cacti
+ Reply to Thread
Results 1 to 15 of 18

Thread: Don't trust proxies if...

Hybrid View

  1. #1
    Join Date
    Sep 2006
    Posts
    1,649

    Don't trust proxies if...

    If you plan on doing anything illegal, don't ever use any web proxies. This is common knowledge, but why am I emphasizing it now? Behold, Exhibit A.

    If you haven't heard about how the United States Republican Vice-Presidential nominee Sarah Palin had her Yahoo! email hacked, read about it at [*]

    Now, according to [2] an Anonymous member with the handle "Rubico" used the proxy at [url]http://www.ctunnel.com/[/url] to mask his activities. But the owner of ctunnel.com, Gabriel Ramuglia, voluntarily offered the logs to the FBI containing the IP address of Rubico.

    So, like I said. Don't trust web proxies. They will not cover you, because behind every proxy site is an owner who does not want to get arrested for obstruction of justice. Or even worse, an owner who is willing sacrifice the percieved anonimity of its users just to get one little quote published in an article.

    Oh, if you were wondering, Rubico was discovered. He's a 20-year old named David Kernell in Tennessee. Turns out that when Kernell was posting his hack on the Web, he used the email address that was tied to all of his other less scrupulous activities. So, lesson #2, don't use your true email when doing something illegal.

    Are people this stupid nowadays?

    [*] - [url]http://www.time.com/time/politics/article/0,85**,*8420*7,00.html[/url]
    [2] - [url]http://www.tgdaily.com/html_tmp/content-view-**405-*08.html[/url]
    Last edited by Moonbat; 10-21-2008 at 10:24 PM. Reason: grammar
    "Workers of the world unite; you have nothing to lose but your chains." -Karl Marx

  2. #2
    Join Date
    Oct 2008
    Posts
    19
    yes people are that stupid. if your going to do something illegal then do yourself a favor, and cover your damn *****s! iv done so much shit that i could've gotten in so much trouble but iv always ben able to put it off on somebody else using my words, and alibi's. its not hard to cover your *****s, you just need to think of everything and take your time and be patient

  3. #3
    minaadel1994 Guest

    im ignorant?

    Guys i wanna know how to hack (i dont like php by the way :P)
    all i can do is a batch that gives the pc some commands or some stuff that
    earase ur windows... or destroy ur pc.. , i also can do dos attacks (easy enough , just dunno how to get the ip of the person i wanna attack)
    i wanna do a real hack...like going on someone's pc and actualy type sumething in his notepad

  4. #4
    Join Date
    Jan 2008
    Posts
    140
    lol well goodluck with that, haha hey m00nbat we should create a "hack button" lol something along the lines of "Please Push To Hack" haha why do people think its just that easy??
    Yes..i do wear a grey hat... and don't plan on changing to white or black..

  5. #5
    Join Date
    Sep 2006
    Posts
    1,649
    Quote Originally Posted by teknicalissue View Post
    lol well goodluck with that, haha hey m00nbat we should create a "hack button" lol something along the lines of "Please Push To Hack" haha why do people think its just that easy??
    Because they watch movies like Swordfish and The Matrix.
    (that's right, I'm blaming TV and movies, just like the media! )
    "Workers of the world unite; you have nothing to lose but your chains." -Karl Marx

  6. #6
    Join Date
    Apr 2007
    Posts
    922
    Because they watch movies like Swordfish and The Matrix.
    (that's right, I'm blaming TV and movies, just like the media! )
    You mean a hacker can't break into the dept of defense in 60 seconds while some babe .....?

  7. #7
    Join Date
    Apr 2015
    Posts
    110

    Ignorant too!

    Quote Originally Posted by minaadel***4 View Post
    Guys i wanna know how to hack (i dont like php by the way :P)
    all i can do is a batch that gives the pc some commands or some stuff that
    earase ur windows... or destroy ur pc.. , i also can do dos attacks (easy enough , just dunno how to get the ip of the person i wanna attack)
    i wanna do a real hack...like going on someone's pc and actualy type sumething in his notepad
    I'd like to learn it too but seems to hard for me to start. I should know what's my purpose and whose account am I going to hack. All I know was about connections and VPN's. Other things than that is not my forte but I still want to learn.

  8. #8
    Join Date
    Oct 2002
    Posts
    47
    Quote Originally Posted by mat* View Post
    I'd like to learn it too but seems to hard for me to start. I should know what's my purpose and whose account am I going to hack. All I know was about connections and VPN's. Other things than that is not my forte but I still want to learn.
    You've mentioned that you use a VPN several times, and seem secure in the belief that they're protecting your privacy, but there are some things you should be aware of.

    DNS leaks:

    "A DNS leak may happen whenever a DNS query ‘bypasses’ the routing table and gateway pushed by the OpenVPN server. The trigger on Windows systems may be as simple as a slight delay in the answer from the VPN DNS, or the VPN DNS unable to resolve some name.

    This means that rather than using the DNS servers provided by the VPN operator, it’s possible that the user’s default DNS servers will be used instead or otherwise become visible."

    https://torrentfreak.com/how-to-make-vpns-even-more-secure-*204**/

    The article I quoted goes on to talk about using more than one VPN at a time, or using TOR in addition to a VPN for added security, in addition to other related topics.

    You can check for DNS leaks while using your VPN here:

    https://www.dnsleaktest.com/


    What if your nefarious exploits were discovered? Is your VPN keeping records, and if so, would they give them up if served with a subpoena? Some questions you need to ask are:

    *. Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user of your service? If so, exactly what information do you hold and for how long?

    2. Under what jurisdiction(s) does your company operate?

    *. What tools are used to monitor and mitigate abuse of your service?

    4. Do you use any external email providers (e.g. Google Apps) or support tools ( e.g Live support, Zendesk) that hold information provided by users?

    5. In the event you receive a DMCA takedown notice or European equivalent, how are these handled?

    6. What steps are taken when a valid court order requires your company to identify an active user of your service? Has this ever happened?

    7. Does your company have a warrant canary or a similar solution to alert ********s to gag orders?

    8. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why?

    *. Which payment systems do you use and how are these linked to individual user accounts?

    *0. What is the most secure VPN connection and encryption algorithm you would recommend to your users? Do you provide tools such as “kill switches” if a connection drops and DNS leak protection?

    **. Do you use your own DNS servers? (if not, which servers do you use?)

    *2. Do you have physical control over your VPN servers and network or are they outsourced and hosted by a third party (if so, which ones)? Where are your servers located?

    https://torrentfreak.com/anonymous-vpn-service-provider-review-20*5-*50228/

    It continues with interviews of several VPN providers and their answers to these questions.


    Some other things you need to think about is the browser you're using and how it's configured. Do you have JavaScript enabled globally, or just for selected sites you visit? Consider using Firefox as your browser and the NoScript extension for an added layer of security. You can see what info your browser is giving away about you here:

    https://www.browserleaks.com

    You might want to consider disabling, or uninstalling Flash, as it's notoriously insecure and several Zero-Day exploits have been revealed in the past few weeks. The last site I referenced will also show you what info your browser gives away through Flash.
    Last edited by Siseneg; 07-28-2015 at 03:13 PM.

  9. #9
    Join Date
    Oct 2002
    Posts
    47

    Fyi

    Google Publishes Chrome Fix For Serious VPN Security Hole

    July 2*, 20*5

    "Google has published an extension for its Chrome browser that fixes a serious security hole that can reveal a user's real IP address even though they're using a VPN. The vulnerability was made headlines in early 20*5 and caused a wave of panic but Chrome users can now mitigate the problem with few clicks."


    "January this year details of a serious vulnerability revealed that in certain situations third parties were able to discover the real IP addresses of Chrome and Firefox users even though they were connected to a VPN.

    This wasn’t the fault of any VPN provider though. The problem was caused by features present in WebRTC, an open-source project supported by Google, Mozilla and Opera.

    By placing a few lines of code on a website and using a STUN server it became possible to reveal not only users’ true IP addresses, but also their local network address too."

    https://torrentfreak.com/google-publishes-chrome-fix-for-serious-vpn-security-hole-*5072*/


    How to disable WebRTC in Firefox

    "Firefox users should be able to block the request with the NoScript addon. Alternatively, they can type “about:config” in the address bar and set the “media.peerconnection.enabled” setting to false."

    https://torrentfreak.com/huge-security-flaw-leaks-vpn-users-real-ip-addresses-*50**0/

  10. #10
    Join Date
    Aug 2016
    Posts
    6

    ???

    why done use premium id?

+ Reply to Thread

Similar Threads

  1. Proxies
    By Guest in forum Proxies and Firewalls
    Replies: 0
    Last Post: 04-04-2003, 12:36 AM
  2. IE 5.0 with proxies
    By flo in forum Proxies and Firewalls
    Replies: 1
    Last Post: 07-06-2002, 03:13 PM
  3. Aol and proxies
    By j0080 in forum Proxies and Firewalls
    Replies: 2
    Last Post: 02-20-2002, 03:18 PM
  4. .su proxies?
    By Aragorn in forum Proxies and Firewalls
    Replies: 2
    Last Post: 08-05-2001, 12:37 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts