Infiltrator

Things like that can happen quite often, so I don't think it's going to be a one off thing. And besides I read an article before, where an user discovered a Trojan horse installed on his new Dell laptop. And frankly soon or later there will be another or similar case.

Now whose to believe in? What is Samsung trying to do, anyway? Will never by a laptop from them.

Samsung installs keylogger on its laptops User discovers that Samsung is pre-loading keyloggers on its laptop computers. By Jeff Caruso on Wed, 03/30/11 - 12:05pm. [uPDATE: Samsung has launched an investigation into the matter and is working with Mich Kabay and Mohamed Hassan in the investigation. Samsung engineers are collaborating with the computer security expert, Mohamed Hassan, MSIA, CISSP, CISA, with faculty at the Norwich University Center for Advanced Computing and Digital Forensics, and with the antivirus vendor whose product identified a possible keylogger (or which may have issued a false positive). The company and the University will post news as fast as possible on Network World. A Samsung executive is personally delivering a randomly selected laptop purchased at a retail store to the Norwich scientists. Prof. Kabay praises Samsung for its immediate, positive and collaborative response to this situation.] A user discovered a keylogger pre-installed on two brand-new Samsung laptops that the company admitted was there to "monitor the performance of the machine and to find out how it is being used." Mohamed Hassan wrote in Mich Kabay’s Security Strategies newsletter that as soon as he received his Samsung R525 laptop, he ran a full system scan and found a commercial keylogger called StarLogger. StarLogger claims it records every keystroke made on the computer, even on password-protected boxes, starting up whenever the computer starts up. The software emails results at intervals to a specified email address and will even include screen captures. Hassan ended up buying a second Samsung laptop, a model R540, and found the same keylogger installed on that one. "The fact that on both models the same files were found in the same location supported the suspicion that the hardware manufacturer, Samsung, must know about this software on its brand-new laptops," he writes. Hassan reports that at first Samsung Support personnel denied that they installed the software and directed him to Microsoft, but then eventually admitted that Samsung was responsible. As Hassan notes, the incident is reminiscent of the Sony BMG rootkit fiasco of 2005. At the time, Sony BMG used a rootkit to monitor computer user behavior and limit how music CDs were used on the computer. Kabay says that Samsung has not responded to further requests for comment. Source: http://www.networkworld.com/community/blog/samsung-installs-keylogger-its-laptops

Has the FBI ever been able to crack a code/encryption before? And another thing, I find his writing a bit hard to decode.

I would only install windows server 2008, if you really require a server, there is no need in installing a Windows Server on a normal PC, if its just for normal every day use. If you want to play BF2 GTA, I would recommend installing Windows 7, servers are not designed for playing games. For a firewall I would use Untangle and for an Antivirus I would recommend the Avast Server Edition, but its only valid for a 3 months period, you will have to purchase a license in order to continue using it.

How so?

Can't wait for the National Broadband network construction here in Australia to be concluded. Back to the 4G Myth, does it offer any coverage increase at all, or is it only the speed that improves.

I don't think the target machine will, only Backtrack will return an error. For the victim the attack will appear transparent, unless they are running some tools that can detect the attack.

@Digip, I have to agree with you on that one, our government worry more about ripping money from its tax payers than actually investing into their own network security. Furthermore, I think they are very far behind the whole technology thing. I used to work for a Government agency and frankly speaking its not even worth mentioning, how intolerant about computer systems they are.

http://www.ehow.com/facts_5786370_can-cold-weather-damage-laptop_.html Fact The optimal temperature range for using laptops is between 50 and 95 degrees Fahrenheit. Temperatures lower than 50 degrees may prove harmful. Screen The laptop's LCD screen contains liquid. If this liquid freezes, the screen can crack or shatter. Battery Extremely cold temperatures may compromise the laptop's battery. A frozen battery will lose life faster and struggle to sustain a full charge. Condensation Taking a frozen or chilled laptop into a warm indoor environment may cause condensation to form. This moisture poses a serious danger to the internal processors and components. To avoid condensation, always allow a cold laptop to sit at room temperature for 20 to 30 minutes before powering it on. Warming A cold or frozen laptop must be gradually warmed. Allow it to adjust to room temperature and warm up naturally over time. Never use hair dryers or other forms of artificial heating, as they can damage components or cause potential cracking due to rapid expansion.

Very true, he could even be a bot. But his post looks very authentic. So lets wait and see.

Head over to your Windows Box, and bring up the command prompt and type netstat -na That should display a list of processes or services that are using port 4444. If that's the case, you will need to use a different port other than 4444 That should work.

There are tools that you can use for cracking WEP/WPA keys on Windows, its just a matter of looking around. But Backtrack will be the best choice for wireless pen-testing. Now there is no need to log onto a Windows Machine, in order to RDP into a Linux machine. Make matters simple for you, by loading backtrack on a laptop with a wireless adapter and from there do the password auditing.

What you could is re-watch the episode where he discloses how the Hak5 Challenge was made. Or contact him on his email address?

Couple of things you could do. 1) At the console, type ifconfig, this command should display a list of all available interfaces you have. 2) You can use this same command, to turn on/off an interface for example: ifconfig etho up, brings the interface up. ifconfig eth0 down, takes the internet down. By the what interface are you using, wired/wireless?

That is a very interesting fact, I've never heard of anything like that before. Perhaps a design flaw

This article makes me wonder, how can a so advanced agency that Nasa is, not care about their own computer network security.

Six NASA servers exposed to the Internet had critical vulnerabilities that could have endangered Space Shuttle, International Space Station and Hubble Telescope missions -- flaws that would have been found by a security oversight program the agency agreed to last year but hasn't yet implemented, according to a report by the agency's inspector general. NASA's CIO Linda Cureton says she has patched the vulnerabilities, but IG Paul Martin found that NASA still has no ongoing program for spotting and correcting similar problems as they arise and is giving itself until the end of September just to come up with a plan, according to the report titled "Inadequate Security Practices Expose Key NASA Network to Cyber Attack." The deadline for the plan is Sept. 30. MORE ON SPACE: Gigantic changes keep space technology hot The six vulnerable servers were associated with IT projects that control spacecraft or contain critical NASA information, the report says. The audit also found other servers that exposed encryption keys, encrypted passwords and user-account information, all of which could enable attackers to gain unauthorized network access. The report didn't assess the agencywide network that isn't directly used for missions. "These deficiencies occurred because NASA had not fully assessed and mitigated risks to the network and had not assigned responsibility for IT security oversight to ensure the network was adequately protected," the report says. "A security breach of a moderate- or high-impact system or project on this key network could severely disrupt NASA operations or result in the loss of sensitive data." One server was found vulnerable to FTP bounce attacks, which if exploited, "could have significantly disrupted NASA's space flight operations and stolen sensitive data," the report says. Other servers weren't securely configured, exposing the encryption keys, encrypted passwords and user account lists to attackers. The IG says NASA didn't know about these problems but could have if it performed broad risk assessment, part of the agreed-to security program. "As a result, NASA's Agency-wide mission network was vulnerable to a variety of cyber attacks with the potential for devastating adverse effects on the mission operations the network supports," the report says. In addition to the oversight program on Internet-connected servers, NASA's CIO promises she will start a pilot program by Aug. 21 for spotting risks on the rest of NASA's networks that don't have Internet connectivity. The IG performed port scans using Nmap and manually verified open ports. It also performed NESSUS vulnerability scans. Source: http://www.networkworld.com/news/2011/032911-nasa-network-open.html?hpg1=bn

I don't see Mac computers receiving the same popularity as PCs does. Perhaps someday the Mac popularity will outgrow and then we will start to see more attacks targeting Apple computers. For now PCs are very dominant. So I think it will take time for Apple to win the PC market.

Do you know if anyone else in other forums have reported similar issues. I would probably take it back to the shop where you bought it, if it keeps occurring too often.

I know there have been quite a few users trying to setup IPv6 on their system and could not find a proper firewall distribution that was able to support IPv6 natively. However I don't know how many of you know of this product, but would like to share with it with the community anyway. http://www.vyatta.com/downloads/index.php Enjoy.....

That is weird, how long have you had it for? Is it still under warranty?

Does your netbook have a VGA port that you could use to connect an external monitor. You need to observe if it goes blank as well, if does it could be graphics card that is failing, if it doesn't than the screen itself is failing and needs replacement.

That's one of the things I like about promox, you can run in on almost all hardware with no compatibility issues. Now all you need is to find out if your CPU has support for virtualization. As 3tek suggested it should not be a problem as long as it is an Athlon x2. I would also recommend increasing your RAM to 8 or 10 gigs, if you plan on running several VMs.

1) To set up the virtual machines for the Hak5 Challenge, Darren used Proxmox a virtualization platform, that you can download from www.proxmox.com. Once the VMs were set up, he used if I am correct, UltraVNC to remotely view each individual VMs session and have a clear picture of what the contestants were doing. 2) To generate the traffic on port 1337, I am not sure what tool he used, but he did use Networkminer to capture the traffic and reassemble the data back to its original state. This is what i can remember so far, may be someone else can indicate a few more pointers too.