Infiltrator

I'd also like to mention a couple forums, that I think you will also learn a lot from www.governmentsecurity.org www.criticalsecurity.net

I think what he means is that Hak5 can still use port 80 for normal browsing of the site/forums, but only use SSL for sensitive information such as when logging into your account, so your password doesn't get sent in clear text.

A guest network only gives access to the internet and nothing else. This is a good security option, if you plan on sharing your internet connection with someone else.

While having programming skills is highly beneficial for a pen-tester, you can still be a pen-tester without having to write your own exploits. But as a pen-tester you must be able to read and understand what an exploit code is doing.

Even thought wireless is not 100% secure, there are steps you can take to make it secure. 1) Use long and complex pass-phrases 2) DO NOT use WEP, use WPA2 Enterprise instead, it uses a radius server for authentication. (once a client has entered the pass-phrase, it will prompt the user for an username/password) 3) Mac address filtering won't stop an attacker from getting access to your system, what you could do in this circumstance is to limit the number of IP addresses from your DHCP server, to the number of devices you have on your network. 4) Keep an eye on what devices are connected to your wireless network. 5) Some wireless access points employs a security feature called (AP isolation) which isolate clients from one another, this help stop arp poisoning or related MITM attacks from taking place in your network. 6) If you want to completely isolate your wired clients from your wireless clients, you could use a Vlan capable switch to achieve that. 7) Change the default router username and password 8) Disable remote administration via wireless and use wired connection instead. 9) If the wireless router has support for HTTPS, make use of it.

As long as the wireless card fits into the slot on the motherboard, and you have the proper drivers installed it should work fine.

Of course, using a standard desktop computer would take you years. But if you could put a cluster of GPUs together, than you won't have to wait for years. On the other hand, we could always wait for the first quantum computer to be available.

I wouldn't say Rainbow tables are dead, but I have to agree with Digininja on this one. Rainbows are pretty much ineffective once you go over a certain password length and the only true way to crack it, would be brute forcing it. Hashcat is certainly a tool that you should check out, including the Cuda multiforcer. If you have an Nvidia Cuda graphics card, give these tools a try.

I don't know if it's laziness or what. But the answer to most questions can be found on Google.

The PDF attack would definitely work, even if the victim is behind a firewall/NAT. Just use Metasploit to embed a reserve_shell in the PDF. Make sure to use either port 80 or 443, as most firewalls don't block these ports by default.

I would do a research on the hardware, find out more about it. As well as to find out if the motherboard support other types of BIOS besides McAfee one. If it does support, then you could flush it off and hopefully be able to boot up the backtrack OS.

Have you tried checking the boot sequence in the BIOS, to make sure removable media are allowed to be booted.

If you really want to learn how to use Backtrack, can I suggest these books. BackTrack 5 Wireless Penetration Testing Beginner's Guide The Basics of Hacking and Penetration Testing Gray Hat Hacking: The Ethical Hackers Handbook

On a unrelated question, that WPAPy cracker your offer for registered members, does it support CUDA at all?

That's what I use Truecrypt, make sure you read the documentation as well. http://www.truecrypt.org/

You should give Ubuntu a try, if you plan on using it for normal or every day usage.

It would be a wise idea, to subscribe for your own line, it would be more convenient for you, and plus you won't have to worry about much configuration.

Just like your normal LAN machines, they are behind NAT as well as on the same subnet 192.168.1.x, and that's how they are able to ping one another. In the case of the VMs, each one of them are also on a subnet 192.168.2.x but NOT on the same subnet as your LAN computers 192.168.1.x. And that's because Virtualbox is using it's built in NAT capability to separate the two subnets. For example, you main OS could have an IP address of 192.168.1.5, since Virtualbox is installed on it, its built in NAT will translate the host's IP address to something like 192.168.2.x or 192.168.40.x

Brak710 has a point in there.

Here is how my set up is, I have my main router distributing the IP addresses to each individual machine on my network. My VMs network interface are set to NAT, and the virtual machines TCP/IP settings set to dynamic instead of static. Also there is no need for another DHCP server, all you have to do is set your VMs network interface to NAT. With this configuration, each VM should now be able to ping each other.

That's a sign that your hard drive is on the verge of dieing. I would recommend backing up all your data and replacing it as soon as you can. If you continue using this hard drive, your data could get corrupted and you may end up loosing all your data.

I was wondering about that too, why would someone use someone's else network for doing their business. I would not want someone else snooping on my business traffic. I'd definitely subscribe for an ADSL line, rather than using/sharing it with someone else. Something doesn't sound too right in this whole story.

From what I understand, you want to create two subnets and be completely isolated from one another. How far apart are the two wireless routers?

I also have Windows 7 as the main OS, for the virtual machines I have two, a Windows XP and a Ubuntu I just did a ping test and I can ping both virtual machines. So I'd say there must be a misconfiguration somewhere with your setup. Tell me something, what happens when you try to ping both vms at a time, what error do you receive?

Found this guide, on how to activate port forwarding on your router. http://www.cctvcamerapros.com/DLink-Port-Forwarding-Setup-s/119.htm