Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
Over 50 separate attempts to crack the network and/or bring it down. None successful, closest to being so a DDOS attempt that successfully caused 80% packet loss...for about 30 seconds before the network's countermeasures kicked in, adapted, and put an end to it. That's a secure server built by a security specialist. Most of the attack attempts/probes originated/traced back to one of three locations:
1) A location that appears to be the Aberdeen Proving Grounds in Maryland (Phillips)
2) Fairfax County, Virginia (Langley)
3) Fort Meade, Maryland (NSA Headquarters)
I would like to point out that attempting to crack/bring down a secure system is a federal cyberterrorist offense according to laws written by THE US GOVERNMENT ITSELF.
But I guess according to some, ignoring the law is fine if you're a government agency, eh? Not that I care. You can huff and puff all you like, but that house is not going to come down. In 15 years in this industry, not once has a network I designed for security ever come down, and it's not going to start now. This has become a personal challenge. And now that I know what to expect, I'll be hardening it further with some tweaks and changes overnight.
Welcome to the new "transparent" government under Obama and co.
Little has changed since the days of the cavemen. He who has the biggest biceps makes the rules.
1) I'm a security specialist, My methods already take into account spoofing (which is the word you were digging for but couldn't find). Nice try though.
I wasnt looking for the word "spoofing", and your methods couldnt take into account people hiding behind hidden IP's. They are hidden for a reason. If I attack your network using a VNC from another remote computer, my source isnt provided, just the remote computer.. Being a security specialists you'd know this to be true..
Quote:
Originally Posted by Xanathos
2) You can't trace a hack attempt INTO a private network. In order to do so, you would have to hack into the network through the public IP, and even that is sketchy as to whether it could be done if they had a proper NAT configuration done on the firewall/router, which would open a whole other bag of worms. Doing that would have men in black at my door in relatively short order, and I would get the Kevin Poulsen/Jonathon James treatment (google them). And even at that, the information of the private internal address would be useless. The furthest that can be traced to is the last public address. ALL of the private IP's I listed are "internal IP's". Just because all you ever see at home or at work is 192 doesn't mean that the 10, the 172 are any different (the 127 is a loopback).
I know, which is why I questioned why you would discuss 192's at all..
Quote:
Originally Posted by Xanathos
3) Yes, I'm sure the US government can walk into Belize at any time and shut down my hosting provider. Or it could be I chose Belize specifically BECAUSE they do not have a cooperation treatise with the US government (or any other government, for that matter), and thus have no authority there.
The government has been shutting down numerous sites lately outside of USA control... If you think putting your site up in Belize makes you immune, you have a shock coming to you. http://belizenewspost.com/2009/06/05...sed-in-belize/
Seriously, you're a complete novice when it comes to tech. Why did you even attempt to come on here and try and sound knowledgeable?
I might not be caught up on all of the latest methods to get around "law enforcement", but to pretend you are immune is just silly.. You must not like the fact others know a little bit about these things and are pointing out your errors.
Or why Amazon and Paypal were only "pressured" by politicians (not law enforcement) to shut down their relations with Wikileaks. Again, why do you think that is?
Wikileaks violated paypals TOS agreement, in particular "activities that encourage, promote, facilitate or instruct others to engage in illegal activity."
By publishing illegally obtained information they are encouraging more illegal activity. You are admitting this to be true when you admitted to becoming a mirror host.
I wasnt looking for the word "spoofing", and your methods couldnt take into account people hiding behind hidden IP's. They are hidden for a reason. If I attack your network using a VNC from another remote computer, my source isnt provided, just the remote computer.. Being a security specialists you'd know this to be true..
Hidden IP's are spoofed IP's....
Quote:
The government has been shutting down numerous sites lately outside of USA control... If you think putting your site up in Belize makes you immune, you have a shock coming to you. http://belizenewspost.com/2009/06/05...sed-in-belize/
Perhaps you should read the article to learn that while the company is based in Belize, the SERVERS were in other countries, which is where they went wrong. The article went to great lengths to point that out, because people would question how the heck the US shut anything down in Belize since Belize grants the US no authority.
Those seized domains were fronts that were selling counterfeit goods and copyright materials, which falls under a very specific section of law. The seizure of a domain name also has nothing to do with an IP address. Seriously, you need to educate yourself.
Quote:
I might not be caught up on all of the latest methods to get around "law enforcement"
That's for damn sure.
Quote:
, but to pretend you are immune is just silly..
I never said I was immune. Just said it will be very, very difficult to take that server offline. Which grates on you to no end. Which, I gotta say, brings a little smile to my face.
Again with another story about servers that AREN'T IN BELIZE. Those were based in England. What's the common thread here? Criminals in Belize (who aren't apprehended) who have their equipment which is NOT based in Belize seized. Hmmmm, so the equipment NOT in the country is taken, but the people IN the country are left alone. I wonder why that is? Seriously, are you really so dense that you think the US FTC has authority in other countries? Seriously? You are so damn imperialistic to where you think the US can just cowboy into any country it wants any time it wants? Good god man.
Wikileaks violated paypals TOS agreement, in particular "activities that encourage, promote, facilitate or instruct others to engage in illegal activity."
By publishing illegally obtained information they are encouraging more illegal activity. You are admitting this to be true when you admitted to becoming a mirror host.
Again, nothing WL does is illegal. You can think it all you like, doesn't make it true. I can think that Jessica Alba will walk through my front door in 10 minutes wearing nothing but a pair of bunny ears and a smile, but the odds are it won't happen.
Welcome to the new "transparent" government under Obama and co.
Hopeychangey.
I trained with the Green Jackets at the Northern Ireland Training Center, the GSG-9 course in Augsburg, 2 weeks at weapons school, was PSO for General Richardson and Lieutenant General Morelli at TRADOC (lots of fun embassy stuff) and could have went to Iraq as a US military advisor during the Iraq-Iran War, but went to Egypt instead to train their army in RACO, and after that spent 3 years commanding nuclear weapons missions, plus teaching people how to infiltrate nuclear weapons storage facilities and evaluated Soviet field storage sites as an observer during Druzba '86.
If you need help with personal security, let me know, I'd be honored to serve a compatriot.
Do you as an American care about hurting innocent individuals?
Innocent individuals?
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.
Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
