Jump to content

Anonymous releases court data as Thai police vow to catch hackers


Recommended Posts

Posted

You do understand masking IP addresses via proxy right?

Rest assured, whatever IP addresses the Thai Police think they have, are just some random IP addresses generated by Proxy servers to hide where the real source IP address is. But let the Thai police go on a wild goose chase.

Thai police thinking then can catch and prosecute Anonymous is laughable.

Ummm.... you're not showing much of an understanding of proxy severs yourself. It's impossible to generate random IP addresses.

Leave this discussion to those who know better Slapnuts.

Such as who?

Me.

The basic proxy server sits on 2 networks. On the client side there is a defined range of IP addresses; on the other side (internet, WAN, DMZ, whatever) is a different range of IP addresses.

When a client communicates through a proxy server the server picks the IP address to use on the "remote" side. Depending on the number of simultaneous sessions, the next client will get next available IP, which with variable loads makes it pseudo-random.

Don't ask me about proxy servers that have been programmed to use algorithms other than "next available"; which improves the privacy attributes. Then there are the proxies that are managed without saving certain log files; which deters investigation, as there is no record of how the remote side IPs related to the client side IPs.

Anyway, suffice it to say, not all proxies are designed alike, and some of them are tuned for maximum obfuscation.

  • Replies 137
  • Created
  • Last Reply

Top Posters In This Topic

Posted

The stupid Thai police will no doubt be scouring this forum in desperation and hoping they can snag someone in-country they can make into their habitual unfounded scapegoat. That's about as good as they can do.

Thailand: way out of its depth in the 21st Century.

Love that tag line - so accurate.

Posted

You do understand masking IP addresses via proxy right?

Rest assured, whatever IP addresses the Thai Police think they have, are just some random IP addresses generated by Proxy servers to hide where the real source IP address is. But let the Thai police go on a wild goose chase.

Thai police thinking then can catch and prosecute Anonymous is laughable.

Ummm.... you're not showing much of an understanding of proxy severs yourself. It's impossible to generate random IP addresses.

Leave this discussion to those who know better Slapnuts.

Such as who?

Me.

The basic proxy server sits on 2 networks. On the client side there is a defined range of IP addresses; on the other side (internet, WAN, DMZ, whatever) is a different range of IP addresses.

When a client communicates through a proxy server the server picks the IP address to use on the "remote" side. Depending on the number of simultaneous sessions, the next client will get next available IP, which with variable loads makes it pseudo-random.

Don't ask me about proxy servers that have been programmed to use algorithms other than "next available"; which improves the privacy attributes. Then there are the proxies that are managed without saving certain log files; which deters investigation, as there is no record of how the remote side IPs related to the client side IPs.

Anyway, suffice it to say, not all proxies are designed alike, and some of them are tuned for maximum obfuscation.

The purpose of a proxy server is to handle internet page requests from a client as if the proxy server itself had made the request. This could be for anonymity reasons or for network performance reasons or for other reasons.

A proxy server cares not a hoot what the client address is for functional purposes.

It does not need anything more than one public network interface or network.

It does not need to allocate any IP address to anything. It just sits in the middle.

Posted

If it were as simple as obfuscation through using "a proxy server" there may a be a remote chance of attributing a certain action on a particular person.

Imagine this scenario:
A user logs into a virtual machine connects to some one else's wifi, then connects, via TOR, to a remote hacked machine, the remote machine connects a VPN, the VPN'd traffic goes to another remote machine, that uses a proxy service thru TOR with spoofed MAC address to connects to the target machine..
Do you follow? really?
Imagine the hours of fun trying to just trace in single IP request through that..

Even to unravel one layer of that would challenge GCHQ and the NSA.

Doesn't mean they cannot be captured.
Some say that TOR has been tampered with enabling TPTB to de-anonymize users.. I highly doubt that it is possible to use generally to de-anonymize all traffic, I doubt still further anyone other than state hackers would have any chance of doing that.

Some of those running Silk Road were captured, but it took months of hard work and a stroke of luck.. not so easy with an in/out hacking operation that probably had many contributes

Anon have been pulling off epic stunts for many years now. The one that get caught are often the young script kiddies. and like any good "service provider" they learn from their mistakes and develop ever better techniques.

If Thailand could ever provide evidence enough to for an valid extradition warrant for an individual, then any country that has an extradition treaty with Thailand would need to comply.
And yes breaking into state owned computer system, and stealing data, is a very serious crime in every country..

Don't do it kids.


Posted

If it were as simple as obfuscation through using "a proxy server" there may a be a remote chance of attributing a certain action on a particular person.

Imagine this scenario:

A user logs into a virtual machine connects to some one else's wifi, then connects, via TOR, to a remote hacked machine, the remote machine connects a VPN, the VPN'd traffic goes to another remote machine, that uses a proxy service thru TOR with spoofed MAC address to connects to the target machine..

Do you follow? really?

Imagine the hours of fun trying to just trace in single IP request through that..

Even to unravel one layer of that would challenge GCHQ and the NSA.

Doesn't mean they cannot be captured.

Some say that TOR has been tampered with enabling TPTB to de-anonymize users.. I highly doubt that it is possible to use generally to de-anonymize all traffic, I doubt still further anyone other than state hackers would have any chance of doing that.

Some of those running Silk Road were captured, but it took months of hard work and a stroke of luck.. not so easy with an in/out hacking operation that probably had many contributes

Anon have been pulling off epic stunts for many years now. The one that get caught are often the young script kiddies. and like any good "service provider" they learn from their mistakes and develop ever better techniques.

If Thailand could ever provide evidence enough to for an valid extradition warrant for an individual, then any country that has an extradition treaty with Thailand would need to comply.

And yes breaking into state owned computer system, and stealing data, is a very serious crime in every country..

Don't do it kids.

It has been debunked since and TOR is still safe.

The Silk road and other arrests from Tor websites are mostly due to honeypots and "fbi-Users"

Posted

I want to download the file anonymous is sharing but I am also very hesitant to. The data sounded like it was extremely easy pickings for the hackers and was left on an open web server. Amateurs.

I'll amuse myself of the mental image of the meetings the court authorities and police are having today and the completely bewildered looks on their faces at what is happening to them. Chickens coming home to roost! clap2.gifcheesy.gif

Posted (edited)
Such as who?

Me.

The basic proxy server sits on 2 networks. On the client side there is a defined range of IP addresses; on the other side (internet, WAN, DMZ, whatever) is a different range of IP addresses.

When a client communicates through a proxy server the server picks the IP address to use on the "remote" side. Depending on the number of simultaneous sessions, the next client will get next available IP, which with variable loads makes it pseudo-random.

Don't ask me about proxy servers that have been programmed to use algorithms other than "next available"; which improves the privacy attributes. Then there are the proxies that are managed without saving certain log files; which deters investigation, as there is no record of how the remote side IPs related to the client side IPs.

Anyway, suffice it to say, not all proxies are designed alike, and some of them are tuned for maximum obfuscation.

The purpose of a proxy server is to handle internet page requests from a client as if the proxy server itself had made the request. This could be for anonymity reasons or for network performance reasons or for other reasons.

A proxy server cares not a hoot what the client address is for functional purposes.

It does not need anything more than one public network interface or network.

It does not need to allocate any IP address to anything. It just sits in the middle.

Not the ones anonymous is using...

Edited by phoenixdoglover
Posted

I wouldn't be too confident that TOR users cannot be de-anonymized - There is an awful lot of ongoing research. This isn't the time or pace to discuss the merits and pitfalls of the big onion - suffice to say to be truly anonymous you need more than a TOR connection.

Neither the less, back-tracing a user would take a lot of work and would be pretty much irrelevant to any investigation into recent events in Thailand even foar the Cyber-Purlece unless somebody dun-goofed..

I am would be pretty sure that Thailand is right now pressing for maximum assistance from those that could possibly provide any help to find these folk, if you get me.

Posted

This is all beside the point. Whether or not they really understand IP and routing and proxy servers and all that is irrelevant. Surely in their mind they think they understand it. That means they're going to show up at somebody's doorstep who had the misfortune one day of getting an IP address assigned to him that now matches an IP address the police are looking for. They'll get somebody, and that's all that matters.

Posted

Many not so funny stray dogs here. RTP is pretty much more effektive then just handing speedtickets like European police tend sticking to. Just becouse they dont come to fingerprint for evidence when someone stole your barcondom does not mean they dont care about solving crimes.

From the OP:

"He acknowledged police still have no clue"

ain't that the truth....

Posted

clap2.gif Of Course they'll catch them, can only be a matter of time as their efficiency is legend.

Will they actually arrest them or issue summonses for Anonymous members to report to the BIB whenever they have some free time ?

We compared many IP addresses against the DNA samples and it is a 100% match, we tested it in our police labs, no we don't have it anymore but we tell truth ....

They are apparently still confused that even though the DNA matched, they still couldn't get a ping from the destination.....................................rolleyes.gif

Posted

As if they can be caught by an IP address. These are the people that the CIA wish they can recruit. Some of the most brilliant tech minds in the world. Does anyone think they 'overlooked' their own IP addresses?

Posted

Agree with some of the previous posts, that catching the actual hackers is not important to the kind of people we are dealing with here when you want to talk about govt. officials on the warpath. Unfortunately, to save face doesn't require that you are correctly placing blame. That they can't possibly catch the culprits is probably missing the point at the end of the day, as satisfying as it might be to rest assured that Anonymous can pretty much expose the Thai government with impunity and will continue to do so as long as it remains fun and interesting for them. Just sayin', as they say.

Posted (edited)

Release the so-called guilty Burmese and go after the Koh Tao mafia ...until then expect more protests and attacks of all kinds..your corruption has been your undoing..you have no moral high ground to stand on. Don't flaunt your pathetic laws in the faces of those who effort at exposing you. Laws used for you to hide behind and defend a system meant to benefit the few...

Edited by freedom4life
Posted

Release the so-called guilty Burmese and go after the Koh Tao mafia ...until then expect more protests and attacks of all kinds..your corruption has been your undoing..you have no moral high ground to stand on. Don't flaunt your pathetic laws in the faces of those who effort at exposing you. Laws used for you to hide behind and defend a system meant to benefit the few...

They don't care. And those that do know there's nothing they can do about the system. The fish stinks from the head down. End of.

Posted

Hahaaaaa! You don't think they use VPNs and the most up to date tech to hide their location!? They all have the same haircut, and they all wear the same clothes lol

cheesy.gif

Posted

If the rest of the world can not figure out who these guys are, what makes the Thai police think that they can?

Plenty of Burmese candidates here. whistling.gif

Posted

I'd be interested to know how this works here if anyone knows.

1. Thai police ID IP address overseas - Common knowledge to be able to Id the country or even the city of the IP address but not the name of the person or their address.

2. To my knowledge only the IP service provider can divulge the actual name and address of the person IF they have broken the law in the country of the IP service provider or international law (Where extradition treaty exists).

Criticising Thai police is not a breach of international law or law in most countries so therefore they have no way of finding out who the hackers are.

Does that sound correct or have I missed something?

There will probably be some General out there who owns a detective agency who will take on the job for a few million bht. coffee1.gif

Posted

It seems that the Thai authorities just don't know how to deal with these attacks on their credibility from the outside world. There only answer is to threaten which works fine for it's own citizens but doesn't cut any ice for the Western countries

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.




×
×
  • Create New...