Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - p@nd@

Pages: [1]
1
Hacking and Security / Re: Keeping viruses under control in a domain
« on: October 31, 2013, 01:30:24 pm »
In my environment we are deploying nothing but thinclients with a locked down version of Win 7 using a write filter. (They refuse to use a Linux distro :( ) We then allow our users to connect using VMWare Horizon View to a floating pool. These pools of course are locked down. Every time the user logs out of the machine and log back in they get a brand new machine from the master image replica. Their documents are still there due to persona management however I strongly recommend them to save everything they can on their Horizon Data folders which acts as a cloud service but also prevents something from going missing and resides on our network. We then use Thinapp so everything is run in sandboxes anyways so very little is ever actually installed on the virtual desktop. Your best bet Kulv would be to do something similar while VDI can be a pain in the ass and expensive to set up it works very well and shines in situations like this. Since we are still deploying VDI those with thickclients are using TrendMicro AV and we have content filtering, email scanning, and spam filtering through Symantec which seems to do the trick for the most part with lots of user education(even though they still can do some pretty dumb things.)

2
Projects and Discussion / Re: Irreversible installation and running processes (root kits)
« on: May 23, 2013, 08:26:39 pm »
Quote from: daflowjoe on May 17, 2013, 03:58:41 pm
Hey guys,
[size=78%]i am thinking about developing an anti procrastination software, which is impossible to disable or to delete. ;-) [/size]


First post and it happens to go down like this............Sadness overwhelms me

3
Hacking and Security / Re: Your top 10 most useful hacking tools?
« on: May 23, 2013, 08:23:10 pm »
1> Logic
2> SET (Social Engineering ToolKit)
3> Maltego
4> Nmap
5> Ettercap
6> A good text editor
7> Custom Wordlists
9> Hydra
10>  Aircrack

4
Hacking and Security / Re: Learning my way into the world of Hacking :-)
« on: May 23, 2013, 08:18:27 pm »
Quote from: namespace7 on May 22, 2013, 10:28:18 pm
True. There is no path to becoming a "hacker" because you have to make the path yourself according to your own definition of "hacker" and your own visions, plans and goals.


So you are saying there is no path to become a hacker like in them movies?!?!?! I wanna hack the Gibson!


Anyways on a serious note I enjoyed the way you phrased that.

5
Hacking and Security / Re: Most common vulnerabilities encountered in a business environment
« on: May 16, 2013, 03:06:55 pm »
I would love to help by giving you our reports from the audit we had recently that shows some common things. Unfortunately being a financial organization I can not do that :(

6
Hacking and Security / Re: Holy shit!! Adrenaline is awesome! So is hijacking sessions!
« on: February 07, 2013, 02:07:52 am »
I remember my first time as well. Though I just checked out Dsploit since I have used Anti before and didnt hear about that one its pretty nifty. :)

7
Anonymity and Privacy / Re: "Cleaning Up"
« on: July 23, 2012, 03:42:39 pm »
Quote from: 963. on July 20, 2012, 09:12:07 pm
After I "attack" a computer I install a simple virus made with (dont hate) notepad. Erases the entire HDD including System32 folder. Thus, there would be nothing to link back to you, and even if they could link it back to you, the computer will never boot again without installing a new HDD. At every angle, they fail.


Wow. That  was either the best troll post I have ever read or something beyond my comprehension. I do not even know where to begin but I think Ande pretty much took care of what anyone if anyone was going to say something about this post.

8
Hacking and Security / Re: mitm attack only local?
« on: July 11, 2012, 02:26:12 pm »
Quote from: ande on July 10, 2012, 06:22:03 pm
I am pretty sure it cannot, that would defeat the whole purpose of SSL. SSL (iirc) is based on symmetric encryption which have one private and one public key for each session/connection and only one of them can be used to encrypt and decrypt the other. Hence why it is not possible to sniff SSL because you dont know the required key. You could brute force it but that would take millenniums.
That would be indeed true about SSL. I will definetly take a look into the HTTPS: portion however. I was just going off of what I have read around the interwebs about Ettercap. (Haven't had a chance to put it into practice.) However, if a program like ssl strip could do it I can't see why that wouldn't be a "feature" of ettercap if you start messing with the conf file. I dont think if you go to your local wifi hotspot start sniffing the network you will get plain text but it may or may not give you the encrypted data.

9
Hacking and Security / Re: mitm attack only local?
« on: July 10, 2012, 04:39:41 pm »
I thought Wireshark could not sniff however encrypted passwords such as https or ssl. Though I hear ettercap can indeed sniff ssl/https: passwords by just changing a rem in the conf file.

10
Found it on the Webs / Re: Tor Is Useless
« on: July 05, 2012, 05:30:05 pm »
Saying Tor is completely useless I wouldn't go that far anyways. I use it to get around basic web filters and such. Saying that its going to give you complete anonymity will that was a foolish thing to think anyways. People will never be completely safe from prying eyes with the resources to find you.

11
General discussion / Re: Athene interviews Peter Sunde(The Pirate Bay)
« on: July 05, 2012, 04:54:07 pm »
But he made a valid point "People found out about piratebay when it was on the news moreso than before." The media blows something up and then all of a sudden everyone is all over it. It happens all the time its like when Firesheep made headlines and then all of a sudden everyone was downloading it (only to be patched later on).

12
Hacking and Security / Re: Most rewarding hack you've ever done?
« on: June 22, 2012, 03:04:29 pm »
Getting a girls nudey pics off her email duhhhhh I l33t. I get a lot of grief for wanting to learn how to hack from my college buddies so one day I decided to crash the network while they were all taking tests. Needless to say they were not impressed when they had to try to access our network for part of the test and it was down.

13
Hacking and Security / Re: Backtrack Wifi Problem
« on: June 21, 2012, 03:59:59 pm »
Quote from: Kulverstukas on June 20, 2012, 08:10:05 pm
No. Backtrack from a VM does not have access to onboard hardware, except for USB thingies, so using a USB wifi dongle would be good.

What they said :). You are better off running backtrack I have found either as a dual boot or a live cd so you can crack networks. VM's are great for setting up personal labs but not for cracking wifi.

Pages: [1]