Infiltrator

Oh yes the APIPA address. But one thing you got to remember is that the MAC address is imprinted on the NIC's ROM, so it doesn't change only the IP address.

I don't think there are any more methods besides the ones already mentioned.

I'd not recommend Backtrack as your main OS, instead use Ubuntu, as its been designed as a desktop OS for everyday usage. Backtrack on the other hand, was designed for security auditing and most of its operations are conducted from a terminal window, which could prove challenging at first, if you are not a Linux user. Ubuntu is quite friendly and there are tons of tutorials and guides on the internet, to make your transition as smooth as possible.

Technically speaking, you are still required to have two separate LAN interfaces on the card, for the two MAC addresses to be used individually. By design, its not possible to have two MAC addresses operating on the same interface. Let me guess, are you trying to set up some kind of load balancing or redundancy? If that's the case, you can't assign more than one MAC address to a single NIC. You can change the MAC address, but that's as far as you can go. A single NIC can only operate with a single MAC address, you will need an additional NIC if you want to have two separate MAC addresses. This will need to be hard coded in the router's firmware, however you can use ARP Poisoning to redirect your victims traffic into your attacker's machine. if you haven't done ARP poisoning before, check out this Backtrack arp poisoning article. http://forum.intern0t.org/offensive-guides-information/603-arp-poisoning-mitm-attack.html

I'd just use a VPN service, like Cyberghostvpn or Nvpn to tunnel all my traffic through. That way, even if someone tried sniffing my data it would be encrypted and protected. Also Darren did a lot of segments on wireless security, that it shouldn't be a problem to implement.

Why don't you ask them directly at feedback@hak5.org.

For learning experience I'd recommend Ubuntu, I've been using it as my second OS in a VM, for quite sometime now and have always been learning stuffs. Plus Ubuntu has a great community, with lots of tutorials and resources to help out any new starter.

As a matter of fact, there are a lot of talks on RATs in the Hackforums even tutorials. I just became a member and its amazing to see how many threads are created on the topic. Not to mention, that in every question or answer, there will always be the abbreviation RAT, or people suggesting the use of RAT.

C and Python would be good languages to learn, learn C first then Python. I'd also encourage you to do certifications, whilst they may not seem effective at determining someone's experience, they will make your resume look good, when hunting for a job. Apart from these certs, network+ or security+, I'd also go for the CCNA and CEH.

Yeah I know, but it's OK, I can afford it.

Turn off your main wireless card WLAN0, ifconfig wlan0 down Then connect your Alfa wireless card in and run the command, iwconfig It should now display some information about your Alfa card, issue an Ifconfig WLAN0 up to bring your Alfa interface up and then try again, see if that still freezes up.

This is the laptop, I am getting, I know it doesn't meet your requirements but its a great machine, for pen-testing I'd say. One of the things, that I like most about it, is that it comes with an NVIDIA graphics card, with 480 cuda cores, which will help me crack passwords faster. I'm also going to wipe Windows off and install Backtrack 5. In addition, I will be replacing the HDD with an SSD for optimum performance. "Intel Core i7 2670QM 2.2Ghz (Turbo 3.1G), Windows 7 Home Premium 64-bit, mobile Intel HM65 express chipset, 12GB (3 x 4GB) DDR3 1333MHz, 15.6" LED full-HD (1920 x 1080), 2GB DDR5 NVIDIA GeForce GTX560M, 2 x 750GB 5400RPM, Bluray writer and more. 2 year hardware warranty, 1 year..." http://www.pccasegear.com/index.php?main_page=product_info&cPath=1013_1255&products_id=18809

I don't know if you know, but there is a hardware keylogger, you could buy. http://www.keelog.com/

I'd contact the forum administrators.

Yeah, I've heard about that too. I don't know about Windows, but have you tried using a different driver other than the default driver in Linux?

I can't believe I forgot to mention those videos, I even bought the book he wrote. Highly recommended videos.

You are definitely right and that's exactly how I implemented my dictionary files.

I don't know what makes you hate Google! But it only took me a second to find these articles. WEP Cracking Tutorial http://lifehacker.com/5305094/how-to-crack-a-wi+fi-networks-wep-password-with-backtrack WPA Cracking Tutorial http://www.aircrack-ng.org/doku.php?id=cracking_wpa http://www.smallnetbuilder.com/wireless/wireless-howto/30278-how-to-crack-wpa--wpa2

Ideally you should have no more than 10 computers in a workgroup anything, above or beyond becomes impractical. I like everything managed from a central point. Its easy for keeping track of things and as well as helping maintain a secure environment.

The only problem I see with rainbow tables, is that after a certain length of characters, they become ineffective at cracking. And then you are back to square one!

The attacker will still need to know what the userID is, in order to authenticate. However, there is one thing that the attacker could do, if he doesn't know what the password is but knows what the userID is, he could do what is called "pass the hash attack". Watch this video, http://www.room362.com/blog/2009/8/26/pass-the-hash-metasploit-demo.html

Here is a nice guide, from the Metasploit team, on how to setup your own pen-testing lab. http://www.metasploit.com/help/test-lab.jsp

Get yourself a copy of Ubuntu, load it in a VM, and start out with the basic commands and then advance as you go. Some links to get you started: https://help.ubuntu.com/community/UsingTheTerminal http://freshtutorial.com/basic-ubuntu-command-tutorial-for-beginners/ https://help.ubuntu.com/10.04/basic-commands/C/files-directories-commands.html

There are lot of tutorials on WEP/WPA cracking out there, but they require the end user to have some knowledge or experience. The "BackTrack 5 Wireless Penetration Testing", is a well written book and made especially for beginners. I'd recommend you to buy it and read through it. You will certainly learn a lot from it.

Not exactly sure, what you are asking or wanting to know? Could you re-phrase your question please?