just use a dynamic dns client and have it report the IP of the machine a simple script in the startup of windows or a
http://adeona.cs.washington.edu/ is a "freeware" that attempts to do what lojack for laptops does also just add in a simple fake email server throw some spam and other "valid" emails in the box. On Mon, Sep 21, 2009 at 12:49 PM, Harley Green <[email protected]>wrote: > There are certainly some PDF capabilities that would meet this criteria but > it is not transparent to the end-user. > One example is official electronic transcripts. In order to view the file > the PDF calls home to the certificate server and makes sure the document has > > not reached the maximum viewing limit, there may be other possible > restrictions or checks it can do at the same time as well. > It could be presented to the end-user as an authenticity mechanism ensuring > you view the verified original content, rather than a "call-home" mechanism. > > > On Mon, Sep 21, 2009 at 7:47 AM, Allen Deryke > <[email protected]>wrote: > >> I admit, it does take some social engineering for both cases to work. >> >> You just need to make the webcontent seem critical to the message. In an >> email a sentence like "your new acess code is:" followed by you bugged >> image. >> >> Have it set up so that if the macro isn't run make the excel data seem >> invalid, mess with formating ect. >> >> -- Allen Deryke >> >> On Sep 21, 2009, at 10:33 AM, Adrian Crenshaw <[email protected]> >> wrote: >> >> I've done the webbugs in emails before, the problem is anymore most email >> clients seem to turn off image loading by default. >> >> Adrian >> >> On Mon, Sep 21, 2009 at 10:07 AM, Allen Deryke <<[email protected]> >> [email protected]> wrote: >> >>> Yeah, but excel prompts about this stuff so much that most people would >>> just click "ok". >>> >>> Also links to external images in emails or docs is a great way to pull >>> this off. >>> >>> -- Allen Deryke >>> >>> On Sep 21, 2009, at 9:47 AM, Adrian Crenshaw < <[email protected]> >>> [email protected]> wrote: >>> >>> But would that illicit a warning? >>> >>> Adrian >>> >>> On Mon, Sep 21, 2009 at 3:23 AM, Dimitrios Kapsalis >>> <<[email protected]><[email protected]> >>> [email protected]> wrote: >>> >>>> The only way I can think of this occuring in a word doc is to write a >>>> macro. >>>> >>>> The macro can just ping your box, this should be enough to get the IP. >>>> >>>> On Mon, Sep 21, 2009 at 2:56 AM, Andrew Ellis >>>> <<[email protected]><[email protected]> >>>> [email protected]> wrote: >>>> >>>>> You could add a tab to firefox's default tabs (the ones it loads on a >>>>> new session) that points to a webserver you control. Eventually, the >>>>> stolen laptop's new user will open firefox anew and you'll have the >>>>> new IP. Obviously if the person stealing your box mounts the drive >>>>> rather than logging in, this won't help. >>>>> >>>>> -andrew >>>>> >>>>> On Sun, Sep 20, 2009 at 3:49 PM, Adrian Crenshaw >>>>> <<[email protected]><[email protected]> >>>>> [email protected]> wrote: >>>>> > I recently had a conversation with an author about webbugs, and it >>>>> brought >>>>> > another idea to mind. I seem to remember John Strand saying something >>>>> about >>>>> > Val Smith doing something with detecting insider threats by leaking a >>>>> > document and seeing who opens it. (sorry I can't remember more). >>>>> > >>>>> > Here is the question, anyone know how to make a doc/docx/pdf load >>>>> something >>>>> > from an external site so you can at least find the ip of someone who >>>>> opened >>>>> > the document? >>>>> > >>>>> > Thanks, >>>>> > Adrian >>>>> > >>>>> > _______________________________________________ >>>>> > Pauldotcom mailing list >>>>> > <[email protected]> <[email protected]> >>>>> [email protected] >>>>> > <http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom><http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom> >>>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>>> > Main Web Site: <http://pauldotcom.com/> <http://pauldotcom.com> >>>>> http://pauldotcom.com >>>>> > >>>>> >>>>> >>>>> >>>>> -- >>>>> Andrew Ellis >>>>> <http://www.samurainet.org/blog> <http://www.samurainet.org/blog> >>>>> http://www.samurainet.org/blog >>>>> _______________________________________________ >>>>> Pauldotcom mailing list >>>>> <[email protected]> <[email protected]> >>>>> [email protected] >>>>> >>>>> <http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom><http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom> >>>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>>> Main Web Site: <http://pauldotcom.com/> <http://pauldotcom.com> >>>>> http://pauldotcom.com >>>>> >>>> >>>> >>>> _______________________________________________ >>>> Pauldotcom mailing list >>>> <[email protected]> <[email protected]> >>>> [email protected] >>>> >>>> <http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom><http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom> >>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>> Main Web Site: <http://pauldotcom.com> <http://pauldotcom.com> >>>> http://pauldotcom.com >>>> >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> <[email protected]>[email protected] >>> <http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom> >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: <http://pauldotcom.com> <http://pauldotcom.com> >>> http://pauldotcom.com >>> >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> <[email protected]>[email protected] >>> <http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom> >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: <http://pauldotcom.com>http://pauldotcom.com >>> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: <http://pauldotcom.com>http://pauldotcom.com >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- Tim Krabec Kracomp 772-597-2349 smbminute.com kracomp.blogspot.com www.kracomp.com
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
