Infiltrator

Better yet fuck him off the system.

So what's the best way to protect the cookies from getting hijacked if not even https can protect them. Edit: Found something that helps mitigate Firesheep attack, http://gizmodo.com/5676841/how-to-keep-hac...-with-firesheep

You are right, If I can run arbitrary code on a machine than there isn't much point of disabling NoScript, I pretty much owned the machine. I was just thinking of other ways to turn off Noscript and make sidejacking more effective by turning off HTTPS.

Very well said, I didn't realize that part, but it does make sense. Once you owned the machine you could upload some key loggers witch would make the job a lot easier.

I said to an extend, if the Firewall has IPS incorporated this attacks can be mitigated. Edit: http://www.stonesoft.com/en/press_and_medi...0/17062010.html

It would be interesting to see someone writing an exploit that could tell this function in NoScript to disable HTTPS.

Glad it worked and glad I could help.

Firewalls are good and they keep you safe to an extent. Especially in the event of zero days attack, when attackers are trying to exploit targets that haven't been patched up. Zone Alarm used to be good back in the old days, but I now use Comodo Firewall always served me well. Firewalls can be annoying, due to the pops up and that's what I like about Comodo. It has security modes that you can set to, and one of them is the Learning Mode, it studies and learns all the traffic patterns that flows through it and if it finds anything suspecting it will block, but it won't be displaying much pop ups in this mode. It will still be protecting your computer but won't be much annoying. Alternatively if you don't want to install a firewall in your computer, go with Untangle. Untangle is a Linux firewall box that sits between your modem and your network. It comes with IDS and the best AntiVirus on the house (Kyspersky). http://www.untangle.com/

I can't remember from the top of my head, what episode talks about DNS poisoning. But if you look into Ethercap or Cain and Abel, you should be able to perform the attack.

You can use dns poisoning to redirect a user from a legit website to a fake one. And then use Metasploit to create a reverse shell.

If you are the attacker how can you use NoScript to turn off the https option on the website that the victim is accessing, in order to sidejack the session. And most computer users, will know that browsing a website in https will be a lot safer than browsing one that doesn't support SSL.

If they could drop the prices and increase the monthly quota that would make the plans more affordable and above all an exceptional service provider.

Thanks to Nvidia Cuda anyone can build and own a supercomputer at home. x1 Nvidia GTX480 Graphics card, contains up to 480 CUDA Cores Buy x10 of those and you get a total of 4800 Cuda Cores. Now you have a supercomputer, for cracking passwords, wireless keys and so on. Edit: http://www.evga.com/products/moreInfo.asp?...0Family&sw=

By Emil Protalinski, TechSpot.com Published: October 28, 2010, 12:55 PM EST China has built the world's fastest supercomputer, stealing the crown from the United States, according to the New York Times. The National University of Defense Technology's Tianhe-1A PC has 14,336 processors from Intel and over 7,168 M2050 graphics cards from Nvidia ($2,500 each). This gives it a horsepower equivalent of 175,000 laptop computers, according to Nvidia. China says the Tianhe-1A, which is under supervision from the Ministry of National Defense and the Ministry of Education, will be used by scientists across several fields and will also be made available to other countries. The supercomputer race is extremely competitive and is a source of national pride. China's 2.507 petaflop supercomputer, which is 30 percent faster than the world's second most powerful supercomputer, was built by the National University of Defense Technology using the government's money and is now located at the National Supercomputing Center in Tianjin. America's fastest supercomputer is in Tennessee, where it's been since 2004 when the US grabbed first place back from Japan. The ranking is based on a standard test used to gauge how well the systems handle mathematical calculations. Out of the top 10, seven of the world's most powerful computers are in the US, two are in China, and one is in Germany. Source: http://www.techspot.com/news/40899-china-s...rom-the-us.html

You mean something like Morse Code.

Actually you can set Gmail to maintain a persistent https connection.

They will know that is coming from you, if your account name is solely based on your name. Anyway will keep looking around, if I find anything will let you know.

You could use Skype, to send SMS messages. The problem is that you have to buy credits The good thing I like about it, is that the receiver will never be able to reply to the text message and never will know where the text came from or what number was used to send the text in the first place. The receiver however will know your Skype account name which won't help much. But I thought you might wanted to know that.

I know exactly what you mean and I had the same feeling when I first saw it. How the hell am I suppose to type on a flat surface keyboard.

I found some information, it might help you. http://wiki.fon.com/wiki/USB_Storage_Usage http://wiki.fon.com/wiki/External_Storage_Use

Are you able to get to the router configuration page at all? That's one you could find out if the router has support for 3G connection.

Or it could be that his ADSL modem IP address hasn't synced with his dyndns account.

My first impression was that, they were already occupying port 443 with SSL and since it was occupied they may have decided to run another SSL service on port 7000. But now that you cleared that up then its all good. Thanks dude.

Yeah I know what you mean, I've seen one of them before. But it would be nice if they could design such keyboard.

Have you checked this service before http://www.text4free.net/