Skip to main content
Topic solved
This topic has been marked as solved and requires no further attention.
Topic: [Solved] connman-gtk is not cycling IP addresses. (Read 3608 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

Re: connman-gtk is not cycling IP addresses.

Reply #15
Quote from: tsedek1 – on
Quote from: mrbrklyn – on
I am beginning to understand why public wifis are always running out of leasable addresses.

I want to make this plain and simple...

CHANGING IP ADDRESSES DOES NOT MAKE YOUR SYSTEM SECURE.
Instead of SHOUTING you should probably read my reply to you.

Quote from: mrbrklyn – on
and it sounds like you are already rooted.
Not after I wipe and reinstall, and at least not in the first 10 minutes of connecting to the network.
After that it's a game of Cat and Mouse. Who is faster, the Cat or the Mouse?



I did read it and what I said is the facts.  100% your system should not be hacked 10 minutes after being on a network if you have the least bit of common sense and security.  You get ZERO extra security by changing your IP address..

Re: connman-gtk is not cycling IP addresses.

Reply #16
Ehm? This entire thread just stinks of poorly configured sshd running 24/7 on your PC. Which should not be the case for clean Artix installation.

Re: connman-gtk is not cycling IP addresses.

Reply #17
Quote from: Shoun2137 – on
Ehm? This entire thread just stinks of poorly configured sshd running 24/7 on your PC. Which should not be the case for clean Artix installation.
I have modified the SSH config file on this current install to prevent remote logins.
I've also changed root/root to no root. ;D This worked the best, can't use anything requiring root. Can only exist as user.
I've had time to do some normal surfing, return to writing and research.
Learning to lock down the system is a journey I'm just getting started on, so please forgive my previous apothetic perspective regarding computer security.

I'm learning, but this group has training (8200 members and Uni Grads, supporting an evil empire), so I'm at a time disadvantage. My missing knowledge means I'm playing catch up after the fact. Artix Linux has been a benefit to improving my security stance.

What I could discern from the audit.log file.
Learning to look at the log files took me a little while, and I am by no means sure of regular system events vs attacker events in every instance, but I can see things better now, like when I begin my network connection. Anything after that point is open to review.

After getting in:
-On Artix, there is no more Systemd, so that hole has been closed.
-Use Firefox/Librewolf processes to look for signed in accounts, fuzz it and fill the memory until the tab crashes.
Maybe they can gain control of other processes.
-MITM the comment server of social media accounts, like Youtube, to prevent posting comments.
This is probably the last of the steps being performed, not the first steps. When I see the fuzzing of FF/LW, and posting comments is being blocked, I assume there are already dropped files linking the login for the boot up.
-Use /bin/bash  acpi/handler.sh to pass commands and/or use the virtual terminal.
But, since I have made some changes, this no longer appears in the log files.
-Set Cron jobs, maybe to execute Rshells.

After the 'install', I have teams of people following all of my computer activity. They really don't like the things I say. :D

Because I'm still learning, I don't see every area where the attacker/s are traversing, there maybe limitations in my auditd.conf file.

What I use a changing IP address for, to gather information about the attackers, to break any connection an attacker may currently have, to discover what level of attacker I'm dealing with. Is this someone learning Kali linux and playing on the LAN or is this a polished tool not found in Kali.
I do realize when there is a persistent connection, changing IP's and macs won't help shake this type of attacker, but It helps me categorize.
Push/Pull - When you push or pull someone physically or mentally they will respond, either becoming more rigid/immovable or acquiescing and changing direction. This is useful information that teaches you how someone responds in a given situation which you can later exploit. Once you know how someone will respond to a given stimulus, you can set a trap you designed to get that response.

[solved] I have discovered which of the buttons changes rfkill status. It is working well now.
Thank you nous for pointing me in the right direction.
 

Re: connman-gtk is not cycling IP addresses.

Reply #18
Quote from: nous – on
Last I checked, macchanger won't work if the interface is up. DHCP servers usually assign new IPs to new MACs, if the latter appear within a short interval; you cannot force a DHCP server you don't control to assign you a different IP. You have to resort to static.
I misunderstood which button does what.
I was in the middle of dealing with a bunch of excrement and I have to figure out how to clean it up, so I was panicking.

Flopping around like a fish on the ground is how two year olds display there displeasure.
After I recovered, my mommy sat me in the kitchen, brought me cookies and milk to ask me about my feelings.  :-[
Then she sent me outside to go play.

Re: [Solved] connman-gtk is not cycling IP addresses.

Reply #19
This forum isn't a personal blog, it's getting tiresome.