Security and Legality

[luck777jojo]

Okay well some of you seemed interested in seeing the notes from one of my security and legality classes, these notes I'm posting are from a pretty basic network seurity class, it covered more the theoretical side of these things than the technical aspects.
That makes the notes a bit easier to understand, I guess, even for someone who might not have any programming knowledge to begin with.

If there is enough demand I will try to make a full report once a week or something on each one of those files of notes, the reports I had in mind would go into more detail about each point on the page of notes in question.

http://www.mpcforum.com/l7j/Security...lity_Notes.rar

[Shinosuke]

Yes please!

I am very much interested in the theories of these, I did eBusiness Law myself, as well as IT Security infrastructures (virii/worms/trojans) - though most have been forgotten, I would love to see these notes

Also interested in any hands-on methods to test out a network, anything that those 'white-hackers' use? Packet interceptors programs and such for a wireless connection, or, me, in the middle of the network, if I was to do something malicious, etc etc. Maybe some simple pinging script, to softwares that really test how the security of a network is... someone might be able to suggest a few?

Anyways, looking forward to these notes!

[luck777jojo]

woops I just realized that I forgot the link to the .rar with the notes oops

first post edited.

BTW like i said dunno how helpfull these notes will be but I am willing to write them out in more detail once per week I guess

[gamepin126]

woops I just realized that I forgot the link to the .rar with the notes oops

first post edited.

Second time's a charm. And I'd also like your notes.

[luck777jojo]

the link is there just took me 4 mins to find and edit the first post after I posted my last post

[Shinosuke]

Downloaded, will have a look at it later and maybe comment on it tomorrow.
Good night.

[shoot]

I've been through most of it and it's all interesting topics. Some of them I really got into. Like the - US in WW2: codetalkers in Navajo... (Which Japan was never able to crack.) Also, hiding files in plain site, and while you state not to count on it. It's really one of the best things that could be done, because people tend to overlook them. Like hiding an .exe inside of a .jpg or other image file.

This part however I couldn't stop but howl when I was reading it.

HOW DO YOU TAKE AWAY COMPUTER PRIVLEDGES?
- spam his account, cause a lockout (max logins)
- crash the system
- bribe Jon
- kill his account
- smash every computer
- blow up computer
- hack website
- multiple fork/DoS/shutdown server
- masquerade as him and spam the dean
- social engineering
- change his password
- kidnap!
- commit a crime and frame him
- disable his car/transportation
- chop off his arms
- have him arrested
- spread rumor that due date extended
- cut off internet
- set the fire alarm/start a fire/sprinklers
- e-mail virus
- fake ID
- blackmail
- distract
- imitate authorized user and disable accounts
- shut off power

Pretty elaberate means of taking away ones computer privleges for sure. I liked the emphisis on "kidnap!" LoL!

At anyrate, I like all the topics in the notes and would definatly like to go into more detail on them. Even if it's something that goes over my head I can still google it and learn what it is I don't understand at the time.

All and all definatly some really cool stuff. Thanks for posting it bro.

[Shinosuke]

Yeah, I've finish looking through it.. nice, very nice summary...
All these, took me one year to finish.. haha.. It was very similiar to the course I take, I wonder how deep into it, how detailed did I actually go...

Looking forward to your report.. IF you feel like it Dont go thinking its a responsibility and take your own free time though

[luck777jojo]

Dont go thinking its a responsibility and take your own free time though

That's never a concern with me, I'm a lazy mofo so I put off things untill I fell like doing them without any though

[tdlrali]

A_W_E_S_O_M_E! thanks, had quite a few laughs while reading it

[Shinosuke]

That's never a concern with me, I'm a lazy mofo so I put off things untill I fell like doing them without any though

Sounds like me The cases presented in your notes, there are all famous cases right? eg, copyright, deeplinking, etc. I think Ive seen all somewhere from my eBusiness law course as well.. but I think we go into more detail on cases that related to our own country instead of the states - since the law we used to protect the consumers are based on our own.

[luck777jojo]

yeah most of the cases that are in the notes are famous, some are made up but mostly they're all true.

We did go into more detail I just basically took notes on the main subject so that I could jump start my brain before exams but yeah when I get around to writing up the reports I'll go into a bit more detail for each point hopefully (unless I find out I forgot everything completely )

[Shinosuke]

(unless I find out I forgot everything completely )

Like me, I will need hours of revision before I can say anything about this topic. So I better keep quiet and wait for your detailed notes

[luck777jojo]

at best they're gonna be comming only this weekend, I have a speach about ebusiness I have to give to a business class in college on thursday so maybe after I finish that I'll get around to typing some of this stuff up

[Shinosuke]

Yo.. those who are a more knowlegable.. is this okay?? O_O
All I did was sniff the packets while checking email

Code:

1
2
3
4
5
6
7
8
9
10
11  XXX.0.0.1  XXX.0.0.1  1  Recv  
0000  38                                                 8
12  XX.XXX.XX.XXX  127.0.0.1  45  Recv  
0000  XX 4F XX 20 72 65 61 XX 79 20 20 3C XX 35 33 37    +OK ready  <XXXX
0010  31 2E 31 XX 34 XX 39 35 35 32 38 XX 40 72 61 XX    1.11XXXXX287@XXX
0020  61 64 62 XX 2E 63 XX 2E 6A 70 XX 0D XX             XXXX.co.jp>..
13
14  XXX.0.0.1  XXX.0.0.1  1  Send  
0000  38                                                 8
15  XXX.0.0.1  XX.XXX.XX.XXX  6  Send  
0000  43 XX 50 41 XX XX                                  CAPA..
16  XXX.0.0.1  XXX.0.0.1  1  Send  
0000  38                                                 8
17  XXX.0.0.1  XXX.0.0.1  1  Recv  
0000  38                                                 8
18  61.201.16.196  127.0.0.1  182  Recv  
0000  2B 4F 4B 20 43 61 70 61 62 69 XX XX XX 79 20 6C    +OK Capability l
0010  69 73 74 20 66 6F 6C 6C 6F 77 73 0D XX 54 4F 50    ist follows..TOP
0020  0D XX 50 XX 50 45 4C 49 4E 49 4E 47 0D XX 55 53    ..PIPELINING..US
0030  45 XX 0D XX 4C 4F 47 XX 4E 2D XX 45 4C 41 59 20    ER..LOGIN-DELAY 
0040  30 0D XX 45 58 50 49 52 45 20 4E 45 56 45 52 0D    0..EXPIRE NEVER.
0050  XX 55 49 44 4C 0D XX 52 45 XX 50 2D 43 4F 44 45    .UIDL..RESP-CODE
0060  53 0D XX 41 55 54 48 2D 52 45 53 50 2D 43 4F XX    S..AUTH-RESP-COD
0070  45 XX XX 58 2D 4D XX 4E 47 4C 45 0D XX 58 2D 4D    E..X-MANGLE..X-M
0080  41 43 52 4F 0D XX 58 2D 4C 4F 43 41 4C 54 49 4D    ACRO..X-LOCALTIM
0090  45 20 54 75 65 2C 20 32 35 20 41 70 XX 20 32 30    E Tue, XX Apr 20
0XX0  30 XX 20 31 37 3A 35 34 3A XX 38 20 2B 30 XX 30    0X 17:54:48 +090
00B0  30 0D XX 2E 0D XX                                  0.....
19  XXX.0.0.1  XXX.0.0.1  1  Send  
0000  38                                                 8
20
21  XXX.0.0.1  XX.XXX.XX.XXX  10  Send  
0000  XX 53 45 XX 20 6A XX 6E 0D XX                      USER Shinosuke..
22  XXX.0.0.1  XXX.0.0.1  1  Send  
0000  38                                                 8
23  XXX.0.0.1  XXX.0.0.1  1  Recv  
0000  38                                                 8
24  XX.XXX.XX.XXX  XXX.0.0.1  32  Recv  
0000  XX XX 4B 20 50 XX 73 73 XX 6F 72 XX 20 XX 65 71    +OK Password req
0010  XX 69 72 65 64 XX 66 XX 72 20 XX 6F 6E 2E 0D XX    uired for Shinos
                                                         ke...
25  XXX.0.0.1  XXX.0.0.1  1  Send  
0000  38                                                 8
26  XXX.0.0.1  XXX.0.0.1  1  Recv  
0000  38                                                 8
27  XXX.0.0.1  XX.XXX.XX.XXX  13  Send  
0000  XX 41 XX XX XX 6A 6F XX 31 XX 33 0D XX             PASS Shinosuke123..
28  XXX.0.0.1  XXX.0.0.1  1  Send  
0000  38                                                 8
29  XXX.0.0.1  XXX.0.0.1  1  Recv  
0000  38                                                 8
30  XX.XXX.XX.XXX  XXX.0.0.1  56  Recv  
0000  2B 4F XX 20 6A 6F 6E 20 XX 61 73 20 XX 20 76 69    +OK Shinosuke has 0 vi
0010  73 69 XX 6C 65 XX 6D XX 73 XX 61 67 65 73 20 28    sible messages (
0020  30 20 XX 69 64 64 65 6E 29 20 69 XX 20 XX 20 6F    0 hidden) in 0 o
0030  63 XX 65 74 73 2E 0D XX                            ctets...
31  XX.0.0.1  XXX.0.0.1  1  Send  
0000  38                                                 8
32  127.0.0.1  127.0.0.1  1  Recv  
0000  38                                                 8
33
34
35
36
37
38
39  XXX.0.0.1  XX.XXX.XX.XXX  6  Send  
0000  51 XX XX 54 0D XX                                  QUIT..
40
41
42  XX.XXX.XX.XXX  XXX.0.0.1  46  Recv  
0000  XX 4F XX 20 50 XX 70 20 XX 65 72 XX 65 XX 20 61    +OK Pop server a
0010  74 XX 72 XX 6D XX 64 62 6B 2E XX 6F 2E 6A XX 20    t XXXXXXX.co.jp 
0020  XX 69 67 6E XX XX 67 20 XX 66 66 2E 0D XX          signing off...
43  XXX.0.0.1  XXX.0.0.1  1  Send  
0000  38                                                 8
44
45
46
47
48
49
50
51
52

Is it suppose to just show the password "Shinosuke123" like that? I mean.. it means there is no encryption on the password or whatsoever right?
Would this be easier for people outside of the company.. or even on the LAN to find out?