User Controls
Posts by LiquidIce
-
2016-02-11 at 11:03 AM UTC in Another IP Address Question.
Cool thanks for the update, do yopu know though if it would locate it back to an exact computer, for example if the IP address was to a workplace, an exact company with say 20 employees coul someone locate it to an exact computer or will it just come back that office?
I believe this has been answered 3+ times in this thread already. Not being a jerk, but if you don't see those posts as answers, is it that we're misunderstanding your question? -
2016-02-11 at 7:50 AM UTC in How do I install linux?
If you're using UEFI instead of oldschool BIOS it becomes kind of a pain in the ass. What computer are you using?
Tell me about it! I had a windows box that I wanted to dualboot with Ubantoo but it turned out impossible because the windows box was using MBR to boot and uefi only trusted linux when using gpt... it took reading this https://www.happyassassin.net/2014/01/25/uefi-boot-how-does-that-actually-work-then/ to understand what the fuck was going on, wiping the drive, installing windows on a gpt partition again, then linux, and finally cracking open a bear at the end. -
2016-02-08 at 5:18 PM UTC in An Unresponsive Port
Many sys admins consider even a passive port scan to be a legitimate attack. You'd be shocked at how anal and offense-orientated they are. They figure, why the fuck would you even be scanning their network in the first place? So although it's not a crime to scan networks, many network administrators just want to know who you are anyways. So they set up dummy ports that have no server on them just to log the IPs which try to scan them. But it's not hard to just use a mule machine and bounce scans off that, either pipe the results somewhere else or pick it up later, keep switching mules every session.
Maybe medium or large companies have that kind of sysadmins as well as honeypots and ids'. All the start ups I know don't spend a single minute thinking about this stuff. Then they get big. Then they lose 30mln customer records to bobby tables.
Anyways, OP, any luck? -
2016-02-08 at 7:29 AM UTC in An Unresponsive Port
Some honeypots also present what appear to be open ports, but your IP and infos are merely being logged. The port will not accept any commands.
Sending traffic to an open port wouldn't constitute breaking the law in most places I believe. If it did, even pinging that machine or sending it tcp syn packets (for port scanning) would be a violation.
That said, good point. I'd use a vpn or proxychains + tor for this kinda stuff.
<tin foil hat> -
2016-02-08 at 7:26 AM UTC in Low budget privacy.Good write up man. Also dat clean python code.
I've bookmarked the vpn service, I think I'll start using it starting today for some extra safety, mainly against potentially exploited web sites.
Btw, about the german data protection laws - you might wanna read up this + the comments -> http://arstechnica.com/tech-policy/2016/01/cock-li-server-seized-again-by-german-prosecutor-service-moves-to-iceland/ . In short, turns out that germany has good data protection laws.. for its citizens. And they also cannot into RAID-based storage (hilarious).
-
2016-02-07 at 12:13 PM UTC in An Unresponsive PortThis is super interesting. All I could find on short notice is this (from nmap docs): https://nmap.org/book/vscan.html
I'll look more into this soon as I've had this problem a few times before. -
2016-02-05 at 5:07 PM UTC in Pimp my network
That's the kind of stuff that keeps me awake at night.
The reality is, if your network is compromised, you can revamp it and still possibly have everything infected. Someone can keep you under surveillance for something you did six months ago. I mean, it doesn't take a genius to run Kali and crack WPA anymore. It's a game of unfalsifiable hypotheses.
Yeah, especially if it needs just one stupid packet, one stupid "weather notification service" or whatever the fuck and boom, it's recorded somewhere so someone can tied it back to you like 12 months later. I think it's still fairly costly to do this, but moore's law etc.
I was messing around with nmap recently I found out that my ISP-provided modem-router has open ports 80 and 21 on the outside interface, and only port 80 on the inside one. What the flying fuck? I remember scanning the inside interface and found it satisfactory, then by chance I scanned the other one and fuck, great, how do I change this - oh, I can't, cause proprietary router software, what the fuck? Gonna figure this one out this weekend. Oh, the cherry on top is that I have ipv6 on my local network, but my ISP doesn't do ipv6. I mean, what the shit? -
2016-02-05 at 4:01 PM UTC in Another IP Address Question.I'm not much into the mobile infrastructure stuff, but I know that your phone connects to an RRC and the RRC connects to a group of computers that perform some routing logic on your data and only then actually forward your data out to the Internet. This group of computers (this has a specific name, I forget what it is) actually can keep TCP connections open for you, even if you turn your phone off, and are like a gateway between the phone data network (which is SCTP if I remember correctly, cool shit) and the Internet.
What I'm trying to say is that, while I've never done this, I suspect that you could be getting lots of false positives because of this system. Your mobile provider could route your traffic through the same network (ie. hold on to an IP for you) even if you're traveling between cells. -
2016-02-05 at 2:13 PM UTC in Ok guise lets commandeer this network for keks.
Currently running a network audit with Nexpose with the credentials i provided, if nothing interesting comes up i'll run an asset discovery scan if that comes up with the local network i'll run a general audit on the devices on the network itself, obviously i'll post the results here. here's the info you requested.
get dns host settings
DNS Server:
Primary : 24.92.226.11, Src Interface: ethernet0/0
Secondary: 24.92.226.12, Src Interface: ethernet0/0
Tertiary : 0.0.0.0, Src Interface: Null
Refresh domain name IP Addresses:
Never
Normal UDP session: 0
GJ dude. The dns stuff doesn't look interesting, it's just using some default TWC dns servers I think. It does offer some chance of a mitm if you set up your own dns server and changed those settings to point to your dns server. -
2016-02-05 at 10:39 AM UTC in Ok guise lets commandeer this network for keks.Interesting make-believe scenario.
So there's not much going on in there it seems. No DHCP - maybe the hosts use static addressing? The arp'ed macs show that there's probably a few pc's and a printer on the network. You could try scanning those ip's for open ports.
Another thing that comes to mind is taking a snapshot of the current interface counters now and in like 24h to get an idea of how much data is moved through the network. Looking at the docs, youd do this by
get counter statistics interface ethernet0/0
get counter statistics interface ethernet0/6
I'm going by your latest info dump that specifies interfaces 0 and 6 as being up and all the others as being down.
You could also do
get dns host settings - Displays DNS servers and assigned interfaces
get admin - Displays management information such as access ports and enhancemented IP addresses
A DNS server/cache could be a trove of information or helpful in further steps in this game.
-
2016-02-05 at 7:53 AM UTC in Pimp my networkOne thing that's always in the back of my mind is that there's just so much shit going on now. You know, the whole thing about a single stupid UDP packet going over in the clear and your whole security infrastructure failing cause of that (wasn't this how a lot of vpn users were tracked? a udp packet?).
If I were just telneting placed, sure, easy fucking peasy. But a web browser? You get your usual xhr stuff - sure that's old, but then you got all this new stuff like websockets, webrtc, dns-prefetch 'n all. Unless you're willing to put in that 20-50 hours of reading through all the shit out there and making sure non of it (nor it's implementation in a specific browser) won't betray you, how can you be sure? -
2016-02-05 at 7:49 AM UTC in A network of forums
Yeah, there would be some weird situations that would come up, if a user were banned from server A but not server B and continued to post on B the whole DB state would drift apart. I don't think there's any sane way of doing it without either waiting for consensus for the ban to take effect or having the ban take effect immediately. There's also a whole host of race conditions in any system with writable replicas but I do think that issue would be solvable in the context of a forum.
This is like distributed systems in a nutshell :D - it all boils down to these rules in the end I think https://en.wikipedia.org/wiki/Fallacies_of_distributed_computing#The_fallaciesNo, I was just wondering it anyone would be interesting in doing something like this.
Imagine if it was a community based forum, where rules/bannings/features/etc would be determined by the users through voting. New servers could join the mesh if voted in by users and current servers could be voted out.
This concept would nearly prevent the forum from shutting down. As long as one server stays up, the whole forum is up. Although each server would have it's own IP and domain name. Later when/if the other servers came up, they'd update the data.
This sounds a bit like https://github.com/HelloZeroNet/ZeroNet . I found that a few months ago, the project looks to be growing nicely. I believe the only thing that this project may not support is multiple admins (creation, revocation). It's a pretty neat idea in itself.
-
2016-02-03 at 12:27 PM UTC in How to get off your ass and start runningThere's one reason I'm posting this here: it made a difference for me and I want to make a case for this so that maybe it proves useful to some other people.
There are two reasons why I think running is good, but first I want to talk about all the stuff that's keeping you likely keeping you from running.
I'm not a runner, never have been. I was skinny fat when I started, but I think this gives you the same handicap if you're fat: you have no muscle strength, no endurance, your tendons and ligaments are weak. When you start running, it feels like fucking dying. Everything from your legs to your abdomen, chest, and even your head will hurt. But here's the thing: every single time you do it, your body, all automatically, changes it self a little bit to avoid this pain. Every time you subject yourself to this torture, your body does everything it can to make the next time easier. It's biological, it's guaranteed. As long as you do this, even once a week, this happens.
With that out of the way, here are the reasons why it's good:
It does something to your psyche. I don't know whether it works the same for everyone, but it's a big enough effect that I'm writing about it. It sort of reminds me of meditation - it clears your thoughts. I started doing it because I was depressed as fuck and it helped out a lot. Coupled with calisthenics, I think this is what pulled me out of that dark pit and set me doing things I always wanted to do in life.
It's good for your brain - https://en.wikipedia.org/wiki/Neurobiological_effects_of_physical_exercise. In the short term it helps your brain cope with stress. In the long term, it improves your cognitive skills like memory and focus. It does this by changing your brain chemistry so that your neurons get more resources. Finally, it improves your cardiovascular health - this is mentioned so often that I think it has lost its meaning so I will describe it like this: you'll be able to go further in any physical activity and you'll live longer. Let that sink in - you'll be able to, completely on your own, transport yourself further or perform physical activities for longer. This is literally like leveling up your character stats.
Ok, let's get down to actually doing it.
Running is cheap to do. You can start with what you have now (any shoes, cloths, etc.) and once you scrounge up enough cash you can buy yourself a pair of decent shoes (40-100$). Decent shoes are ones with little to no cushioning ie. you're looking for the flatest, most flexible shoes in the running section. This will help you avoid heel striking and a lot of pain. Light shoes make you naturally avoid heel striking - you'll feel like you're landing on the balls of your feet instead. Your stride will get shorter but you will still run at the same speed.
How do you start running? I recommend using couch-to-5-k because it gets a lot of things right. Don't worry about making it to running 5ks in 8 weeks - treat the program more as a guideline. If you can't run, start with the walking week. If you can run a little, start with week 2 or 3. Don't overtrain - stop running if you're feeling physical pain. You want to give your body time to adjust. This is especially important if you don't do any physical exercise: your soft tissues will adjust fairly quickly, but your ligaments and tendons need weeks/months.
C25k: http://blackgirlsguidetoweightloss.com/wp-content/uploads/2012/10/couch-to-5k.jpg
If you wanna do this, just get up, put on your shoes, and do it. You might want to do a small warmup first - do a few squats, run in place for 15-20 seconds, anything to get your muscles warm. Are you afraid of other people seeing you? I've been there. I solved it by running early morning/late at night and after a few runs I decided to run in the day. You know what happened? Nothing at all. People don't care about other people. They barely spare you a 500 millisecond look.
Like I mentioned earlier, your whole body will probably hurt at this point. But you did it and be proud of every little victory like this and prepare yourself for the next run. Try to keep runs a day or two apart to let your body heal. If you're starting from zero, getting to a 30 minute run might take you anywhere from 3 to 6 months, but that's just a goal - all the good stuff, like getting disciplined, building a stronger body, relieving stress happens all the times - both when you're running and when you're healing.
Glhf. -
2016-02-03 at 12:04 PM UTC in Another IP Address Question.It depends on the who would want to locate you, what kind of access they have. ISPs can generally tell who was assigned a specific IP address down the the router level. If the machine you're using is behind a large NAT, as in say, a college building or a coffee house with like 30 people, then your connection may have left traces in the logs (dhcp logs for consumer routers, normal logs for better hardware) which would include time, ip, mac address and probably more info. At that point, they would use physical means to ID you ie. your login info if you were using a public computer or they'd use camera footage to narrow down the range of suspects.
These are the options available to anyone with admin access - think the admins, law enforcement, ISP technicians, private security personal, etc.
If you're not one of them and you want to locate an IP address then you're shit out of luck. Unless you're prepared to do a lot of social engineering or a lot of legwork then there's no way to do that that I know of. The IP you provided says you're located somewhere in Bedford, UK and that the ISP for it is Jisc Services and that it's part of "Bedfordshire School NATs". You can also try to get more info by checking out what IP address range the IP belongs to, what organization it's serviced by and with that knowledge you might get more clues. I was looking for someone who accessed my site and this way I found that they were using an IP from a range owned by a company that leases lines in a certain geographical area, this company had a site that listed its clients, and by trial and error I was able to find which client the line belonged to. -
2016-02-03 at 11:54 AM UTC in A network of forumsYeah - the forum software would have to connect to these other forums and mirror them (ie. posts, topics, users). Admin actions such as banning would be propagated to the other forums and would have to be approved by other admins before taking effect. This could work with multiple databases, each hosted on its own server, with some code to interface with the other databases and ensure a specific state of a record (ie. "up for banning", "banned", etc). While this would allow any one admin to perform an action on their own database, the interface code would auto-heal this change to match the other databases. This means there would be no central server and there would be consensus-delays to deal with ie. a user could be banned on server 1 but still good on server 2.
It'd be some pretty complex stuff (I dont know the theory behind consensus algos at all) but pretty cool. Are you making one? -
2016-02-02 at 4:55 PM UTC in Ok guise lets commandeer this network for keks.
Teach me the ways of the force, master.
Sorry that I havent posted anything yet, I just got back from traveling and Im jet lagged back into 1999. -
2016-02-01 at 12:53 PM UTC in The official 'Thank You Lanny' thread
-
2016-01-30 at 12:51 PM UTC in IP Address Question
To add to that nobody in their right mind would configure a network with the IP addresses of the connected client devices being publicly addressable. So these clients would all have different LAN addresses but would send and receive packets to the Internet via the same IP or in large enterprises be assigned to one of several addresses which are routable.
What about ipv6? And ip address for each and every device on the webz? No more need from stuff like STUN or TURN or port forwarding. What with the router hacks these days, does a NAT really give you any security? -
2016-01-29 at 9:36 AM UTC in Would everyone here be interested in a Bill Krozbylet.net?
AI are also genuinely curious, no? Aliens are genuinely curious too, maybe.
Curiosity is a bad litmus test for "humanity" is what I'm saying.
True, my bad. I should rephrase it as "Conscious beings I can trust". -
2016-01-29 at 1:43 AM UTC in Pimp my networkInteresting turn of discussion. Would you say that security is a spectrum and while protecting yourself against your nosy neighbor-skiddie at home or asshole-sysadmin at work is a bit different than protecting yourself against an enemy with relatively infinite resources compared to you (state sponsored)?
I try to keep myself secure against skiddies. Anything else - I'm not qualified enough to do with any degree of certainty.It's stuff like this -> http://www.wired.com/2013/07/nsa-cracked-kryptos-before-cia/ (nsa decyphered something that the cia was working on to decipher years before the latter - but they didnt say they did) why I can't have any reasonable degree of certainty.