May be she asks the browser to remember her password.She should remove her saved passwords in tools->options->security->saved passwords if using mozilla. she can navigate other browsers for this utility On Fri, Dec 17, 2010 at 11:29 AM, kimondo Duncan <kimondodk@gmail.com>wrote:

She has already done that. She uses a combination of numbers and digits. She hasn't used synbols yet.

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

y revert to that old skul style? On Fri, Dec 17, 2010 at 2:47 PM, Thomas Kibui <thomas.kibui@gmail.com>wrote:

Forget gmail .. revert to PO Box

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

She doesn't use the remember password feature in the browser. Here is an attachment of the previous account activity.

From the Image below, [the Activity Information], it clearly shows her account was accessed from India!! Cant you see this is a clear case of hacking??

Keyloggers and a phishing site are prime suspects in her case.... On Fri, Dec 17, 2010 at 12:53 PM, Wilson Bandi <bandson67@gmail.com> wrote:

From my point of view this hacking takes place from the internal network, just ask the network admin to reassign the ip of the computer and also install/activate a firewall. The hacker is sniffing your communication and even if you change your password a thousand times he only needs to re-run his software while you are logging in and he will get your password like a piece of cake. You network admin needs also to be very smart to identify intrusions as most tools used to sniff or even hack networks are highly intrusive and can be detected easily.

If you need more information about this process, on request, i can post the whole idea on my blog.

Regards,

Wilson.

On Fri, Dec 17, 2010 at 9:38 AM, kimondo Duncan <kimondodk@gmail.com>wrote:

...

She doesn't use the remember password feature in the browser. Here is an attachment of the previous account activity.

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Kind Regards,

Wilson Bandi

Mob. Tel: +254 726 786481

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Regards, Greg -------- Life is not a rehearsal, you only live once!

@ dave, leaving the comp to remember password if u aren't the only user may be bad if u send your passwords to another email account whose password is also saved On Fri, Dec 17, 2010 at 1:48 PM, Dave Kirirah <dave.kirirah@gmail.com>wrote:

Some keyloggers are normaly installed when watching porn in ur comp.. tell her to minimize visits to these sites or use a proxy. And it is no doubt tht the computer has a keylogger... tell her to change password from another computer in another network and also when she's typing her password..tell her to type like this EG if password is..... sexylonelygal tell her to type it like pa BC se "highlight pa and delete. xyz!lonely$%girlal. then highlight and delete the unwanted letters.. that way the hacker will take days even months to deduce wat the password is.. unless he's a super hightech stalker.. anyhu.. imputing the password like indicated above she can allow mozilla to remember if she's the only user of this comp or account. So that she doesnt hv to keep repeating it. I mean even if u find my account open what can u do with it : u cnt change password coz it will ask for the original password, and u cnt say u forgot ur password unless u answer my security questions.... which i make sure its a hard one.. eg : when was the first time u pinched a gals tities? answer "wheniwasborn"

On Fri, Dec 17, 2010 at 1:25 PM, Gregory Okoth <gregory.okoth@gmail.com>wrote:

...

From the Image below, [the Activity Information], it clearly shows her account was accessed from India!! Cant you see this is a clear case of hacking??

Keyloggers and a phishing site are prime suspects in her case....

On Fri, Dec 17, 2010 at 12:53 PM, Wilson Bandi <bandson67@gmail.com>wrote:

...

From my point of view this hacking takes place from the internal network, just ask the network admin to reassign the ip of the computer and also install/activate a firewall. The hacker is sniffing your communication and even if you change your password a thousand times he only needs to re-run his software while you are logging in and he will get your password like a piece of cake. You network admin needs also to be very smart to identify intrusions as most tools used to sniff or even hack networks are highly intrusive and can be detected easily.

If you need more information about this process, on request, i can post the whole idea on my blog.

Regards,

Wilson.

On Fri, Dec 17, 2010 at 9:38 AM, kimondo Duncan <kimondodk@gmail.com>wrote:

...

She doesn't use the remember password feature in the browser. Here is an attachment of the previous account activity.

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Kind Regards,

Wilson Bandi

Mob. Tel: +254 726 786481

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Regards, Greg -------- Life is not a rehearsal, you only live once!

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Direct your attention to the best... http://www.bigbang.co.ke/

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

On Fri, Dec 17, 2010 at 1:48 PM, Dave Kirirah <dave.kirirah@gmail.com>wrote:

Some keyloggers are normaly installed when watching porn in ur comp.. tell her to minimize visits to these sites or use a proxy. And it is no doubt tht the computer has a keylogger... tell her to change password from another computer in another network and also when she's typing her password..tell her to type like this EG if password is..... sexylonelygal tell her to type it like pa BC se "highlight pa and delete. xyz!lonely$%girlal. then highlight and delete the unwanted letters.. that way the hacker will take days even months to deduce wat the password is.. unless he's a super hightech stalker.. anyhu.. imputing the password like indicated above she can allow mozilla to remember if she's the only user of this comp or account. So that she doesnt hv to keep repeating it. I mean even if u find my account open what can u do with it : u cnt change password coz it will ask for the original password, and u cnt say u forgot ur password unless u answer my security questions.... which i make sure its a hard one.. eg : when was the first time u pinched a gals tities? answer "wheniwasborn"

Dave!!!! Nice one. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Damn!!

I thought there are 3 other networks that offer similar services?

am just wondering what are the other "places I go"??? Regards, Erastus Gichuhi +254733725373 @gisho Nairobi Kenya On Fri, Dec 17, 2010 at 2:52 PM, <sospeter@elimu.co.ke> wrote:

Guys, can you hear me?

The phone lines are unclear, it's like we are talking on a walkie-talkie these days. One spends more time asking whether the channel is clear while the other spends an equal amount of time confirming a message.

Graham Bell would not be pleased with this.

Oh, M-pesa. I wonder whether I should trust the service, now that it's unstable. Someone sends you money and none of you get any confirmation. What's with that?

Problem is I am locked to this network because everyone else is here with me and other networks are not wide enough to cover the places I go.

Tuta do?

Regards Sospeter

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

On Fri, Dec 17, 2010 at 2:52 PM, <sospeter@elimu.co.ke> wrote:

Guys, can you hear me?

The phone lines are unclear, it's like we are talking on a walkie-talkie these days. One spends more time asking whether the channel is clear while the other spends an equal amount of time confirming a message.

What you've described is a phenomena I observe when I talk to pple in the CBD. However, call drops happen almost everywhere. Today alone I had like 5 calls being dropped. We'd call each other again and ask each other "if your phone went off". Oh, M-pesa. I wonder whether I should trust the service, now that it's

unstable. Someone sends you money and none of you get any confirmation. What's with that?

Problem is I am locked to this network because everyone else is here with me and other networks are not wide enough to cover the places I go.

Poolay sana. Technical problems do occur and are real but take heart - they will fix these sooner than you think. No reason to despair. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Damn!!

I don't mind spending that extra bob or so per minute calling into safcom as long as I get quality...it's weird how sometimes when you try calling safcom-safcom the person is mteja but from another network it's ok. The voice quality btwn safcom and zain for example is much better than safcom-safcom...no brownie points for figuring that out... Anyhoo...methinks it saves me money calling and doing my biz concisely without interruptions from another network than spending extra shillings calling safcom-safcom and asking if he/she can hear me clearly...

Webmail accounts hacked via WLAN <http://www.h-online.com/security/news/item/Webmail-accounts-hacked-via-WLAN-733402.html>also recommend you read about this and hope it helps Firefox extension steals Facebook, Twitter, etc. sessions<http://www.h-online.com/open/news/item/Firefox-extension-steals-Facebook-Twitter-etc-sessions-1124596.html> and Firesheep cookie-jacking tool triggers arms race<http://www.h-online.com/security/news/item/Firesheep-cookie-jacking-tool-triggers-arms-race-1132915.html> On Fri, Dec 17, 2010 at 2:57 PM, Dennis Kioko <dmbuvi@gmail.com> wrote:

The issue may also be that her Yahoo account is compromised hence the hacker also sees the changes in the password. also ask her to use a unique password not used on any other service in the internet.

If she is on an unsecured wireless network, she may be a victim of Firesheep ( http://www.h-online.com/open/news/item/Firefox-extension-steals-Facebook-Twi...) which can be detected with Blacksheep ( http://www.h-online.com/security/news/item/Firesheep-cookie-jacking-tool-tri... )

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- *I don't mind the rat race but I could do with a little more cheese. * +254-727-427-836

Being that logging in is all ssl, the most feasible way to steal the passowrd is on the machine ... Is there anything 'strange' in the account's .bashrc (or equivalent)? On second thought, its not that hard to have a hidden process that just logs that particular user's keystrokes ... so only loging to any of your accounts from a personal device (phone, laptop), see if that helps. On 12/17/10, Casper Odicoh <codicoh@gmail.com> wrote:

IMMHO,

It's a case of key-logging or bad security policy in the LAN which may be defeated by possibly:

- Use a totally different network to change passwords - Give up on the www concept - Delete all known menemies

EoE

On 12/17/10, john maina <jonmaina8715@gmail.com> wrote:

...

Webmail accounts hacked via WLAN <http://www.h-online.com/security/news/item/Webmail-accounts-hacked-via-WLAN-733402.html>also recommend you read about this and hope it helps Firefox extension steals Facebook, Twitter, etc. sessions<http://www.h-online.com/open/news/item/Firefox-extension-steals-Facebook-Twitter-etc-sessions-1124596.html> and Firesheep cookie-jacking tool triggers arms race<http://www.h-online.com/security/news/item/Firesheep-cookie-jacking-tool-triggers-arms-race-1132915.html>

On Fri, Dec 17, 2010 at 2:57 PM, Dennis Kioko <dmbuvi@gmail.com> wrote:

...

The issue may also be that her Yahoo account is compromised hence the hacker also sees the changes in the password. also ask her to use a unique password not used on any other service in the internet.

If she is on an unsecured wireless network, she may be a victim of Firesheep ( http://www.h-online.com/open/news/item/Firefox-extension-steals-Facebook-Twi...) which can be detected with Blacksheep ( http://www.h-online.com/security/news/item/Firesheep-cookie-jacking-tool-tri... )

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- *I don't mind the rat race but I could do with a little more cheese. * +254-727-427-836

-- Sent from my mobile device _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Sent from my mobile device

Apart from this tool, http://www.thoughtcrime.org/software/sslsniff/ which requires that the sniffer machine be the gateway for the target machine (making it the gateway for every other machine in the subnet) there's not much else out there that can see inside an SSL tunnel, SSL is pretty secure, especially 128 bit like google uses. And with exploits like these http://ezopjr654.pastebin.com/raw.php?i=CfTETnk3 pretty much anybody can become root and do the rest. And looking at the cookies from google on my machine, they are all either domains, urls, numbers or gibberish, so probably cookie stealing isn't getting the cracker the password either. Apart from this and injecting a .so into the firefox process (or whatever) to sit juuust before the ssl layer and log all input, what other tools/technics did you have in mind of seeing inside an SSL tunnel? On Sat, Dec 18, 2010 at 1:06 AM, Wilson Bandi <bandson67@gmail.com> wrote:

If i want to sniff your gmail password infact with username, the tools/technics available are beyond https control... *keylogging* and * phishing* should be disqualified for this type of attack and the victim should concentrate on the network security rather than the machine coz after all its also a linux machine which has pre-security measures in place.

As i said earlier, this attack can be achieved even from a distance depending on how careless the network has been installed and the amount of information the hacker has acquired about it.

On the other hand, having the target to be only one account also raises questions.... meaning the victim is well known by the attacker.

Taking a step backward... i believe all of us know how a form passes its input to a server for authentication. we all know that as much as all the process is done on the server we still send packets of information generated from the user thru our browsers and this include the password and username so wat the sniffer does is to identify the string that is posted for the server thru the network.. and this is where the magic happens.. more information about this can be found with CEH or Ninja tutorials which i believe will give more light to the victim.

Regards,

Wilson.

On Sat, Dec 18, 2010 at 12:37 AM, Makobu <makobu.mwambiriro@gmail.com>wrote:

...

Being that logging in is all ssl, the most feasible way to steal the passowrd is on the machine ... Is there anything 'strange' in the account's .bashrc (or equivalent)? On second thought, its not that hard to have a hidden process that just logs that particular user's keystrokes ... so only loging to any of your accounts from a personal device (phone, laptop), see if that helps.

On 12/17/10, Casper Odicoh <codicoh@gmail.com> wrote:

...

IMMHO,

It's a case of key-logging or bad security policy in the LAN which may be defeated by possibly:

- Use a totally different network to change passwords - Give up on the www concept - Delete all known menemies

EoE

On 12/17/10, john maina <jonmaina8715@gmail.com> wrote:

...

Webmail accounts hacked via WLAN < http://www.h-online.com/security/news/item/Webmail-accounts-hacked-via-WLAN-... also recommend you read about this and hope it helps Firefox extension steals Facebook, Twitter, etc. sessions< http://www.h-online.com/open/news/item/Firefox-extension-steals-Facebook-Twi...

...

and Firesheep cookie-jacking tool triggers arms race< http://www.h-online.com/security/news/item/Firesheep-cookie-jacking-tool-tri...

...

On Fri, Dec 17, 2010 at 2:57 PM, Dennis Kioko <dmbuvi@gmail.com>

wrote:

...

...

The issue may also be that her Yahoo account is compromised hence the hacker also sees the changes in the password. also ask her to use a unique password not used on any other service in the internet.

If she is on an unsecured wireless network, she may be a victim of Firesheep (

http://www.h-online.com/open/news/item/Firefox-extension-steals-Facebook-Twi... )

...

...

which can be detected with Blacksheep (

http://www.h-online.com/security/news/item/Firesheep-cookie-jacking-tool-tri...

...

)

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- *I don't mind the rat race but I could do with a little more cheese. * +254-727-427-836

-- Sent from my mobile device _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Sent from my mobile device _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

Bindi, In a switched network, it has to be as each switch port is its own broadcast domain, so unless a machine is a gateway, it wont see any packets that are not broadcasts or sent directly sent to it (im assuming that this network is not using a hub, hehe). And "mimic the gateway" as you put it, is what arpspoof does. It just switches the real gateways mac address with it's own in the ARP table, to traffic destined supposed to go to the gateway now goes to it. And this link from verisign gives a good overview of how SSL works http://www.verisign.com/ssl/ssl-information-center/how-ssl-security-works/an... the "read more" section has more in-depth documentation, so the SSL class is covered. So far i have given proof via links (like a HTTP server dev team points out HTTP RFC clauses to prove what they have built is a valid HTTP server) that what I'm saying is not just my opinion, but proven concepts. Those links are old yes (with one being almost a year old, and one not working on a newer kernel that the one it's tested on), but in 2000 one could reduce or increase the download rate of a file by manipulating the TCP window size of that stream, in 2010 it still works. Unless the vulnerability a hack tool works by is not removed, the tool will still work, no matter how old it is. If you have links showing us how to stop them, it would benefit many of us if you posted them here. On Sat, Dec 18, 2010 at 1:49 PM, Wilson Bandi <bandson67@gmail.com> wrote:

Makobu,

Your machine doesnt have to be a gateway to sniff(above links are outdated methods for the current security infrastructures or lets just say easy targets which require the hacker to have alot of info about the network and can be mostly achieved by a network admin but for now we are assuming its an intruder), you just need to mimick a gateway and this has a con to that it has to be done for a specific machine/target at any instance.

I also dont want to give a class on the ssl architecture and where the security level begins or how it operates or how the tools get around it but... as i said let the victim spend 98 percent to fix network security issues and the two percent to avoid phishing sites.

if i get time i will do a blog on this so if interested remind me after 2 weeks.

Regards,

W.

On Sat, Dec 18, 2010 at 3:03 AM, Makobu <makobu.mwambiriro@gmail.com>wrote:

...

Apart from this tool, http://www.thoughtcrime.org/software/sslsniff/which requires that the sniffer machine be the gateway for the target machine (making it the gateway for every other machine in the subnet) there's not much else out there that can see inside an SSL tunnel, SSL is pretty secure, especially 128 bit like google uses. And with exploits like these http://ezopjr654.pastebin.com/raw.php?i=CfTETnk3 pretty much anybody can become root and do the rest. And looking at the cookies from google on my machine, they are all either domains, urls, numbers or gibberish, so probably cookie stealing isn't getting the cracker the password either. Apart from this and injecting a .so into the firefox process (or whatever) to sit juuust before the ssl layer and log all input, what other tools/technics did you have in mind of seeing inside an SSL tunnel?

On Sat, Dec 18, 2010 at 1:06 AM, Wilson Bandi <bandson67@gmail.com>wrote:

...

If i want to sniff your gmail password infact with username, the tools/technics available are beyond https control... *keylogging* and * phishing* should be disqualified for this type of attack and the victim should concentrate on the network security rather than the machine coz after all its also a linux machine which has pre-security measures in place.

As i said earlier, this attack can be achieved even from a distance depending on how careless the network has been installed and the amount of information the hacker has acquired about it.

On the other hand, having the target to be only one account also raises questions.... meaning the victim is well known by the attacker.

Taking a step backward... i believe all of us know how a form passes its input to a server for authentication. we all know that as much as all the process is done on the server we still send packets of information generated from the user thru our browsers and this include the password and username so wat the sniffer does is to identify the string that is posted for the server thru the network.. and this is where the magic happens.. more information about this can be found with CEH or Ninja tutorials which i believe will give more light to the victim.

Regards,

Wilson.

On Sat, Dec 18, 2010 at 12:37 AM, Makobu <makobu.mwambiriro@gmail.com>wrote:

...

Being that logging in is all ssl, the most feasible way to steal the passowrd is on the machine ... Is there anything 'strange' in the account's .bashrc (or equivalent)? On second thought, its not that hard to have a hidden process that just logs that particular user's keystrokes ... so only loging to any of your accounts from a personal device (phone, laptop), see if that helps.

On 12/17/10, Casper Odicoh <codicoh@gmail.com> wrote:

...

IMMHO,

It's a case of key-logging or bad security policy in the LAN which may be defeated by possibly:

- Use a totally different network to change passwords - Give up on the www concept - Delete all known menemies

EoE

On 12/17/10, john maina <jonmaina8715@gmail.com> wrote:

...

Webmail accounts hacked via WLAN < http://www.h-online.com/security/news/item/Webmail-accounts-hacked-via-WLAN-... also recommend you read about this and hope it helps Firefox extension steals Facebook, Twitter, etc. sessions< http://www.h-online.com/open/news/item/Firefox-extension-steals-Facebook-Twi...

...

and Firesheep cookie-jacking tool triggers arms race< http://www.h-online.com/security/news/item/Firesheep-cookie-jacking-tool-tri...

...

On Fri, Dec 17, 2010 at 2:57 PM, Dennis Kioko <dmbuvi@gmail.com>

wrote:

...

> The issue may also be that her Yahoo account is compromised hence

the

...

> hacker also sees the changes in the password. also ask her to use a > unique > password not used on any other service in the internet. > > If she is on an unsecured wireless network, she may be a victim of > Firesheep ( > http://www.h-online.com/open/news/item/Firefox-extension-steals-Facebook-Twi... ) > which can be detected with Blacksheep ( > http://www.h-online.com/security/news/item/Firesheep-cookie-jacking-tool-tri... > ) > > _______________________________________________ > Skunkworks mailing list > Skunkworks@lists.my.co.ke > http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks > ------------ > Skunkworks Rules > http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 > ------------ > Other services @ http://my.co.ke >

-- *I don't mind the rat race but I could do with a little more cheese. * +254-727-427-836

-- Sent from my mobile device _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Sent from my mobile device _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

Makobu, too much jargon will not help the victim.. as a consultant or wannabe just make it as simple as possible leave the details to the experts. For the links go to piratebay and ethical hacker network plus CEH and download wat is important to you for your 'reading/learning', am sure there is too much to give as links furthermore its your call. Else reproduce the problem in your network and find a CEH to solve or prevent it or follow advice or give solutions to victims which they can easily understand, either way am good with it. 'By the way my name is not Bindi' which means something else Korea. Regards, W. On Sat, Dec 18, 2010 at 2:41 PM, Makobu <makobu.mwambiriro@gmail.com> wrote:

corrections: s/"read more"/"learn more"/ s/to traffic destined supposed to go to the gateway now goes to it/so traffic destined to go to the gateway now goes to the attacker's machine/

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

Yes, She changed the password outside the network and so far its secure. I was enjoying getting all those ideas and scenarios I had not taken into consideration. Actually I have so much to learn and research. I appreciate. back to learning the ropes. Merry chrismas. Ciao

On 17 December 2010 12:38, kimondo Duncan <kimondodk@gmail.com> wrote:

She doesn't use the remember password feature in the browser. Here is an attachment of the previous account activity.

Perhaps password is also sent to the 'other' email address every time u/he/she updates? Wilson.

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

The machine she uses is a linux machine which has mutiple accounts. No other user has complained.