Infiltrator

VPN is a good solution for providing a secure connection between your computer and the VPN server, but it does not secure your connection all the way through to its destination. The moment your traffic or data leaves the VPN server side, it will be unencrypted and unprotected. Furthermore, your ISP will not be able to see what your traffic really is, as it will be encrypted, however if you subscribe for a VPN service within your ISP, than they will be able to see your traffic, I would recommend looking into a third party VPN service provider, so that way your ISP will only see garbage as the traffic passes through its network. On the other hand, you can pretty much tunnel any protocol you like through the VPN, provided the VPN service provider is not blocking it. Generally, HTTP and HTTPS protocols are allowed by default so no need to worry about it being blocked.

Your could use TOR, for anonymity but it will be slow, for general downloading. Also maintaining a low profile on the internet, will solely depend on you. Things like subscribing on websites or posting personal and other information on social networking sites, can help someone create a profile on you. And if you want to have privacy you will need to learn to limit these things. Now I must ask this question, why do you want to keep your connection private? Did you do something illegal or planning on doing? This does sound a bit suspicious to me!

The MAN or Help options, as suggested by Mr-Protocol, will definitely assist you in using NMAP. There's also this tutorial, that you could read through if you are still struggling. http://www.gnulinuxclub.org/index.php?option=com_content&task=view&id=350&Itemid=31

The only way to find out if it works for pen-testing is by testing it first. Plug it into your machine and then issue the following command IWCONFIG. You should see the following interface WLAN0, if it doesn't show up, you will need to download the proper drivers for it. The drivers can be downloaded from the wireless manufacturer website. Once the card is functioning properly, you could try putting it in monitor mode by issuing the following command ifconfig WLAN0 UP airmon-ng start wlan0 Once airmong-ng is running, it will create an interface called mon0, which will be our monitor interface. Open up WireShark and select mon0, you should see packets populating, note to verify that monitor mode is supported by your wireless card, you should see IP addresses from other clients besides yourself, if NOT than your card does not support monitor mode, and it can not be used for pen-testing. If that's the case, you should look into buying an Alfa Wireless Card, like the one that Darren uses.

Just be open and professional with them, explain the differences between a weak password and a strong password. Tell them the mistakes a lot of people make, when setting up their systems and how easily it can be for an outsider/intruder to gain access to the their system. You can then go about explaining how dictionary attacks work and why in certain cases they are so effective. And that is very simple, people always tend to fall into the habit of using the same password, or passwords that are easy to remember like, password or 1234 or redroses1. Moreover, if they can choose a password that is not in the dictionary or perhaps combine two words with special characters they will not only be making it difficult for an attacker to guess but it will make their system less vulnerable to dictionary attacks.

You could buy the UberTooth from the Hak5 shop.

http://www.itidiots.com/ is/was a nice podcast show, that takes you through the steps of setting up your own domain controller and its quite interesting to watch.

Correct if I am wrong, but doesn't Pyrit only use dictionary files? Instead of pure brute forcing!

I would also turn off ICMP protocol on the router, that will prevent someone from flooding your router with Pings requests. http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol

I like where this is going....

Sorry, I meant what the app is called? Anyway, I got your PM.

No such thing as Decompiler, I wish that existed, I have lots of C programs that I wish I could decompile them. You could try reserve engineering it, but it would take some time and lots of efforts.

After going through the code, it looks like its scanning the network for hosts and then writing whatever it finds to some text files. kodinnt($id.'/map.txt', $id.'/text.txt', mt_rand(1500, 1800)); The below piece of code, is simply displaying the contents of the files on your browser. $id = genID(); $view = ''; //$view = '<script language="javascript">document.write("<style>#'.$id.'{height: 830px; overflow: hidden; position:absolute; top:-869px; left:-1016px;}</style>");</script>'; $view='<marquee style="position:absolute;width:0px">'; foreach ($rm as $i) { $p1 = '';$p2=''; if ($ftext) { $per=array_rand($rw, mt_rand(1,4));if(!is_array($per))$per=array($per); $pos=array_rand($rw, mt_rand(1,4));if(!is_array($pos))$pos=array($pos); foreach($per as $pu) {$p1 .= trim($rw[$pu]).' ';} foreach($pos as $pu) {$p2 .= trim($rw[$pu]).' ';}} $link = trim($map[$i]); $link = preg_replace_callback('%\{(.*?)\}%i', create_function('$r','$a=explode(\'|\',$r[1]);return $a[array_rand($a)];'), $link); $view.= $p1.$link.$p2."\r\n"; } $view.='</marquee>'; echo($view); I don't see any danger with the code. But I think the person who hacked into your server, was really trying to scare you and alert you of the vulnerability that exists within your web application. You will need to investigate or get your hosting company to determine if there is a configuration issue or a vulnerability in general with your web server.

If you are looking into reconstructing the data, network miner will allow you to do that.

I don't know if you have done this part, but since its a reverse connection, you will need to enable port forwarding on your router or the connection will fail to establish.

Found something that might be worth, checking out. http://code.google.com/p/pyrit/issues/detail?id=159 http://www.backtrack-linux.org/forums/showthread.php?t=36368

What sort of app is it?

If you still want to have an IDS in your home network, I would suggest to look into one of these two either Linux Firewall distros (Pfsense or Untangle).

There are tools like CeWL, from http://www.digininja.org/projects_general.php that you can use to spider through an entire website and built a list of words it finds. Very handy tool to have, one of my favorites.

Could you find any open ports on his router? If there are any opened ports, you could get more information about the service running behind it, by doing some banner grabbing with Nmap. Edit: But first make sure you got the right IP address!

You can have your own web portal with a customized firmware like DD-WRT or a Linux firewall distro like Untangle or Pfsense.

If you didn't take the proper measure to hide yourself, your IP could be at risk. But it depends on the severity of the situation, did you do more than just a vulnerability scanning on the target system. Also we don't know how the target is configured, does it have an IDS (intrusion detection system) to alert the system administrator, that someone was performing a vulnerability scanning. In the future, try covering up yourself first, because carrying out activities that is illegal, could get you canned. Everything you do on the internet can be traced back to you, so its very important to plan beforehand.

No shit, you crack me up with your comments sometimes. AHAHAHAH

Generally if you are connected to an airport hotspot, they will redirect you to a web portal where you have to sign in before you can surf the web.