firebrand

Why is it that when you talk about the tv show you call it Pure Ownage? But when you use the word "pwn" as in "I'm gonna pwn that n00b, he's such a pwnable fool," you say "pown"? What's up with this split-personality? Are you some kind of psychopath who thinks consistency is what you examine in the toilet pan each morning? Oh yeah, and what happened to the beardie guy who was doing all that virtual machine stuff? It's not like I miss him or anything - I like VirtualBox, and he's a VMWare boy. But when folk disappear without a trace, it gets me looking up at the night sky, you know? I don't wanna be anally probed again...

In the OP it says Now, I'm going to get a FON router to pineapple up. But the one I'm planning to buy is the Fonera+ because: 1. It's only £29.99 plus shipping; 2. It's the only FON router I can find (apart from the Fonera 2.0N which I believe cannot do the jaseger thing). So can you just clarify for me: does this HOWTO not work with the Fonera+? Or have I misunderstood this? And, if it doesn't work with the Fonera+: can someone point me in the right direction for a HOWTO that will work?

I don't have a contract. This is a pay as you go deal. The terms of service are very clear - I must prove I'm over 18 by producing a credit card if I want them to lift the Content Control. Look, they are not going to lift the Content Control. So I want to bypass it.

Thanks moonlit, I'll check that out. Unfortunately I can't use this particular method to solve my particular problem. DNS tunnelling will involve having access to another computer, and my only internet access is via the HSDPA dongle or a cellphone. Has anyone looked at the packet capture file I posted and seen how I might defeat the content lock?

I am very interested in unlocking this dongle. It's a Huawei K3565/e160, currently locked to Vodafone (UK). i've looked into this before, but the only solutions I could find was to pay Vodafone or some third party to do it for me - and for the money they want to charge I could buy a new dongle. But if you know of a way I can unlock this dongle myself, please fill me in.

Maybe you'd already proven your age to them in some way? For instance by registering a card with them for top-up purposes? When I log in at online.vodafone.co.uk, there is a link labelled "Manage settings for call barring and content control". But when I click on it, I get the message: "Unfortunately your request cannot be processed". From reading the faq I have concluded this is because I need to prove my age by giving them a credit card number. It's definitely not due to some temporary glitch in teir web site - I've tried clicking that link many times on many different days over the past few months.

Thanks for the suggestion. But I wouldn't want a friend or family member to do anything that's going to connect them to an internet connection of mine. What I'm really hoping for is some technical advice. That's why I posted the link to the packet capture file.

Incidentally, nmap has an option whereby you can set 'decoy' ip addresses that appear to be the source of your scan. Using the -D option enables you to make it look like your scan is one of several, the others coming from ip addresses that you specify. Thus the target won't know which ip address is the actual source: yours, or one of the other addresses you are spoofing.

I don't want to switch to a different provider. I've bought this HSDPA dongle, I want to use it. I can't afford to just dump functional hardware. But unfortunately Vodafone's Content Control stops me browsing certain sites. Using a proxy slows connection speed right down. So I'd like to find out if I can do something to swerve the Content Control. Anyone got any ideas how I might do that please? I've posted here a Wireshark capture file of traffic when I try to browse a banned site and get redirected to the Content Control page. EDIT: Oh, I forgot to mention, I can ping www.hackerthreads.org. Like so: user@ubuntu:~$ ping -c 5 www.hackerthreads.org PING web3.redbarncomputers.com (64.128.121.254) 56(84) bytes of data. 64 bytes from grendel.redbarncomputers.com (64.128.121.254): icmp_seq=1 ttl=49 time=539 ms 64 bytes from grendel.redbarncomputers.com (64.128.121.254): icmp_seq=2 ttl=49 time=469 ms 64 bytes from grendel.redbarncomputers.com (64.128.121.254): icmp_seq=3 ttl=49 time=449 ms 64 bytes from grendel.redbarncomputers.com (64.128.121.254): icmp_seq=4 ttl=49 time=459 ms 64 bytes from grendel.redbarncomputers.com (64.128.121.254): icmp_seq=5 ttl=49 time=449 ms --- web3.redbarncomputers.com ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4000ms rtt min/avg/max/mdev = 449.332/473.519/539.550/33.868 ms user@ubuntu:~$ So DNS resolves to send ping packets at the site, but trying to browse the site gets me redirected to the Content Control page. Does this suggest there might be a way to avoid the Content Control? Or is it just wishful thinking?

Irongeek has studied a number of keyloggers. Here he details Keymail, a keylogger for Windows that emails the logs to you; and here is a video in which he covers a number of hardware keyloggers. But, to repeat a point that you've already been told several times: no matter how sneaky you or your client are, there's still the possibility that one of the employees will discover the logger on his computer. Obviously he will feel aggrieved; and if/when he realizes that he isn't being targeted specifically and that all his colleagues' machines are also being keylogged, he'll see the potential value of this logging and may decide to get revenge by copying the logs for himself. And then your client will really be screwed. Maybe the employee wasn't doing anything underhand; but once he learns he's being spied on, he probably will get up to some bad stuff, possibly using his boss's spying utilities against him. I know, you've already said that you've told your client all this and he doesn't care. But I'd suggest that the fact he doesn't care indicates that he doesn't really understand the risks. So maybe you need to tell him some more. Explain to him that you cannot make the spying 100% secure, and that if it backfires it could cost him big time. And there are other ways to monitor his staff's activities - ways that do not involve installing spyware on individual computers that the employee may discover. But hey, you know all this already, right?

I am over 18. But Vodafone require me to prove this by having a credit card. And unfortunately, I don't have a credit card. It's a real pisser, actually, that Vodafone will only remove Content Control if I can provide a credit card number. But that's their rule, and according to everything I've read, they will not make any exceptions. Other mobile service providers offer other ways to do it - for instance I was able to get T-mobile Content Control removed by going into my local T-mobile store and telling them who I was; they only need to see me to know I'm not a minor - but Vodafone won't play nice. Which means I've got to remove the Content Control myself. If I can.

Apparently, the AWUS036H works with Backtrack okay (I don't know this from personal experience: I was looking for a wireless adapter with directional antenna that would work with Backtrack, and my online searching led me to the AWUS036H). So your sister could, for instance, (and *hypothetically* speaking) boot into Backtrack, use airodump-ng to find her laptop (by mac address) then home in on it by use of the directional antenna and keeping an eye on the signal power. To do that she's going to need to read up on using aircrack-ng; and, as has already been pointed out, these actions would probably be illegal - so when she tells the cops where she thinks the laptop is, and they ask how does she know that, she's going to have some problems. Also, the stuff you said about her having admin privileges on the router definitely smacks of illegal activity. She logs onto that router to block the laptop's mac address, that's a crime right there (in the uk it's a violation of the Computer Misuse Act - substitute with the relevant US law to discover how many years in prison she might get!). Just like other posters here, I am suspicious about this whole story. I thought that to get an ISP to reveal details about who used a particular ip address at a particular time, the police would need a court order. But they didn't, did they? And if the police really encouraged your sister to track down the thieves herself, that means they're encouraging vigilantism and computer crime - which isn't usual police behaviour. It's all very well you saying "Instead of questioning the story, can we put our brains together", but by asking for our help you are asking us to aid and abet a crime, which is a crime in itself. If you really want complete strangers to implicate themselves just to do you a favour, you could at least try to convince us that you're for real. Everything I have suggested to you is entirely hypothetical. By no means do I suggest that you or your sister should actually do any of this. To track down this laptop, you or your sister would have to break the law. Which is why I have serious doubts about the story. In my experience, the police do not encourage citizens to break the law. Locating a stolen computer is the police's job, not your sister's.

Hi, I've got a problem which I don't know how to resolve. When I use my Vodafone (UK cellphone network) HSDPA USB dongle to browse the internet (using Firefox on my Ubuntu Jaunty computer), I get a Content Control screen blocking me from viewing certain kinds of sites - pr0n, sites related to "crime" (like hacking, damn them!), sites that offer rival services like VOIP... I know I can get round this by using some sort of proxy; but when I do so, the connection speed gets really low. So I'd like to bypass the Content Control screen. (Incidentally, I'm not stopped from accessing hak5.org - maybe because of the spelling "hak"?) To try and see what happens when I try to access a banned site and get redirected, I fired up Wireshark and captured the traffic exchange (capture file here). In the capture, 10.97.81.227 is me. 64.128.121.254 is the IP address of www.hackerthreads.org (the banned site). 195.232.193.8 belongs to online.vodafone.co.uk - when I get redirected there from the banned site, I get the Content Control screen (see attachment); if I just type '195.232.193.8' into the URL bar, I get Vodafone's homepage for customers. I'm afraid I don't know much about Wireshark and packets. All I can make out is that I exchange some packets with 64.128.121.254 (which I don't really understand - how am I sending packets there without getting a DNS from its URL first? I typed 'www.hackerthreads.org' into Firefox, not the IP address); then there is DNS traffic between me and 10.205.65.68 (which I assume is Vodafone's DNS server); and then I send packet to 195.232.193.8! If anyone can explain what's going on, and maybe how I can bypass this, I'll be really grateful.

Thinking about it, I wouldn't have to set up the reverse ssh at home before I leave. If I can email my ip address at the hotspot to my home machine, I'll be able to have it automated, have a script set it up for me. Wouldn't I? My ignorance is making it very difficult to see what is possible and what is just coming out of my butt. I'd love it if someone here with more knowledge of this stuff could give me some feedback on what I'm talking about. Please?

Thanks for the tip. I'll check it out properly when I get home. One question though: I just looked through that page you linked to, please tell me if I've got this right - do I have to establish an ssh connection between my home machine and my laptop before I go out, then maintain that connection all the time until I actually want to use it? Because that would be a problem. I want to be able to connect to my home computer when I am out and about with my laptop, maybe at a wifi hotspot at McDonald's or some such thing. So I wouldn't know the IP address my laptop would be using until I actually get to the hotspot or cyber-cafe. Something I've been thinking: would it be feasible to email from laptop to home machine, sending my laptop's address? I could put a particular keyword in the subject line for procmail to watch for; then my home machine reads the email, gets the necessary info, and establishes a connection to my laptop? I can set Evolution to grab new emails every 10 minutes or something, so getting an email through to the computer won't be a problem. This idea is definitely in the vague, "I don't really know how to implement this or even if it is actually implementable" stage. Is it something that I could actually do? Please remember, I'm trying to get round a firewall that does not allow connections from the outside to the home machine - it will only allow connections that are initiated from the home machine to the outside. I have absolutely no control over this firewall, so port-forwarding and anything else like that is not possible. I want to connect to a laptop (running Ubuntu) that I will have at a wifi hotspot. The home computer is also running Ubuntu. The eventual plan is to try and do the DNS-tunnelling demonstrated by mubix on Hak5 s5 e4.

Right, I had a look at logmein.com, and unfortunately it seems to be a Windows and Mac service only. Not for Linux (I'm running Ubuntu). Symantec's PCAnywhere is available in a Linux flavour, but it isn't free (I'm too poor to pay :( ) and anyway to use it you need to configure your firewall to let you in. I'm trying to defeat my cellular provider's firewall here. I've been reading about Nokia's Mobile Web Server product. I thought maybe it would give me some insight into how I can make my computer reachable from the internet. Unfortunately, Nokia's solution involves custom gateways that allow connections to pre-specified urls. Which doesn't help me. What deceptacon_eazy_e said about services that "make an outbound connection that you can ride back in" sounds like what I need. But I need one that'll work with Linux. I'm continuing to search, but if someone here can suggest a service or solution I'll be most grateful.

Cheers, I'll check that out. My cellphone plans are for "unlimited" data. I know what cellphone companies mean by "unlimited" is not what the rest of us understand by the term. But whatever their limits are, I haven't reached them yet. And I use phones and dongles a lot. I must download in excess of 6 GB of crap every month on each device I use (I watch a lot of video). As the cellular network is my only internet service at home, I cane it severely. But my provider doesn't seem to care. I have never been contacted by them concerning excess data use. I love 'em! If anyone's interested, I pay £2.50 for 5 days' unlimited internet access. The surprising thing is, the plan is supposed to be for "mobile internet" on the phone only - it's against the terms of service to use it to connect a computer. But my current 3G phone is wonderful for linking the computer, and I use a sim card from a phone in the dongle so my provider thinks that's a phone too.

As is explained here, you will almost certainly still be charged for your internet access. But note I said almost certainly. Your Freedom is a vpn client kinda thing, and it used to be possible to get free internet access with it on the Nigerian GloMobile cellphone network. You can't get the freebie from GloMobile any more, but the fact it used to work suggests that maybe it will work elsewhere. So it might be worth experimenting. Just don't get your hopes up!

I haven't got a landline at my house, so I connect my home computer to the internet via a cellphone or a mobile broadband dongle. I'd like to be able to connect to the machine when I'm out and about. I've got apache on the machine, so I got a DynDNS account and used my eeepc to see if I could view a test webpage I put on the home computer. It didn't work - all I got was a blank page. I did some reading on the subject and learned that internet-connected phones and computers on a cellphone provider's network are behind a firewall that will only allow connections that are initiated from behind the firewall. Simply put, I can make a connection from my home computer out to another machine on the int.ernet, but I cannot make a connection from that other machine to my home computer. I've been thinking about how I can get around this restriction. One idea I had was to send an email to my home computer with a special subject line that procmail would see and grab, and have some kind of commands in the body of the email that would tell the machine to connect to me. So the connection would be initiated by the computer behind the firewall. But I haven't really explored that idea because I don't know what I'm talking about. I'm not really fussed about making my home computer available to other people. I want to be able to access it myself. I started thinking about all this after seeing that Hak5 segment about using DNS requests to get free internet access at cyber cafes whose systems allow DNS requests to go through. Hmm, that's worded pretty badly. I hope you know what I'm talking about? Anyway, has anyone got any thoughts on how I might achieve this? EDIT: I forgot to mention, my home computer is running Ubuntu Hardy, and my eee uses eeebuntu Jaunty. If that's at all important.

Thanks for the links, guys. I'll get me some reading done tonight.

I'm pretty new to Hak5, I've been watching previous episodes and Jasager has caught my eye. I'll get a Fon soon, when I've got some cash (BT in the UK are selling them for £14.97 right now - sweet!). But in the meantime, I've been thinking, it ought to be possible to do this on an Eee Pc - they have the Atheros wireless card, after all - so I wonder has Digininja (or someone else) put together a "simple" way to make Jasager work on the Eee? I thought maybe I could get the rogue AP thing going on my Eee with Karma. So I put Backtrack3 on a USB stick and had a look... And look's pretty much all I did. I dunno, I can't seem to get Karma working for me, the few guides I've found seem to bear no resemblance to what's going on in Backtrack on my Eee. So a nice Jasager-ish front end would be lovely.