Did he connect my pc to some server or something?
So basically this question is also a 100% newbie but it is more about security.
So I am following this ethical hacking course and things went wrong with installing Kali Linux and updating stuff, so the teacher offered to help me and he did. before he finished though, he wrote something that I believe began with "ad" and ended with conf ??!! not sure. he could see some view IPs and he changed an ip which started with 198.168 to one that starts with 200 and the local one 127.0.0.1 to one that starts with 255.255 and added one with 8.8.8 and so. What did he do here? did he hack me or connected my device to his? or to a server? It might be a stupid question but i would like to know the answer. Thanks for you help already. |
It is almost impossible to reconstruct what your professor did, but it is possible to determine what the current situation is.
What is the output of Code:
ip addr or Be sure to surround the command output with "code" tags, which become available when you click the "Go Advanced" button beneath the "Quick Reply/Compost Post" window. |
8.8.8.8 is Google DNS address, that one I know quite well.
|
Quote:
I'm not necessarily a Google fan, but I will concede that, when Google builds something, it is usually works as promised. (It's the conditions that Google puts on that promise that sometimes give me pause.) I'm not so interested in the final destination (8.8.8.8) as I am in what the route to it will reveal. That should give us a hint whether there are any side trips along the way. Here's my traceroute to Google for comparison purposes. Code:
$ traceroute 8.8.8.8 |
1 Attachment(s)
Quote:
|
I am asking this and i am more curious because, in his videos on Udemy, he does not mention this but he did it to me. It might be harmless, just wanted to check from someone who has some experience.
|
Quote:
More likely than not the number you saw was 192.168.1.x, your address on the subnet, and 255.255.255.x is the netmask. https://www.adminsub.net/ipv4-subnet.../255.255.255.0 It's an "ethical" hacking class. Your professor "probably" wasn't setting you up to be exploited, but safety first in all things computer related. ;) |
Quote:
I also thought the same. But when I watched all the settings up videos and saw that he has not mentioned this, I got a bit skeptical. Still curious why he would do it to my laptop but not to others? |
Quote:
Quote:
You could always run netstat -an and see if you have any suspicious listening ports or connections. It just doesn't sound like he did anything nefarious. |
Quote:
It is unfortunate that he did not provide explanation as he went along, it was a perfect teaching/learning opportunity. If he was pressed for time and resources it is not unreasonable to jsut "fix the problem" without taking time to explain, just unfortunate. |
Quote:
|
Quote:
|
Quote:
Code:
netstat -an You can reference what might be suspicious ports compared to those of know trojans or services like X-Windows (6000:6010}. There should be a /etc/services file in your distro, there is in BSD, to look up what services use which ports. If you're running a firewall that carries out Stateful Packet Inspection it should drop any connections not initiated by your machine anyway, and you should be able to block any open ports at the firewall if it worries you. Now that I've probably scared you worse than you were before... :p I really would be surprised if anything is out of order due to something he did, but I'm not infallible. |
Quote:
|
Quote:
|
All times are GMT -5. The time now is 03:29 PM. |