Members Online
Total Online: 33 Web Spiders: 17
Guests Online: 32
Members Online: 1
Registered Members: 70189 Newest Member: CrownClown
|
View Thread
| Author |
Is a proxy enough? |
rohansingh47
Member
Posts: 45
Location: INDIA
Joined: 03.02.08
Rank: Hacker Level 3 |
|
Found on r00tsecurity.org
"I have to say, that the most common way for a person to hide their e-dentity is via a proxy.
Now, one problem with the proxies, is that anyone with common sense can find out your real IP. This is the start of Forensics.
The easiest way for a person to find your IP is the find the provider of the proxy, most like CDN (CoDeeN), seeing that they arethe largest proxy releasing company on the inet. Once they contact CoDeeN (who keep records of all IP's logged into their proxyat all times), they can find your IP and with a simple whois, can come up with the location of you or your ISP. After that, it's just a long talk between you and your ISP to find out your information. That's if there has been illegal activity and/or you caused some pretty hefty damage. ISP's can't release a persons information without a court order as that is an invasion of privacy.
I would love to change the world, but they won't give me the source code
|
|
| Author |
RE: Is a proxy enough? |
slpctrl
Member
Posts: 945
Location: 2147483647
Joined: 19.04.07
Rank: God |
|
|
rohansingh47 wrote:
Found on r00tsecurity.org
"I have to say, that the most common way for a person to hide their e-dentity is via a proxy.
Now, one problem with the proxies, is that anyone with common sense can find out your real IP. This is the start of Forensics.
The easiest way for a person to find your IP is the find the provider of the proxy, most like CDN (CoDeeN), seeing that they arethe largest proxy releasing company on the inet. Once they contact CoDeeN (who keep records of all IP's logged into their proxyat all times), they can find your IP and with a simple whois, can come up with the location of you or your ISP. After that, it's just a long talk between you and your ISP to find out your information. That's if there has been illegal activity and/or you caused some pretty hefty damage. ISP's can't release a persons information without a court order as that is an invasion of privacy.
Well, then you have the TOR concept. Anyone can run a tor server on their own machine and become a tor node for others to connect to and browse through, encrypted. I don't believe the software keeps logs either, I could be wrong. Your whole scenario is highly flawed because you assume it's one proxy service (which I've personally never even heard of TBH). I've heard of individual hosts of the TOR server getting busted for shit like CP that other people were actually downloading through their connection because they were running a TOR server, but never actually anybody traced through it. It might be, might not be I donno but I'd say a proxy is about as safe as you're going to get. Unless you want to use gloves on another person's computer without their knowledge etc etc.
It's really actually much much more difficult than just using some standard common sense to track someone through a proxy; and I'm pretty sure, at least here in the U.S. ISPs aren't going to hand over just anyones information to someone who calls them up because they 'did illegal things on your server' or something similar. Otherwise it would be painfully easy to SE ISPs into getting information. I'm sure it is possible, and I'm sure there are some people working for ISP companies that can be SEd into giving out personal information, but I can't imagine it'd be something that happens often.
Edited by slpctrl on 08-08-08 20:42 |
|
| Author |
RE: Is a proxy enough? |
Infam0us
Member
Posts: 153
Location: 0x080484c6
Joined: 06.09.07
Rank: HBH Guru |
|
From what ive learned through reading articles on the net and here on HBH is that the safest way to not get caught is to not do anything illegal.
But if you must, the best way is to crack a wireless network with a spoofed mac and use a chain of proxies (preferably with out of country servers) to attack whoever your attacking. This way, even if they can trace back to the source they find a little old lady with a broken into router and logs filled with spoofed mac's.
But like i said the best way to not get caught is to not do it 
"Never memorize what you can look up in books." -Albert Einstein
[img]javasc ript:alert(document.cookie);[/img] |
|
|
| Author |
RE: Is a proxy enough? |
slpctrl
Member
Posts: 945
Location: 2147483647
Joined: 19.04.07
Rank: God |
|
|
Infam0us wrote:
But if you must, the best way is to crack a wireless network with a spoofed mac and use a chain of proxies (preferably with out of country servers) to attack whoever your attacking.
Yeah, and maybe in 20 years you will be able to complete your 'attack'.
Granted, a proxy is sluggishly slow aswell, if you really don't want to get caught I guess you could do that. Actually, if you were such a leet h4x0r you could root somebodies box and plant a self coded proxy server that would allow you to connect to it making sure you wrote it to not keep any logs etc.
Edited by slpctrl on 08-08-08 21:26 |
|
|
| Author |
RE: Is a proxy enough? |
spyware
Member
Posts: 4190
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
|
|
1) Steal laptop
2) Hack using laptop
3) Return laptop to the owner, tell him you found it in the park, and found his address on the hard drive. Accept the fifty dollar bill he hands to you.
4) Whistle
"The chowner of property." - Zeph Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term. - Carl Sagan Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor? - Ebert |
|
|
| Author |
RE: Is a proxy enough? |
Infam0us
Member
Posts: 153
Location: 0x080484c6
Joined: 06.09.07
Rank: HBH Guru |
|
slpctrl wrote:
Infam0us wrote:
But if you must, the best way is to crack a wireless network with a spoofed mac and use a chain of proxies (preferably with out of country servers) to attack whoever your attacking.
Yeah, and maybe in 20 years you will be able to complete your 'attack'.
Granted, a proxy is sluggishly slow aswell, if you really don't want to get caught I guess you could do that. Actually, if you were such a leet h4x0r you could root somebodies box and plant a self coded proxy server that would allow you to connect to it making sure you wrote it to not keep any logs etc.
You make it sound like its hard to spoof a mac and crack a wireless network? All those steps should take you a total of 35 minutes MAX. Maybe the way you crack wireless it would take 20 years...
Use backtrack2 to spoof mac (30 seconds), use your brain to crack the wireless network (with aireplay-ng this should only take 15-25 minutes), use google to find proxies, then use ip locator (http://www.geobytes.com/IpLocator.htm?Getlocation) to see if they are located out of country (10-20 min. depending on how many you want to go through) sorry 35.5 minutes MAX.
20 years????
"Never memorize what you can look up in books." -Albert Einstein
[img]javasc ript:alert(document.cookie);[/img]
Edited by Infam0us on 08-08-08 22:03 |
|
|
| Author |
RE: Is a proxy enough? |
slpctrl
Member
Posts: 945
Location: 2147483647
Joined: 19.04.07
Rank: God |
|
Infam0us wrote:
slpctrl wrote:
Infam0us wrote:
But if you must, the best way is to crack a wireless network with a spoofed mac and use a chain of proxies (preferably with out of country servers) to attack whoever your attacking.
Yeah, and maybe in 20 years you will be able to complete your 'attack'.
Granted, a proxy is sluggishly slow aswell, if you really don't want to get caught I guess you could do that. Actually, if you were such a leet h4x0r you could root somebodies box and plant a self coded proxy server that would allow you to connect to it making sure you wrote it to not keep any logs etc.
You make it sound like its hard to spoof a mac and crack a wireless network? All those steps should take you a total of 35 minutes MAX. Maybe the way you crack wireless it would take 20 years...
Use backtrack2 to spoof mac (30 seconds), use your brain to crack the wireless network (with aireplay-ng this should only take 15-25 minutes), use google to find proxies, then use ip locator ( http://www.geobytes.com/IpLocator.htm?Getlocation) to see if they are located out of country (10-20 min. depending on how many you want to go through) sorry 35.5 minutes MAX.
20 years????
Lol. I'm talking about the speed at which you would be running at, not the steps it would take to spoof a mac address and find an insecure wireless signal. Then again, there's not a living breathing person around me for 2 miles (I live in a big farm), so I have no wireless signal at all. It seems to me though that your connection speed would be shit.
|
|
|
| Author |
RE: Is a proxy enough? |
Infam0us
Member
Posts: 153
Location: 0x080484c6
Joined: 06.09.07
Rank: HBH Guru |
|
slpctrl wrote:
Infam0us wrote:
slpctrl wrote:
Infam0us wrote:
But if you must, the best way is to crack a wireless network with a spoofed mac and use a chain of proxies (preferably with out of country servers) to attack whoever your attacking.
Yeah, and maybe in 20 years you will be able to complete your 'attack'.
Granted, a proxy is sluggishly slow aswell, if you really don't want to get caught I guess you could do that. Actually, if you were such a leet h4x0r you could root somebodies box and plant a self coded proxy server that would allow you to connect to it making sure you wrote it to not keep any logs etc.
You make it sound like its hard to spoof a mac and crack a wireless network? All those steps should take you a total of 35 minutes MAX. Maybe the way you crack wireless it would take 20 years...
Use backtrack2 to spoof mac (30 seconds), use your brain to crack the wireless network (with aireplay-ng this should only take 15-25 minutes), use google to find proxies, then use ip locator ( http://www.geobytes.com/IpLocator.htm?Getlocation) to see if they are located out of country (10-20 min. depending on how many you want to go through) sorry 35.5 minutes MAX.
20 years????
Lol. I'm talking about the speed at which you would be running at, not the steps it would take to spoof a mac address and find an insecure wireless signal. Then again, there's not a living breathing person around me for 2 miles (I live in a big farm), so I have no wireless signal at all. It seems to me though that your connection speed would be shit.
rofl sorry thought you meant it would take 20 years to complete the steps haha... what a moron sorry.
Well actually i have chained a few proxies together and surprisingly when i connected to one from another the second one just took over and it really wasn't too bad
"Never memorize what you can look up in books." -Albert Einstein
[img]javasc ript:alert(document.cookie);[/img] |
|
|
|
|
|
Main:
