Type: Posts; User: grobyccil; Keyword(s):
Search took 0.02 seconds.
August 28th, 2003, 02:39 PM
U can search network Security by W. Stallings.
Search in Direct Connect++, a peer 2 peer system like eMule.
Also, Hacking Exposed (http://www.hackingexposed.com/) is a good book.
August 19th, 2003, 08:36 AM
Opera web browser lets a file vlink4.dat with visited address in /home/user/.opera/ or Documents and Settings/user/Application Data/Opera/Opera7/profile
When we want delete our traces from...
August 14th, 2003, 08:04 AM
August 14th, 2003, 06:49 AM
Phrack 61 is out!
There is the index!
1 Introduction (.txt) Phrack Staff
2 Loopback (.txt) Phrack Staff
3 Linenoise (.txt) Phrack Staff
4 Toolz Armory (.txt) Phrack Staff
August 12th, 2003, 06:34 AM
Good post dynamoo!
We are talking about this in 3 threads rigth now:
August 12th, 2003, 06:24 AM
most of the servers are in covad.net and attbi.com. The others are in san.rr.com and lsan03.pacbell.net. I believe that this could indicate from where it was begun to spread the worm.
August 12th, 2003, 06:12 AM
Thats rigth r8devil. And, when u reinstall u must be offline, because your system is vulnerable while is updating...
August 12th, 2003, 06:00 AM
Maybe Grinler but there are other things aside from this worm exploding the RPC vuln and you never know if you have an backdoor or no. I think that if your system is hacked, is reasonable to begin...
August 12th, 2003, 05:09 AM
I'm agree w Maverick811. Windows Update dont have any relation w this worm...
August 12th, 2003, 03:13 AM
The solution posted by Grinler dont work 'cause is a worm and even your have luck and delete msblast.exe, your PC could be infected again. I post a solution at...
August 12th, 2003, 03:08 AM
Some tip 2 remove & prevent msblast worm...
* Block tcp port 135 at your firewall.
* Delete the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "windows auto...
August 12th, 2003, 02:58 AM
Hispasec (www.hispasec.com) report today a new worm based on RPC exploit...
The worm send commands to windows shell in tcp port 4444.
There is captured traffic...
August 11th, 2003, 07:36 PM
Tedob1, for sniff a dial-up conection, try www.sniff-em.com/sniffem.shtml
August 11th, 2003, 10:42 AM
yeap! is a good tool.
maybe u wanna test Advanced Intrusion Detection Enviroment: http://www.cs.tut.fi/~rammer/aide.html
Is a nice tool too.
August 11th, 2003, 01:05 AM
nice work! keep going! Maybe u can merge the html files into pdf? 'cause my link is sloooow!!
August 10th, 2003, 11:52 PM
Exist some certifications: SANS's GIAC (www.giac.org) is great!
And maybe CISCO too.
Thnks 2 all! I'll look this links. And yes, I mean Distributed Intrusion Detection Systems.
I'm looking for some hot theme on DIDS to begin my PhD. I have some ideas, but I see all them trivials and I dont know what can I do.
April 6th, 2003, 11:34 PM
April 6th, 2003, 07:12 PM
it looks like u dont have NetBIOS installed
April 5th, 2003, 12:43 PM
Maybe u most reinstall the system. The oponent, may be install another backdoor or a root-kit. (i'm really paranoic)
April 5th, 2003, 12:03 PM
Good tools (win*) & source code
Advisories, tools & xploits!
April 5th, 2003, 11:51 AM
I found it!!
and I going to try it: http://www.nrh-up2date.org/
It's a sustitute for rhn service, and is free!!
now... let's rock! ;)
April 1st, 2003, 06:32 AM
like rdev say,
$arp -s host mac
if u wanna learn more about arp poison tricks, try ettercap at http://ettercap.sourceforge.net/ or dsniff at
March 26th, 2003, 10:30 PM
I see a game: uplink
u are a hacker/cracker & receive some instructions and gain $ and buy a new machine, and so..