Remove aja yg nggak penting Mas, habis itu di update

Speak English please.

Sorry :(

what language was that, anyways?

what language was that, anyways?

it should be indonesian

guys is there any anti-netcut app in fedora ? this shit kills me everyday in the university

guys is there any anti-netcut app in fedora ? this shit kills me everyday in the university

anti-netcut?

What would it be supposed to do?

anti-netcut?

Netcut is windows app kills other user's internet connection so some shitty ppl keep the whole speed for them

i get 50 KB out of 20 MB ?

Netcut is windows app kills other user's internet connection so some shitty ppl keep the whole speed for them

How would that work exactly? Aside deauthing you from the Network?

There is no actual App that can force you off the Network

The only Thing you _can_ do is going to the Source and using QOS, Quality of Service.

http://alternativeto.net/software/netcut/

http://alternativeto.net/software/tuxcut/

http://alternativeto.net/software/netcut/

He wants an App to Stop it

Not to do it

How would that work exactly? Aside deauthing you from the Network?

some said that this app (netcut or selfish net) make your machine a gateway for the whole network you are using, so you can keep the whole speed for u

some said that this app (netcut or selfish net) make your machine a gateway for the whole network you are using, so you can keep the whole speed for u

Thats a Security Problem that you can easily fix

Thats a Security Problem that you can easily fix

how, plz

https://forum.ivorde.com/how-to-add-persistent-static-arp-entries-in-linux-t19121.html

This thing fucks with the ARP table which is illegal, dangerous and can be used to sniff your whole internet traffic

http://alternativeto.net/software/netcut/

this is the same netcut, i don't wanna be one of these people ?

if you set the router's ip and Mac static there it can to nothing

I am horrified this Software exists

if you set the router's ip and Mac static there it can to nothing

ah static ip ? i'll try it thanks

No not a static ip

Also you can look at The TuxCut Tool

It provides protection against this shit

http://www.linuxandubuntu.com/home/tuxcut-a-tool-to-protect-linux-against-arpspoof-attacks

This is again, literally a very dangerous attack used by a tool commercially for bullshit. I would strongly recommend making this clear to the administrators, People around you and warning them of the implications

This tool can literally take all your unsecured communications and listen trough them

Again, strongly recommend to speak to the Admins because they can provide protection from it.

And they should ^^

>using unhardened communication in 2017

>using unhardened communication in 2017

Next to noone knows about ARP poisoning and its effects and that the protocol is basically unprotected in 2017

tbh I didn't know those tools existed

shocking

@Shell528 what these people are doing with NetCut is making everyone else's computers believe that they are the router, but you can make your OS remember which address is the real router and then netcut will have no effect on you

this is my understanding anyway

tbh I didn't know those tools existed

Yep. And thats why we need another layer of security for "which pc is which" XD

Any Os should warn from ARP Packets not coming from a .1 address tough sometime XD

And even then vlans may be the only (cpuintensive) viable solution

i get 50 KB out of 20 MB ?

Talk to the SysAdmin and help him to spot what MAC address are taking the whole bandwidth and ask to ban them. :D

this is my understanding anyway

Thats mostly it. You can evade it if you know the actual router ip and set it as static entry

should almost be default behaviour to remember the routers real address

should almost be default behaviour to remember the routers real address

It can change legitimately and there is always the case that an arp attacker may be the first to answer

making the router the "Untrusted" guy

sure

>should

almost

tbh

just

I suppose this is more of an issue with public wifi networks

"public"

You could make a speedtest over both Arp responses and choose the faster one XD

This tool can literally take all your unsecured communications and listen trough them

anything more than wireshark?

anything more than wireshark?

It makes you a MITM

So anything a man in the middle with literally all your packets running trough him could do he can do

So anything a man in the middle with literally all your packets running trough him could do he can do

so, like wireshark? ?

Or an un-ssl-tool

A http token stealer

Just collecting non-https passwords

if you're going through https or so then I guess it will warn you about unsecure connection

if you're going through https or so then I guess it will warn you about unsecure connection

If you visit the site for the first time or HSTS has run out it wont

ERROR: S client not available

If you visit the site for the first time or HSTS has run out it wont

What? If you visit a site for the first time, and its certificate is not signed by the authority, you will be notified of the problem, and a regular sniffing guy won't have a certificate signed by a legit authority.

I guess what you mean is, if you visit a website using HTTP you won't be redirected to HTTPS that way, and it's true that it's a risk

What? If you visit a site for the first time, and its certificate is not signed by the authority, you will be notified of the problem, and a regular sniffing guy won't have a certificate signed by a legit authority.

No, not signed but instead plain http

sslstrip

No, not signed but instead plain http

yeah, that's true, that's why I always use the https everywhere extension

I guess what you mean is, if you visit a website using HTTP you won't be redirected to HTTPS that way, and it's true that it's a risk

If the attacker is lucky enough that hsts isnt set

yeah, that's true, that's why I always use the https everywhere extension

Many, many Poeple dont sadly

some stupid people changed configuration of our websites to use an alternative ssl certificates

i was mantaining the websites with let's encrypt

then the websites became to provide ssl errors instead of php

when asked I told them it would be that way for the next four months

and also I said "you're welcome"

I don't know one thing tough. Would HSTS protect a dns hijacked website?

I don't know one thing tough. Would HSTS protect a dns hijacked website?

I'm not an expert, but I would assume that if the website can only be accessed using HTTPS, and only the original one can get a certificate signed by an authority

recently some people hacked the dns zone of a brazilian bank and therefore were able to produce valid ssl certificates for a pishing website without ever touching the bank's web servers

well, I guess with the ability to get valid certificates practically everything goes down the drain

what about the users web browser cache, doesn't that get affetced with hsts?

10 members to go 900.

if this chat is anything like @letstalkprogramming it will hit it and go back to 899 repeatedly

Hi @Schza ! Welcome to the group

Hi @Schza ! Welcome to the group

thanks, @kohane!

I don't know one thing tough. Would HSTS protect a dns hijacked website?

HSTS would protect from everything but someone else getting a valid certificate for your site.

what about the users web browser cache, doesn't that get affetced with hsts?

What do you mean? HSTS just means "Every future Connection _must_ be valid ssl and dont even present the user an optout button"

I'm having some problems with nvidia drivers on fedora. The screen freezes and needs to reboot, but today I stayed two hours trying to enter the graphical mode. someone can help me? (sorry for my english)

Good morning, everybody.

Good morning

Good morning, everybody.

Good morning!

Good morning

❤️ :^)

Hi o/

Welcome aboard, @ikaizuka and @Gggul