Infiltrator

Sounds like your hard drive had it! It happened with my brother's laptop, he was getting blue screen, and some other errors related to bad sectors in the hard drive. He took the computer to a repair shop, to get it replaced. There is one more thing you could do before replacing your hard drive. Download this utility and leave it running, it will attempt to repair any bad sector it finds, http://www.cgsecurity.org/wiki/TestDisk. If it doesn't fix the problem, than its time to get a new HDD. Good luck bro...

Do you know of any web site or article that mentions about the patch?

OK, if you watch the past seasons of Hak5, I think it would be seasons 5 or 6. Darren talked about of ways of how to bypass web filters, by building your own proxy server or SSH server. I would recommend you watching those videos. They will save you a lot of trouble.

I've been reading some articles about Tor Network in general and I've been wondering how insecure/vulnerable to attacks Tor Network really is?

French researchers from ESIEA, a French engineering school, have found and exploited some serious vulnerabilities in the TOR network. They performed an inventory of the network, finding 6,000 machines, many of whose IPs are accessible publicly and directly with the system’s source code. They demonstrated that it is possible to take control of the network and read all the messages that circulate. But there are also hidden nodes, the Tor Bridges, which are provided by the system that in some cases. Researchers have developed a script that, once again, to identify them. They found 181. "We now have a complete picture of the topography of Tor," said Eric Filiol. The specific attack involves creating a virus and using it to infect such vulnerable systems in a laboratory environment, and thus decrypting traffic passing through them again via an unknown, unmentioned mechanism. Finally, traffic is redirected towards infected nodes by essentially performing a denial of service on clean systems. Researchers showed that one third of the nodes are vulnerable, "sufficient in all cases so that we can easily infect and obtain system privileges," says the director. Researchers clone then a part of the network in order not to touch the real network, and they make a virus with which they will be able to take control of the machine."This allows us to set the encryption keys and readers initialization of cryptographic algorithms and thus cancel two layers of encryption on all three," says Eric Filiol. The remaining flow can then be decrypted via a fully method of attack called "to clear unknown" based on statistical analysis. To guide communication to nodes infected, researchers make unavailable all other nodes. To do this, they apply a double attack: localized congestion, which involves sending a large number of requests Tor on uninfected machines, and spinning the packet, which will enclose Tor servers in a loop circuit to fill them. The Tor protocol will then, naturally, to route calls to infected machines, and that's it. However, if it is real, details are to be presented at Hackers to Hackers in São Paulo on October 29/30-2011. TOR is no more than an additional layer of obfuscation and should not be relied upon for anonymity or security. Like any darknet, it is a complement to application-layer encryption and authentication, no more. Web reference: http://thehackernews.com/2011/10/tor-anonymizing-network-compromised-by.html

How about cracking WPA keys or passwords, should we also avoid mentioning them, because it has been mentioned several times in the past.

If you haven't checked already, you should try Cain and Abel, its a great Windows utility for performing ARP and DNS poisoning.

I do agree with what you are saying, and I don't see anything wrong with the OPs set up either, it was just my option in terms of performance gains.

Preferably I would install backtrack on a laptop, for stability and better driver compatibility. Windows is not the best OS when it comes for doing this sort of stuff. Edit: if you are only interested in sniffing passwords, a combination of Etheral or Arp poisoning with Wireshark. Now I really hope you are not doing this on someone else network, or you will be in deep shit.

If you have money, put together several rigs with 3 or 4 Nvidia graphics cards in each and use ElcomSoft distributed software to crack the WPA. Since you don't know how complex the WPA key is, brute forcing is the only option you have.

I have to agree with this guy, certain certs won't mean much, but The security-offensive certs are definitely the one. You should get OSCP and OSWP certified. More information about the certs can be obtained from this link, http://www.offensive-security.com/information-security-certifications/

Cryptography is with no doubt part of security, but when pen-testing a network you will need a lot more than just cryptography experience. If you want to get into a pen-test job, you need experience. These are great places to start learning from, securitytube.net, irongeek.com and hak5.org

The 4 way handshake is very important, you must be able to capture it. Now since your dictionary file, is not too effective. You could use Pyrit to generate tables. "Pyrit takes a step ahead in attacking WPA-PSK and WPA2-PSK, the protocols that protect today's public WIFI-airspace. Pyrit's implementation allows to create massive databases, pre-computing part of the WPA/WPA2-PSK authentication phase in a space-time-tradeoff. The performance gain for real-world-attacks is in the range of three orders of magnitude which urges for re-consideration of the protocol's security. Exploiting the computational power of Many-Core- and other platforms through ATI-Stream, Nvidia CUDA, OpenCL and VIA Padlock, it is currently by far the most powerful attack against one of the world's most used security-protocols." http://code.google.com/p/pyrit/

That's what I used, what version of Windows are you using?

Hi, Just wanted to say, that I have fixed my problem, I used Process Explorer to locate the process that was locking the file.

A quick question to all my nerdy friends, what software do you use for unlocking file handlers in Windows 7? I am trying to rename a file in Windows 7, but bloody Windows is telling the file is locked by another program or user. I've tried using Unlocker, but it doesn't seem to work well in Windows 7, the application just crashes. I've tried using the Windows compatibility but to no avail. Thank you all in advance.

I use OpenVPN at home. But its only limited to 3 users.

Firing its not something an employer should do, if they want their staffs to understand and know how to handle such situation, the employer should train and expose them to real world cases, that's the only way they can succeed. Firing them off, would be considered a discrimination.

Too me it sounds like you don't have permission to create directories over a SSH connection. You will need to go over the permissions on your SSH server and make sure the account you are using has create directory permissions. "Error, access denied" generally means you don't have the proper permissions/access to do a certain task.

I have to agree on that one as well, I have been using Vmware products for quite sometime now, I even tried using Proxmox but it didn't excite me at all. No disrespect, but it doesn't have what I want. Its good if you are new into the whole virtualization world, and need to start from somewhere. Going back to your query, if you need advanced configurations such as load balancing or clustering, I would recommend ESXI. You will also need check if you hardware is compatible. http://www.vmware.com/resources/compatibility/search.php

I am not trying to refer you to any web site, but have you read the installation documentation in the I2P website? Its very easy to follow, now on a side note what OS are you running (Windows or Linux)?

Hey Josh12, found this thread that will guide you thorough the process of cracking WPA with rainbow tables. http://forum.aircrack-ng.org/index.php?topic=4383.msg27195#msg27195 Take a crack at it, and let us know how you go.

Do the same process again, only this time use the 33g dictionary. You need to tell WPA cracker where the 33g dictionary file is located.

Just wondering are you able to log into your Hotmail account as normal, when you are not using Hydra to brute force it?

Another thing you could do is, find someone who's already got their VPN client set up and working and then looking at what settings he/she has got, and then trying matching them on your computer. Having said that, you will also need to find out, if their computer has any security certificate installed, to determine that you will need to do the following: 1) Run, type -> MMC 2) File, Add/Remove Snap-INS 3) From the Add/Remove Snap-INS window, select certificates and click on the Add button. 4) In the Certificates Snap-IN window, select My user account and click finish 5) Select Certificates from the left column and click on the Add button again, and this time select Computer Account, click next, finish and OK. 6) Expand both the Certificates - Current users and Certificates - Local Computer. 7) And check inside the personal folders, for any certificates. Let me know, how you go!