Infiltrator

In the end no matter how cautious you are, or what measures you take to cover up your tracks, The Big Brother will always be watching what you do. Your ISP will be the first point of contact, if someone wants to press charges against you.

You can be anonymous but as Digip pointed out, being completely untraceable, I don't think that's gonna be possible. Sooner or later someone will trace back to you and then its game over.

If you want to remain anonymous on the internet proxy servers is what you need. It hides your main identify, which is your IP address. But you need to be cautious when using proxy servers, they may not always be who they say they are. Since your traffic is going through them, they can potentially see all your traffic. So I'd say your best bet would be to buy a proxy/vpn server or use TOR networks which is free but secure. Also remember that when using hostile networks, like hotspots in Airports try to use SSH or VPN to secure your connection, as there could be malicious users monitoring your traffic. Edit: Another way to remain anonymous on the internet, is not to give away too much information about yourself, try to keep a low profile this will also help you a lot.

What kind of software is it?

Very interesting concept will do some testings on my own and will let you know if I come up with something.

or that case served as an inspiration for Darren to build his own.

Unless someone manages to bypass the encryption scheme somehow, which I think would be quite impossible. Another way to sanitize the SSD would be destroying it with fire.

That's one of the nice things I like about the new Nokia N8, the camera offers superb picture and video quality. However I wish they dropped their OS in favor to a linux os. Its just too sluggish but it still does a good job. However I am not sure if tethering does a good job, I think I am going to buy it and give it a try and see it for myself. Thanks Digip.

Or if you have time to spare, you could download an opensource template and modify it to your likes. But if time is not your friend, then wordpress would make your whole life a lot easier. Since there is not coding required and its all done for you, just a matter of installing some components and selecting the templates and off you go.

Dynamic pages are generally generated on the fly, as opposed to a static webpage the developer must change its contents through its HTML code or some form of web based content management system, whereas on a dynamic all the contents are stored on a backend. PHP does it by connecting to a database and then pulling all that information from the database (mysql) and then displaying it on a page. Now for the layout part, don't use tables use CSS.

Hey Dudes, I am searching to buy a new smartphone but not sure if I should get the new Nokia N8 or an Android. Well, was hoping someone could advise or recommend which smartphone is the best. Thank you in advance.

Study finds the task to be very difficult; overwriting or crypto-erasure seem the best methods for sanitizing SSDs Computerworld - Until a university study emerged last week, few experts suspected that it's more difficult to erase data stored on solid-state drives (SSD) than that on hard disk drives (HDDs). Industry experts were taken aback by the study, but noted that there are SSDs with native encryption capabilities that can prevent data from being seen even after a drive's end of life, and that there are some SSD drive sanitation methods that are more successful than others. "I don't think anyone ever knew about this," said security technologist Bruce Schneier. The study conducted by researchers at the University of California at San Diego (UCSD), showed that sanitizing SSDs of data is at best a difficult task and at worst nearly impossible. While overwriting data several times can ensure data erasure on many SSDs, the researchers found they were still able to recover data on some products. One surefire method for protecting your SSD data is cryptographic erasure, said Kent Smith, senior director of product marketing at SSD controller manufacturers SandForce. Crypto-erasure involves first encrypting an SSD so that only users holding passwords can access its data. When the SSD is at end of life, the user can delete the encryption keys on the drive, eliminating the possibility of unencrypting or accessing the data. "Unless you can break the 128-bit AES encryption algorithm, there's just no way to get to the data. The drive is now still a fully functioning drive and effectively able to begin writing again," Smith said. "That takes a split second." The other security method SandForce-based SSDs afford is erasing all the NAND flash memory. "We go through every single LBA, every single location ... that could have held user data, as well as performing the crypto-erase," Smith said. "That would take longer because you have to erase the flash. That could take a few minutes." SandForce's controllers, used by most major SSD vendors, include native 128-bit AES encryption that allows users to set up passwords. But some SSDs don't come with native hardware-based encryption. Data erasure can also be performed on the drive either through the Security Erase Unit (SEU) command, or the soon-to-be released addition to the serial ATA specification under Sanitize Device Set. Secure Erase is imbedded SATA storage devices, and allows users to delete data from all areas in which it might be stored on a hard drive or a NAND flash product. When a user chooses the SEU command, all LBAs are erased in the Device Configuration Identity, which is everywhere an SSD can store user data. Additionally, the encryption key is zeroed or destroyed, leaving any existing data scrambled, and all mapping data is erased so the drive cannot even locate the prior scrambled data. The controller automatically creates a new encryption key for any new incoming data. "The effectiveness of cryptographic sanitization relies on the security of the encryption system used (e.g. AES), as well as the designer's ability to eliminate "side channel" attacks that might allow an adversary to extract the key or otherwise bypass the encryption," the UCSD researchers wrote in their paper. AES or Advanced Encryption Standard, is the successor to the older DES (Data Encryption Standard). The standard is used by the U.S. government for using the 128-bit and 256-bit strengths to encrypt secret and top-secret-level documents, respectively. But it's not enough to offer only AES encryption; much depends on how the encryption is deployed. That's important in part because users don't always want to use passwords as long as needed for effective key generation. If a user chooses a password with fewer characters than would make a 128-bit or 256-bit key (one character = 8 bits, so we're talking about passwords of 16 or 32 characters, respectively), the remaining characters often automatically become zeros. In such cases, said Charles Kolodgy, research director for secure content and threat management products at IDC, the password can more easily be guessed. Kolodgy recommends users create a passphrase rather than a password. "The first step is to take care of 90% of the users out there," Kolodgy says. After that, the best solution is to have a random password character generator on the drive. Even if your drive comes with native encryption capabilities, Schneier believes there is no way to tell whether a vendor's security is foolproof "apart from a $50,000 or $100,000 engineering effort" as he states in an essay on password security. Schneier is a proponent of purchasing as inexpensive a drive as possible and then encrypting the data by using freeware, such as TruCrypt or a relatively low-cost product such as PGPDisk. The UCSD researchers agreed that crypto-erasure is a good method of ensuring that an SSD can be sanitized at its end of life or when slated for re-use. The researchers tested 12 SSDs and found that none of the available software techniques for erasing individual files is effective. Erasing entire SSDs with native sanitize commands was most effective, but only when performed correctly, and that software techniques work most, but not all, of the time. The researchers did not identify the products used in the test. UCSD's Non-volatile Systems Laboratory designed a procedure to bypass the flash translation layer (FTL) on SSDs and directly access the raw NAND flash chips to audit the success of any given sanitization technique. An SSD's FTL performs the mapping of data between the logical block addresses (LBAs) via the ATA or SCSI interface and NAND flash memory's physical pages. In a paper titled " Reliably Erasing Data from Flash-Based Solid State Drives", the university researchers wrote that "all single-file overwrite sanitization protocols failed: between 4% and 75% of the files' contents remained on the SATA SSDs." USB flash drives didn't fare much better. Between 0.57% and 84.9% of the data remained on the drive after an overwrite was attempted. The researchers even attempted overwriting free space on the drives and defragmenting the drive to redistribute data, encouraging the FTL to reuse more physical storage locations, but it proved to be ineffective. Of 12 SSDs they tested using the drives' native "Erase Unit" command, only four were actually erased. One SSD had reported itself to be sanitized, yet the data was recoverable by the researchers. In a separate overwriting test, which took up to 58 hours some of the SSDs, researchers found one out of eight remaining disks came back as sanitized. After two overwrites, all but one came back as erased. One drive still had 1% of its data even after 20 overwrites. Sanitizing a hard disk drive is a simpler task, the researchers found. At the consumer level, hard disks can be reformatted and overwritten. For commercial users, a degausser, which uses a strong magnetic field to demagnetize the disk platters, can effectively erase all data. But SSDs don't function in the same way as HDDs. On a hard drive, the write and erase sectors are the same, meaning when a host overwrites data, it goes to the same block as the original data had been written to. Flash memory is made up of pages and blocks. Data is written in 8KB pages, and erase operations occur in 2MB blocks, also known as "chunks." Therefore, when an erasure occurs, an entire 2MB block must be marked for deletion. So, when data is written to NAND flash memory it's a two-step process known as a read-modify-erase-write cycle. First, existing data must be erased and then the old data combined with the new can be written to a different page on the memory. The old data, however, isn't actually erased at the time of a new write; it's only marked for deletion. Manufacturers use 'garbage collection' algorithms to go back at a later time, typically when a drive is idle, and erase data marked for deletion. All NAND flash devices work this way. In the meantime, duplicate data exists on the NAND flash memory. "And some drives don't erase all that data," said Gregory Wong, an analyst with market research firm Forward Insights. For example, on most of today's SSDs wear-leveling algorithms are used to more evenly distribute data across the drive so as to not wear out any one area of the NAND flash. The problem is, wear leveling can also defeat data erasure because it relocates blocks between the time when they are first written and then overwritten. The National Institute of Standards and Technology (NIST) is currently being pushed by the SSD industry to redefine some of the military erase overwrite protocols to recognize encrypting drives that can be cryptographically erased without the need to overwrite the flash. "But that's not happening tomorrow. Government agencies take a long time to embrace standards," Smith said. Source: http://www.computerworld.com/s/article/9211519/Can_data_stored_on_an_SSD_be_secured_?taxonomyId=19&pageNumber=1

So how well does PWN Plug performs?

I am not sure myself to be honest, but if there isn't a library I guess you could write one.

No problems, thanks for that.

Does the RAT tool generate the Trojan for you, or you have to download it separately?

So how do you think ClearOS would compare to Untangle?

What's the name of that program you are using to measure your speed strength?

Had a quick on the ClearOS website and have to say I am very impressed with it. It has a lot more features than Smoothwall. Now for the malware defense part, what AV does it use? And have you tried setting a dual wan connection and does it work well?

Yeah I read those Magazines they quite good if you are into security and all that. I normally download them straight from the website.

Have you tried compiling pyrit to run on a distributed system at all?

You can try cracking hashes in a VM, but I doubt the virtual machine will have the performance required to crack the hashes. I would recommend having a separate box running an OS like Windows or Linux and with at least x2 or x3 Nvidia graphics card.

I am not sure what color you chose, but according to this Smoothwall manual http://downloads.sourceforge.net/smoothwall/smoothwall-express-3.0-install-guide.pdf You can install a third card and have it set up as a DMZ. That would've been the "Green + Orange (Red is modem/ISDN)".