actually want to use it? Because that would be a problem. I want to be able to connect to my home computer when I am out and about with my laptop, maybe at a wifi hotspot at McDonald's or some such thing. So I wouldn't know the IP address my laptop would be using until I actually get to the hotspot or cyber-cafe. Something I've been thinking: would it be feasible to email from laptop to home machine, sending my laptop's address? I could put a particular keyword in the subject line for procmail to watch for; then my home machine reads the email, gets the necessary info, and establishes a connection to my laptop? I can set Evolution to grab new emails every 10 minutes or something, so getting an email through to the computer won't be a problem. This idea is definitely in the vague, "I don't really know how to implement this or even if it is actually implementable" stage. Is it something that I could actually do? Please remember, I'm trying to get round a firewall that does not allow connections from the outside to the home machine - it will only allow connections that are initiated from the home machine to the outside. I have absolutely no control over this firewall, so port-forwarding and anything else like that is not possible. I want to connect to a laptop (running Ubuntu) that I will have at a wifi hotspot. The home computer is also running Ubuntu. The eventual plan is to try and do the DNS-tunnelling demonstrated by mubix on Hak5 s5 e4.