2015-11-04

Temetka wrote:

I was vague on purpose. But if you really want, head over to hackforums.net or bust out your copy of TOR browser and check around on the DarkWeb. If I can sit outside someones house in my car with a laptop and a Pringle's cantenna, I can perform a MITM attack, OS fingerprinting, inject a malformed ad, and install the RAT. But hey you say it's not that easy. It's easy enough for those with some skills, a vehicle, a target, and motivation. Doing it over the internet blind and random? Yeah, that is going to be difficult-ish.

I'm almost tempted to invite you to sit outside my residence and test my network, but on second thought the cost of actually letting you bust in would be too high. (Cost of my pride, mostly. )

Instead, could you point out the likely entry points to my network? I have:

a mostly stock pfSense installation as NAT router

a wireless AP running OpenWRT, with a WiFi network secured with WPA2 CCMP and 5-word diceware passphrase

various Windows 8.1 / 10 PCs on wired and wireless connections

various Android devices on wireless connection

And naturally I run adblocking software on all my devices, use click-to-play Flash and keep everything updated.

I feel like I'm reasonably secure against wireless intrusion of my network, and, barring a zero-day on Firefox, drive-by malware installations. I'm curious which parts you would disagree.

Statistics: Posted by twistero — Wed Nov 04, 2015 4:47 pm

Show more