Restrict Anonymous User Access?
So me and my roommates decided to have a small in-house security competition. The rules were simple: break in, create a new directory containing a small .txt file and exit. We also agreed to full disclosure after it was all over. Neither one of us claim to be security experts, it was all fun and games. Anyway, I won the first round :D. I managed to compromise both of my victims security settings and consequently win some free beer. However, wanting revenge, my roommates wanted a rematch. We got one week to improve our defenses before round 2 took place. This time around one of my roommates got wise and managed to fool me :o . He changed some settings in his registry (XP.) The settings he changed makes him completely invisible to the outside world! I tried Nmap, Nessus, LanGuard, nothing! No trace of him existing! How is this possible? Is there any way besides using a scanner to flush him out? I would greatly appreciate if someone could explain this to me (Yes, I've tried to Google for it.) Round 3 is around the corner and it would be nice to reclaim my crown of in-house uber haxor ;) . We're all on XP/nix dual-boot boxes.
Re: Restrict Anonymous User Access?
Why didn't he tell you if that's true. I would force him to tell you. I really don't know how this is done. Maybe he just changed his IP, it sounds like you all were behind the same router, he could have just gotten a different IP after the games began. Of course, it sounds like he told you that he changed the registry to do what he did, so that eleminates changing the IP. You have me interested, it could be something real simple, or something real complex, but either way I would like to know how this was achieved. Sorry for posting without answering your question.
Originally posted here by realmatic
We also agreed to full disclosure after it was all over.