Comments on: psssst.. Somebody’s watchin’ http://jaqoup.wordpress.com/2008/11/25/psssst-somebodys-watchin/ A Blog !!!! Mon, 09 Nov 2009 17:18:14 +0000 http://wordpress.com/ hourly 1 By: open beta | CNN.com http://jaqoup.wordpress.com/2008/11/25/psssst-somebodys-watchin/#comment-40 open beta | CNN.com Fri, 28 Nov 2008 22:44:42 +0000 http://jaqoup.wordpress.com/?p=168#comment-40 [...] psssst.. Somebody’s watchin’ what i thought of at the begining that this is a bug in the chrome beta version .. but a week ago i gave a friend of mine a password for an FTP server, then in the next day i found some pages on this server have been altered with … [...] [...] psssst.. Somebody’s watchin’ what i thought of at the begining that this is a bug in the chrome beta version .. but a week ago i gave a friend of mine a password for an FTP server, then in the next day i found some pages on this server have been altered with … [...]

]]> By: Jaqoup http://jaqoup.wordpress.com/2008/11/25/psssst-somebodys-watchin/#comment-39 Jaqoup Tue, 25 Nov 2008 23:17:13 +0000 http://jaqoup.wordpress.com/?p=168#comment-39 well... thanx for you both and Fouad: the first thing i thought of was the ARP table and i managed to use my program but since i'm on Vista my program crashes every time i open it as in Vista the IP format changed and when i try to run an ARP command as "apr -d" it always fails even from the cmd :( well… thanx for you both
and Fouad: the first thing i thought of was the ARP table and i managed to use my program but since i’m on Vista my program crashes every time i open it as in Vista the IP format changed and when i try to run an ARP command as “apr -d” it always fails even from the cmd :(

]]> By: Mohammad Fouad http://jaqoup.wordpress.com/2008/11/25/psssst-somebodys-watchin/#comment-38 Mohammad Fouad Tue, 25 Nov 2008 21:48:56 +0000 http://jaqoup.wordpress.com/?p=168#comment-38 http://www.softperfect.com/products/networx/ it comes with very useful tools.. 1- use the Netstat tool to know what exe's are connected to the internet 2- then use the TraceRoute tool .. to see what path the packet takes to reach "google.com" for example the infected PC should be in your LAN .. it will be the first or the second in the TraceRoute table .. i doubt that he is in the WAN by any means .. wa ella teb2a fedee7a we momken terfa3 3alaihom adeya --- please, tell us how u will be able to solve this thing isA http://www.softperfect.com/products/networx/
it comes with very useful tools..

1- use the Netstat tool to know what exe’s are connected to the internet

2- then use the TraceRoute tool .. to see what path the packet takes to reach “google.com” for example
the infected PC should be in your LAN .. it will be the first or the second in the TraceRoute table .. i doubt that he is in the WAN by any means .. wa ella teb2a fedee7a we momken terfa3 3alaihom adeya

please, tell us how u will be able to solve this thing isA

]]> By: Mohammad Fouad http://jaqoup.wordpress.com/2008/11/25/psssst-somebodys-watchin/#comment-37 Mohammad Fouad Tue, 25 Nov 2008 20:20:37 +0000 http://jaqoup.wordpress.com/?p=168#comment-37 looooooooooooooooooooooooooooooooooooooooooooool @ "Dont mess with " ------- u seem quite sure that the sniffer is on some other machine ! .. so i will assume that this is the case and if so .. then as far as i know .. the only way he can do that .. is to have all your network packets route through his machine .. so he infects the ARP table to make ur PC send to his PC then modify the packet to go to china then sends it to the router .. instead of from your PC to the router to google right away.. [1] ------- or he can mess with the DNS history some how .. which i doubt is the case ------- solutions, all are not very easy... 1- well the ARP cache thing .. is simply the "NetCut method" .. and u have made a program to fight that .. so just use it .. or use Anti-netcut .. if it goes away then u won 2- encrypt all your TCP activity .. dont think that will work 3- kill your neighbor 4- kill the Chinese guy 5- make a DoS attack == ask all your friends to check that server over and over till it cracks .. there are programs to do that (Denial of Service attack) 6- let him take ur passwords we menno lelah :) .. we rabbena 3al moftary 7- use a proxy .. it will make his life abit harder to understand ur HTTP packets 8- eshtery 7'at lenafsak .. aw esta7'dem etesalat 9- if u can understand the ARP tables .. u can know which PC in the network is infected .. and u can block his mac address from the network .. that will stop him from messing with the tables 10- http://www.techspot.com/vb/topic115851.html if i got any ideas i will let u know .. looooooooooooooooooooooooooooooooooooooooooooool @ “Dont mess with ”
——-
u seem quite sure that the sniffer is on some other machine ! .. so i will assume that this is the case
and if so .. then as far as i know .. the only way he can do that .. is to have all your network packets route through his machine ..
so he infects the ARP table to make ur PC send to his PC then modify the packet to go to china then sends it to the router .. instead of from your PC to the router to google right away.. [1]
——-
or he can mess with the DNS history some how .. which i doubt is the case
——-
solutions, all are not very easy…

1- well the ARP cache thing .. is simply the “NetCut method” .. and u have made a program to fight that .. so just use it .. or use Anti-netcut .. if it goes away then u won

2- encrypt all your TCP activity .. dont think that will work

3- kill your neighbor

4- kill the Chinese guy

5- make a DoS attack == ask all your friends to check that server over and over till it cracks .. there are programs to do that (Denial of Service attack)

6- let him take ur passwords we menno lelah :) .. we rabbena 3al moftary

7- use a proxy .. it will make his life abit harder to understand ur HTTP packets

8- eshtery 7′at lenafsak .. aw esta7′dem etesalat

9- if u can understand the ARP tables .. u can know which PC in the network is infected .. and u can block his mac address from the network .. that will stop him from messing with the tables

10- http://www.techspot.com/vb/topic115851.html

if i got any ideas i will let u know ..

]]> By: Metal_ http://jaqoup.wordpress.com/2008/11/25/psssst-somebodys-watchin/#comment-36 Metal_ Tue, 25 Nov 2008 19:28:00 +0000 http://jaqoup.wordpress.com/?p=168#comment-36 Hey Jaqoup, As for browsing, you can use a web proxy with SSL support(where sniffing becomes a waste of the sniffer's resources :]) such as: https://www.xroxy.com Also, check out Tor! Never tried it out, but its model seems to be great! http://www.torproject.org/overview.html.en There are premium services for ssh tunneling aswell, if your data is sensitive and you have extra cash, consider subscribing into a one! Hey Jaqoup,

As for browsing, you can use a web proxy with SSL support(where sniffing becomes a waste of the sniffer’s resources :]) such as:
https://www.xroxy.com
Also, check out Tor! Never tried it out, but its model seems to be great!
http://www.torproject.org/overview.html.en

There are premium services for ssh tunneling aswell, if your data is sensitive and you have extra cash, consider subscribing into a one!

]]>