Infiltrator

I've never been to any of those events yet, so I'm wondering what are the requirements. Do I just show up, or do I have to register beforehand? I mean, I just want to go to meet people and have a look around.

Yes, I do know its not an answer but I was just throwing some general ideas.

If you don't have the experience and want to get it done as quickly as possible, than Photoshop and Dreamweaver are what you need. That's what I did in the past, now if you have the time and is willing to learn how to code webpages, than just use notepad as simple as that.

You will need real equipment and software to be able to trace someone in real time. Generally speaking, if you know the persons IP address that is tracing you in real time, you could use GEOIP database to locate his geographical location. But that could be a problem, if he is using a proxy server. If the person is not using a proxy, than you could use triangulation software to determine his actual location. That's what Google Latitude uses to determine one's physical location.

1) If you have physical access to the laptop, use Ophcrack to grab the hash and then crack it. (hint: Nvidia Cuda) 2) It's illegal to hack/crack the password of someone else without their consent. 3) If you have been watching all the Hak5 videos, you will find lots of clues on how to extract the password from someone's computer, that is connected to any network (eg: wired or wireless) 4) I don't mean to be rude, but if you do a search in Google, you will find what you are after (hint: Youtube videos)

I have found this thread at the Backtrack forums. You might want to give this a shot, see if you have much luck. http://www.backtrack-linux.org/forums/beginners-forum/32657-possible-bypass-client-isolation-wifitap.html

Read up to understand more: http://en.wikipedia.org/wiki/Cloud_computing Read up to understand more: http://en.wikipedia.org/wiki/Computer_cluster

1) Can the users on the 5th floor, access any other website besides Facebook? 2) Is that the only problem they are experiencing at the moment, or is there any other problems besides accessing FB? Like, can they access any local resources on the network? (eg, network drives) 3) What is the error, they receive when trying to access Facebook?

Very nice application, perhaps you could write it on a different language, like python or C and make it open source.

Good work, its good to learn how to do things yourself. Its a very rewarding experience.

W3C should get you started too. How to web program using HTML http://www.w3schools.com/html/ How to style a webpage using CSS http://www.w3schools.com/html/html_css.asp

Your current specs are bit low for supporting that many numbers of VMs. I would suggest buying a couple more of those servers and running them in a load balancing environment. I'd also top off the RAM capacity on those servers, and install 10Gigabit Ethernet adapters in each server for best throughput performance. Furthermore, you will need very fast hard drives, to give a best possible I/O throughput. I would recommend DAS (Direct Attach Storage) over NAS (Network Attached storage) or if you have the cash invest into SSDs, they sure will deliver the performance with no doubt.

Umm, very interesting find! If you wanted you could've done some real damage.

1) Can I suggest you to download the latest version of Backtrack if you haven't done so. 2) This error "Exploit completed, but no session was created." usually means, the target you are trying exploit is not exploitable, or not vulnerable to the exploit you are using. 3) Make sure your target machine does not have any patches installed, to determine, go to Control Panel, "Add or Remove programs" and uninstall any MS KB update you see. 4) Don't always revert to the same exploit, try different exploits until you find one that works well. 5) Make sure there are not firewall or any security essentials installed. 6) If you are still having issues exploiting your target, download this vulnerable VM. http://metasploit.com/help/test-lab.jsp http://www.offensive-security.com/metasploit-unleashed/Metasploitable

This example might give you some ideas, of how to set up variables in bash https://community.elearnsecurity.com/index.php?/topic/563-bash-script-to-set-random-mac-and-hostname/

This how-to will walk you through the steps of setting up a cluster using Ubuntu OS, make sure you read them and understand them fully. https://help.ubuntu.com/community/MpichCluster http://www.mcs.anl.gov/research/projects/mpich2/

DNS servers have always been vulnerable and very difficult to protect against spoofing attacks, but now there is a solution for it, DNSSEC. On the other hand, DynDNS has released an utility that, protects its end users against MITM attacks performed on DNS, by encrypting all DNS queries. Also its not hard to protect against MITM attacks, with the proper hardware and software any network administrator can harden the security of the network. But lack of budget and training can sometimes impede these changes from happening.

If you can only see yourself and the access point, I'd say the AP must have some kind of isolation protocol activated. If you have an Alfa wireless card, try using Airmong-ng to determine if there is any client authenticated to the AP.

Squid uses I/O to serve the cached pages, the faster the I/O the less time it takes for a page to load on your end. You will need to invest into a faster HDD or better yet an SSD for optimum performance. I would also suggest running Squid by itself with no other services running, the more services, the more hit in performance your VM will take. Also make sure you have allocated enough RAM, ideally between 2 to 3 GB of RAM. I would also suggest, If you have more than one NIC available on your computer/server, to assign one of them to the VM. Dedicating one of the NICs will improve speed and delivery of the content.

I might do it, but I've already started downloading the full seasons, so might as well just watch it.

1) The best computer security approach would be, maintaining everything up to date. (software, OS, antivirus) 2) Don't surf unsafe websites, and don't open attachments coming from unknown/untrusted sources. 3) Let be honest, Windows 7 is by far one of the best OS Microsoft has ever designed to date. Windows 7 is NOT the perfect OS but it's much more secure than its predecessors and if you are still using XP, do yourself a favor ditch it, and install Windows 7. 4) DO NOT log in as administrator, log in using a non-privileged account or an account with limited access to system resources. 5) Install and maintain your antivirus up to date. 6) I would limit the installation of any third party software, to reduce the chances of exploits or virus infections. Instead use a VM and create a snapshot of it and always revert back when finished using it. 7) Maintain a good password policy, change it once a month if you can and use a password manager such as KeePass to keep it secure and locked away. 8) Use complex and log passwords and DO NOT disclose them to anyone, as well as DO NOT use the same password for every account or website you use. 9) When logging into Banking websites, use Avast SafeZone, to isolate your web browser from the system itself. Very handy, if your system is infected with a Keylogger or Trojan keylogger 10) Install a network IPS and IDS 11) Do not respond to emails, that asks for personal information updating. Get rid of it and block the sender. 12) Install Device lock, to prevent casual users from stealing your information, when away from your computer. 13) Encrypt your entire hard drive with TrueCrypt, and make use of Hidden containers.

I saw it on the http://www.imdb.com, and since I haven't watched it, I thought to myself it would be a cool TV series to watch. Yeah, I just wanted to know, if anyone else has ever seen it and what they think of it. Thanks dude.

I know the show is old, but since I haven't watched it, I am wondering if anyone in here has seen it? And what they think about it? Thank you. Edit: Sorry the tile says, "The IT Crow", but I meant "The IT Crowd"!

Virus/worm are designed with the sole intent to spread and cause wreak havoc. That's because they employ methods/techniques to help themselves spread across systems, one of them is the use of exploits to gain root access to a system and spread from there. As long as you use the subnet assigned to your VMs and make use of the Rhost option in Metasploit there won't be any real danger in accidentally exploiting your "clean" machines.

NO, it won't spread like a worm, that's not what exploits are designed to do, when exploiting a target, always remember to set the RHOST option to the victims IP address.