Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-Disclosure] client - server

from [Matteo Giannone] Network Security [Permanent Link]
Subject: Re: [Full-Disclosure] client - server
Date: Mon, 28 Feb 2005 17:49:01 +0100 
It is impossible that they banned a block of addresses of my ISP, because that
is a webserver where you "play games": most of the people playing games there
use my same ISP and also live near me.

I am sure that my IP address changes in couple of hours after disconnections.

I deleted cookies, changed computer name, used different browsers....
ActiveX controls are disabled by default on Internet explorer.

I really don't understand how they can ban me.

Are you all sure they cannot know my MAC address? I think they know it when I
connect to the server (i remember something of TCP/IP stack and
encapsulation/decapsulation)....




Most likely they might have blocked the entire pool of IP belonging to
your ISP try to visit the website with a proxy server


On Sun, 27 Feb 2005 21:29:18 -0500, Eric Windisch <lists@bwbohh.net> wrote:

On Mon, 2005-02-28 at 02:43 +0100, Matteo Giannone wrote:

- a simple ip check doesn't work with dynamic addresses...


It will work for as long as your IP is valid.  They can also ban the
entire IP block (aka, your ISP)


- computer name can be changed
- mac address can be changed (even I wasn't able to, because I have a usb

dsl

modem and I cannot change its MAC working with regedit or using tools like

smac )

Your browser will not (or should not, anyway) reveal your "computer
name" or mac address.


Anything else ?


User-agents and referers.  Some browsers can send quite a bit of
information in the user-agent string.

It could also be a content filter between you and the web site in
question.  Schools and parents setup these to censor the surfing of
children.  Many companies filter their content too, due to the
distraction (and legal ramifications) brought about by warez and
pornography.


How the hell do they recognize me ?


By the tin-foil hat ;)

-- 
Eric Windisch <lists@bwbohh.net>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



-- 
Gautam R. Singh
http://www.google.com/search?q=gautam.singh%40gmail.com
[mcp,ccna,cspfa,] t: +91 9885576081 | pgp:
http://gautam.techwhack.com/key/ | ymsgr: er-333 | msn: ro0_@hotmail





____________________________________________________________
Navighi a 2 MEGA e i primi 3 mesi sono GRATIS. 
Scegli Libero Adsl Flat senza limiti su http://www.libero.it



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-Disclosure] client - server, Michael Holstein
Next by Date:  Re: [Full-Disclosure] client - server, Micheal Espinola Jr
Previous by Thread:  Re: [Full-Disclosure] client - server, Marcus Specht
Next by Thread:  Re: [Full-Disclosure] client - server, Michael Holstein
Indexes:  [Date] [Thread] [Top] [All Lists]