# Mega *anti-hacking* anti-intrusion* thread-share tips and tricks to stay protected



## aliyawar (Dec 14, 2012)

-----EDIT----

*This thread is not meant to glorify my somewhat limited skills as a black-hat hacker.. it is meant to be a platform to share each other's experience about cyber security*


And the post below is an attempt to attract as much attention to this thread as I can..and after being called an idiot and delusional, I can clearly see...it backfired...my sense of humour was not such a big hit,I think.....  

                           ------edit-----


**Photographers of the world UNITE..you have nothing to lose but your poor computer security skills**

VIRUSES,WORMS,KEYLOGGERS,CRASHED SYSTEMS---->>NO MORE<<----


*Imagine  waking  up one day and your computer is displaying a page that  says that your computer security is f****d and you are a troll..*
*Imagine trying to login into your account and to your astonishment,not able to be logged in and after an hour of clicking here and their ,finding a teenage punk doing weird thing with your account *
*Imagine checking out your professional photography website and seeing,instead of your homepage, a page that says that your site's security is **** and you are hacked by hackers from hell(yes that's a popular name..try doing a google search) *
*Imagine all your passwords being stolen,and your system being completely crashed ,perhaps along with some of your most valuable works*

*It's freaking scary, isn't it*
                                                                          *It's like a crazy nightmare,isn't it*

                                                                    *..Guess what,all of this happens in real life..*
                                                        *And you know what is more scary,it happens more often than you think*
                                                         *If you still don't believe it..THIS could've been you--*

*Now the question is--*
*Are these punks undefeatable*
*Ofcourse not*

If we can fight bad lighting,stubborn wind and sometimes, even the brawny guy at the party who only wants himself to be the centre of every photograph..
* Who the hell are some teenage punks *

*What we need to fight these so called "Hackers"*

Some computer security skills,some tips and tricks and of-course  lots of common sense...


So,now you must be thinking,who the hell am I to talk about this stuff with so much confidence.. if you really wanna know my story... read below...

                                                                    **************************************

Don't start calling me a geek,i seriously hate it...but as you have probably guessed from  the things above,i am pretty much into computer stuff...In fact only almost an year away I was using my skillset..yeah..let's call it skillset...it sounds less ugly that way..to penetrate(read-illegally break) into other people's systems...along with some other punks i met on the darknet..(more about it later)... under a pseudonym...IndiBlaZe...I posted the things I did on some hacking sites and the reactions were pretty negative...anyhow i continued hacking sites..i rarely took them down..sometime i defaced them sometimes i just left a message for the admin that was pretty offensive..anyway i kept on doing these things for a pretty long time..very..very..long time....all this time..it was fun...i was feeling like a hero..but after sometime,the things started getting ugly..i will not tell you the details..the circumstances became like,that i had to leave all that...that;s when i got into photography....in a way,photography saved me from the dark future i was getting into....so let's cut it short...unethical hacking is not good...it spoils your life as well as sometimes the life of your targets...  it's a crime and I blame hollywood and popular culture for glamourizing it.. like they have done in the case of all crimes..

An example of my exploits is---

Hacked By IndiBlaZe

I can change the picture on the page with your picture if you want me too ..just in case you were in doubt.. :lmao:

So..the thing is..instead of destroying other people's life and probably also mine,I switched sides....
                                                        *******************************************************


Now,as I have spent quite a good time hacking my way into systems... I can assure you of three things----


*3 misconceptions about evil hackers and blackhat hacking*

1.*All* operating systems and devices can be hacked...from routers,cellphones to supercomputers...macOS and linux just take a little longer...infact expert hackers usually target these systems as they are more challenging for their intellect.
2.Hackers are not <<WIZARDS>>...you can be quite protected if you are careful about computer security..
3.Two lines of computer security knowledge is a thousands times more worthwhile than a 2000 bucks worth of software...


2 facts about hacking you didn't know......


1.Most of the hackers are teenage punks knowing nothing about programming at all,using readymade software to make other people's life worse than hell..

2.Their are also white-hat hackers..which I have now become after switching sides...whose sole job is to protect uninitiated people from cyber attack...


*NOW THE PROBLEM IS ----)*
THAT EVEN THE USELESS PUNKS FIRING RANDOM VIRUSES AT YOU CAN CAUSE GRAVE TROUBLE..
AND PROFESSIONAL SECURITY EXPERTS DON'T COME CHEAP..


So ....is it possible for you to become your own security expert....

Yes -- OFCOURSE IT IS---

You are talking to a guy who self taught himself hacking and ran a website called THE ULTIMATE HACKING REFERENCE




So,for that purpose..I have created this mega thread so than I can keep you updated about the tricks up a notorious hacker's sleeve...tricks that i used to get some pretty positive result... Most of the time I will be giving steps only to protect your system....not to hack other people's systems...OK..

You should also post your tips,tricks and advices so that we can benefit from them...unity has strength..
 Let us all take a pledge that we will try our best to stay protected in the cyberdom...

Regards

Ali Yawar.....

Wish you a safe journey in the mysterious world of cyberdom...

Good bye...



NOTE___----- For those who want to be know-it-alls  consult my website given above..

Cyber-hacking is a crime
                                              Let us fight it....united


----------



## Kazooie (Dec 14, 2012)

Yeah, this is stupid.


----------



## aliyawar (Dec 14, 2012)

Kazooie said:


> Yeah, this is stupid.



Hell yeah... this is lame... but think again... would you've responded if I posted something like...

>.... Hey...it is Ali...let's start a thread where we will talk about cyber security and stuff... <


----------



## aliyawar (Dec 14, 2012)

Kazooie said:


> Yeah, this is stupid.




And even if the thread matter is lame ..:lmao: ..the basic concept is not.... after 2 years of cyber security experience...i can only tell you this.. most of the people have no idea about cyber security and they don't give a **** about it unless they have to deal with something like THIS... so why not be prepared....Since the day i started collecting info on cyber security I have not caught a single virus or some thing... and fyi i don't use any antivirus... ok...that really sonded lame... but it is true ..isn't it..


And I can put your image on the above page if you want to.. just to make sure .. you know..:lmao:


----------



## Kazooie (Dec 14, 2012)

i'm... not sure...

Seriously, I'm not one for personal attacks or whatever, but this all is a load of crap/pointless information that anyone who can open the internet can find.


----------



## cgipson1 (Dec 14, 2012)

People here are photographers... they probably have nothing on their systems that would be of interest to a hacker. The worst they might have to worry about is malware and viruses, and hopefully everyone is running good antivirus for that. Some of them can barely turn on a computer to do basic editing! They could care less about hacking, or preventing hacking, or fighting hacking. 

And since you are listing your website here... It almost seems like SPAM. And the good hackers never admit in public that they hack... they reserve that for their peers.


----------



## pixmedic (Dec 14, 2012)

Longest.  Spam. Ever.

But ill bite.  Go ahead and change my profile pic.  I dare you.  I double dog dare you....


----------



## dbvirago (Dec 14, 2012)

aliyawar said:


> Kazooie said:
> 
> 
> > Yeah, this is stupid.
> ...



2 whole years? Wow.


----------



## Bitter Jeweler (Dec 14, 2012)

Doesn't a MegaThread have to actually be mega, before it can be called mega?


----------



## Bitter Jeweler (Dec 14, 2012)

**Photographers of the world UNTIE!


----------



## Derrel (Dec 14, 2012)

So aliyawar, where can I buy these computer condoms you are suggesting, you know, for protection?


----------



## Bitter Jeweler (Dec 14, 2012)

Oh, I WANT to hear he details o how things got ugly!

You left out, perhaps,    THE   most   interesting   part!


----------



## mishele (Dec 14, 2012)

Que?


----------



## Derrel (Dec 14, 2012)

Bitter Jeweler said:


> Doesn't a MegaThread have to actually be mega, before it can be called mega?









Official Mega-thread Seal of Approval conferred 14 December, 2012.


----------



## fractionofasecond (Dec 14, 2012)

Wrong forum.  Please try again.


----------



## sleist (Dec 14, 2012)

yawn.

If you're that paranoid run linux or one of the bsd's when you surf the web.
Problem solved.


----------



## aliyawar (Dec 14, 2012)

cgipson1 said:


> People here are photographers... they probably have nothing on their systems that would be of interest to a hacker. The worst they might have to worry about is malware and viruses, and hopefully everyone is running good antivirus for that. Some of them can barely turn on a computer to do basic editing! They could care less about hacking, or preventing hacking, or fighting hacking.
> 
> And since you are listing your website here... It almost seems like SPAM. And the good hackers never admit in public that they hack... they reserve that for their peers.




Yes...they don't..and I am not awesome at hacking or something...I just know a few things which many people don't..that's why I am asking everyone to share their tips and tricks.......and I don't run that website anymore....it was just a product of my formative years when I was learning CSS... 

Regards...


----------



## aliyawar (Dec 14, 2012)

Kazooie said:


> i'm... not sure...
> 
> Seriously, I'm not one for personal attacks or whatever, but this all is a load of crap/pointless information that anyone who can open the internet can find.



Really... find me a working shell on internet that you can upload as a jpeg on a server...there are lots of videos of tutorials about that but they seldom work...yes this type of Crap/pointless info you can easily find on darknet...but honestly guys and gals...how many of you have even heard of the darknet...


----------



## aliyawar (Dec 14, 2012)

pixmedic said:


> Longest.  Spam. Ever.
> 
> But ill bite.  Go ahead and change my profile pic.  I dare you.  I double dog dare you....



Ha..ha..ha  pixmedic..this dare proves that you don't know anything about hacking......I am not a super hacker or something but I can assure you that if I was *hacking* your account...i will be phishing..not hacking...or I will infect you with a rat or something....and this is anti-hacking thread...if you have read my useless post above...you will notice that I have said that good common sense can save from most viruses,...worms...and trojan horses..if you have read about history of hacking you will know that most of the hacking takes place with good social engineering skills......if you can counter that...you are saved from most of the punks out there...


----------



## aliyawar (Dec 14, 2012)

cgipson1 said:


> People here are photographers... they probably have nothing on their systems that would be of interest to a hacker. The worst they might have to worry about is malware and viruses, and hopefully everyone is running good antivirus for that. Some of them can barely turn on a computer to do basic editing! They could care less about hacking, or preventing hacking, or fighting hacking.
> 
> And since you are listing your website here... It almost seems like SPAM. And the good hackers never admit in public that they hack... they reserve that for their peers.




That's the   probem my friend...most of the "hackers" are idiots... ...they just target the systems they find easily hackable or more vulnerable....and antiviruses rarely save you from good trojan horses.... i can assure you of that.. ... and i don't run that website anymore...it was just a css experiment for my peers.... and you all are my peers now...that's why i want you all to share your tricks here..i will also share some of mine...


----------



## aliyawar (Dec 14, 2012)

dbvirago said:


> aliyawar said:
> 
> 
> > Kazooie said:
> ...



actually a lot more than 2 years if you count general web programming experience as hacking...but that's not hacking...I mean black-hat hacking..is it??


----------



## pixmedic (Dec 14, 2012)

aliyawar said:


> Really... find me a working shell on internet that you can upload as a jpeg on a server...there are lots of videos of tutorials about that but they seldom work...yes this type of Crap/pointless info you can easily find on darknet...but honestly guys and gals...how many of you have even heard of the darknet...



I played a dark elf warrior on darknet years ago... Ah,  sweet memories of online gaming.  Then i grew up and discovered girls.


----------



## aliyawar (Dec 14, 2012)

Bitter Jeweler said:


> Doesn't a MegaThread have to actually be mega, before it can be called mega?



Doesn't my super long post give me the right to call it mega... ..not fair


----------



## aliyawar (Dec 14, 2012)

pixmedic said:


> aliyawar said:
> 
> 
> > Really... find me a working shell on internet that you can upload as a jpeg on a server...there are lots of videos of tutorials about that but they seldom work...yes this type of Crap/pointless info you can easily find on darknet...but honestly guys and gals...how many of you have even heard of the darknet...
> ...




 really..which module did you use...vidalia...???..waiting for that game's link...


----------



## aliyawar (Dec 14, 2012)

sleist said:


> yawn.
> 
> If you're that paranoid run linux or one of the bsd's when you surf the web.
> Problem solved.



Thanks for your advice....here we start..at last a good computer security advice...fyi ...most of the servers out there use lamp backbone and they still get compromised.... there are specially created exploits for linux kernels....  even metaspoilt has some good exploits for linux kernels..the old ones....and all those exploits are out there in the open...that's the main problem...


----------



## pixmedic (Dec 14, 2012)

aliyawar said:


> really..which module did you use...vidalia...???..waiting for that game's link...



Vidalia is a type of onion.  And a city in north Carolina


----------



## aliyawar (Dec 14, 2012)

fractionofasecond said:


> Wrong forum.  Please try again.



Wrong forum..why??? i am not urging you to lend me your computer resources for a DDOS... i am just asking alll of you to share ..tips,tricks and experiences you had with malwares with all of us...


----------



## aliyawar (Dec 14, 2012)

pixmedic said:


> aliyawar said:
> 
> 
> > really..which module did you use...vidalia...???..waiting for that game's link...
> ...




You googled it ...didn't you... ...that just proved that you don;t know anything about darknet at all... sorry...no offence meant...by the way... you have a superb sense of humour...something i lack...looking for some tips....


----------



## aliyawar (Dec 14, 2012)

mishele said:


> Que?



:lmao::lmao: do you mean "what???"


----------



## Derrel (Dec 14, 2012)

pixmedic said:


> aliyawar said:
> 
> 
> > really..which module did you use...vidalia...???..waiting for that game's link...
> ...



I might be mistaken, but I THINK "Vidalia" is also the name of a woman in a Sammy Kershaw country & western song...

YES!!!!!!!! it is....a song released in 1996!!!


----------



## pixmedic (Dec 14, 2012)

aliyawar said:


> You googled it ...didn't you... ...that just proved that you don;t know anything about darknet at all... sorry...no offence meant...by the way... you have a superb sense of humour...something i lack...looking for some tips....



Um.. No.  My dad was a chef,  and i have family in NC.  Starting to think you are the one doing the googling.

It's all purely academic anyway.  Unless you can do something to prove your skills,  your just someone with an internet connection and good search engine skills.


----------



## aliyawar (Dec 14, 2012)

pixmedic said:


> aliyawar said:
> 
> 
> > You googled it ...didn't you... ...that just proved that you don;t know anything about darknet at all... sorry...no offence meant...by the way... you have a superb sense of humour...something i lack...looking for some tips....
> ...



Thanks....... i appreciate your advice....

But the vidaliya i was talking about is not an onion or something... it is a module used to connect to a network also popularly known as darknet...and the domain suffix on darknet is .onion so your guess about onions is probably right...

regards...


----------



## pixmedic (Dec 15, 2012)

aliyawar said:


> Thanks....... i appreciate your advice....
> 
> But the vidaliya i was talking about is not an onion or something... it is a module used to connect to a network also popularly known as darknet...and the domain suffix on darknet is .onion so your guess about onions is probably right...
> 
> regards...



You kids and your fancy domains.  I was computer gaming before Slackware had a GUI.


----------



## cgipson1 (Dec 15, 2012)

dbvirago said:


> aliyawar said:
> 
> 
> > Kazooie said:
> ...



Yea.. really impressive, what?


----------



## aliyawar (Dec 15, 2012)

pixmedic said:


> aliyawar said:
> 
> 
> > You googled it ...didn't you... ...that just proved that you don;t know anything about darknet at all... sorry...no offence meant...by the way... you have a superb sense of humour...something i lack...looking for some tips....
> ...



Thanks for your kind appreciation  but if I tell you that go and get a picture of ajanta and ellora caves....unless you do it ...you don't have any idea about photography...what is the first thing you will do...you will tell the man who is asking this,which in this case is me  that you will first have to go to India..then to the ajanta and ellora caves..then maybe take a look at the lighting conditions there..then maybe take a moment or two to figure out the most interesting angles... after that you will take the photos.... that's the correct way to do it.....isn't it..... if you will read a few good books or better still talk to the ethical penetration testers..they will tell you one thing...it takes time to do penetration testing and it is more of a teamwork...and as i have said in my post..hackers are not wizards...most of them have a streak of luck that helps them...if I messaged you that..."hey pixmedic please give critique on my new post..i will appreciate it very much ..and give the link of my post below which will in reality be a phishing page or cookie stealer which will probably lead to a legal page...would you doubt a bit...but in reality,i will use the cookie or password i just stole to get access to our account...as simple as that...that's the way 99% of accounts are hacked..i am not telling you to prove that i know much about hacking....i am telling you this only to tell you how things really work.....and it is not much difficult as compared to sql injections or sql attacks ....... its very very simple... hope you get my point...

Regards..


----------



## cgipson1 (Dec 15, 2012)

aliyawar said:


> Ha..ha..ha  pixmedic..this dare proves that you don't know anything about hacking......I am not a super hacker or something but I can assure you that if I was *hacking* your account...i will be phishing..not hacking...or I will infect you with a rat or something....and this is anti-hacking thread...if you have read my useless post above...you will notice that I have said that good common sense can save from most viruses,...worms...and trojan horses..if you have read about history of hacking you will know that *most of the hacking takes place with good social engineering skills*......if you can counter that...you are saved from most of the punks out there...



PIX has no social skills... and you have to have social skills to be  attacked with social engineering... so he has nothing to worry about!  Right PIX?


----------



## aliyawar (Dec 15, 2012)

aliyawar said:


> pixmedic said:
> 
> 
> > aliyawar said:
> ...




I will post a phising page as soon as possible just to demonstrate how it works...especially for you pixmedic..


----------



## pixmedic (Dec 15, 2012)

cgipson1 said:


> PIX has no social skills... and you have to have social skills to be  attacked with social engineering... so he has nothing to worry about!  Right PIX?



I dont need social skills.  Im a paramedic. 
I think this was a troll thread anyway, making outrageous claims with no way to back them up. Clandestine Internet hacking groups.... So 90's.... 
Everyone knows Anonymous is "in"  now.


----------



## pixmedic (Dec 15, 2012)

aliyawar said:


> Thanks for your kind appreciation  but if I tell you that go and get a picture of ajanta and ellora caves....unless you do it ...you don't have any idea about photography...what is the first thing you will do...you will tell the man who is asking this,which in this case is me  that you will first have to go to India..then to the ajanta and ellora caves..then maybe take a look at the lighting conditions there..then maybe take a moment or two to figure out the most interesting angles... after that you will take the photos.... that's the correct way to do it.....isn't it..... if you will read a few good books or better still talk to the ethical penetration testers..they will tell you one thing...it takes time to do penetration testing and it is more of a teamwork...and as i have said in my post..hackers are not wizards...most of them have a streak of luck that helps them...if I messaged you that..."hey pixmedic please give critique on my new post..i will appreciate it very much ..and give the link of my post below which will in reality be a phishing page or cookie stealer which will probably lead to a legal page...would you doubt a bit...but in reality,i will use the cookie or password i just stole to get access to our account...as simple as that...that's the way 99% of accounts are hacked..i am not telling you to prove that i know much about hacking....i am telling you this only to tell you how things really work.....and it is not much difficult as compared to sql injections or sql attacks ....... its very very simple... hope you get my point...
> 
> Regards..



Your analogy is incorrect.... It goes like this... If I say i am a great photographer,  YOU say,  show me some great photographs.  If i can,  i have proven myself.  You say,  you are a great hacker.  So I say,  show me something you did.  You either can produce something or you can not.  Simple as that.  No one has to go to India.  Thats just silly.


----------



## aliyawar (Dec 15, 2012)

Bitter Jeweler said:


> Oh, I WANT to hear he details o how things got ugly!
> 
> You left out, perhaps,    THE   most   interesting   part!



Ha Ha HA :lmao:... ok..if you really want to hear the whole thing i hacked a website of IIT...that's one of the most prestigious engineering institutes of the world..that was a website run by indian ministry of HRD....I never did anything wrong with it..just got the usernamewds and logged into iit's smtp and ftp servers... anyway..the admin caught me logged in because I was stupid enough to make an admin account on their ftp server by name indiblaze,just for bragging rights..i was stupid enough to post by my name Indiblaze on various forums,the things I was doing..mostly getting negative comments...something no mature or you can cal it hardcore hackers do... the admin of the server tracked me down because of my stupidity and emailed me a threatening message on the id i used to login into the forums.... i was using the tor or I would've been caught...domething that still give me nightmares..the thing is ...i apologised and he deleted my account...and I informed him about the flaws in the server...mainly in the database mainframe... after that i never did anuthing like that... but if you want to know ...that idiot haven't yet fixed th flaws completely and You can still get the username and passwords on the website itself by inserting some null values in the exploits!.....have a look at my exploit...

Welcome to Virtual Labs--

Welcome to Virtual Labs--
Welcome to Virtual Labs--

It proves how vulnerable people are..and this was a govt. server,that also of one of the best engineering colleges of the world...if they can be compromised...what chance do you have...??

Hope..i didn't bored you(maybe I did..but you asked for it)

Regards...


----------



## cgipson1 (Dec 15, 2012)

pixmedic said:


> cgipson1 said:
> 
> 
> > PIX has no social skills... and you have to have social skills to be  attacked with social engineering... so he has nothing to worry about!  Right PIX?
> ...



YEP! I was once a member of the Anarchist Alliance group (at 300 baud even)! Aren't you impressed?


----------



## aliyawar (Dec 15, 2012)

pixmedic said:


> aliyawar said:
> 
> 
> > Thanks for your kind appreciation  but if I tell you that go and get a picture of ajanta and ellora caves....unless you do it ...you don't have any idea about photography...what is the first thing you will do...you will tell the man who is asking this,which in this case is me  that you will first have to go to India..then to the ajanta and ellora caves..then maybe take a look at the lighting conditions there..then maybe take a moment or two to figure out the most interesting angles... after that you will take the photos.... that's the correct way to do it.....isn't it..... if you will read a few good books or better still talk to the ethical penetration testers..they will tell you one thing...it takes time to do penetration testing and it is more of a teamwork...and as i have said in my post..hackers are not wizards...most of them have a streak of luck that helps them...if I messaged you that..."hey pixmedic please give critique on my new post..i will appreciate it very much ..and give the link of my post below which will in reality be a phishing page or cookie stealer which will probably lead to a legal page...would you doubt a bit...but in reality,i will use the cookie or password i just stole to get access to our account...as simple as that...that's the way 99% of accounts are hacked..i am not telling you to prove that i know much about hacking....i am telling you this only to tell you how things really work.....and it is not much difficult as compared to sql injections or sql attacks ....... its very very simple... hope you get my point...
> ...




Ok..read below...actually my expertise was database hacking and sql injections..if you want that..I can give you lots of pages with the sql injection done..you can find the login page and do whatever you want to do...but will it prove any point ..it is an *anti*hacking thread for god's sake..but sshhh...don't give me in to the cops...


----------



## aliyawar (Dec 15, 2012)

Derrel said:


> pixmedic said:
> 
> 
> > aliyawar said:
> ...



Ha..ha..ha...


----------



## aliyawar (Dec 15, 2012)

pixmedic said:


> aliyawar said:
> 
> 
> > Thanks....... i appreciate your advice....
> ...



My god "darknet" is not technically on the internet and to connect to it you will need an extra module.... and I am pretty sure there are no gaming sites there....it has 700 times more data than internet... just to clear your misunderstanding...and it is not world of warcraft...sorry..


----------



## AgentDrex (Dec 15, 2012)

SQL injections?  Geez. Setting database permissions and escape parameters too hard for some of these database administrators and coders?  They deserve to be hacked then.

Darknet isn't special and is not separated from the internet in any shape or form.  It is only hidden through heavily encrypted nodes and connections between the nodes (client, server and end).  Tor with Vidalia or whatever you want still requires a regular internet connection to access it, hence it is a part of the normal internet and also does not have MORE data than the internet considering it is PART of it anyhow.  Just because a room in the house has a hidden door does not mean it is a separate house.

Now, a true separated network would be cool if they'd design a box you could plug into the wall and connect to a inter-connected network that way (like Innbox or something similar).  A new internet where all you need is access to a power-line (through a wall outlet or something) and connect to servers that way, perhaps even having exit nodes to the normal internet.

I can guarantee you I can make a hack-proof computer and I'm not a hacker, just a geek.  Take one computer, remove hard-drive, remove burner (if present).  Install CD reader (read-only).  Run some live CD (I use a self-customized solution but if you don't want to take the time to do so, use this: SLAX).  Have safe fun on the internet.  Viruses attack data, trojans install hidden data, worms propagate payloads.  All of these rely on a hard-drive or some other write-able storage medium.  Too bad that the only way to inject malicious code on my net computer would be into volatile memory.  A reboot and I'm clean.  No part of the OS can be tampered with as it is pre-written to a CD and there is no way to write to it since there are no burning capabilities.

The hack-proof system would include two more computers.  From the first computer, you sneakernet a jumpdrive over to a second computer that has every malicious code aware program made and run the jumpdrive against it to ensure the safety of the data is intact.  This computer is generally not hooked up to the internet unless updating is needed of the malicious code databases, maybe once a week or so.  Then unplug from the network.

Third computer is the expensive beast you do all your work on.  This is NEVER, EVER hooked up to the internet.  Considering most updates are security related, you can bypass those anyways.  No need for security updates if you never hook it into a internet-accessible network.  Any other updates should be able to be gotten directly from the OS manufacturer (i.e Microsoft, etc.).  Most updates end up slowing the machine down in the end due to bloating anyways and so that fast computer should stay fast for years to come.

If you're a gamer, well then you probably game over the internet and so this is no solution for you.  This would be for the person who just spent a ton of money on a computer that can render huge files (audio, huge photos, video, etc.) or play games solo.  Its a pain in the butt going back and forth with the jumpdrive (you'll need a good-sized jumpdrive or a huge harddrive and a USB converter [sate/ide/eide/etc.]) but it will be worth it to have a computer that continues to operate the same as the day you got it.

No need for a firewall either (hardware or software).  After-all, how can one hack into a computer that is physically unhooked when not in use?

_*sitting here on my custom Slack box live cd using firefox.  I  didn't do the second computer because I have no need to constantly  download software and subsequently check it for malicious code.   Everything I need is installed off of discs or from reputable sources.   Its a 800mhz system with a gig of ram.  My net machine does the internet thang just  fine.  I can go anywhere on the internet and not worry.  My main  computer (2.20ghz Quadcore, 8gigs memory, 3.5TB storage) sits right by  my legs and so there is no problem getting jumpdrive from puter to puter  when needed.  Using a 36" Sanyo LCD as the sole monitor.  Have the net  machine hooked up through VGA and the beast hooked up through HDMI.  I  have an old school KVM so I can just use the one mouse and keyboard for  both puters._



pixmedic said:


> You kids and your fancy domains.  I was computer gaming before Slackware had a GUI.



Wait, Slackware has a GUI???  I thought you had to choose one first like Gnome (DM), KDE(DM), fluxbox(WM), or my favorite Enlightenment (WM) otherwise you'd be left alone with the proper way to run Slack, the command-line (even if you chose to modify the shell to use ncurses, GTK, or QT) Weren't the desktop and window managers on the second disk anyways?  I refuse to believe Slackware now comes with its own desktop manager other than the add-ons.


----------



## cgipson1 (Dec 15, 2012)

I am just going to ignore this thread! OP seems delusional!  lol!


----------



## AgentDrex (Dec 15, 2012)

Well, most script-kiddies are.  People who like to do simple crap like SQL injections into lazy administrators' databases and then tout their 733t abilities tend to be lonely people.  People who desire notoriety but cannot find a way to do so normally.  I am not saying OP is this way necessarily as I see what he was attempting to do.  He is passionate about his interests and wants to be a help to others.  I commend him for that at least and for keeping all of this in Off-Topic which is where it belongs.  I don't see a problem with it.


----------



## cgipson1 (Dec 15, 2012)

AgentDrex said:


> Well, most script-kiddies are.  People who like to do simple crap like SQL injections into lazy administrators' databases and then tout their 733t abilities tend to be lonely people.  People who desire notoriety but cannot find a way to do so normally.  I am not saying OP is this way necessarily as I see what he was attempting to do.  He is passionate about his interests and wants to be a help to others.  I commend him for that at least and for keeping all of this in Off-Topic which is where it belongs.  I don't see a problem with it.



I deal with this crap day in and day out.. I guess I don't have your tolerance anymore! lol!


----------



## AgentDrex (Dec 15, 2012)

Between 2001 and 2003 I was learning to do the hacking thing but all that coding bored me.  I noticed a lot of script-kiddies out there using the skills of others for malicious intent while having no true coding skill of their own.  I decided there was no need for me to continue learning how to hack since I thought of some nifty workarounds to prevent it from happening to me to a point.  I tried getting into some archaic languages (x86 assembly, C [mainly for Bourne-Again-Shell scripting] and my favorite GForth) but that too bored me.  Ten years later, I wonder where I'd be if I would have kept going.  It's interesting to see these new kids getting into it.  I don't let it bother me, I understand their plight.  Everyone wants to get noticed now for one thing or another.  Its just a new paradigm-shift thanks to the internet.


----------



## aliyawar (Dec 15, 2012)

AgentDrex said:


> SQL injections?  Geez. Setting database permissions and escape parameters too hard for some of these database administrators and coders?  They deserve to be hacked then.
> 
> Darknet isn't special and is not separated from the internet in any shape or form.  It is only hidden through heavily encrypted nodes and connections between the nodes (client, server and end).  Tor with Vidalia or whatever you want still requires a regular internet connection to access it, hence it is a part of the normal internet and also does not have MORE data than the internet considering it is PART of it anyhow.  Just because a room in the house has a hidden door does not mean it is a separate house.
> 
> ...



Now here we go...at last some good info on computer security...and by internet..i meant the world wide web... just one little problem..if the system you are using have no harddrive...no burning device...nothing whatsoever...that practically means that you cannot actually do anything worthwhile on the internet...other than just browsing...and I am not sure your voaltile memory is of much use if you are in for long browsing hours....

regards...


----------



## aliyawar (Dec 15, 2012)

AgentDrex said:


> Between 2001 and 2003 I was learning to do the hacking thing but all that coding bored me.  I noticed a lot of script-kiddies out there using the skills of others for malicious intent while having no true coding skill of their own.  I decided there was no need for me to continue learning how to hack since I thought of some nifty workarounds to prevent it from happening to me to a point.  I tried getting into some archaic languages (x86 assembly, C [mainly for Bourne-Again-Shell scripting] and my favorite GForth) but that too bored me.  Ten years later, I wonder where I'd be if I would have kept going.  It's interesting to see these new kids getting into it.  I don't let it bother me, I understand their plight.  Everyone wants to get noticed now for one thing or another.  Its just a new paradigm-shift thanks to the internet.




Drex..for me it was the other way round..i started programming.....loved coding...the first language i learnt was html...technically it is not even a programming language but anyhow ran a couple of sites....tried to run a lamp server... got hacked and then got into it because every book and site i consulted was using techniques that were way old...and script kiddies do not have much success with hacking except some phishing pages and some havij-ing....they mostly ddos you..and ddosing do not really have some cure except you pay really great attention to avoid a buffer overflow...even then good hackers.... i was not very good but have seen some good hackers use exclusive exploits to get into a system which is otherwise considered hackproof...i once met a hacker on hackbb on tornet who used a custom exploit against my gnome 2 desktop to gain access to my cursor...isn't that weird..
That's why I thought of running a thread so that we can share our tricks and tips to prevent hacking...I was not much impressed by your hackproof environment as it is not very economical.... i f i am ready to go so far why won't i hire the services of a penetration testing company..it will be much cheaper....


----------



## aliyawar (Dec 15, 2012)

cgipson1 said:


> I am just going to ignore this thread! OP seems delusional!  lol!



Thanks for that compliment>>


----------



## AgentDrex (Dec 15, 2012)

Cannot do anything worthwhile on the internet???  Let's see.  I watch videos, check email, check my bank, check unemployment, check ebt, read PDFs, listen to music, play simple flash games, come here to participate in this forum, keep up-to-date at flickr, talk over at facebook, I'm not sure what else I would really do.  I'm not running a server for any reason and even then I could just set up the OS custom, then use BART to make a nice live cd to run a server as well.

Yes, the net computer bogs down but it usually takes around 36 hours to get to a point that it is sluggish enough for me to notice...then a 2 minute reboot and I am back cruising fast again.

Like I said, it has a gig of ram and the slack disc I made is of a relatively slim install (just the base OS requirements and enough extras to run enlightenment and firefox).  I have everything else shutoff, just read access from the CD and read-write access (account limited) to one USB port.  I have my IPTable set up as well so very little would even get through anyways.

By the way, why would you use Gnome.  You're not a putz are you?  JK  Seriously, sounds like you need to read up on some permissions.  Perhaps you've done that by now but seriously, one has got to learn to secure the machine properly before hooking it up to the internet.  That's why I like linux so much.  The ability to fine tune the machine makes it way safer than that closed-sourced Windows.

I hear ya about the distributed denial attacks but then there's where having redundant networks and good firewall policies come in handy.

WWW is part of the internet, it is not THE internet. For clarity's sake, the tor network is not SEPARATE from the "world wide web" network protocol (http and https).  Other protocols like GOPHER, email (smpt and pop), file-transfer, telnet, SSL, TLS, etc. are different from the WWW.  Just because you need some program to access it does not make it special.  You need a browser to view webpages on the "world wide web" as well, nothing special about that. Tor's just a hidden, encrypted service.  Not all of Tor is simply .onion either.  Plenty more places out there than onion.  Bunch of sad, sick people there I'll tell ya.  You want to see weird crap, .onion places are the places to be.


----------



## aliyawar (Dec 15, 2012)

cgipson1 said:


> AgentDrex said:
> 
> 
> > Well, most script-kiddies are.  People who like to do simple crap like SQL injections into lazy administrators' databases and then tout their 733t abilities tend to be lonely people.  People who desire notoriety but cannot find a way to do so normally.  I am not saying OP is this way necessarily as I see what he was attempting to do.  He is passionate about his interests and wants to be a help to others.  I commend him for that at least and for keeping all of this in Off-Topic which is where it belongs.  I don't see a problem with it.
> ...



If you have so much experience in  these things...why not share some experiences with us...it will help us..especially me more than you think..


----------



## aliyawar (Dec 15, 2012)

AgentDrex said:


> Cannot do anything worthwhile on the internet???  Let's see.  I watch videos, check email, check my bank, check unemployment, check ebt, read PDFs, listen to music, play simple flash games, come here to participate in this forum, keep up-to-date at flickr, talk over at facebook, I'm not sure what else I would really do.  I'm not running a server for any reason and even then I could just set up the OS custom, then use BART to make a nice live cd to run a server as well.
> 
> Yes, the net computer bogs down but it usually takes around 36 hours to get to a point that it is sluggish enough for me to notice...then a 2 minute reboot and I am back cruising fast again.



You do all this without any external memory except your volatile memory..pretty impressive......how much ram do you have...


----------



## aliyawar (Dec 15, 2012)

AgentDrex said:


> Well, most script-kiddies are.  People who like to do simple crap like SQL injections into lazy administrators' databases and then tout their 733t abilities tend to be lonely people.  People who desire notoriety but cannot find a way to do so normally.  I am not saying OP is this way necessarily as I see what he was attempting to do.  He is passionate about his interests and wants to be a help to others.  I commend him for that at least and for keeping all of this in Off-Topic which is where it belongs.  I don't see a problem with it.


 
Thanks... by the way I was into programming 5 years before i started hacking...and even if you know programming and very good at it...you still need to learn the tricks of the trade... i learnt it the hard way...and all that stuff on the net doesn't work 99% of the time..if you really want to root a server all that crap on the net is of no help to you .....
And answering your slur at the sql injections,sql injections are for most of the time,not "simple" in the usual sense of word...it takes days to find a vulnerability and again days to exploit that... if you are randomly running dorks on google then it is simple..i agree.. but most of the time it even difficult to detect a vulnerabilty than exploit it....just adding an " ' "
at the end of url doesn't always work...and I can assure you that all of the automatic injection programs out there on the net are useless if you want to target a specific system..and even after you have found passwords..it is very difficult to find a login page...

And I never said I am super good at hacking,if I was,I will never ask anyone for their advice...would I..?

regards..


----------



## aliyawar (Dec 15, 2012)

pixmedic said:


> cgipson1 said:
> 
> 
> > PIX has no social skills... and you have to have social skills to be  attacked with social engineering... so he has nothing to worry about!  Right PIX?
> ...



I think you haven't read my posts yet,....ok they were quite boring....so let's cut it short... i never said that I am a super hacker...or I was a hacking wizard...i just know a few things about it...and if knew everything why would i post on a forum asking for everyone's advice... and I can assure you I was never a member of any clandestine hacking group....not that I did not try...but i never really got into one...the punks i am talking about are just some guys like me hanging around the net with lot's of time to waste and unlike me,some really...really good programming skills.....the type of people who makes cracks keygens and stuff..but the problem is..they also make viruses,keyloggers and lots of other types of malwares... you will be surprised to know that on hackBB their are people who give away the sites they hack and all the usernames,passwords..etc..for free!..they are the real goons... i am just trying to make a platform where all of us can share our experiences,tricks and tips...etc..


And anonymous...for the last time..is not primarily a hacking group...they mostly do DDOS.....i don't think ddosing need any skill other than lots of boxes and other resources to waste..even you can do that...

Regards...


----------



## pixmedic (Dec 15, 2012)

aliyawar said:


> I think you haven't read my posts yet,....ok they were quite boring....so let's cut it short... i never said that I am a super hacker...or I was a hacking wizard...i just know a few things about it...and if knew everything why would i post on a forum asking for everyone's advice... and I can assure you I was never a member of any clandestine hacking group....not that I did not try...but i never really got into one...the punks i am talking about are just some guys like me hanging around the net with lot's of time to waste and unlike me,some really...really good programming skills.....the type of people who makes cracks keygens and stuff..but the problem is..they also make viruses,keyloggers and lots of other types of malwares... you will be surprised to know that on hackBB their are people who give away the sites they hack and all the usernames,passwords..etc..for free!..they are the real goons... i am just trying to make a platform where all of us can share our experiences,tricks and tips...etc..
> 
> And anonymous...for the last time..is not primarily a hacking group...they mostly do DDOS.....i don't think ddosing need any skill other than lots of boxes and other resources to waste..even you can do that...
> 
> Regards...



Have you considered a computer or software forum instead of a photography forum? Our idea of "hacking"  is a bad photoshop job.


----------



## aliyawar (Dec 15, 2012)

AgentDrex said:


> Cannot do anything worthwhile on the internet???  Let's see.  I watch videos, check email, check my bank, check unemployment, check ebt, read PDFs, listen to music, play simple flash games, come here to participate in this forum, keep up-to-date at flickr, talk over at facebook, I'm not sure what else I would really do.  I'm not running a server for any reason and even then I could just set up the OS custom, then use BART to make a nice live cd to run a server as well.
> 
> Yes, the net computer bogs down but it usually takes around 36 hours to get to a point that it is sluggish enough for me to notice...then a 2 minute reboot and I am back cruising fast again.
> 
> ...




Yes...everything is fine with my system now..it was ages ago...but the point is... i made a mistake...hooking up to the internet without any idea about security...that;s why I have created this thread...if i had any idea about it then,probably i would'nt have to take down my server due to some pretty interesting payloads.... so why not share some  tips and tricks.....just to be informed about the latest things out there..?


----------



## AgentDrex (Dec 15, 2012)

No "external" memory, just the sticks of ram in the computer, a whole whopping gig of it.  It's not like there's much to take up in memory over the OS using some of it, enlightenment using some of it and firefox using some of it (its actually the real hog by the way).  Like I said, if the memory gets used up to the point it starts becoming sluggish, a two-minute reboot (I go have a ciggie while it does it) and I'm back on fresh as new.

The benefit of using SQL injections outside of database testing is beyond me.  I see no reason other than to be malicious to even begin to think of doing something like that.  Also like I mentioned, some initial permission setting and custom escape parameters (secure the damned data before sending the query, don't understand outside of laziness why more people wouldn't do that anyways) when creating the database make hacking that much more difficult that what you already mentioned it is like.


----------



## aliyawar (Dec 15, 2012)

pixmedic said:


> aliyawar said:
> 
> 
> > I think you haven't read my posts yet,....ok they were quite boring....so let's cut it short... i never said that I am a super hacker...or I was a hacking wizard...i just know a few things about it...and if knew everything why would i post on a forum asking for everyone's advice... and I can assure you I was never a member of any clandestine hacking group....not that I did not try...but i never really got into one...the punks i am talking about are just some guys like me hanging around the net with lot's of time to waste and unlike me,some really...really good programming skills.....the type of people who makes cracks keygens and stuff..but the problem is..they also make viruses,keyloggers and lots of other types of malwares... you will be surprised to know that on hackBB their are people who give away the sites they hack and all the usernames,passwords..etc..for free!..they are the real goons... i am just trying to make a platform where all of us can share our experiences,tricks and tips...etc..
> ...



Thanks... ..The only other forum I am active on is a guitarforum..so that'll not help either...and on all the computer and software forums out there.. you will get nothing more then snobbish comments...here we are all noobs helping out each other...the environment is much more convivial here nad i like it here...


----------



## aliyawar (Dec 15, 2012)

AgentDrex said:


> No "external" memory, just the sticks of ram in the computer, a whole whopping gig of it.  It's not like there's much to take up in memory over the OS using some of it, enlightenment using some of it and firefox using some of it (its actually the real hog by the way).  Like I said, if the memory gets used up to the point it starts becoming sluggish, a two-minute reboot (I go have a ciggie while it does it) and I'm back on fresh as new.
> 
> The benefit of using SQL injections outside of database testing is beyond me.  I see no reason other than to be malicious to even begin to think of doing something like that.  Also like I mentioned, some initial permission setting and custom escape parameters when creating the database make hacking that much more difficult that what you already mentioned it is like.



Drex...thanks for the  infos you have shared but  let me assure you...i have seen people take down CBI website...in which neither me nor my friend could find any vulnerabilities....and when they are checking for vulnerabilities in your database,they are doing it for nothing else than malicious intents...... yes...being careful in the initial stages will save you from most of it... that's what i have already said.. common sense is lot more worthwhile than 2000bucks of security softwares when it comes to cyber security...

Regards...


----------



## AgentDrex (Dec 15, 2012)

You'll find snobs everywhere. I've been a member of antionline (going by the name tripstone) since 2001 just after JP (follow that link, its an article written by that putz KuRuPTioN who couldn't get his way over at antionline) started it at Carnegie-Mellon.  I'm not sure who's all there still.  Haven't been on for a year or so but MsMittens, Negative, stflook, ennis, nihil and gore were all my friends there and were very helpful and polite just like the people here.  If you have not gone there, perhaps you should consider it.  I also liked lurking at "TheStrangeWorldofTapu" which is nearly defunct.  I was also friends with Nitallica of PhrozenCrew back in the day, Elm0 (who helped work on oscar2k), Kimble (of recent megaupload fame) and _probation_ (Mitnick's "secret" alias after release from prison in 2000, I figure the no-internet clause of his parole has been lifted for eight years, so no harm will come from putting out his name now).  Like I mentioned, I wonder where I'd be if I would have kept going on but it was boring to code and all I could think of at the time were malicious things to do with the code (I was young and dumb).  At least I grew out of it.


----------



## pixmedic (Dec 15, 2012)

aliyawar said:


> Drex...thanks for the  infos you have shared but  let me assure you...i have seen people take down CBI website...in which neither me nor my friend could find any vulnerabilities....and when they are checking for vulnerabilities in your database,they are doing it for nothing else than malicious intents...... yes...being careful in the initial stages will save you from most of it... that's what i have already said.. common sense is lot more worthwhile than 2000bucks of security softwares when it comes to cyber security...
> 
> Regards...



So, basically what you are saying, is that you started a thread for "newbies"  to share ideas on avoiding getting hacked.... But that Aparantly everyone but you is either misinformed or doesnt know as much as you.  Strong work son. 
Surely with that much computer knowledge you must be making six figures a year as a programmer.


----------



## pixmedic (Dec 15, 2012)

aliyawar said:


> Drex...thanks for the  infos you have shared but  let me assure you...i have seen people take down CBI website...in which neither me nor my friend could find any vulnerabilities....and when they are checking for vulnerabilities in your database,they are doing it for nothing else than malicious intents...... yes...being careful in the initial stages will save you from most of it... that's what i have already said.. common sense is lot more worthwhile than 2000bucks of security softwares when it comes to cyber security...
> 
> Regards...



So, basically what you are saying, is that you started a thread for "newbies"  to share ideas on avoiding getting hacked.... But that Aparantly everyone but you is either misinformed or doesnt know as much as you.  Strong work son. 
Surely with that much computer knowledge you must be making six figures a year as a programmer. I sure appreciate you taking time out of your busy day to mingle with the common folk.


----------



## aliyawar (Dec 15, 2012)

pixmedic said:


> aliyawar said:
> 
> 
> > Drex...thanks for the  infos you have shared but  let me assure you...i have seen people take down CBI website...in which neither me nor my friend could find any vulnerabilities....and when they are checking for vulnerabilities in your database,they are doing it for nothing else than malicious intents...... yes...being careful in the initial stages will save you from most of it... that's what i have already said.. common sense is lot more worthwhile than 2000bucks of security softwares when it comes to cyber security...
> ...




I never said that *everyone* except me is misinformed and don't know anything....and fyi...i can assure you that good programming skills and good black-hat hacking skills are two different things....not that i am a very good programmer....I have barely completed my education...i have always maintained that I have seen people do wonderful things and I have learnt a few things from them... and i was just being nice when I said that"we all are noobs helping out each other"... like maybe drex here has more info on cyber security than you or even me also....he can't be called a noob... i am just trying to help and being helped here...look at this kid man...http://www.whatsthelatest.net/news/jonathan-james-15-yearold-cybercriminal-hacked-nasa/ do you really think he is a better programmer than all of those nasa guys...


----------



## aliyawar (Dec 15, 2012)

AgentDrex said:


> You'll find snobs everywhere. I've been a member of antionline (going by the name tripstone) since 2001 just after JP started it at Carnegie-Mellon.  I'm not sure who's all there still.  Haven't been on for a year or so but MsMittens, Negative, stflook, ennis, nihil and gore were all my friends there and were very helpful and polite just like the people here.  If you have not gone there, perhaps you should consider it.  I also liked lurking at "TheStrangeWorldofTapu" which is nearly defunct.  I was also friends with Nitallica of PhrozenCrew back in the day and Elmo of oscar2k, Kimble (of recent megaupload fame) and _probation_ (Mitnick's "secret" alias after release from prison in 2000) .  Like I mentioned, I wonder where I'd be if I would have kept going on but it was boring to code and all I could think of at the time were malicious things to do with the code (I was young and dumb).  At least I grew out of it.



Thanks.... I have also grown out of it...and if you really want to meet snobs...try hackforums...you will meet people having no idea about programming throwing cuss words at you...just because you don;t know a few tips of the trade...


----------



## AgentDrex (Dec 15, 2012)

Go try and revive antionline then.  They seem to be pretty lonely there.  Apparently no one uses it much anymore but I see some familiar faces yet so not all is lost.


----------



## aliyawar (Dec 15, 2012)

AgentDrex said:


> Go try and revive antionline then.  They seem to be pretty lonely there.  Apparently no one uses it much anymore but I see some familiar faces yet so not all is lost.



I will surely try it.... I see the people here are quite pissed at me....


----------



## AgentDrex (Dec 15, 2012)

I wouldn't worry about that.  This was an off-topic discussion that was posted in the appropriate place.  I, for one, do not want to intrude upon other peoples' interests outside of photography.  While this is a photography forum, I see people starting threads about music from different decades and genres which have no more connection with photography that do computers.  I think it's comical that some people, who obviously don't take such an interest in computing, take the time to attempt to troll you.  

Like I said, try out antionline if you've never been.  It was THE spot to be for people like you and me, amateur geeks looking for a place where professionals of all calibers called home back in the early 2000's and were willing to help us out in growing.  It was like this place a lot.  You had to learn to grow a thick-skin but once you did, there was a wealth of information to be had about EVERY facet of computing.  Don't worry too much about what other people think and don't give them your energy by giving into anger or negativity towards them.  It doesn't do anyone any good.


----------



## pixmedic (Dec 15, 2012)

View attachment 28619


----------



## AgentDrex (Dec 15, 2012)

I'm sure he is neither pix, just an enthusiast.  Someone who has gotten his feet wet several times, dinked around in places he shouldn't have, learned more than the average user through piqued interest and inquisitiveness.  What I am pretty sure is happening in this thread is a person who has no outlet for his computer interest elsewhere and has found comfort here (and rightly so, there are a lot of very good people here, I wouldn't have spent nearly five years here if not for the people here, next month is my half-decade anniversary).  He seems zealous about his adventures and knowledge (whatever level that may be is moot) because what else happens when you cannot offload some of that excitement?  It's like blue-balls for computer geeks.  If we cannot talk shop with someone, we'll start to ache really bad and get defensive, angry, deluded, all the other symptoms of repressed excitement.

I'm no hacker.  I'm a proud 'puter geek who is willing to help others in anyway I can and willing to learn from others.

I'm pretty sure I opened his eyes a little.  He should have learned from his other story about getting busted for creating an admin account at that university and then subsequently bragging about it at forums.  Real hackers are like the guys you trust the most to sell weed to.  They won't drop the dime on anyone for any reason.  They'll take the time and fall if necessary and yet will not cave in.  Its the squeaky mice that stop the wheel.  Keep the mouth shut.  The ones that have a need to show their muscles, push people around, stand on a platform with a loud voice (Look what I did, can do, will do) have some issues with importance.  I'm pretty sure that is why this world is so screwed up.  People so hungry for attention and not realizing that attention fully elsewhere, they'll stop at nothing to be the next trending topic on the interwebz.


----------



## aliyawar (Dec 15, 2012)

AgentDrex said:


> I wouldn't worry about that.  This was an off-topic discussion that was posted in the appropriate place.  I, for one, do not want to intrude upon other peoples' interests outside of photography.  While this is a photography forum, I see people starting threads about music from different decades and genres which have no more connection with photography that do computers.  I think it's comical that some people, who obviously don't take such an interest in computing, take the time to attempt to troll you.
> 
> Like I said, try out antionline if you've never been.  It was THE spot to be for people like you and me, amateur geeks looking for a place where professionals of all calibers called home back in the early 2000's and were willing to help us out in growing.  It was like this place a lot.  You had to learn to grow a thick-skin but once you did, there was a wealth of information to be had about EVERY facet of computing.  Don't worry too much about what other people think and don't give them your energy by giving into anger or negativity towards them.  It doesn't do anyone any good.



Thanks...drex...i will surely do that... After almost a day of being taunted with a "l33t haxxor" tag and being flamed at(even after I have said again and again that I am not a hacking wizard or something..just a normal guy who knows a few things about it and is open to new things)....just because I was trying to be humorous in the first place...i realise this is not just the right palce...but anyway I will keep trying...who knows maybe we can really share some good info on this thread...i am starting to lose hope......


----------



## aliyawar (Dec 15, 2012)

pixmedic said:


> View attachment 28619



 Ha..HA..ha.. very funny:lmao: how many times do I have to declare that I am not a " l33t haxxor" or anything...just a guy knowing some tricks, ready to share it with the others...and open to learning fromother people's advices...


----------



## pixmedic (Dec 15, 2012)

naw, its all in good fun. no offense meant, and none taken.


----------



## sm4him (Dec 15, 2012)

cgipson1 said:


> AgentDrex said:
> 
> 
> > Well, most script-kiddies are.  People who like to do simple crap like SQL injections into lazy administrators' databases and then tout their 733t abilities tend to be lonely people.  People who desire notoriety but cannot find a way to do so normally.  I am not saying OP is this way necessarily as I see what he was attempting to do.  He is passionate about his interests and wants to be a help to others.  I commend him for that at least and for keeping all of this in Off-Topic which is where it belongs.  I don't see a problem with it.
> ...



This whole thread is *very nearly* as interesting as my next task, organizing all my cans of soup alphabetically (Where does Alphabet soup go? A? or do I need to put some of it in each letter category?...) 

But, speaking of hacking:
HOW did AgentDrex manage to LIKE Charlie's post TWICE??
Is that showing on anyone else's computer?  I'm seeing "AgentDrex, AgentDrex and Aliyawar like this."

Ya'll carry on talking about hacking, and stopping hackers, and whatever in the world else it is you were talking about--I dozed through most of the thread--but I believe AgentDrex just won. 

EDIT: Just to be clear--that was humor. I have NO intention of organizing my soup cans alphabetically. I'll be lucky if I manage to put them all up in the cabinet, instead of leaving them in the grocery bag down on the kitchen floor...


----------



## AgentDrex (Dec 15, 2012)

Here's a life tip for you aliyawar.  I'm not sure how old you are or what you have learned so far, so take this as you may but I've always found that giving a thought ten or more seconds to brew can save a lot of trouble with people.  I used to speak my mind when upset and ended up making my ex-girlfriend pretty upset with me.  Our argument would never come to an agreeable conclusion.  Then I figured out that what was happening is we were two people shouting off things as soon as we thought of them.  I started to give myself ten seconds when I thought of something to say and within those ten seconds, I started to think that what I was about to say would not be positive in the long run and so just junked that thought and each subsequent negative one until a positive came through and then I would speak that.  I found that through doing so, I was able to see that the relationship of eight years was not going to make it a year further.  I cannot change others the way I had wanted and the situation was getting worse for me and so I took my leave.

All of this was meant to tell you to give some time into thought before speaking your mind.  You don't need to be defensive about everything.  It's not letting other people win by not telling them off, it is you being the mature one and not giving in to their ruse of bringing negativity out in you (most people don't know they do that at all but that is exactly what is happening).  I'm an ex-troll (I used to get off on watching people get upset), an ex-prank caller (and a damned-fine one at that [before Jerky Boys]), a puter geek, a learner, a teacher (not professionally but all of us are teachers at one point or another) and a human being just like all of you.  So take that for what it's worth to you. 

As for the double-like on a previous post, I probably had nothing to do with that anymore that aliyawar may have.  If neither of us did anything to do that, then it most likely is an error in a script this place runs. On my side, I see " [ARG:4 UNDEFINED]".


----------



## aliyawar (Dec 15, 2012)

pixmedic said:


> naw, its all in good fun. no offense meant, and none taken.



No offense taken here either...i had lots of fun with you today...you have a killer sense of humour.... i mean it...


----------



## aliyawar (Dec 15, 2012)

sm4him said:


> cgipson1 said:
> 
> 
> > AgentDrex said:
> ...




Ha ha ha  agentdrex is the best geek i have ever met..the rest were all snobs... i mean it when i say it... you people are so cheerful...this is the only forum i have been regular on...and i don;t plan to leave ever...


----------



## aliyawar (Dec 15, 2012)

AgentDrex said:


> Here's a life tip for you aliyawar.  I'm not sure how old you are or what you have learned so far, so take this as you may but I've always found that giving a thought ten or more seconds to brew can save a lot of trouble with people.  I used to speak my mind when upset and ended up making my ex-girlfriend pretty upset with me.  Our argument would never come to an agreeable conclusion.  Then I figured out that what was happening is we were two people shouting off things as soon as we thought of them.  I started to give myself ten seconds when I thought of something to say and within those ten seconds, I started to think that what I was about to say would not be positive in the long run and so just junked that thought and each subsequent negative one until a positive came through and then I would speak that.  I found that through doing so, I was able to see that the relationship of eight years was not going to make it a year further.  I cannot change others the way I had wanted and the situation was getting worse for me and so I took my leave.
> 
> All of this was meant to tell you to give some time into thought before speaking your mind.  You don't need to be defensive about everything.  It's not letting other people win by not telling them off, it is you being the mature one and not giving in to their ruse of bringing negativity out in you (most people don't know they do that at all but that is exactly what is happening).  I'm an ex-troll (I used to get off on watching people get upset), an ex-prank caller (and a damned-fine one at that [before Jerky Boys]), a puter geek, a learner, a teacher (not professionally but all of us are teachers at one point or another) and a human being just like all of you.  So take that for what it's worth to you.
> 
> As for the double-like on a previous post, I probably had nothing to do with that anymore that aliyawar may have.  If neither of us did anything to do that, then it most likely is an error in a script this place runs. On my side, I see " [ARG:4 UNDEFINED]".



I am 17 and I never meant any offense to any member...i was trying to be polite..... don't you notice the smilies... I think it's the language barrier..(english is my 3rd language)..that made you think I was getting angry... I never got angry even on the computer forums... and I appreciate your advice ...this forum has taught me so much...


----------



## aliyawar (Dec 15, 2012)

AgentDrex said:


> I'm pretty sure I opened his eyes a little.  He should have learned from his other story about getting busted for creating an admin account at that university and then subsequently bragging about it at forums.  Real hackers are like the guys you trust the most to sell weed to.  They won't drop the dime on anyone for any reason.  They'll take the time and fall if necessary and yet will not cave in.  Its the squeaky mice that stop the wheel.  Keep the mouth shut.  The ones that have a need to show their muscles, push people around, stand on a platform with a loud voice (Look what I did, can do, will do) have some issues with importance.  I'm pretty sure that is why this world is so screwed up.  People so hungry for attention and not realizing that attention fully elsewhere, they'll stop at nothing to be the next trending topic on the interwebz.




Thanks Drex,i have learnt from that story...I don't do any black-hat stuff anymore and never trade anything with the punks on HackBB..and never brag about anything i do unless it is safe...Bitter jeweller asked for it and hence I told him the story.... and the deface pages you see there,I have informed the admin about the vulnerability....( it was a file uploader vulnerabilty in the first case and I infected the other one with a rat...) they have fixed the deface page on their homepage but left a page somewhere down in the folders...I think as a thanking note or something..maybe..or maybe they haven't noticed it..however... it is safe...I just wanted to give the people a taste of being hacked....that's all ..and it's all safe...I have taken down the shell and I can only change the picture because it is hosted on my own account...that's all...thanks again 

Regards


----------



## aliyawar (Dec 15, 2012)

pixmedic said:


> naw, its all in good fun. no offense meant, and none taken.



Thanks... see this is why i started this thread here instead of some computer forum...people here are jolly and friendly...not like the snobs on most of those forums..here you can be funny without trying to hurt other's feeling..... i love this forum.

So let's get over with this thing and get started on the real thing... I am going to post something about avoiding phishing tomorrow...it is not technically hacking but is very dangerous nonetheless.... kindly post your own experience...

REgards


----------



## AgentDrex (Dec 15, 2012)

I, for one, am looking forward to it.


----------



## AgentDrex (Dec 15, 2012)

Here's an anti-phishing tip from a Network/Systems Administrator point-of-view:

Network and systems administrators never need your username or password and will never ask for it.  We can change all of that on our own.  Someone who asks you for this information obviously cannot change it and thus is not in a position to have it.  Don't give it to them.  It would seem like common sense but most of the successful hacks were from simple social engineering techniques such as these.

Example at some huge corporate office.  Potential hacker finds number of vice president of the organization: "Hello, this is Dave down in the dungeon, the server room if you will.  Is this Mr. Penske?" "Yes, it is.  How can I help you Dave?"  "Well sir, I certainly don't mean to bother you but we had a small mishap, nothing major but one of the account servers went down just a couple minutes ago.  I tried to get her back up and running but she's a goner I'm afraid."  "That doesn't sound good, how can I help?"  "Its not as bad as it sounds, no major data was lost but unfortunately a few account logins are lost.  I have another account server sitting here ready to get to work but I need your old username and password so I can get your account back up and running as soon as possible to minimize downtime."  "Should we just change the password, make a new one or something?"  "No need to do that sir.  I know that you have a lot on your mind and we really appreciate all you do for us.  I figure we can just keep the same username and password so you have one less thing to stress over.  So having said that, if you can give me that,  I'll get right to work on the account and let you get back to your day."

I would hope this wouldn't work but in a larger place, it's easy for the higher-ups to lose track of all the people that work for them.  Hence, if you find a person who doesn't take the time to think about these potential situations occurring and goes along with what you ask, you've found yourself a little way further into the target system.

_*it worked a lot when I was younger.  In 2001, I would look for corporate numbers, names of higher-ups and a little history of the target organization.  I would then call them in the early afternoon, right after lunch, when most people are susceptible to engineering.  It didn't work all of the time but at least ninety-percent.  I made it sound like I knew what I was talking about, wanted to genuinely help resolve this made up issue and knew the organization as if though I truly worked there for a while.   People were very eager to help me "help" them.  Once I got the username/password, I would use Ghostmail to send the real administrators of the organization an email stating what I had done and what I was able to get.  This was in an attempt to make sure policies and procedures into network security were looked into and strengthened.  Perhaps that wasn't the best way to go about things but I was young.  Now I could care less for lazy administrators.  Let them get hacked for all I care.  I'll just make sure I am safe out there._


----------



## cgipson1 (Dec 15, 2012)

AgentDrex said:


> Between 2001 and 2003 I was learning to do the hacking thing but all that coding bored me.  I noticed a lot of script-kiddies out there using the skills of others for malicious intent while having no true coding skill of their own.  I decided there was no need for me to continue learning how to hack since I thought of some nifty workarounds to prevent it from happening to me to a point.  I tried getting into some archaic languages (x86 assembly, C [mainly for Bourne-Again-Shell scripting] and my favorite GForth) but that too bored me.  Ten years later, I wonder where I'd be if I would have kept going.  It's interesting to see these new kids getting into it.  I don't let it bother me, I understand their plight.  Everyone wants to get noticed now for one thing or another.  Its just a new paradigm-shift thanks to the internet.



Yea... you are right! I goofed around in the late 70's - early 80's for a while.. found a lot of sites that didn't have security setup, still using the manufacturer default passwords on router, firewalls systems, etc... didn't have to do much hacking to get in, lol! But it wasn't with malicious intent.. just exploring! I was on a couple of Usenet groups that shared info on such things. Did some phreaking... that was about it. About the only languages I ever messed with were 6502 Assembler, Applesoft Basic, Commodore basic, and an early modular pascal for the Apple IIGS. Got tired of coding... and quit doing it. About the most I do now is write batch files to automate things like network wide registry modification, and multiple server restarts after patching....

I hate script-kiddies... no talent.... just BS!

EDIT: Forgot to mention Banyan-Vines... I was a sys-admin on that system for a large, unnamed company.... and learned to "play" with it pretty well, wrote some code to mess with my fellow sys-admins. It had some interesting capabilities... lol! I was glad when we finally converted to NT4 though!


----------



## IByte (Dec 15, 2012)

sm4him said:


> This whole thread is *very nearly* as interesting as my next task, organizing all my cans of soup alphabetically (Where does Alphabet soup go? A? or do I need to put some of it in each letter category?...)
> 
> But, speaking of hacking:
> HOW did AgentDrex manage to LIKE Charlie's post TWICE??
> ...


Watch the movie Sneakers, that will show people how the real OG do it lol.  I'll alphabetize your soup Oo OCD is telling me to do it lol.


----------



## cgipson1 (Dec 15, 2012)

IByte said:


> sm4him said:
> 
> 
> > This whole thread is *very nearly* as interesting as my next task, organizing all my cans of soup alphabetically (Where does Alphabet soup go? A? or do I need to put some of it in each letter category?...)
> ...



and read the book Hackers by S. Levy.... it details the history of "Hacking" starting back in early MIT days when a "hack" was just a really cool use of the available languages, tools and systems. The term "hacker" was not even malicious back then... fascinating book.


----------



## AgentDrex (Dec 15, 2012)

If you were OCD, you'd spell it CDO, so its in alphabetical order, like it should be. 

But yeah, Sneakers is the only hacker movie out there still.  War Games had a little bit too.  But that movie Hackers, that bothered me.  Whoever wrote that kept going between mentioning Intel then showing Apple products.  It was a bad attempt at trying to outdo Sneakers.  A real hacking movie would bore the crap out of most people.  

*Some of the b*_*ooks I have*:
Hacking Exposed - Network Security Secrets & Solutions, 2nd and 3rd editions
O'Reilly - Google Hacks, 1st Edition
Introduction to Buffer Overflow, A pretty rare text document by Ghost_Rider
The Network Press - Encyclopedia of Networking - Second Edition
Sybex Cisco CCNP Routing Study Guide
Linux Complete Command Reference, 1,200 pages
The Little Black  Book of Computer Viruses, Mark Ludwig_
_Windows Assembly Language & Systems Programming, _2nd Edition
_OpenGL Super Bible_


----------



## aliyawar (Dec 15, 2012)

cgipson1 said:


> AgentDrex said:
> 
> 
> > Between 2001 and 2003 I was learning to do the hacking thing but all that coding bored me.  I noticed a lot of script-kiddies out there using the skills of others for malicious intent while having no true coding skill of their own.  I decided there was no need for me to continue learning how to hack since I thought of some nifty workarounds to prevent it from happening to me to a point.  I tried getting into some archaic languages (x86 assembly, C [mainly for Bourne-Again-Shell scripting] and my favorite GForth) but that too bored me.  Ten years later, I wonder where I'd be if I would have kept going.  It's interesting to see these new kids getting into it.  I don't let it bother me, I understand their plight.  Everyone wants to get noticed now for one thing or another.  Its just a new paradigm-shift thanks to the internet.
> ...




Yes,you are right about script kiddies but they are the ones who wreak most havoc for the general public...targetting random comuters..so lame... here in India,most of the kids are exposed to programming very young(I am from India)..have you ever tried python..it is a very interesting language..and most of the famous "hacks" that took place in the early days were done like that only...thanks for sharing your experience..

Regards..


----------



## aliyawar (Dec 15, 2012)

cgipson1 said:


> IByte said:
> 
> 
> > sm4him said:
> ...



I have that book...I will read it as soon as possible.. thanks


----------



## aliyawar (Dec 15, 2012)

AgentDrex said:


> Here's an anti-phishing tip from a Network/Systems Administrator point-of-view:
> 
> Network and systems administrators never need your username or password and will never ask for it.  We can change all of that on our own.  Someone who asks you for this information obviously cannot change it and thus is not in a position to have it.  Don't give it to them.  It would seem like common sense but most of the successful hacks were from simple social engineering techniques such as these.
> 
> ...



Yeah...you are right...that's exactly how Mitnick got to do it sans any great programming skills.. Have you read ghost in the wires?? I've always thought he is an overhyped fellow...we have a douche like him in India too..his name is Ankit fadia..A friend of mine from Indishell once hacked his own website... it gave me a good laugh..you can google the Idiot..


----------



## aliyawar (Dec 15, 2012)

cgipson1 said:


> IByte said:
> 
> 
> > sm4him said:
> ...



It is really shocking how the hacker term got perverted in the following years.. Look at guys like ESR and RMS,torvalds,norvig...they are the real hackers...not dolts like us who try to get into other'd domains through illegal means...


----------



## aliyawar (Dec 16, 2012)

..........Phishing.....

Agent Drex has already started the talk on phishing..I hope you all know a few things about phishing..If you don't here is phishing in a nutshell...

Phishing is a technique in which someone tries to get private digital information from you by posing as someone or something he is not...Most popularly this technique is used to acquire other user's passwords by sending them a fake login page or something... For eg--here is a fake login page of photoforum by me..
Click here----->>>> Fake photoforum login page ... you can't tell the difference until you pay attention to the details..that's where the social engineering part comes in..if you are good at pranks you can lure anyone into signing in on your page... Technically,phishing is not considered as hacking by most of the people in the business.. but nonetheless,it is nasty....

If you sign in on the fake login page the data you entered get saved to a text file..which is then used by the the person who owns the page to gain access to your account...

For example...you can type anything in the username and password fields and I can tell you what you typed(hurry,because i have hosted it on a free hosting site and they take down phishing pages very fast)....

Now..what can you do to avoid phishing..

Always check the domain name in the address bar before logging in..don't sign in if you have any doubt that this page is a phishing page..and if you do please take the time to change yoor password... sometime the phishing attacks can be very complex... in that case you have to just pay attention to the details ...I have left a few details in my phishing page..let's see if you can catch them..

Regards


----------



## KmH (Dec 16, 2012)

pixmedic said:


> aliyawar said:
> 
> 
> > really..which module did you use...vidalia...???..waiting for that game's link...
> ...


Or maybe in Georgia - City of Vidalia - Official

Or maybe there is more than one place named -  Vidalia


----------



## Patriot (Dec 16, 2012)

Ok I'll take the bait and see what you have to offer. How do I stop emails from this site saying that someone has tried to enter my account? If you can solve this then you ARE THE MASTER OF THE WORLD. I changed passwords and even had my username changed. Evidently this is fake emails because no one would take so much time out of their life just to get into my account. 

"Dear Patriot,

Someone has tried to log into your account on Photography Forum & Digital Photography  Forum with an incorrect password at least 5 times. This person has been  prevented from attempting to login to your account for the next 15  minutes.

The person trying to log into your account had the following IP address: 117.111.11.204

All the best,
Photography Forum & Digital Photography Forum"


----------



## AgentDrex (Dec 16, 2012)

There ya go aliyawar.  Signed into the fake page you made.  I didn't see what I had entered in the passes.txt file.  So maybe you stored them elsewhere.  Either way, nice example.  BTW:  I use WOT and it threw up a warning for the site.  It's the number one reason for the decline in repeat clients I have had.  I used to fix on their puters and they'd come back a few weeks later with more junk.  I started installing WOT and they come back less (thankfully).  Sometimes I'll call them up to ask how the puter is running and they say have no problems.  They seem to really like it.


----------



## aliyawar (Dec 16, 2012)

Thanks...Yes web of trust is a good way to prevent these types of attacks...and the data entered is in passes.txt file only...you should've found it there..or maybe you didn't entered the data correctly..didn't hit the login button or something...

Regards


----------



## aliyawar (Dec 16, 2012)

Patriot said:


> Ok I'll take the bait and see what you have to offer. How do I stop emails from this site saying that someone has tried to enter my account? If you can solve this then you ARE THE MASTER OF THE WORLD. I changed passwords and even had my username changed. Evidently this is fake emails because no one would take so much time out of their life just to get into my account.
> 
> "Dear Patriot,
> 
> ...



I don't think they are fake mails patriot...someone is trying to enter your account..maybe as a prank or something,someone like a friend...for how long have you recieved tese types of mails and can you share with me the address by which you are getting these mails...


----------



## aliyawar (Dec 16, 2012)

Patriot said:


> Ok I'll take the bait and see what you have to offer. How do I stop emails from this site saying that someone has tried to enter my account? If you can solve this then you ARE THE MASTER OF THE WORLD. I changed passwords and even had my username changed. Evidently this is fake emails because no one would take so much time out of their life just to get into my account.
> 
> "Dear Patriot,
> 
> ...



The IP address is from somewhere around seoul in Korea,it means the attacker is from somewhere around you only...I guess a friend or a relative..trying to piss you off....but you don't need to worry..as it is evident..they haven't got into your account yet..and I don't see any reason for their success in the near future...my guesses are---

1.you are using a public cafe or something which is infected  from a keylogger...or your own system is infected from a keylogger...their are good antiviruses and antimalwares in the market which will do your job..

2.You are using the internet over a wireless network where someone is trying to sniff the data..

3.The attacker knows you and is just trying to get into your account by brute force...i.e. by hit and trial...


----------



## Patriot (Dec 16, 2012)

I doubt that's it's anyone I know because I'm an American in Korea with no Korean family or friends. If I do have a key logger on my computer then Norton Anti-virus sucks!!! This has been going on for about 5 months now and my emails are getting flooded. The ip address is changing also every time.


----------



## AgentDrex (Dec 17, 2012)

Norton DOES suck.  It's like the dog that barks at the intruder.  AFTER the intruder has broken in and started stealing junk. My net machine has no anti-virus of any sort.  My main machine doesn't need one.  If I had a in-between computer, that would have almost every scanner made.


----------



## aliyawar (Dec 17, 2012)

Patriot said:


> I doubt that's it's anyone I know because I'm an American in Korea with no Korean family or friends. If I do have a key logger on my computer then Norton Anti-virus sucks!!! This has been going on for about 5 months now and my emails are getting flooded. The ip address is changing also every time.



Yes..Norton is kinda like a gun without a bullet..it gives you assurance that you are safe from trouble coz you have a gun in your pocket but when you try to fire a bullet in times of trouble,noting comes out...poooffffff... in short it sucks..


----------



## aliyawar (Dec 17, 2012)

Josep22h said:


> I WANT to hear he details o how things got ugly!



I have already answered that...go back in the comments...i have replied to bitter jewller..he asked the same question.....

regards


----------

