Rent a booter you get a botnet.
It is quite easy to read and figure out what the information is provided by Wireshark. With just a basic understanding of network protocols and how they work, you can figure out what is going on your network. The catch is you have to take the time to fully understand how Wireshark works, and be able to interpret the information it gives you. I guess I find interpreting Wireshark easy because that the talent I was born with.
[quote=âAremis, post:18, topic:123448â]
And even once you have the IP, what do you do? 100 bucks at a booter to basically ban the guy from the internet for a month?
Well, my response would be, block the Son of a Gun, or fight fire with fire, so what if it cost you $100 bucks, we future network Engineers have to do something to justify our jobs. LOL.: laughing:
Heh, I guess. I think people should just study this stuff on their own lol.
You bros want to join me in starting a L1T InfoSec blog?
They donât have a subsection for Security, so that may be the best place.
Actually I was thinking this would be the inevitable follow on after the, âBuild your own PfSense routerâ on Level1Linux. Wireshark infosec seemed like the best clamping down on the firehose that made the most sense. Both are very useful tools that both teach and keep you out of heaps of trouble. There is a really basic intro to Wireshark on Hak5 but nothing like could fly here.
Iâd join :U
Chris Sanders has a book that is phenomenal. He has a few, actually, but the one I am referring to is Practical Packet Analysis. He uses Wireshark for a lot of the exercises in the book, and provides really great instruction.
Dude is a beast when it comes to Blue Team.
Please do! Iâve been mulling around various blog ideas for a long time. Just donât have the balls to start out on my own
Great pointer for a resource. Thanks for that! Looks like it is perhaps soon to be difficult to find.Strike while the iron is hot.
Off topic but does your switch have support port mirroring? Because if it does you can mirror the ports connected to your router (stick the switch in between the modem and router on an isolated vlan or something) and run wireshark on the mirrored port. That way you can get real time monitoring without doing anything to the router.
I can start it if you want lol.
Wouldnât it be more helpful initially on the exsting Linux channel. The setup, initial detail, what to look for that is important, what is fluff (std i/o) that can be skimmed eventually, triggers to be set, and then all the really good bits like the sweetness that @Dexter_Kane just dropped. (nice one - seriously)
That is what our OP is looking for ⌠yeah?
I see I need to clarify some of my statement. Ok I donât have a L3 switch, at least not yet, itâs on my to do list along with wireing the house for Ethnet. What I have right now is what I referred to as a combo device which is acting like a L3 switch if I understand correctly how a L3 switch works, a modum, and WIFI device,which is how most of my family connects to the network.
please excuse the few misspelled words I am trying g this message out on my tablet, so I donât wake up the whole house by using my computer. I swish you could attach a full size keyboard to a tablet it sure would make typing so much easyer.
Guys, this is a buddy of mine. He made it stop, by disconnecting ethernet. I told him to call the police, surely itâs criminal to compromise and control a remote system, without permission, and this person is ballsy about it. This isnât a prank, his family isnât very tech savvy.
While you are correct at least in the United States, what is napping to @sumidor063 is a crime if commited by any one other then the owner of the building network or owner of the building the only thing the Police can do is take incident report, unless you can prove who is doing this to you. Then maybe you can have charged filed against them. As it has already been pointed out by this community it probably is a kid fooling around, but the little brat should be taught a hard lesson for his own good. I hope you catch the little snot.I
Any managed switch with port mirroring would do, or you could set up a pc with a bridge in whatever port you want to look at, but a switch with port mirroring makes it a lot easier/cheaper/flexible.
I swish you could attach a full size keyboard to a tablet
Should be able to, Bluetooth will definitely work, otherwise usb would probably work with an adapter.
Does anyone know of a checklist containing best practices for security?
Things like,
- never log in from a shared computer
- never use the same password for different things
- never run software from sources you donât trust
- never run or open unexpected email attachment
- enable always show extension
- encrypt your drives and phones so you can take them to repair safely
- donât tell others your passwords
- donât enable file sharing over internet
- run periodic malware scans using reputable software
- donât use flash drives
- âŚ
⌠that sort of thing checklist.
Something thatâs widely applicable and doesnât require a full time admin to maintain an IDS with a CA and so on.
If it was me and I was interested in following it further. I would boot a live linux and dd and image of your boot drive to test and monitor within a VM.
Format and reinstall asap and change passwords as stated above. It all good info on this thread.
There are a number of us here.
There are A few things I would add, which to me are more like common sense.
- Disable cookies
- Never Let your Web browserâs save your password
- Disable the AutoFill feature in web browserâs
- Never share personal Information on the Internet
- Never visit websites that encourage criminal activity
- Never visit porn sites
That is the only thing else I can think of off the top of my head, if anyone else can think of more please share. I think the rest of us would be interested.
I included some of those in the link below. Let me know what you guys think! @Eden @ropestretcher @Linuxephus @risk
So, youâve decided to go down the path of Information Security, eh? Rather than get banned from /r/netsec for asking âH0w doe ! get n2 P3nt3$$ting???â â You decided to frequent your community of Level 1 Techs for expert advice. Instead, you found this :smiley: Welcome to my Information Security primer. Now, I say my Information Security primer, what I really mean is my introduction. I would like this to be a living document, something that the L1T community can actively contribute to, and eventually it will evolve into something that rivals that of Carlos Perez and Chris Sanders! If you donât know who they are, donât sweat it. If you prefer books, real advice, or Podcasts, check out the list at the end of this post. Otherwise, keep reading! :smiley: Useful Tips for Beginner: Never log in to your accounts on a shared computer. Use different passwords/different patterns. For exampe: Say your password is C@nt4@ckM3! You put in a lot of work making this password, but you donât trust password managers and you donât want to spend time and energy making 40 different passwords for all of your accounts. So, what do you do? Break the domain and the password in half, and concatenate the halves. C@nt4Level1@ckME!Techs is your new password. Ridiculous? Too long to type every time? Welcome to infosec :wink: Donât blindly trust scripts and software. explainshell.com and virustotal.com are great for looking at something iffy. These are not failsafes, though. Windows and Linux are not foolproof, no matter how much hardening you think you have done. YOU are the best antivirus. Never share your passwords with anyone. NO ONE. A vendor (Blizzard, Steam, Microsoft), a coworker, or someone in your I.T. Department. Forget it. If you need to have something serviced and have no choice, reset your password to something temporary before giving it over. Do not Trust hardware. If you find something in the street, donât plug it in to your computer. Resist! Anything from USBâŚ