Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
1. A ddos attack would be a widespread attack using a number of zombie systems simultaeously from multiple worldwide IP's, not 3 ip's leding directly to government sites.
2. As a security specialist who used to be the 2nd to the AIS security officer on a Naval base, I can tell you attacks would be on multiple levels, targeting the server, and also targeting the router, and any other servers or systems on the network, as a method of using them to get to the server itslef.
3. If the hackers were realy government agents, do you really think they would use backtrackable IP's, and that they wouldn't have either proxied themselves half a dozen time, or used addresses that would lead to the wrong place.
Seriously. Nice story, and I am sure there were several people who actually believed you, but as an IT specialist with over 20 years of prefessional employment AFTER being in the military for 10 years and as a member of the black hats, I KNOW about network security, and I know all about building a server to be secure. I also know when I hear a nice story, that doesn't have the ring of truth.
I tried to explain all of this to him, but he's setup one website and now knows everything.
Quote:
Originally Posted by Darkatt
There'
s no reason to crash the sites, all you need to do is remove dns routing from the root servers and point them to a site that says, "SORRY". and Wikileaks is down. If dns doesn't resolve, there's no way to access a website or any of it's mirrors.
I said that also and he told me I was wrong, and he had hundreds of certificates on his wall to prove it.. Go figure..
Xanathos has less than no credibility; he actually tried to tell me, of all people, in another thread that Alaskan salmon and halibut are brought down live in large holding tanks. I got the impression that he was attempting to talk down to me. He didn't realize he was talking to an expert in the seafood industry; thankfully he stopped embarrassing himself when that became apparent.
Xanathos has less than no credibility; he actually tried to tell me, of all people, in another thread that Alaskan salmon and halibut are brought down live in large holding tanks. I got the impression that he was attempting to talk down to me. He didn't realize he was talking to an expert in the seafood industry; thankfully he stopped embarrassing himself when that became apparent.
Thank you for acting as a mirror host for WikiLeaks.
I've read that many of established media have come out against Julian Assange. Our own supposedly impartial media. Then all the many corporations, among them Amazon, PayPal, MasterCard, that are running for cover. Not to mention our government flouting its own laws in a desperate attempt to hide the truth. Never mind any attempt to merely apologize for their many misdeeds revealed.
If watched closely, this period in time will adequately reveal the true colors of many, whether governments, corporations, or individuals.
I count you on the side of angels.
I have been following the tsa mess very closely and even turning on the tv to see what the "news" says about it. If that is all you saw you'd wonder what all the fuss was about. The smily pretty faces give quick two minute summaries and thats all you need to know.
Fortunately they are not all thats out there.
The companies have been intimidated into cooperating. The bottom line matters most and it can be messed with even if it isn't said. Our government is pressing other governments to do their bidding since we can't since its not illegal.
Yes, we need to watch closely. And remember. I am speaking of those of either "side" or party here too. They all owe us the people the respect of honesty over lies.
As for the OP, I'm not an expert but even if he is lying through his keyboard many others are mirroring the site. And if taken down there are others waiting to take the place. Governments are scared of the internet because they can't control it. They love to use it but not when others do. It is a celebration to me of every single site which mirrors the site that we the people (worldview) are saying NO.
1. A ddos attack would be a widespread attack using a number of zombie systems simultaeously from multiple worldwide IP's, not 3 ip's leding directly to government sites.
If you're a security specialist, as you claim, then you are fully aware that you can backtrack the bounces from the botnet (which is the word you're searching for). The problem with trying to stay hidden behind a botnet is the zombies themselves are vulnerable to compromise from the other direction (the network being attacked to the botnet), which makes it relatively easy to see where the commands are coming from.
Quote:
2. As a security specialist who used to be the 2nd to the AIS security officer on a Naval base, I can tell you attacks would be on multiple levels, targeting the server, and also targeting the router, and any other servers or systems on the network, as a method of using them to get to the server itslef.
Single point of entry. You lose your credibility here. How do you get to a server AND a router and "other systems on the network" without penetrating first? Especially when you have no visibility into the network. Think of it as a drain. There's only one way in the drain, but once inside, the pipes can split in multiple directions. The first thing you have to get past in any attack on a network is the Intrusion prevention device. I'll flat-out give you the brand I use: It's from a company called Top-Layer Security. They're relatively unknown, but the best in the industry. Designed by some of my old classmates at MIT. This is where the DDoS attacks started on the network, and stopped on the network. Why? Because you can't get a DDoS attack to overwhelm that device for more than a few seconds. It's a straight-line architecture. IPS-Firewall-security server (DMZ)-Firewall-Router-Switch-Load balancer/servers. I can't go into details as to how the things behind the IPS are configured, but it's not public access. There's more to getting in to that particular mirror than the typical "I click a link, I'm in". Also something I can't go into details on.
In order to get to the server or to the router, you have to get through the security devices first. You can't just hop over the prevention system and into the internal systems. You fall apart here with your claim that you know what you're talking about on this issue. You're skipping the whole penetration aspect of the network itself.
Quote:
3. If the hackers were realy government agents, do you really think they would use backtrackable IP's, and that they wouldn't have either proxied themselves half a dozen time, or used addresses that would lead to the wrong place.
I think the government has been especially sloppy in how they've handled all the attacks on WL to this point. I think the most likely scenario is they have hired what I will term agents to conduct these attacks on the mirror sites for them, and have provided these agents with launch consoles by which to run their attacks from. Frankly, I think the people that have been hired to do this (and it's continued today, though not as nearly at such a torrid pace) have likewise not been terribly careful in covering their tracks, because frankly, I don't think they care. Most mirror sites are public access servers, so I don't think they were really expecting to come up against a hardened system in their dealings. As I stated in my original post, most of the other attacks came from areas such as Romania and Hungary, but I don't believe it was Romanians or Hungarians who were actually launching the attacks. I think those were just less sloppy and used a proper proxy datacenter to conduct their attacks. There is also the little problem that numerous news stories have come out today with quotes from other mirror hosters verifying that they have been under constant attack, and multiples of them have been able to trace the attacks back to locations which "conveniently" house US interest facilities. Or are all of THEM liars, as well?
Quote:
Seriously. Nice story, and I am sure there were several people who actually believed you, but as an IT specialist with over 20 years of prefessional employment AFTER being in the military for 10 years and as a member of the black hats, I KNOW about network security, and I know all about building a server to be secure. I also know when I hear a nice story, that doesn't have the ring of truth.
Yeah see, not buying this. It doesn't take 30 years of experience to understand that if there's only one point of entry, you can't launch a multi-faceted attack until you've already compromised the network. You're also trying to claim that you spent 20 years as a member of a group that doesn't actually exist, but rather is just a term to describe people who crack maliciously. If you spent 20 years as a black hat after the military, the government would have dealt with you ages ago due to what you would have known in terms of their procedures, since you're stating that you were a "bad" hacker, to use layman's terms. You don't work 20 years as a "professional black hat", because malicious hacking isn't a job.
It was a good attempt on your part to pull a few terms out of Wikipedia or a Jeffrey Deaver novel (or, and I'm going to throw a really wild guess out here, playing "Uplink", since you are tending to describe the premise of that game, no matter how silly the actual procedures in it were) and try to spin them into a backstory. Next time you try this story, claim you spent 20 years as a white hat doing penetration testing for a company like Anitian or something (and don't say you were a "member" of white hat). It'll hold together better than claiming you've spent TWO DECADES hacking maliciously after working for government, but somehow never drew the attention of the government.
Last edited by Xanathos; 12-06-2010 at 08:03 PM..
Reason: Grammar cleanup.
If you're a security specialist, as you claim, then you are fully aware that you can backtrack the bounces from the botnet (which is the word you're searching for). The problem with trying to stay hidden behind a botnet is the zombies themselves are vulnerable to compromise from the other direction (the network being attacked to the botnet), which makes it relatively easy to see where the commands are coming from.
Single point of entry. You lose your credibility here. How do you get to a server AND a router and "other systems on the network" without penetrating first? Especially when you have no visibility into the network. Think of it as a drain. There's only one way in the drain, but once inside, the pipes can split in multiple directions. The first thing you have to get past in any attack on a network is the Intrusion prevention device. I'll flat-out give you the brand I use: It's from a company called Top-Layer Security. They're relatively unknown, but the best in the industry. Designed by some of my old classmates at MIT. This is where the DDoS attacks started on the network, and stopped on the network. Why? Because you can't get a DDoS attack to overwhelm that device for more than a few seconds.
In order to get to the server or to the router, you have to get through the security devices first. You can't just hop over the prevention system and into the internal systems. You fall apart here with your claim that you know what you're talking about on this issue. You're skipping the whole penetration aspect of the network itself.
I think the government has been especially sloppy in how they've handled all the attacks on WL to this point. I think the most likely scenario is they have hired what I will term agents to conduct these attacks on the mirror sites for them, and have provided these agents with launch consoles by which to run their attacks from. Frankly, I think the people that have been hired to do this (and it's continued today, though not as nearly at such a torrid pace) have likewise not been terribly careful in covering their tracks, because frankly, I don't think they care. Most mirror sites are public access servers, so I don't think they were really expecting to come up against a hardened system in their dealings. As I stated in my original post, most of the other attacks came from areas such as Romania and Hungary, but I don't believe it was Romanians or Hungarians who were actually launching the attacks. I think those were just less sloppy and used a proper proxy datacenter to conduct their attacks. There is also the little problem that numerous news stories have come out today with quotes from other mirror hosters verifying that they have been under constant attack, and multiples of them have been able to trace the attacks back to locations which "conveniently" house US interest facilities. Or are all of THEM liars, as well?
Yeah see, not buying this. It doesn't take 30 years of experience to understand that if there's only one point of entry, you can't launch a multi-faceted attack until you've already compromised the network. You're also trying to claim that you spent 20 years as a member of a group that doesn't actually exist, but rather is just a term to describe people who crack maliciously. If you spent 20 years as a black hat after the military, the government would have dealt with you ages ago due to what you would have known in terms of their procedures, since you're stating that you were a "bad" hacker, to use layman's terms. You don't work 20 years as a "professional black hat", because malicious hacking isn't a job.
It was a good attempt on your part to pull a few terms out of Wikipedia or a Jeffrey Deaver novel (or, and I'm going to throw a really wild guess out here, playing "Uplink", since you are tending to describe the premise of that game, no matter how silly the actual procedures in it were) and try to spin them into a backstory. Next time you try this story, claim you spent 20 years as a white hat doing penetration testing for a company like Anitian or something (and don't say you were a "member" of white hat). It'll hold together better than claiming you've spent TWO DECADES hacking maliciously after working for government, but somehow never drew the attention of the government.
7...8...9..10...YOU'RE OUT! He never saw that haymaker comin'.
Too funny, 20 years as a "black" hat. Might as well say 20 years as an alien working out in the open to destroy the planet. Has the same audacity and believability.
If you're a security specialist, as you claim, then you are fully aware that you can backtrack the bounces from the botnet (which is the word you're searching for). The problem with trying to stay hidden behind a botnet is the zombies themselves are vulnerable to compromise from the other direction (the network being attacked to the botnet), which makes it relatively easy to see where the commands are coming from.
Single point of entry. You lose your credibility here. How do you get to a server AND a router and "other systems on the network" without penetrating first? Especially when you have no visibility into the network. Think of it as a drain. There's only one way in the drain, but once inside, the pipes can split in multiple directions. The first thing you have to get past in any attack on a network is the Intrusion prevention device. I'll flat-out give you the brand I use: It's from a company called Top-Layer Security. They're relatively unknown, but the best in the industry. Designed by some of my old classmates at MIT. This is where the DDoS attacks started on the network, and stopped on the network. Why? Because you can't get a DDoS attack to overwhelm that device for more than a few seconds.
In order to get to the server or to the router, you have to get through the security devices first. You can't just hop over the prevention system and into the internal systems. You fall apart here with your claim that you know what you're talking about on this issue. You're skipping the whole penetration aspect of the network itself.
I think the government has been especially sloppy in how they've handled all the attacks on WL to this point. I think the most likely scenario is they have hired what I will term agents to conduct these attacks on the mirror sites for them, and have provided these agents with launch consoles by which to run their attacks from. Frankly, I think the people that have been hired to do this (and it's continued today, though not as nearly at such a torrid pace) have likewise not been terribly careful in covering their tracks, because frankly, I don't think they care. Most mirror sites are public access servers, so I don't think they were really expecting to come up against a hardened system in their dealings. As I stated in my original post, most of the other attacks came from areas such as Romania and Hungary, but I don't believe it was Romanians or Hungarians who were actually launching the attacks. I think those were just less sloppy and used a proper proxy datacenter to conduct their attacks. There is also the little problem that numerous news stories have come out today with quotes from other mirror hosters verifying that they have been under constant attack, and multiples of them have been able to trace the attacks back to locations which "conveniently" house US interest facilities. Or are all of THEM liars, as well?
Yeah see, not buying this. It doesn't take 30 years of experience to understand that if there's only one point of entry, you can't launch a multi-faceted attack until you've already compromised the network. You're also trying to claim that you spent 20 years as a member of a group that doesn't actually exist, but rather is just a term to describe people who crack maliciously. If you spent 20 years as a black hat after the military, the government would have dealt with you ages ago due to what you would have known in terms of their procedures, since you're stating that you were a "bad" hacker, to use layman's terms. You don't work 20 years as a "professional black hat", because malicious hacking isn't a job.
It was a good attempt on your part to pull a few terms out of Wikipedia or a Jeffrey Deaver novel and try to spin them into a backstory. Next time you try this story, claim you spent 20 years as a white hat doing penetration testing for a company like Anitian or something (and don't say you were a "member" of white hat). It'll hold together better than claiming you've spent TWO DECADES hacking maliciously after working for government, but somehow never drew the attention of the government.
Unless you have a computer infected with the exact bot the zombie computer is running, you have no way whatsoever know where it's getting it's commands from, UNLESS YOU violate the law and gain access to that specific system, and install software on it to track all incoming and outgoing communication. I also bring to your attention, if the computer performing the attack is behind a router performing nat, does your drainpipe theory hold water?
While the router is a single point of entry, unless you have but 1 single computer being fed from it, there are other computers, and a multipronged attack includes attempts at all systems by backtracking each differing IP address, WHILE also trying to gain internal access to the router. Unless you are utilizing nat on your router, and using internal ip addresses, with no direct internet address on each of your systems, access your drainpipe diagram doesn't hold water. It does make it more difficult because now you have to figure out what ports are forwarded where and attempt to gain access to internal system through various ports. The use of an intrusion detection system is only as good as the system itself. Toplayer out of hudson is a good company, but again, the system is not infallable.
In your first post you said nothing about Romanians, or Hungarians, you listed 3 places doing the hacking/ddos attacks and all three were American sites. Change 2 Mod Delta anyone?
Last, if you believe the "Black Hats" are malicious hackers, you have
1. Proven my point.
2. Failed to read what I wrote.
3. Again, let everyone who DOES know what they are talking about, just how little you do know. The Black Hats are an ETHICAL group, something just about every single computer professional worth their while, as well as every security firm and the government know about. We get people from all major router vendors, security system vendors, microsoft, and more, every year at the conference, (which I have missed several of unfortunately).
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.
Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
rotflmao
