Infiltrator
-
Posts
4,287 -
Joined
-
Last visited
-
Days Won
22
Posts posted by Infiltrator
-
-
Also, what kind of encryption software could I use that requires use of private key? I know truecrypt can do this and it's proven open source code. Anything better? What about just using 7zip with aes-256 to encrypt files? No key though..
This is all for study btw.
Look into this one, http://www.gnupg.org/ if you haven't heard of.
-
Windows 8 is UEFI certified. Fedora isn't.
That's why when you disable UEFI, you can boot your Fedora distribution.
And when you enable UEFI, only Windows 8 is able to boot.
http://docs.fedoraproject.org/en-US/Fedora/18/html-single/UEFI_Secure_Boot_Guide/index.html
-
I don't trust any service provider, not even my own ISP. Don't forget they could be working along side with any government la w agency.
So running your own SSH, or OpenVPN server from your own house, and then tunnelling your traffic through it, makes it very safe. Because you own it and have control over it.
Your ISP on the other hand, can only see the IP addresses you access, but not the traffic itself.
-
Heh. Most of my clients won't even pony up for a second wan connection, and some of them are townships/cities!
Well, I can understand that.
It would be pointless for an average home user to have a second WAN connection. Unless, you are offering some kind of cloud service, that needs to have some kind of redundancy in place.
In addition, not many users will be able to afford the price of a second WAN connection.
-
Be aware that SSL-strip will not work against some SSL-based websites.
Why? Because they've been implemented to work on SSL only.
Remove the "S" from the HTTPs, will cause the Web-server to close the connection.
-
So it is useful and necessary, because I'm adding another layer to the onion.
The problem I have with that is if I just use my personal exit node I'm a small target, I can control my own internal security and even build ssl/tls tunnels to my own firewall internally. I am forced to trust a network and company I know nothing about, technically. They could all be honey pots for all we know. Not to mention when using OpenVPN or like products, once I leave their exit node my packets enter plain text internet anyhow.
There is just one more challenge. Your traffic will only remain encrypted from point A (yourself) to point B (VPN server). Once your traffic leaves point B, it will once again become clear-text. So all the effort, you went through to ensure your traffic was heavily encrypted, will once again be travelling in clear-text.
If you're going to be transmitting data, just make sure you encrypt it before hand. This will make sure, that your data remains safe. You could then use PGP to self-sign it and even if it gets tempered with, you will know something happened along the way.
-
What you did is considered Blackhat hacking. You clearly did something without authorization and you're lucky your school didn't press charges against you. If you keep doing this, you will end up in jail. So think twice before doing again. As someone already mentioned, I'd practice with your gear, setup a virtual lab and use it for improving your skills. And then once you are good, do it legally and professionally by working for a company.
-
This is an interesting thread, the other I ran Nmap against my Asus router and found about 4 different ports opened.
This was an internal scan, so all good. I am going to do an external scan, to see what interesting results I might get.
-
Just want to add, that Reaver can become infective against some routers.
And that's due to the fact, that some routers have built in protection against Reaver.
You're better off, just capturing the 4 way handshake and cracking it.
-
Depending on the magnitude of the DDoS attack, your bandwidth can get crippled very quickly. And as you stated in your post "my router gets a little slow", that could be one of the reasons why the player's voices are sounding like robots.
Also, one way to minimize the effects of the DDoS attack, is using a Load Balancer hardware. You could build your own with Untangle or Pfsense both support this feature.
But it requires an additional Internet connection to load balance the traffic.
Just a suggestion.
-
Long before Prism existed, I always had concerns over using third party service providers, for storing any of my data.
If you are really concerned with your data or information, do not post or upload them.
Setup your cloud server from home and use it instead.
-
To succeed in any field, you need to have the passion, dedication and above all, you must enjoy what you do.
-
Why does adding vpn under https add more security? To my knowlege you cannot read ssl encrypted traffic, or the encapsulated packets of ssl headers. This is why firewalls offer deep ssl inspection where the firewall proxies traffics and uses its own ssl cert so it can then read the ssl headers.
Correct, you can't read SSL encrypted traffic. But with the right software and hardware, it's possible to read SSL encrypted traffic.
Now, the reason why adding a VPN under HTTP(s) add more security, is because you are adding an additional layer of encryption.
You now have two different layers of encryption. Even if an attacker manages to break through the first layer, he still have to break through the second layer, which therefore increases your overall security but reduces your throughput and system performance.
-
I own both adapters the AWUS36H and AWUS036NHA. The former uses a Realtek chipset and the latter uses an Atheros chipset.
Based on my experimentations, I'd recommend the c. It's much more stable than the AWUS36H.
The AWUS36H is a long range adapter, the AWUS036NHA isn't but that shouldn't hold you back. You can always upgrade the antenna to a high gain one.
-
It's possible but in practice a little bit difficult. You need to be on the same network segment as the server to be able to sniff any data.
-
I would recommend the Asus Dark Knight, but it would be a little too much for you $60 dollars budget.
If you can, stay away from the B/G standards and use N standard instead. It offers better speed and coverage, plux using a mix of different standards will degrade your wireless performance too.
So Ideally, you want to have every device operating on the same standard. Also when looking for a new router, buy one that supports dual bands 2.4ghz/5ghz. The 2.4Ghz band is heavily crowded and usually suffers from a lot of interference. The 5ghz band is less crowded and offer better stability and reliability.
-
Personally I don't like the Ubuntu distro much, I prefer Debian or CentOS.
And since it's a Chinese modified distro, I'd stay away from it.
-
Even, If there was a guide out there on how to "clean the logs". It would vary from system to system. For a simple reason, even if you managed to clear all the log files in the machine you attacked.
Depending on the network setup, there could be an appliance on the network, monitoring or even recording everything you are doing.
So before attacking a system it's imperative that you carry out a reconnaissance or gather as much information as possible.
By the way, if you go to the control panel, under administrative tools, there is an option called EvenViewer, in there you will find all the systems log files.
In Linux the log files will usually be saved under, the /var/log directory.
-
What exactly does that software do? Also, if that machine is not facing the internet side, as Digip pointed out, you could isolate it from your main network.
By using Vlan or simply setting up an additional network that doesn't have access to the internet.
-
If you are not using it, just simply disable it.
-
No offense or anything, but rainbow tables are becoming a thing of the past. Not many people, uses rainbow tables anymore. I know they are fast and efficient at cracking short lengthened passwords.
But creating and maintaining them can become quite cumbersome.
-
-
It doesn't make sense what you are asking. Why do you want to arp poison yourself?
If you want to practice some ARP-spoofing, just fire up some virtual machines and use them as victims.
That's what I'd do anyway.
-
Sorry, guess I should have used RTFM for a clearer reference..lol. Sorry, so sorry...
This one is a bit harsh. But you need to learn how to read it.
DHCP - client devices can not connect
in WiFi Pineapple Mark IV
Posted
Make sure the DHCP service on the Pineapple is actually running.