Operation n

There are a variety of proxy servers about that offer anonymity in a bid to offer anonymous surfing. Proxyblind does give some useful information particular why it should be there. There are some tools and proxies available but are a bit hard to find. Find proxy is another resource for proxy servers. public proxy servers has an up to date list of servers available. While freeproxy has a nice compendium of proxy links. A few of them you have type the URL at the website including the eyecatchingly named hidemyass.

Let’s not forget you can always use the tor project, which uses a network of virtual tunnels to blur your originating identity from tracking sites. Privoxy is a popular web proxy that works very well with tor. Tor has had a few issues in the past as anonymity is only as strong as its weakest exit router. More recently, a way round to find de-anonymizing tor and detecting proxies using the fact that applets, plug-ins can willfully by-pass the tor network and head for your originating IP address.

“That was a really cool trick you did with your phone”, Michael said, slightly deepening his voice and passing a credit card to the waitress.

She looked up, “please enter your PIN number sir”, “What trick?” she inquired.

“Didn’t you send that bluetooth message to my phone?”

“Ermm.. you lost me sir?” the waitress answered with a curious look on her face.

Lost for words, Michael ignored her question and kept his eyes on the device in her hands. The transaction was certainly taking its time… the wait reminded him of those Sunday morning soap opera’s his grandmother use to insist he watch.

he head of the receipt appeared from the top of the POS Data Collector. Michael took the card and receipt and exited the restaurant without saying another word.

Emabarrassed he made his way back down the road toward the bank he had been commissioned to test for the day.

Relaxing in front of his laptop, Michael eagerly looked at his screen, trying to forget his silly restaurant experience.

“My port scans should be just about done by now,” Michael groaned, raising his arms to the air and letting out a yawn.

The test was to simply locate critical vulnerabilities in some of the banks key servers, or atleast a duplicate of the key servers built on a VMware test lab. The idea behind using a VMware test lab, was to prevent downtime or data corruption from any of Michael’s simulated attack scenarios.

nmap had almost finished its port scan…

Michael looked over his typescript file, containing the arp-scan fingerprinting results:

$ for I in `cat hosts.txt` ; do arp-fingerprint -o "-I eth0" $I ; done

10.1.9.1   01000100000     Linux 2.2, 2.4, 2.6
10.1.9.5   01000100000     Linux 2.2, 2.4, 2.6
10.1.9.9   11110110000     Solaris 2.5.1, 2.6, 7, 8, 9, 10, HP-UX 11
10.1.9.10   11110110000     Solaris 2.5.1, 2.6, 7, 8, 9, 10, HP-UX 11
10.1.9.11   11110110000     Solaris 2.5.1, 2.6, 7, 8, 9, 10, HP-UX 11
10.1.9.12   11110110000     Solaris 2.5.1, 2.6, 7, 8, 9, 10, HP-UX 11
10.1.9.15 11110100000 FreeBSD 5.3, Win98, WinME, NT4, 2000, XP, 2003

• http://www.nta-monitor.com/tools/arp-scan/