|
EH-Net
|
|
May 22, 2013, 10:28:51 PM
|
 Show Posts
|
|
Pages: [1]
|
|
1
|
Ethical Hacking Discussions and Related Certifications / Incident Response / IP address traced to ISP now what?
|
on: July 29, 2009, 03:27:33 PM
|
|
Hi Again Guys.
I am based in the UK as you may know.
We have had an incident in which 'someone' has access the network logged onto a machine in which they install logmein, or they compromised the logmein session that was on that machine.
The logemin access was logged was visible from the event view and we have several IP addresses. We have tracked these down to the ISP BT Broadband.
It took 2 months for Virgin Broadband to supply this information to the police in a case were a computer system was stolen and reported to them.
Now in my experience you have to get the police involved so that they can use under the Regulation of Investigatory Powers Act 2000, if they think the case is worth taking on that is!
Any other ideas in tracing the location? Tried Mindmap and other basic Traceroute sites.
Any Ideas?
Thanks!
Dav
Do you know of any other way to obtain the information of the
|
|
|
|
|
3
|
Ethical Hacking Discussions and Related Certifications / Forensics / What time was the Out Of Office added/changed?
|
on: July 27, 2009, 05:17:24 PM
|
|
Hi Guy's,
Got an interesting on here thought you'd might like a go at solving.
I have a client that has an employee that skipped work today. Their out of office reply on their system, outlook 2007 on a 2003 sbs server was, was set saying they would not be in until tomorrow !!
They went on vacation on Thursday and should have been back today. They set up the Out of Office (apparently) to say back today.
The question is is there a way of telling when the original out of office was set and if/when it was changed???
Sorry if it sounds lame but it may be something you have done in the past?
Cheers.
Dav
|
|
|
|
|
5
|
Ethical Hacking Discussions and Related Certifications / Wireless / Re: How do you tell a major corporation they have open wifi access safely?
|
on: July 21, 2009, 08:07:42 AM
|
Ok, now that this is all settled, welcome to EH-Net. Sorry if I was sounding too harsh. I was just trying to prove a few points. It is nice to see the spark of security minded computer people. You are more than welcome to stick around, learn a few things, and ask as many questions as you want.
I know I did not want you going down the wrong path in regards to security. Information security not as much of the wild west as it once was.
Hi Unsupported, Not at all. I just think it is crap that a large company, with responsibilities to share holds etc etc. Has such a lax attitude to security. Anyway SUMO. Always happy to learn ! Dav |
|
|
|
|
6
|
Ethical Hacking Discussions and Related Certifications / Wireless / Re: How do you tell a major corporation they have open wifi access safely?
|
on: July 21, 2009, 05:36:48 AM
|
Hi Dav_Id,
I don't think what you have done is necessarily unEthical in a philosophic sense, (I don't think that obeying the law and being ethical are always mutually inclusive) but it is rather against the Code of Ethical Hackers.
I think that it would be best to inform them but I think that you would be lucky to be able to find somebody from the company who cares enough. But if their internal network is exposed, I'd refrain from using my credit card there - just to be sure.
This is just my opinion...
Ants
Hi Ants, I only use cash at that store. Although saying that a skimming 'device' was found at the ATM outside the store back in March, so what you gonna do  Dav |
|
|
|
|
7
|
Ethical Hacking Discussions and Related Certifications / Wireless / Re: How do you tell a major corporation they have open wifi access safely?
|
on: July 21, 2009, 03:00:15 AM
|
I just wanted to say a big thank you to you all for your posts. I actually wrote the letter yesterday, but did not send it. It is still on my desk. My 'Ethics' are based on honesty and integrity. You are correct in saying if they do not want to listen - it is their problem. I just feel that if some took the time to sit down and hack it they may be able to sniff the data between the petrol station and the main store and capture customer data. ( I have now spotted the 2 Cicso wifi antenna bridging the to sites) Or Nessus scan the network break in etc and walk the network from there. Ok. The Letter is now trashed. I gave it to the dog he is best shredder I ever bought, organic too  In the words of Paul Mcgee I will S.U.M.O ( Shut Up and Move On) Cheers! Dav |
|
|
|
|
8
|
Ethical Hacking Discussions and Related Certifications / Wireless / Re: How do you tell a major corporation they have open wifi access safely?
|
on: July 20, 2009, 08:14:09 AM
|
The easiest way would be by notifying them anonymously. This would pose yourself minimal risk but at the same time it would also limit your actions (e.g. discussing about the found problems).
Another possibility would be to drop a mail for the responsible persons, telling that you have found by accident a vulnerability. The responsible persons should contact you and then you give them further details about the problem. If you tell them right away everything they may feel "overrunned". It is important to speak with the responible persons and not with the amanuensis or other third-persons. As you wrote that they are ignoring your mails you could try to write it in a letter.
If you get asked for further details you should be cooperative. If they ask for a PoC you should only do it after you got written permission by them. Maybe it would also be a good idea to stress that you have found this by accident and that you were not trying to get access by purpose and that you are now concerned about this.
I know of some similar "problems" where people also were in the same situation as you. The results could range from some kind of nice "thank yous" up to get sued by the company.
What you will do have to be decided by yourself - is it too risky for you, just do it anonymously.
Hi Awesec, I value your feedback. I have tried the following to email anonymously, I think messagelabs eat it! I have also tried adding the IT director as a friend in linkedin, under my pseudonym of course.- No luck. I tries asking for his Direct dial number so that I could leave a message out of hours to be anonymous (no chance of caller id slip up - also though of my imac reading it out via speech but that is just too Hollywood cheesy  . ) -not giving out direct dial numbers! It looks as if it would have to be snail mail with a link to an email address for more info. Very frustrating as all I am being very Ethical and just trying to help! Life of Brian: There's no pleasing some people. I will keep you posted. Dav |
|
|
|
|
10
|
Ethical Hacking Discussions and Related Certifications / Wireless / Re: How do you tell a major corporation they have open wifi access safely?
|
on: July 20, 2009, 12:51:27 AM
|
Hi, Thanks for the reply. It gives an IP address to there internal network. A laptop gets given an IP address and 'network places' is full of computers some with names ending PDC - I wonder what they might be . I have not gone any further as if Microsoft is 'given' these details I have not actively searched for them. (Grey area in the eyes of the law maybe?) I understand the legal implications but want to let them know that a more 'inquisitive' person may go further. Do you see my predicament? Any ideas anyone?? Dav |
|
|
|
|
11
|
Ethical Hacking Discussions and Related Certifications / Wireless / How do you tell a major corporation they have open wifi access safely?
|
on: July 18, 2009, 05:30:09 AM
|
Hi All, I have lurked for a while hoping to find the answer. Here's the thing. I have stumbled onto an open wifi access point via my phone and it gave me an IP address! The question is how to tell the corporation, which is actually a retail store, they have an open wireless network with out:- a. Getting some one knows what I'm talking about. b. Getting someone that will not get me arrested- I visit the store a lot, hey you gotta eat right! c. Do I advise the PCI DSS that they have an open point, maybe they could be the first on to actually be fined  I have tracked down the IT Directors email address and he is not responing to my emails - well why would he! Thanks Guys! Dav |
|
|
|
|
Loading...
|
News Items and General Discussion About EH-Net : Change is Coming to EH-Net!!
