|
-
May 23rd, 2005, 06:40 PM
#21
If you're not going to take TH's word here, google DCS1000. It's a little black-box that will pwn your ISP's whole network......without any backtalk. They call it the long-arm of the law for a reason.
Very good agent Starling. It appears that you are able to read between the lines. Do not worry about me coming after you, the world is a much more interesting place with you in it...
For those who don't get the reference, DCS1000 is the FBI's Carnivore project in a new wrapper. There are other mechanisms within ISP networks that make the notion of anonymous surfing a wonderful urban myth.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
May 23rd, 2005, 07:02 PM
#22
***Insert pure West Virginian accent*** You see a lot doctor.
-
May 23rd, 2005, 08:09 PM
#23
I understand the carnivore situation and what not, and I was not asking about chaining proxies for doing something evil. I was just wondering if it was possible.
I have a question about proxies for IRC, i played with ezbounce and dircproxy a little bit, I am looking to use a proxy on IRC not to hide from the feds, but more to no publically display my ip to people of the script kiddie nature.
Any reccomendations on something like that?
kr5kernel
(kr5kernel at hotmail dot com)
Linux: Making Penguins Cool Since 1994.
-
May 24th, 2005, 12:39 AM
#24
Even IF DCS1000 put a stop to proxies, only higher authority has access to its contents. Someone correct me if I'm wrong. So the average joe would be stuck searching through the trail of proxies your hiding behind.
No one said proxies were 100% anonymous.
The command completed successfully.
\"They drew first blood not me.\"
-
May 24th, 2005, 06:21 AM
#25
Member
The number one reason for me to use proxies in the first place is to be able to at least have a different IP for anonymous reasons as said above.. With all the spam and worms on web pages I would at least like to have my IP posted on the net as least as possible.
As for chaining proxies, never done it but im sure ill try. Im sure there is going to be a day where I need to buy a 'select few' DVD's from the local web shop. Maybe I don't want Joe X at the online video rental store saying my name in his head while looking at my viewing selections... 
-
May 24th, 2005, 05:27 PM
#26
In my opinion, if anyone would try to do somthing malicious it would be much easier to simply use a computer in a school, library, CompUSA or any other location w/ Innternet access. You'd only have to worry about cameras
-
May 24th, 2005, 05:46 PM
#27
Unless you went to a school or a library, then you would have to worry about the sysadmins like me that work there.
kr5kernel
(kr5kernel at hotmail dot com)
Linux: Making Penguins Cool Since 1994.
-
May 24th, 2005, 08:22 PM
#28
If "the evildoer" walks into Y O U R library (after he's been footprining your whole network for a week); downloads a custom script that schedules the exploit to run at such and such time from an anon. email service and runs it.
What I am saying that payload can be developed at home and neatly packaged to run from anywhere.
-
May 24th, 2005, 08:55 PM
#29
The number one reason for me to use proxies in the first place is to be able to at least have a different IP for anonymous reasons as said above.. With all the spam and worms on web pages I would at least like to have my IP posted on the net as least as possible.
Well, if you are using a high speed connection and/or some kind of SOHO router (i.e. Linksys) then aren't you NATing your internal addy, effectively accomplishing the same thing as a proxy? Unless you have an MX record for your external routable IP and a mail server configured, why would this matter?
If "the evildoer" walks into Y O U R library (after he's been footprining your whole network for a week); downloads a custom script that schedules the exploit to run at such and such time from an anon. email service and runs it.
What I am saying that payload can be developed at home and neatly packaged to run from anywhere.
This is what group policy is for. Our public PCs have zero install rights let alone access to administrative functions such as task scheduler. We have it so that users can browse the web and work on word docs stored on removable media. Once they're session is done, we have a method of sanitizing the host (no, not deep freeze) which resets it to our default config. Nothing gets left behind.
PS
If you think that admins aren't watching public access hosts then you are a complete fool. They watch them closer than hosts on their "trusted" network. I use that term loosely as I trust no network.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
May 24th, 2005, 10:07 PM
#30
there's no reason to call me a "fool" ...
you have to look at this scenario from an attackers prespective. if the attacker intends to DOS or do a "drive-by" attack that doesn't require more input from attacker (unlike extortion or interactive zombies) he/she can AUTOMATE AND TIME EXECUTION.
you made a very valid point about group policy (also add a physical access policy) but attacker will not use "your network" or "my network" simply BECAUSE they are secure. h/she will use a CompUSA e-machine, Best Buy application center and not every library has R. Stallmen sitting in a closet. In a weekend of driving around you can probably find and create 20-30 zombies in different places. then attacker can just DOS your "secure network".
this is goes to show to the uninitiated that security is everyone's problem
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
