johnbjr Posted November 6, 2013 Posted November 6, 2013 I have a computer that i had registered windows on before. Is it safe to use that as my main hacking computer or should I use a new one that has never been associated with me in any way. Will I be able to be tracked down by my MAC address or something by using this older computer?? Even if I installed a new OS that hasn't been registered to me. Quote
digininja Posted November 6, 2013 Posted November 6, 2013 That sounds to me like you are planning to do something illegal, if so please don't use these forums to discuss it. Quote
johnbjr Posted November 6, 2013 Author Posted November 6, 2013 Ahhhhh Got it. I have a lot to learn. Now say im on my Mac running linux in parallels will macchanger still work when im using linux or will it still end up using the hosts systems mac/setup?? Quote
johnbjr Posted November 6, 2013 Author Posted November 6, 2013 illegal no. not at all. Currently in the military and somewhat in the IT field and know a little about networking a few certs to be dangerous but would love pursuing my knowledge in security and pen testing. I have about 3 years until I retire and need a new career and sounds interesting. Quote
Guest spazi Posted November 6, 2013 Posted November 6, 2013 Ahhhhh Got it. I have a lot to learn. Now say im on my Mac running linux in parallels will macchanger still work when im using linux or will it still end up using the hosts systems mac/setup?? I believe that you can't change the mac of your running linux in parallel. The linux OS will probably say that the mac has been changed, but I'm pretty sure that on the mac it will be the same. But test it to make sure :) About the whole MAC thing, I've been thinking the same thing, but if you change it before you start hacking (legally) you shouldn't be traceable. On the other hand, where i am from they would have to check my real mac against googles database and it would require a court approval not to mention lots of diplomatic bla bla bla. It would drown in paper work. Since I'm not doing anything illegal, I don't have to worry about these things. Quote
digininja Posted November 6, 2013 Posted November 6, 2013 illegal no. not at all. Currently in the military and somewhat in the IT field and know a little about networking a few certs to be dangerous but would love pursuing my knowledge in security and pen testing. I have about 3 years until I retire and need a new career and sounds interesting. So what are you planning to do that you don't want tied to the previous Windows install? Or what did you do then that you don't want tied to now? Quote
johnbjr Posted November 7, 2013 Author Posted November 7, 2013 @zombie Thank you @digininja I am planning on taking over the world. Hahaha Naaa really I always read how everything can pretty much be tracked and we always leave some sort of digital trail. From a legal and forensics perspective I guess it comes down to how much red tape and money they would be willing to go through. Well the severity of the crime also. Nothing has been done illegally or will be done illegally on my part. I'm just really interested in security especially on the trails that are left to be able to track down the attacker. The pen testing side of it all I have a lot of basic stuff to learn and have enough material online to keep me going for awhile not many questions yet. Quote
digininja Posted November 7, 2013 Posted November 7, 2013 I think people over think the tracking issue. My standard questions on this are: Who do you think is tracking you? Why are they going to be tracking you? Do you care? Are you doing anything wrong? The worst that will happen to most people is their data will travel through some automated system which will decide that there is nothing to look at. A very small percentage may get bumped up to the next level if they trigger on something really bad. At that point a low paid, junior, human may look at it along with all the other boring escalated data he looks at that day and will clear it before moving on to the next. He won't care what it is as he has probably read much worse in the past. People get so worked up but in reality, so what. Unless you are a planning a terrorist mass murder then the NSA, GCHQ or any other agency really don't have the time or resources to care about you. And if you are still worried about being tracked, there is a lot more than your MAC address that you would need to change. The whole of your computer can be used to fingerprint you. It is full of serial numbers and IDs which you could never change. Even if you do buy a completely new computer then it can be tied to you through your purchase and through and then through your ISP. There has also been research done on your computer usage habits to profile you, what you access, when, what times of day you are on and off line. What handles you use on certain sites. I've tracked someone through the distinctive way they sign off messages and emails. Quote
johnbjr Posted November 7, 2013 Author Posted November 7, 2013 Okay thats what I was looking for. Basicly a company or individual would just be screwed depending on the severity. I love the Idea of security/hacking and pen testing but just dont know which route to take as far as a career. I dont want to be an administarator or anything like that. I want to be the one in the field finding the volnerabilities. Pen testing seems fun but also I guess it depends on who you work for. There not all going to have free rein to do al the social engineering and attacks that they want. Anyways this is getting off topic. Thank you for the post. Quote
digip Posted November 7, 2013 Posted November 7, 2013 (edited) Okay thats what I was looking for. Basicly a company or individual would just be screwed depending on the severity. I love the Idea of security/hacking and pen testing but just dont know which route to take as far as a career. I dont want to be an administarator or anything like that. I want to be the one in the field finding the volnerabilities. Pen testing seems fun but also I guess it depends on who you work for. There not all going to have free rein to do al the social engineering and attacks that they want. Anyways this is getting off topic. Thank you for the post.Most pentesters, start out as sysadmins, network engineers, or other IT personal and have a strong background with computers in general. Those that don't and become pentesters, are usually not the kind of people who would ask such questions either, and wouldn't need help in that area since they are probably self trained or have some degree of underlying fundamentals, maybe more so than the average sysadmin. School and education in general, paid for or self taught, are still going to be needed if you want to get into any aspect of computers, whether pentesting or not. Not that you have to take that route, but the fundamentals of knowing how to subvert a system, means you need to understand how it works in the first place, and without a foundation based in strong networking and computers in general, you'd (not saying you personally, but generalizing) end up being more a script kiddy if looking to subvert systems vs a real pentester who has a clear scope and objective to perform as their job. My opinion, but pentesting and general breaking into things, are not one and the same thing, even if one person gets paid to do it, while the other does not, the skill levels of either don't mean much, so much as your actions do and how you use what you know. As for tracking, DigiNinja pretty much summed it up without even going deep on the recon side of things. If someone wanted to find you, track you, they could. Just depends on who, and how much resources and time they want to invest in it. That doesn't mean you should take what he said lightly, as if no one would ever come after you, so thinking you're safe because something you plan to do is low on priority of someone looking for harder crimes, one only has to look at something as innocent as Aaron Schwartz copying of books, papers and research from his schools computers, while the school(after his suicide decided to give all of that information out freely anyway) the government pressed charges to the point he felt the only option he was left with was suicide. Choose wisely your questions, on a public forum, where just because you're behind a keyboard at the other end and a handle of "johnbjr", don't think for a second someone couldn't already have now profile you, merely based on your question, and their thoughts of your intent in those posts. You opened a can of worms just by merely asking in general, and that in itself, marks you as a target by your own volition. edit: just wanted to add as well, the MAC address is layer two, change out the nic itself, or use external wifi and ethernet adapters with macchanger (they make mac changing programs for windows) but most wireless nics in windows and some wired(like mine), already have settings to allow you to change your MAC to anything you want to begin with. For me, personally I'd use an ultrabook, no HDD, boot off external media, and use external network cards + machchanger and go from there. No guarantee of hiding anything, and wifi can be triangulated but its a better start than using a registered PC to your real identity. Regardless of the safeguards you take in masking yourself, if the workstation is still the same install with registered info to you, if you get hacked back, they have access to your machine now and can troll if for personal data. People often forget about what happens when they hack into something, for example, pentesters who've used backtrack on a job and never bothered to change the hostname or passwd, one company, hacked back at the pentester, because the default SSH login was root/toor, and she owned them right back, and every time they thought they had data on their pentest, she fed them fake data that they then presented in their report, for which they looked like fools in the end and weren't worth their paper report they turned in other than for maybe toilet paper. Data flows in both directions and going on the offensive, does not remove the possibility the same could happen in reverse, so your defenses have to up to par with what you're doing to begin with. Edited November 15, 2013 by digip Quote
Skorpinok Rover Posted November 15, 2013 Posted November 15, 2013 @zombie Thank you @digininja I am planning on taking over the world. gotham's reckoning ? Calm down, Doctor! Now's not the time for fear. That comes later Quote
Lockon Posted November 15, 2013 Posted November 15, 2013 I believe that you can't change the mac of your running linux in parallel. The linux OS will probably say that the mac has been changed, but I'm pretty sure that on the mac it will be the same. You can't change the network adapter's actual hardware MAC address but you can spoof it temporarily, however spoofing a MAC address for a wireless setup isn't going to protect you from someone even semi-decent in tracing a signal. As long as you're broadcasting something, the signal can be traced back to your physical location with enough time. If you spoof your ethernet connection's MAC address, your ISP "could" trace back your connection to your DSL or cable modem since your firewall offers you no protection in that situation. Quote
digininja Posted November 15, 2013 Posted November 15, 2013 You can't change the network adapter's actual hardware MAC address but you can spoof it temporarily, however spoofing a MAC address for a wireless setup isn't going to protect you from someone even semi-decent in tracing a signal. As long as you're broadcasting something, the signal can be traced back to your physical location with enough time. Some network cards, both wired and wireless allow permanant changing of MACs. If you spoof your ethernet connection's MAC address, your ISP "could" trace back your connection to your DSL or cable modem since your firewall offers you no protection in that situation. Not sure which you mean here, if you mean internal then that would never go beyond your router (in normal network traffic) so ISPs couldn't track a machine inside your network based on MAC, if you mean the MAC of your router/modem then a lot locl the network connection to your property to the MAC on the modem they give you. Even if they don't, they will know exactly what MACs are connected to each property through basic networking information. Quote
digip Posted November 15, 2013 Posted November 15, 2013 (edited) If you're doing this from home, to external targets, well, to be cliché and quote the movie hackers "Thats universally stupid..." since unless you've hacked your modem, and bypassed their CMTS to allow a spoofed device on their network(which most ISP's won't let any cable modem,DSL or otherwise on their network, without prior authorization from the ISP), the ISP would be able to track back to the modem in use and your internet account info. Also, with IPv6, the modem, is going to always have an addressable and findable address from anywhere in the world if someone managed to get its IPv6 address (but don't quote me on that). Edited November 15, 2013 by digip Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.