Infiltrator

The reason I mentioned certificate errors, was because when I am in BT using SSLStrip I always get certificate errors on my victims browser, unless there is something in the SSLstrip configuration file that I am missing or overlooking.

From what i gathered so far, he has a dual boot setup, running a flavor of windows and linux.

Look for web-based proxies, like www.hidemyass.com.

Do you have a Windows installation CD at all?

That doesn't sound right and the teatimer.exe is part of the Spybot - search and destroy program. Just out of curiosity, where did you download the spybot software from? "SpybotSD TeaTimer" can run at start up. TeaTimer is a new tool of Spybot S&D - spam filter which perpetually monitors the processes called/initiated. It immediately detects known malicious processes wanting to start and terminates them giving you some options, how to deal with this process in the future"

My bad, I thought your netbook had a CD to restore it back to default settings, obviously it doesn't have a CD drive as you stated before. What puzzles me, is the fact that the disk utility deleted things it shouldn't have to. It's not something that, normally happens when doing a disk clean up, especially with the Windows disk clean up utility.

I had a quick look in the Asus firmware support page and it's got all the major languages but Japanese. I also checked for open source firmware, but there's nothing for the type of router you have.

Let me guess, you are not very popular are you?

I would use TOR if you want to surf the web anonymously, but I would emphasize that 100% anonymity is not possible, if that's what you are trying to achieve. Also you can use multiple VPNs to tunnel your traffic through, making the tracing back to you difficult. However, you will have to be careful what applications you use, as they could have the potential of revealing your real IP address.

Try creating an ISO image of the CD and then using an USB key to boot your netbook off it.

I believe so, if you were using just a normal Windows installation CD, you could choose which partition to format and install Windows on, since you are using the restore CD that came with your computer, there is a possibility that the CD will delete all the partitions on your hard drive, since its resetting your computer settings back to factory defaults.

What disk clean up utility did you use?

Good mag, there's also the hakin9.org mags, which I would recommend.

You could certainty do that, but you will have to attack someone who is a total computer illiterate. As Saelani pointed out, it would be very difficult to trick or convince someone who has a strong IT knowledge, to continue browsing an insecure website. There is also an utility called SSLStrip, which basically strips off the (s) from the HTTP(s), making the connection insecure and giving you back the ability to sniff the traffic. However, this utility will cause the web browser to set off a warning message, stating that the website security certificate is either expired or not legit. Some users will choose to ignore the error message, whereas other users will simply stay way from the page. You should definitely play around with these tools and get a grasp for them. Like I said, before there are plenty of tutorial videos on Youtube and securitytube to assist you. And if you are not sure about something you can always research on Google, before posting a question in the forums.

While some of the Avast additional protection, is generally not needed, they are quite good to have, you never know what you might encounter.

There are tools like Wireshark or TCPDUMP that you can use to capture the packets (information) that travels down the wire or through the wireless medium. When you arp poison the victim, the victim traffic flows through your computer, and with a program like Wireshark/TCPDump that traffic can be captured and viewed. You can only view traffic that is not encrypted, if the victim connects to a website, that uses HTTP(s) the traffic will be encrypted, and any information that the victim enters on the website will not be in a human readable form, everything will be gibberish to you. But you can still see what website the victim visited, the IP address of victim and so forth. All this stuff, I've learned from watching the Hak5 videos, reading other peoples comments, researching, reading books. Also Youtube and securitytube.net have plenty of videos on this kind of attacks. Its just a matter of searching on Google.

You could do a bit of war driving, and as you drive around you could use a software like Kistmet combined with a GPS receiver to map the physical location of each AP. Then with Google Maps, you will be able to map all the AP's location using the GPS co-ordinates.

Yes its part of Spybot! It no only detected spyware, but it also locks some important files like the host file for instance. If some malware, attempt to alter the host file, Spybot will protect the file from being modified.

The guys at the hackforums.net has great SQL Injection tutorials, you might want to check them as well.

Keep Avast, install Spybot - search and destroy and Comodo firewalls. These will keep you protected.

Well that's the problem, if its only compartible with XP, then you won't be able to get it work on a server OS. Unless there is a driver specifically written for the server at all. Are you trying to share your internet connection through the server?

A wireless card like the one, they sell in the Hak5 shop its not necessary in order to connect to the WIFI Pineapple, but it would be very handy to have one, because of its high gain antenna and the ability to connect to the WIFI pineapple or any other acces point from a distance of hundreds or miles away. The WIFI Pineapple works just like a normal AP, it operates off a battery and can be placed anywhere. The attacker on the other hand, will only need to SSH or access it via its web-based interface to operate it remotely.

I would suggest getting yourself familiar with each term and what each does, they can get quite overwhelming sometimes. A firewall, is a very important piece of software or hardware, it helps stop known attacks from getting into your computer. Most importantly, it helps you manage what applications are allowed to access the internet or not. Firewalls uses rules to determine what traffic can be let in or out. An AV Scanner or an Antvirus, helps detect and delete virus/works/malwares from infecting your computer, in the first place. Spyware Removal, its a tool that helps identify small piece of software designed to steal information from your computer.

The whole purpose of the WIFI Pineapple is to make users aware of the dangers of connecting to an open/unencrypted WIFI connection. Once the victim connects to it, the attacker operating the device, can remotely do all sorts of malicious things. For example, the attacker can monitor your traffic and in real time he can see what sites you visit, what information you enter on the websites. He could redirect your from a legit website (Facebook.com) to a fake Facebook website and harverst all your login credentials without you knowning. All these would be happening transparently on the background. The best way to avoid being a victim, of such attack is to never connect to an unencrypted/open WIFI, always use secure connections, like HTTP(s), VPN or SSH. These will reduce the chances of the attacker sniffing your traffic.

The firmware dictates what channels are allowed in a country, so technically all you have to do is upgrade your firmware to the Japonese one.