So basically this question is also a 100% newbie but it is more about security.

So I am following this ethical hacking course and things went wrong with installing Kali Linux and updating stuff, so the teacher offered to help me and he did. before he finished though, he wrote something that I believe began with "ad" and ended with conf ??!! not sure. he could see some view IPs and he changed an ip which started with 198.168 to one that starts with 200 and the local one 127.0.0.1 to one that starts with 255.255 and added one with 8.8.8 and so. What did he do here? did he hack me or connected my device to his? or to a server?

It might be a stupid question but i would like to know the answer. Thanks for you help already.

It is almost impossible to reconstruct what your professor did, but it is possible to determine what the current situation is.

What is the output of

That information should help persons start answering your question. See man traceroute, man ip, or man ifconfig for more about those commands.

Be sure to surround the command output with "code" tags, which become available when you click the "Go Advanced" button beneath the "Quick Reply/Compost Post" window.

8.8.8.8 is Google DNS address, that one I know quite well.

True. It's almost never down, so it's good for a test.

I'm not necessarily a Google fan, but I will concede that, when Google builds something, it is usually works as promised. (It's the conditions that Google puts on that promise that sometimes give me pause.)

I'm not so interested in the final destination (8.8.8.8) as I am in what the route to it will reveal. That should give us a hint whether there are any side trips along the way.

Here's my traceroute to Google for comparison purposes.

1 members found this post helpful.

This is it:

Attached Thumbnails

 

I am asking this and i am more curious because, in his videos on Udemy, he does not mention this but he did it to me. It might be harmless, just wanted to check from someone who has some experience.

127.0.0.1 is localhost, the hostname of your computer.

More likely than not the number you saw was 192.168.1.x, your address on the subnet, and 255.255.255.x is the netmask.

https://www.adminsub.net/ipv4-subnet.../255.255.255.0

It's an "ethical" hacking class. Your professor "probably" wasn't setting you up to be exploited, but safety first in all things computer related.

I also thought the same. But when I watched all the settings up videos and saw that he has not mentioned this, I got a bit skeptical. Still curious why he would do it to my laptop but not to others?

Did anyone else have the same problems you did and require his assistance?

You could always run netstat -an and see if you have any suspicious listening ports or connections. It just doesn't sound like he did anything nefarious.

A video covering all of Linux networking, troubleshooting, resolution, and routing issues would be at least several days long. I suspect there were errors, and he corrected them to where you SHOULD have been had there been no errors.

It is unfortunate that he did not provide explanation as he went along, it was a perfect teaching/learning opportunity. If he was pressed for time and resources it is not unreasonable to jsut "fix the problem" without taking time to explain, just unfortunate.

I am sure some people did. I ran it but as a noob, i wouldn't even know how to read these information at the moment.

I agree

Once you log off from the site let your computer set idle for a few minutes till all the connections time out. Then run:

Take note of what posts are listening, which will be designated by the *.* symbol. Also look at what, if any, connections are made to your computer, mark down the #IP and run it at someplace like network-tools.com to see what they resolve to. Things like Akamai are nothing to worry about.

You can reference what might be suspicious ports compared to those of know trojans or services like X-Windows (6000:6010}. There should be a /etc/services file in your distro, there is in BSD, to look up what services use which ports.

If you're running a firewall that carries out Stateful Packet Inspection it should drop any connections not initiated by your machine anyway, and you should be able to block any open ports at the firewall if it worries you.

Now that I've probably scared you worse than you were before... I really would be surprised if anything is out of order due to something he did, but I'm not infallible.

1 members found this post helpful.

Haha. No worries. thanks. I will check that

You're welcome. Be sure to let us know how it turns out and if you have any questions.