Infiltrator

Sony has been very unlucky the last couple of weeks, with their Playstation network getting hacked. http://www.thehackernews.com/2011/05/sony-erricson-got-hacked-by-idahca.html So what do you guys think of this whole mess Sony is into?

Do you receive any error, when trying to login? Edit: I am just trying to determine what error you are receiving? Cause if your account is really locked out, you could use some live Linux distribution CDs to boot your computer off it and unlock the account.

The only mail account that I have opened at the moment is with Gmail and my ISP. Even thought I don't entirely trust them. I run a my own mail server at home, so that way I am the only person who can manage and read my emails and no one else. From this perspective I know its a lot safe, cause I know there won't be someone on the other end trying to snoop into my emails.

Is the computer you are trying to get in, locked by another user already logged on, or you don't know what the password is and want to get it?

Or create a dyndns account and set up a mail server at home, its free and that is if dyndns is allowed.

Not sure where he bought the skin for laptop from, but you could hit him at feedback@hak5.org or Darren@hak5.org.

I use NotepadCrypt to encrypt text messages, then Truecrypt to encrypt text file and lastly OpenPGP to create a digital signature of the file. So that way if the file structure or integrity has been tempered, I would know. Yeah i know, you can call me paranoid....

I would warn you not to engage in any illegal activities especially DDOSing websites. Seriously if you get caught you will pay serious time. If you want to learn how DDOS works, do a search in Google you will find plenty of information, even articles walking through the process. Did a simple Google search and found these articles. Read through them to understand it better. http://en.wikipedia.org/wiki/Denial-of-service_attack http://www.us-cert.gov/cas/tips/ST04-015.html

Why don't you buy a USB wireless adapter and connect to your desktop computer? It will make things a lot easier for you. If I may recommend you, you should buy one of the Alfa Network cards. They are specifically designed for wireless pen-testing. http://cgi.ebay.com/ALFA-NETWORK-AWUS036H-1W-1000mW-Wireless-G-USB-Adapter-/300518809226?pt=LH_DefaultDomain_0&hash=item45f8511e8a#ht_1993wt_905

These issues shouldn't stop you from using their service altogether, if you are going to upload personal information make use of encryption and use AES 256 bits. That should stop them from preying on your information.

Your other option would be to build a desktop computer, if you haven't got a standard desktop computer with a spare PCI-express slot.

I agree, and I wasn't just talking about SCADA systems, I was also referring to a lot more than just that. Basically if a worm could be designed to take down a power plant system, then everything else that relies on that power plan to operate will stop functioning, "Power, Transport, Finance etc".

In order for the USA to call in for military support, there would have to be a large scale cyber-attack like in the Die Hard 4 movie. Or something that could put the national security at immediate thread. Besides Stuxnet was only designed to attack SCADA systems in Iran, but if the worm had been designed in such a way that it could attack other systems in a large scale, like taking baking systems offline or causing other vital network systems to crush then that would been a whole different story. I know that hasn't happened but Die Hard 4 to me was more like a wake up call to alert authorities, that cyber-attacks have evolved in a whole new sophisticated way and it needs to be addressed or else we will crash and burn.

I've never seen PCI-X based graphics card before, generally all graphics card out in the market to date are PCI-express based, unless some company are in the process of producing one or have marketed under a name that I am not familiar with.

Did a big of Googling and found these links that should give you an idea on how to write x64 bits apps using C++. http://www.google.com.au/#hl=en&biw=1920&bih=989&q=Writing+x64bit+apps+in+C%2B%2B&aq=f&aqi=&aql=f&oq=&bav=on.2,or.r_gc.r_pw.&fp=458a10716cc090e6

By Emil Protalinski, TechSpot.com Published: May 19, 2011, 10:00 AM EST The US this week revealed its "International Strategy for Cyberspace" with the subtitle of "Prosperity, Security, and Openness in a Networked World" (via Ars Technica). The 30-page PDF document praises cyberspace and generally says nothing too exciting. It does, however, mention how the US government could respond to cyber-attacks, especially if someone were to pull off a serious cyberspace hack against the US, its allies, its partners, or in a way to threaten its interests. In fact, the document says that military force is now an option. It's thus possible that the US will one day start a war in response to corporate or governmental computer systems being breached. If that sounds scary to you, that's because it is, especially if a hack isn't attributed to the correct party. Here's a relevant excerpt: When warranted, the United States will respond to hostile acts in cyberspace as we would to any other threat to our country. All states possess an inherent right to self-defense, and we recognize that certain hostile acts conducted through cyberspace could compel actions under the commitments we have with our military treaty partners. hat being said, this is a last resort, and other policies will be attempted before such an attack is even considered. These alternative means include diplomatic, informational, and economic. The US makes three more related declarations: it will exhaust all options before military force whenever it can, it will carefully weigh the costs and risks of action against the costs of inaction, and it will act in a way that reflects its values and strengthens the country's legitimacy, seeking broad international support whenever possible. It's also worth noting that the US is focusing on dissuading hackers from their motives. In other words, the cyberspace security strategy is more based on defense rather than offense. That's great to hear, because in this case we don't think the best defense is a good offense. Source: http://www.techspot.com/news/43863-us-if-you-hack-us-we-may-use-military-action.html

I use the Windows backup built-in utility in my server to make a backup of all my data. If you need a less expensive or cheap option, you could set up your own back up system, on the remote end and use openVPN or SSH to encrypt the traffic. The only limiting factor will be the upload speed of your connection, you will need to look into symmetric ADSL, where the upload/download speeds are the same. If you don't like the Windows backup utility you could use, http://amanda.zmanda.com/ will do any type of backup options you want.

@Entity, Found something that might assist you with your problem. http://www.builderau.com.au/program/java/soa/Ask-the-Java-expert-Create-a-Java-exe-file/0,339024620,320283101,00.htm http://forums.whirlpool.net.au/archive/1027479

This is not fool proof, but try changing the default port of your SSH server to a higher number and use a strong password. I know this is not an effective approach to mitigate bots attacks but try blocking the ip address if you can.

As Digip stated, you need to make it an msi package to script the install. Once that's done use group police to push out the package at next log on. These articles should assist you, in the deployment http://support.microsoft.com/kb/816102 http://www.advancedinstaller.com/user-guide/tutorial-gpo.html http://support.microsoft.com/kb/887405 http://www.ehow.com/how_5783978_install-file-through-group-policy.html

You might want to navigate to this directory and determine if the module actually exists in there, if it doesn't then it could explain why its failing to load. auxiliary/digininja/dns_mitm/dns_mitm

Probably not... Shouldn't this thread be locked since its too old.

I would suggest updating your metasploit framework and try reading this documentation http://www.digininja.org/metasploit/dns_dhcp.php

And the funny thing is when something goes wrong they go blaming the company or the person in charge, they never think twice about the consequences. Just like you said, they don't care and never will.

I wouldn't be surprised if they can download end users information from their servers. But again its something that the end users should be aware and cautious about when uploading their information to a server they don't know about. Furthermore its something that ends users should learn more about and become more aware and cautions of the dangers of storage clouds.