Search the Community
Showing results for tags 'logs'.
-
Hello! I have a wifi pineapple mark V that fights with me, it don't want to work.. It disconnects sometimes. I use the pineapple with an 3g modem and i have the logs if somebody want to check it out for me, THANKS! Logs: Syslog Output:Sep 24 21:50:38 Pineapple daemon.info hostapd: wlan0: STA 00:22:fa:55:7d:72 WPA: group key handshake completed (RSN) Sep 24 21:50:26 Pineapple daemon.info dnsmasq[2093]: using local addresses only for domain lan Sep 24 21:50:26 Pineapple daemon.info dnsmasq[2093]: using nameserver 8.8.8.8#53 Sep 24 21:50:26 Pineapple daemon.info dnsmasq[2093]: using nameserve
-
- disconnected
- logs
-
(and 2 more)
Tagged with:
-
I just flashed the new firmware and downloaded sslsplit on my pineapple. I started it and then went for a bus ride, and a walk around the city. When I got home I opened up the log file and I can see a lot of information like this- 2014-08-15 11:38:00 UTC ssl [172.16.42.228]:46824 [198.142.186.29]:443 sni:- crt:google.com/google.com/*.2mdn.net/*.android.com/*.appengine.google.com/*.au.doubleclick.net/*.cc-dt.com/*.cloud.google.com/*.de.doubleclick.net/*.doubleclick.com/*.doubleclick.net/*.fls.doubleclick.net/*.fr.doubleclick.net/*.google-analytics.com/*.google.ac/*.google.ad/*.google.ae/*.go
-
So, I was reading Mubix's blog a little while back and he wrote about how PSEXEC shows up in the events log. It got me thinking, why can't I find a list anywhere of things like that which should be red flags in event, and other, logs? Anyone care to help build such a list? I'm starting off with what Mubix mentioned (though, I'm sure it will get changed later) and another obvious one. Windows Server 2003 Event ID 552 - when someone uses something such as RUNAS, it could be a sysad doing their job or an attacker doing something else, but worth looking into. What other things can we all thin
- 4 replies
-
- mubix
- firewall logs
-
(and 1 more)
Tagged with: