Recent content by E411

This response makes no sense in the context of the question. The MAC table in a switch, and subsequent ARP poisioning attacks have absolutely nothing to do with the system, nor is "Linux" really even relevant in this discussion........... However, to answer the question, ARP poisoning is not...

If you want to verify this, follow the above advice... check your SMTP logs. More likely, some OTHER user, who has recieved mails from those two accounts, or might have them in his address list, has been compromised, and the virus is using random selections out of that person's address book as...

Yep, I second the previous response. The "return" address in email is just a text field in the header. I can write an email with a "return" address of "obama@whitehouse.gov" if I want to. If the recipient is bad, Mr Obama (or his aides) will get that bounce message. It's just fundamentally...

The original question asked "what is a tracking cookie?" but the responses are all debates over which AV solution is better..... I'm at a loss here. A tracking cookie is just a text file that is put on your computer. Websites use cookies all the time. That's how Anandtech Forums knows to...

Cain and Abel will let you capture traffic off the wire using ARP poisoning, etc. To do some man-in-the-middle work, I suggest you look into using ettercap with Hamster and Ferrett. They are tools designed for side-jacking web sessions in the way you are describing.

Google the exact name of the software or the exact messages you are getting and do it "in quotes". Then, write down or print out the directions and run them in "safe mode". Seriously. Exact quote and do it in safe mode. No shortcuts.

All, Keep in mind that the "From" address on email is just a text field. I can write an email to you right now that comes from "obama@whitehouse.gov" or "bill@microsoft.com". Do you seriously think it was Bill Gate's account being compromised? No. Spammers use fake return addresses all the...

Keep in mind that software running within the browser, such as Flash, Java and some JavaScript may not obey the proxy settings configured by TOR. I suggest using the Firefox plugin "NoScript" to block the majority of the rest of that.

All of the tactics mentioned are useless with high-end keyloggers. There is a well known exploitation framework called Metasploit that can be deployed via a variety of means, including malicious websites or even remote exploits like MS-08-067. It has a package called Meterpreter, which runs an...

I suspect that either 1) A private key that is used to create SecurID hashes was stolen or reverse engineered or 2) Someone was able to dump the internal Serial->Tokencode database from their internal systems. in case #1, it seems the risk requires someone to steal your internal...