February 15th, 2002, 07:03 PM
VictorKaum: You seem to know quite a bit about this stuff. By simply using a program like multiproxy I only get anonimty when surfing the web right? But I want to be anonymous when I use other programs, not just IE. For example if I port scan someone. Are there programs that support this, or do i have to make adjustments in the specific program?
Maybe i should clarify why I'm asking this question, it seems like a couple of you disagree with my question. It actually is for study-purpose. Me and my friend are writing our master thesis about the risk of having a computer connected to the Internet. Our method is based on action research, which means that we are going to learn to hack ourself. Our "target" is a computer that a friend of ours installed, so no criminal stuff. We are going to use programs downloadable from Internet, because we believe thats where a "rookie-hacker" (script-kiddie or what its called) would begin. Based on our progess we our going to analyse the risks.
February 15th, 2002, 07:41 PM
Hey, the last time I believed one here at AO about a friend box to hack, the one's newbie account was deleted by JP, and the person was persecuted by the "friend's" lawyers...
Our "target" is a computer that a friend of ours installed, so no criminal stuff. We are going to use programs downloadable from Internet, because we believe thats where a "rookie-hacker" (script-kiddie or what its called) would begin. Based on our progess we our going to analyse the risks.
senior members know who I'am talking about.
I mean how do you prove you are not some lame skriptkiddie that wants to abuse our knowledge to crack some1's box?
If you want to analyse the risks "on your progress" you will end up in court....
cause a lot of things on the net are outdated, so you will be stick with old crack tools and your fingerprint will be on each system you want to compromise. Did you know that almost every serious sysadmin has a tool to analyse logs? Those tools can see a crackers fingerprint and filter the attacks in seconds. I have been in the middle of action once, together with a sysadmin, we located the cracker in a very short time, even through proxies... it was an employee of the same firm trying to get access from an outside IP to protected databases. So second time watch out, don't underestimate the power of some sysadmins. If you try to crack one of Vorlin server's, for instance, I would better run and throw your box in the river
But yeah, I will give you some directions... edit the progs you use to use a proxy IP. Check the proxy anonymity. you can use a site called rostools to do that.
Even better, but very lame, compromise some1 else comp (like a box on a cable modem segment or your university pclab computers) using a trojan (build one like Sub7 yourself, modifiy some tools) use this comp(s) to do your attacks on a target. Erase the remote logs, never hold password hashes on non removable media... these are some general directions.
Anyway: these things are LAME therefor the best solution is:
---> Read a lot about computers, computer security , networkling, programming.
Here are some books to start with:
1. Hacking Exposed: Network Security Secrets & Solutions, Third Edition
by Stuart McClure, Joel Scambray, and George Kurtz ISBN: 0-07-219381-6
2. Hacking Linux Exposed by Brian Hatch , George Kurtz , and James Lee ISBN: 0-07-212773-2
3. Hacking Exposed Windows 2000 by Joel Scambray , and Stuart McClure ISBN: 0-07-219262-3
4. Hacker's Challenge by Mike Schiffman ISBN: 0-07-219384-0
February 15th, 2002, 08:16 PM
As I said, we are going to hack at our friends computer, and we have permission from the friend, our teacher and the student net administrator. So I don't see anything illegal about that. And we are not studying if we could be able to hack a big public server, just private computers. We want to find out how fast a "normal" computer-interested person can learn how to hack a private, Internet-connected computer, with programs from the web. Belive me or not, that's the truth.
Thanks for all answers!
February 15th, 2002, 08:27 PM
Ok, go for it, if you are speaking the truth, you are not cracking but you hacking.
So you do have permision? In that case you could skip the anonymity issue.
February 16th, 2002, 01:50 AM
Yes i know. And we are not going to start with be anonymous, but maybe later on in the project.