General discussion
-
CreatorTopic
-
August 17, 2021 at 5:09 pm #2140985
Have your encountered hackers at your place of work on the network?
Lockedby picherg · about 3 years, 1 month ago
Tags: Security
I am using tripwire program to protect Ubuntu server from intrusions.
Please, if you have any leads about hackers or experience with
programs such as: packet capture, controlling traffic, IDS.
Those who have encountered something similar at work can share
here with my experience.Topic is locked -
CreatorTopic
All Comments
-
AuthorReplies
-
-
August 17, 2021 at 5:23 pm #2419517
For a time, all of us were hackers.
by rproffitt · about 3 years, 1 month ago
In reply to Have your encountered hackers at your place of work on the network?
I won’t tell much about it but due to no IT support our team took to what some may call hacking to get back to work.
Here’s the biggest lesson we learned.
-> Without physical security there is no security.
Example. Without exception we’ve been able to boot most “servers” from some USB stick to add a new account, copy out data and more. Even if we couldn’t boot we could always use what is called a Rubber Duck from Hak5.
Look at the prior leaks and attacks and you find that this happened inside the company and for us it was performed directly on the servers.
-
August 17, 2021 at 6:32 pm #2419516
example
by picherg · about 3 years, 1 month ago
In reply to For a time, all of us were hackers.
Let’s say an example based on the work of the program tripwire:
https://linux-notes.org/wp-content/uploads/2014/06/tripwire-check-interactive.png-
August 17, 2021 at 7:10 pm #2419514
-
-
August 17, 2021 at 6:32 pm #3939134
example
by picherg · about 3 years, 1 month ago
In reply to For a time, all of us were hackers.
Let’s say an example based on the work of the program tripwire:
https://linux-notes.org/wp-content/uploads/2014/06/tripwire-check-interactive.png
-
-
August 17, 2021 at 5:23 pm #3939135
For a time, all of us were hackers.
by rproffitt · about 3 years, 1 month ago
In reply to Have your encountered hackers at your place of work on the network?
I won’t tell much about it but due to no IT support our team took to what some may call hacking to get back to work.
Here’s the biggest lesson we learned.
-> Without physical security there is no security.
Example. Without exception we’ve been able to boot most “servers” from some USB stick to add a new account, copy out data and more. Even if we couldn’t boot we could always use what is called a Rubber Duck from Hak5.
Look at the prior leaks and attacks and you find that this happened inside the company and for us it was performed directly on the servers.
-
December 29, 2021 at 6:28 am #3938975
Yes… Indeed
by avandor · about 2 years, 9 months ago
In reply to Have your encountered hackers at your place of work on the network?
Yes, I encountered a hacking issue at my workplace. I went home one night about six months ago and tried to log in again to my workstation.
I could not remember the password, so I used my Knoppix live CD (version 8) to reset the password. It booted up like normal, but when it got to the desktop, I saw that some windows were opened which were unfamiliar to me. These windows showed very strange stuff like “an error occurred while creating shadow copy” or something of that nature. I immediately shut down my computer because it didn’t look right.
I took the Knoppix CD out and decided to check things out.
I noticed that some files (My Documents, desktop and some system .DLLs) were missing on the hard drive. I also found an unknown Linux partition on my computer’s hard drive which had about 1GB of space. It was like a hidden partition on my C: drive (C: is my Windows root). I wasn’t sure what it was at first, so I opened up a command prompt and checked for this new Linux partition by typing “dir c:” and saw that there was indeed a new Linux-type directory appearing in c: which did not belong there before.
So, I rebooted again and put another live CD called Backtrack 3 in. I turned on the computer and it took me to a command prompt instead of Windows this time. Again, it booted up fine, but when I got to the desktop, all that showed up was a big blue screen with green text on top of it. It looked very similar to what you’d see if you were running “top” in Linux (the command prompt).
I tried logging in by typing my password which I knew at this point, but the login failed because the account had been deleted from the system. This makes sense though because many people are hacked at work through brute force methods where they try every possible letter/number combination until they find one that works.
So, pretty much knowing what happened here I opened up my Norton Internet Security and did a full scan of the system.
It took about an hour before it was finished, but I was surprised when I saw that it found like 2,500 viruses on my computer! All of these viruses were “heuristic” and they were automatically quarantined by Norton. Pretty sweet! Norton also showed me all the remote connections to my system that were attempted. There had been many attempts from Russia, China, South America, and Romania to connect to my computer in the past few months. Hmm… how strange?
-
October 27, 2022 at 10:23 am #4004484
Reply To: Have your encountered hackers at your place of work on the network?
by techguy98 · about 1 year, 11 months ago
In reply to Have your encountered hackers at your place of work on the network?
The possibility to hack Android, iPhone, MacBook any gadget as well as WhatsApp or any other social media app and help reactivate stolen accounts and passwords is 100% using a phone number with the support of a professional ethics consultant and provider. I encountered this expert- Victor was very helpful in making this ability a reality.
-
-
AuthorReplies