schippstrich

Members
  • Content count

    341
  • Joined

  • Last visited

Community Reputation

5 Neutral

About schippstrich

  • Rank
    SUPR3M3 31337 Mack Daddy P1MP

Profile Information

  • Gender
    Male
  • Interests
    Music, Technology, Food
  • Country
    United States
  • Location
    USA

Contact Methods

  • ICQ
    0
  1. Stoned installs to the MBR which is where GRUB is *usually* located. I'm sure it will overwrite GRUB, but not positive. As of now it's is a Windows only bootkit, so I don't think it's going to live side by side in the MBR with GRUB.
  2. Is anyone going to be attending PhreakNIC next week and/or Hack3rcon the week after?
  3. So are you planning on making this a project? or just sharing a thought. Just curious...
  4. While on that topic, I've been looking for a quieter scanner lately, Nmap is too easy to detect on my test machine, do you have any suggestions for a better port scanner? I tried Unicornscan, it's output is easy enough to read but I haven't checked to see how "subtle" it is yet. I don't think it is possible for a "scanner" to be quite. Your best best is to do individual probes over a period of time for the best chance of not being noticed. Hping is great. You can do some stuff to help in Nmap as well(-f(less true nowadays), --scan-flags, -n, -PN, --data-length) but the main point being do not "scan", just send a probe here and there. There are some intricate details between a SYN segment from a SYN scan and TCP scan in nmap(http://danielmiessler.com/study/synpackets/)
  5. The SecurityNow podcast has a decent introduction series to VPN's( Episodes #14-#19). They talk about a few of the most popular clients and a brief "how they work". http://www.grc.com/securitynow.htm I've used OpenVPN and Dynamic SSH Tunneling and they work well.
  6. If someone is listening, they could grab the two keys out of the air and put them together.
  7. Check out oclhashcat for using GPU's. It's very very fast. The Defcon cracking competition was won with hashcat. oclhashcat uses the OpenCL framework. It's the fastest tool out there now. When you can brute at 9 billion strings a second, there becomes no need for rainbow tables.
  8. http://davenport.sourceforge.net/ntlm.html
  9. My main reason for using full-disk encryption is if in an unfortunate turn of events my laptop becomes stolen. Hopefully, it won't be on either.
  10. As suggested above, brctl is in the bridge-utils package. I'm going to make a bridge interface called br0 brctl addbr br0 I will now add each interface to the bridge. brctl addif br0 eth0 brctl addif br0 wlan0 If I were to use tcpdump -i br0 I would see traffic from both eth0 and wlan0.
  11. You could run a wordlist against the devices HTTP server. You can use hydra by THC. It will be something along the lines of: hydra -l userwordlist.txt -p passwordlist.txt 192.168.1.1 -m / http-get-form
  12. MindSet: Seal knows this, look at the above quote. If you own his box via the latest Windows 0-day, full-disk encryption is not going to help. Your disk will have already been decrypted if you booted in Windows. The data is now yours. In his eyes, it's not worth it. I use full-disk encryption. I also use GPG when dealing with emails and files that I deem sensitive.
  13. I suggest Google as well. I personally wouldn't pay for it, but PureHate from the BackTrack team runs this: http://tools.question-defense.com/rar-password-cracker/ I haven't used this but you can try it: http://www.rarpasswordcracker.com/
  14. http://www.irongeek.com/i.php?page=videos/dns-spoofing-with-ettercap-pharming
  15. There is a fundamental difference in the encryption designs between TrueCrypt and PGP (Open Source = GPG). TrueCrypt relies on Symmetric Cryptography and PGP relies on Asymmetric Cryptography. Fundamentals: http://www.suse.de/~garloff/Writings/mutt_gpg/node3.html