ima big noob

[TheOniVeritas]

hi this will be my first post here so hello to all, anywho i got a pineapple for christmas and had a lot of trouble getting hooked up finally got it to run using my laptop and to make a long story short walked away for a few hours come back and my desktop pc had been hacked (a lovely turk flag as my desktop, jdownloader, and teamviewer) now i opened my self up somehow but really dont know where to start. so love the gift but need to not let this happen again

[Seph]

Yeah....Sorry man but you are a big noob. The pineapple pretty much removes the first 2-3 layers of security, leaving you pretty open. You already know your big mistake was walking away from your computer right? The idea behind the pineapple is for you to become the wireless gateway, and watch traffic flow through. So first thing's first, how you protect yourself? (take note that im kinda guessing what to cos i dont have a pineapple, and only going from what I've heard)

Get your machine fully patched dude, and this doesnt mean (assuming your using Windows) rely heavily on Windows Updater cos it does take a while to find patches.

You need a good firewall too, one that filters direct traffic to you, and lets Foward traffic through.

Oh and one more thing, guessing from what you said - you tested the pineapple at home? I know its cos you were setting it all up, but the moment you got it working, should of turned it off.

I dont mean to be rude or anything, but it helps to have tech knowladge ahead of time before playing with this dangerous stuff, I'm sure some of the other guys here will be more then happy give you some pointers and help.

Good luck man.

[TheOniVeritas]

haha i dont mind the rude as long as theres helpful tips as well so thanks so much. and yes im using windows what are some good free av and firewalls thanks

[Seph]

I dont know of any free ones. Personally I use bitdefender which has a pretty epic firewall, which I find myself turning off every now and the cos its TOO strict XD

A quick search for "windows firewall" on sourceforge.net turned up a few choices. Have a look at thoes.

[digininja]

This is why I have Jasager off by default, to stop people from plugging it in and accidentally getting owned. This wouldn't have helped in your situation as you had turned it on but does highlight why I'm sticking to the off by default option.

[TheOniVeritas]

@digininja so what ever ap i am on while useing jasager is like a big beacon saying hack me or is it just because my firewall was weak and what are some steps to make it safer to test at home thanks again for the replies

[digininja]

You turned on an open wifi AP connected to your home network and it was responding to any ESSID. Any malicious hacker around who saw an open network would probably jump on it, if you then have vulns on your machine is is trivial to exploit them and they are in.

I'd say you were probably just unlucky but you do have to be careful with these things.

I'm not going to try to explain how to set it up but I've got mine setup so rather than ICS I'm doing routing so the victims get a different IP address all the way through the network and out the door rather than having a device NAT the connection, this makes it harder for people see my real network and adds a layer of security (obscurity if you want) on the top.

[TheOniVeritas]

thanks digininja ill look in to that asap

[echoblack]

Hum, if you want my opinion. I am not convinced you got hacked do to the Jasager. I would not be surprised if you got a virus wile searching the web for info on how to set up the Internet connection sharing. Or I been if someone did connect and then attack your windows box he/she probably could have done the same if they just got on your normal wireless lan.

I don't think a firewall setup will help you with the Jasager. Just leave Wireshark on and watch all the TCP packets. If you see a client IP connecting to your Windows box IP then your getting hacked.

Some things you should do are to go into control panel/administrative tools/Services then go down the list and "disable" Telnet, RPC, Fast User switching, File sharing,.... You know what just google for a list of services that should be disabled in windows. Ya, get all the updates you can all the time. But at the end of the day, you will still get viruses and get hacked and your computer will crash. It's just windows. There is really no way of making it secure.

If you feel like having some fun. Install Ubuntu. Ya, it will be hard at first but after a month or two you'll never want to go back. The choice is up to you though. It's all good if you don't have the time. It is a lot of work to learn a new OS. If you do switch though. Go All Out. Main and Only OS on your Main Box. If you just install it as a second OS and never use it for real computer work then you'll never learn. You have to use it all the time to learn.

[TheOniVeritas]

hey thanks for posting yeah i have ubuntu 9.10 dual boot with xp on my laptop and was going to ask that very thing im very new to linux and am likeing it i only have used it for aircrack but am thinking of picking it up i had a friend in high school that swore by it just never new what distro to start with even picked up a linux for dummies haha about 5 years ago