Chris B. Posted March 1, 2010 Share Posted March 1, 2010 I am just trying to test the security of my home computers. i was wondering if anyone would know how i could "hack" into one of my computers on my LAN. Just so i could see the files. Im pretty sure i have it pretty secure. but there is always a back door to everything!! Also... I would be using windows to do the attack. thanks for the help, Chris B. Quote Link to comment Share on other sites More sharing options...
Sparda Posted March 1, 2010 Share Posted March 1, 2010 Boot Ubuntu (or similar) live disk, now you have access to all the files. Quote Link to comment Share on other sites More sharing options...
Netshroud Posted March 1, 2010 Share Posted March 1, 2010 Physical access = all bets are off. Quote Link to comment Share on other sites More sharing options...
Charles Posted March 1, 2010 Share Posted March 1, 2010 Physical access = root access. I'm not quite sure what type of security you want to test, network or "physical" security. Quote Link to comment Share on other sites More sharing options...
Inked Posted March 20, 2010 Share Posted March 20, 2010 Chris, your question is quite vague. Are you are merely looking to secure your wireless network or gain root access? Look into playing around with BT4 and some of its tools. Quote Link to comment Share on other sites More sharing options...
techtronic Posted March 23, 2010 Share Posted March 23, 2010 you could look at metaploit autopwn for kicks Quote Link to comment Share on other sites More sharing options...
c0r Posted March 23, 2010 Share Posted March 23, 2010 Or you could give us your ip...to make it simple.. c Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 2, 2010 Share Posted April 2, 2010 Yep, just give us your ip address, then I could brute force your router, and make my way into your home computers. Quote Link to comment Share on other sites More sharing options...
Burning Aces Posted April 3, 2010 Share Posted April 3, 2010 (edited) Boot Ubuntu (or similar) live disk, now you have access to all the files. Physical access = all bets are off. if this guy is smart, he would have set up a bios password, set his boot setting to boot off hdd first, which means even if you put in a cd, the hdd will boot first and it will require a password, then again if its a desktop, you can remove the cmos battery to reset bios, so this guy could then have encrypted his hdd which means you are still at a loss, so i'd say even with physical access all bets still are not off Yep, just give us your ip address, then I could brute force your router, and make my way into your home computers. you realise hacking a home pc is actually kind of hard especially considering most users have no ports open to the net, only locally,also who says his router is set to allow remote management, also router access != lan access so yeah you are wrong there edit: also OP, why are you concerned about your lan? check what ports/if any are open to the internet itself, check your wireless security settings and make sure you have a good <20 if you can remember it alpha-numeric password set on wpa2 and if your router supports it make a radius server which is even more secure(i noticed no one really talks about them much..) Edited April 3, 2010 by Burning Aces Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 4, 2010 Share Posted April 4, 2010 (edited) if this guy is smart, he would have set up a bios password, set his boot setting to boot off hdd first, which means even if you put in a cd, the hdd will boot first and it will require a password, then again if its a desktop, you can remove the cmos battery to reset bios, so this guy could then have encrypted his hdd which means you are still at a loss, so i'd say even with physical access all bets still are not off you realise hacking a home pc is actually kind of hard especially considering most users have no ports open to the net, only locally,also who says his router is set to allow remote management, also router access != lan access so yeah you are wrong there edit: also OP, why are you concerned about your lan? check what ports/if any are open to the internet itself, check your wireless security settings and make sure you have a good <20 if you can remember it alpha-numeric password set on wpa2 and if your router supports it make a radius server which is even more secure(i noticed no one really talks about them much..) You think so, I could scan your system for vulnerabilities. And if I find any I could exploit them and that way I could gain access to your system. I mean there are always ways to access a system, no matter how secure your system is, there will always be a flaw. So what do you say. Edited April 4, 2010 by Infiltrator Quote Link to comment Share on other sites More sharing options...
Burning Aces Posted April 4, 2010 Share Posted April 4, 2010 You think so, I could scan your system for vulnerabilities. And if I find any I could exploit them and that way I could gain access to your system. I mean there are always ways to access a system, no matter how secure your system is, there will always be a flaw. So what do you say. want me to pm you my IP then? i welcome you to gain access to my system Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 7, 2010 Share Posted April 7, 2010 want me to pm you my IP then? i welcome you to gain access to my system Don't challenge me dude. What do I get if I win? Quote Link to comment Share on other sites More sharing options...
Burning Aces Posted April 7, 2010 Share Posted April 7, 2010 Don't challenge me dude. What do I get if I win? access to my system quite clearly Quote Link to comment Share on other sites More sharing options...
Inked Posted April 7, 2010 Share Posted April 7, 2010 Are you two really arguing about who can pwn who? Quote Link to comment Share on other sites More sharing options...
subl1m1nal Posted April 7, 2010 Share Posted April 7, 2010 Yeah dude. What you're describing is vague. But here's my recommendations: 1. Run Microsoft's Baseline Security Analyzer on all windows PCs. This will display any missing patches and show weak passwords. 2. Run a port scanner to look for open ports. Close un-necessary ports. Shutoff un-necessary services. 3. Make sure AV is installed and updated. 4. Check for a software firewall on PCs. Windows comes with one. 5. Review router/firewall for open ports. 6. Take away local admin rights from accounts that don't need it. I personally recommend creating a regular user and escalating priveleges using the admin account when needed. 7. If you're paranoid, take out any wireless devices. If not, at the very least, secure it using WPA2 and a strong passphrase. 8. BIOS passwords. 9. Consider physical security. Computer locks, locked doors, mantraps, etc. 10. Whole disk encryption. Truecrypt is free. Use it. 11. Extra credit - Intrusion Detection/Prevention Systems for hosts and network. Quote Link to comment Share on other sites More sharing options...
Guest Deleted_Account Posted April 8, 2010 Share Posted April 8, 2010 (edited) access to my system quite clearly haha Burning Aces is quite right i must add considering that not only would the user have to be stupid and have open ports to the world but also a static ip address. Consider if you got access to his computer tomorrow hell have a different ip address and youll be at square on its not like it used to be where as soon as you had the modem number you had access :P Also to prove you wrong (again) if you say physical access means all bets are off then beat this rig: OS: Ubuntu 10.04 and 9.10 HDD: FULLY ENCRYPTED Passwords: >20 alpha-numeric passwords with spaces and punctuation Firewall: Bastille and GUFW (for emergencies) and Alpha Shield and a comp running pfense on my LAN/WLAN and my routers fire wall too :) (all ports are stealthed btw) Security: Bastille Hardening Tool (Yes Root logins are disabled DoS attacks wont work either) PSAD to stop packet forging and ClamAV, chrootkit, etc. also note that all uneeded services are stopped too like FTP and SSH and TELNET :) etc. BIOS: HDD lock and Bios passwords Lock: laptop lock :) IP: Dynamic IP address oh almost forgot to mention my isp blocks most port scans on their clients IP's too by the way :) ROUTER: WPA2 with 63 char. alpha numeric password with spaces and such again :) Private files: Truecrypt Volume using Serpent-TwoFISH-AES in XTS mode each being 256-bit and needing a >20 char. password and 6 key files stored in separated locations :) Now lets see you access a file by hacking into my computer the file is called IWIN.txt which is stored in that TC volume... oh and good luck :) EDIT: if you could get that file i would give you $400 mainly because it would not be possible for you to do so :) especially the last part that would give 99.9% of the world problems :) Edited April 8, 2010 by x942 Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 8, 2010 Share Posted April 8, 2010 Yeah dude. What you're describing is vague. But here's my recommendations: 1. Run Microsoft's Baseline Security Analyzer on all windows PCs. This will display any missing patches and show weak passwords. 2. Run a port scanner to look for open ports. Close un-necessary ports. Shutoff un-necessary services. 3. Make sure AV is installed and updated. 4. Check for a software firewall on PCs. Windows comes with one. 5. Review router/firewall for open ports. 6. Take away local admin rights from accounts that don't need it. I personally recommend creating a regular user and escalating priveleges using the admin account when needed. 7. If you're paranoid, take out any wireless devices. If not, at the very least, secure it using WPA2 and a strong passphrase. 8. BIOS passwords. 9. Consider physical security. Computer locks, locked doors, mantraps, etc. 10. Whole disk encryption. Truecrypt is free. Use it. 11. Extra credit - Intrusion Detection/Prevention Systems for hosts and network. Just a few suggestions: 5. Review router/firewall for open ports. As well as check for firmware updates 4. Check for a software firewall on PCs. Windows comes with one. Comodo Free Personal Firewall, Cnet recommends and its a lot more secure than the windows built in. 7. If you're paranoid, take out any wireless devices. If not, at the very least, secure it using WPA2 and a strong passphrase. Or if you are extremely paranoid, use a radius authentication server. That's all I can think off. Quote Link to comment Share on other sites More sharing options...
Burning Aces Posted April 8, 2010 Share Posted April 8, 2010 Just a few suggestions: 5. Review router/firewall for open ports. As well as check for firmware updates 4. Check for a software firewall on PCs. Windows comes with one. Comodo Free Personal Firewall, Cnet recommends and its a lot more secure than the windows built in. 7. If you're paranoid, take out any wireless devices. If not, at the very least, secure it using WPA2 and a strong passphrase. Or if you are extremely paranoid, use a radius authentication server. That's all I can think off. now everyone talks about radius auth servers :| Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 8, 2010 Share Posted April 8, 2010 (edited) now everyone talks about radius auth servers :| Radius authentication server, that's what corporates around the world uses for securing their wireless network. I am pretty sure there are other ways for securing it, but implementing a radius server seems to be the most effective method for securing a wireless network. Edited April 8, 2010 by Infiltrator Quote Link to comment Share on other sites More sharing options...
Guest Deleted_Account Posted April 8, 2010 Share Posted April 8, 2010 Radius authentication server, that's what corporates around the world uses for securing their wireless network. I am pretty sure there are other ways for securing it, but implementing a radius server seems to be the most effective method for securing a wireless network. I used to use a radius server in my office however using WPA2 + 63 char password is strong enough for us we also tunnel every thing through a VPN at our home office in vancouver so even if someone could get in everything is encrypted too Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 9, 2010 Share Posted April 9, 2010 I used to use a radius server in my office however using WPA2 + 63 char password is strong enough for us we also tunnel every thing through a VPN at our home office in vancouver so even if someone could get in everything is encrypted too That's the idea always implementing security measures in place and above all use of strong encryption. Quote Link to comment Share on other sites More sharing options...
Guest Deleted_Account Posted April 9, 2010 Share Posted April 9, 2010 That's the idea always implementing security measures in place and above all use of strong encryption. Exactly, also a good idea to isolate WLAN from LAN so in the event wireless gets compromised their will be no access to our core systems only laptops and a couple of servers (which of course are protected but still :P) Quote Link to comment Share on other sites More sharing options...
Burning Aces Posted April 9, 2010 Share Posted April 9, 2010 Radius authentication server, that's what corporates around the world uses for securing their wireless network. I am pretty sure there are other ways for securing it, but implementing a radius server seems to be the most effective method for securing a wireless network. it is the most effective way really Exactly, also a good idea to isolate WLAN from LAN so in the event wireless gets compromised their will be no access to our core systems only laptops and a couple of servers (which of course are protected but still :P) eg having 2 subnets and having all your main desktops on 1 and yeah what you just said :D Quote Link to comment Share on other sites More sharing options...
Guest Deleted_Account Posted April 9, 2010 Share Posted April 9, 2010 it is the most effective way really eg having 2 subnets and having all your main desktops on 1 and yeah what you just said :D haha :P exactly :P thats how i do it radius isnt practical for our small office we only have 30 or so computers + 2 servers and several laptops so this isolation + VPN + WPA2 is great just wish we could use AES mode but a few devices dont like it too much :P Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 9, 2010 Share Posted April 9, 2010 Exactly, also a good idea to isolate WLAN from LAN so in the event wireless gets compromised their will be no access to our core systems only laptops and a couple of servers (which of course are protected but still :P) "Isolate" by that you mean, using a Vlan switch. And then segmenting your network into small vlan groups and applying the necessary policies. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.