Jump to content
Login with your Gmail HERE and start posting in seconds! ×

Anonymous releases court data as Thai police vow to catch hackers

webfact

By webfact
in Thailand News

 Share

Recommended Posts

phoenixdoglover Advanced Member

phoenixdoglover

Posted
Posted

You do understand masking IP addresses via proxy right?

Rest assured, whatever IP addresses the Thai Police think they have, are just some random IP addresses generated by Proxy servers to hide where the real source IP address is. But let the Thai police go on a wild goose chase.

Thai police thinking then can catch and prosecute Anonymous is laughable.

Ummm.... you're not showing much of an understanding of proxy severs yourself. It's impossible to generate random IP addresses.

Leave this discussion to those who know better Slapnuts.

Such as who?

Me.

The basic proxy server sits on 2 networks. On the client side there is a defined range of IP addresses; on the other side (internet, WAN, DMZ, whatever) is a different range of IP addresses.

When a client communicates through a proxy server the server picks the IP address to use on the "remote" side. Depending on the number of simultaneous sessions, the next client will get next available IP, which with variable loads makes it pseudo-random.

Don't ask me about proxy servers that have been programmed to use algorithms other than "next available"; which improves the privacy attributes. Then there are the proxies that are managed without saving certain log files; which deters investigation, as there is no record of how the remote side IPs related to the client side IPs.

Anyway, suffice it to say, not all proxies are designed alike, and some of them are tuned for maximum obfuscation.

Link to comment
Share on other sites
  • Replies 137
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

BwindiBoy Advanced Member

BwindiBoy

Posted
Posted

The stupid Thai police will no doubt be scouring this forum in desperation and hoping they can snag someone in-country they can make into their habitual unfounded scapegoat. That's about as good as they can do.

Thailand: way out of its depth in the 21st Century.

Love that tag line - so accurate.

Link to comment
Share on other sites
Melyn Advanced Member

Melyn

Posted
Posted

You do understand masking IP addresses via proxy right?

Rest assured, whatever IP addresses the Thai Police think they have, are just some random IP addresses generated by Proxy servers to hide where the real source IP address is. But let the Thai police go on a wild goose chase.

Thai police thinking then can catch and prosecute Anonymous is laughable.

Ummm.... you're not showing much of an understanding of proxy severs yourself. It's impossible to generate random IP addresses.

Leave this discussion to those who know better Slapnuts.

Such as who?

Me.

The basic proxy server sits on 2 networks. On the client side there is a defined range of IP addresses; on the other side (internet, WAN, DMZ, whatever) is a different range of IP addresses.

When a client communicates through a proxy server the server picks the IP address to use on the "remote" side. Depending on the number of simultaneous sessions, the next client will get next available IP, which with variable loads makes it pseudo-random.

Don't ask me about proxy servers that have been programmed to use algorithms other than "next available"; which improves the privacy attributes. Then there are the proxies that are managed without saving certain log files; which deters investigation, as there is no record of how the remote side IPs related to the client side IPs.

Anyway, suffice it to say, not all proxies are designed alike, and some of them are tuned for maximum obfuscation.

The purpose of a proxy server is to handle internet page requests from a client as if the proxy server itself had made the request. This could be for anonymity reasons or for network performance reasons or for other reasons.

A proxy server cares not a hoot what the client address is for functional purposes.

It does not need anything more than one public network interface or network.

It does not need to allocate any IP address to anything. It just sits in the middle.

Link to comment
Share on other sites
MrTee Silver Member

MrTee

Posted
Posted

If it were as simple as obfuscation through using "a proxy server" there may a be a remote chance of attributing a certain action on a particular person.

Imagine this scenario:
A user logs into a virtual machine connects to some one else's wifi, then connects, via TOR, to a remote hacked machine, the remote machine connects a VPN, the VPN'd traffic goes to another remote machine, that uses a proxy service thru TOR with spoofed MAC address to connects to the target machine..
Do you follow? really?
Imagine the hours of fun trying to just trace in single IP request through that..

Even to unravel one layer of that would challenge GCHQ and the NSA.

Doesn't mean they cannot be captured.
Some say that TOR has been tampered with enabling TPTB to de-anonymize users.. I highly doubt that it is possible to use generally to de-anonymize all traffic, I doubt still further anyone other than state hackers would have any chance of doing that.

Some of those running Silk Road were captured, but it took months of hard work and a stroke of luck.. not so easy with an in/out hacking operation that probably had many contributes

Anon have been pulling off epic stunts for many years now. The one that get caught are often the young script kiddies. and like any good "service provider" they learn from their mistakes and develop ever better techniques.

If Thailand could ever provide evidence enough to for an valid extradition warrant for an individual, then any country that has an extradition treaty with Thailand would need to comply.
And yes breaking into state owned computer system, and stealing data, is a very serious crime in every country..

Don't do it kids.


Link to comment
Share on other sites
GeorgesAbitbol Newbie

GeorgesAbitbol

Posted
Posted

If it were as simple as obfuscation through using "a proxy server" there may a be a remote chance of attributing a certain action on a particular person.

Imagine this scenario:

A user logs into a virtual machine connects to some one else's wifi, then connects, via TOR, to a remote hacked machine, the remote machine connects a VPN, the VPN'd traffic goes to another remote machine, that uses a proxy service thru TOR with spoofed MAC address to connects to the target machine..

Do you follow? really?

Imagine the hours of fun trying to just trace in single IP request through that..

Even to unravel one layer of that would challenge GCHQ and the NSA.

Doesn't mean they cannot be captured.

Some say that TOR has been tampered with enabling TPTB to de-anonymize users.. I highly doubt that it is possible to use generally to de-anonymize all traffic, I doubt still further anyone other than state hackers would have any chance of doing that.

Some of those running Silk Road were captured, but it took months of hard work and a stroke of luck.. not so easy with an in/out hacking operation that probably had many contributes

Anon have been pulling off epic stunts for many years now. The one that get caught are often the young script kiddies. and like any good "service provider" they learn from their mistakes and develop ever better techniques.

If Thailand could ever provide evidence enough to for an valid extradition warrant for an individual, then any country that has an extradition treaty with Thailand would need to comply.

And yes breaking into state owned computer system, and stealing data, is a very serious crime in every country..

Don't do it kids.

It has been debunked since and TOR is still safe.

The Silk road and other arrests from Tor websites are mostly due to honeypots and "fbi-Users"

Link to comment
Share on other sites
mrrizzla Newbie

mrrizzla

Posted
Posted

I want to download the file anonymous is sharing but I am also very hesitant to. The data sounded like it was extremely easy pickings for the hackers and was left on an open web server. Amateurs.

I'll amuse myself of the mental image of the meetings the court authorities and police are having today and the completely bewildered looks on their faces at what is happening to them. Chickens coming home to roost! clap2.gifcheesy.gif

Link to comment
Share on other sites
phoenixdoglover Advanced Member

phoenixdoglover

Posted
Posted (edited)
Such as who?

Me.

The basic proxy server sits on 2 networks. On the client side there is a defined range of IP addresses; on the other side (internet, WAN, DMZ, whatever) is a different range of IP addresses.

When a client communicates through a proxy server the server picks the IP address to use on the "remote" side. Depending on the number of simultaneous sessions, the next client will get next available IP, which with variable loads makes it pseudo-random.

Don't ask me about proxy servers that have been programmed to use algorithms other than "next available"; which improves the privacy attributes. Then there are the proxies that are managed without saving certain log files; which deters investigation, as there is no record of how the remote side IPs related to the client side IPs.

Anyway, suffice it to say, not all proxies are designed alike, and some of them are tuned for maximum obfuscation.

The purpose of a proxy server is to handle internet page requests from a client as if the proxy server itself had made the request. This could be for anonymity reasons or for network performance reasons or for other reasons.

A proxy server cares not a hoot what the client address is for functional purposes.

It does not need anything more than one public network interface or network.

It does not need to allocate any IP address to anything. It just sits in the middle.

Not the ones anonymous is using...

Edited by phoenixdoglover
Link to comment
Share on other sites
MrTee Silver Member

MrTee

Posted
Posted

I wouldn't be too confident that TOR users cannot be de-anonymized - There is an awful lot of ongoing research. This isn't the time or pace to discuss the merits and pitfalls of the big onion - suffice to say to be truly anonymous you need more than a TOR connection.

Neither the less, back-tracing a user would take a lot of work and would be pretty much irrelevant to any investigation into recent events in Thailand even foar the Cyber-Purlece unless somebody dun-goofed..

I am would be pretty sure that Thailand is right now pressing for maximum assistance from those that could possibly provide any help to find these folk, if you get me.

Link to comment
Share on other sites
attrayant Gold Member

attrayant

Posted
Posted

This is all beside the point. Whether or not they really understand IP and routing and proxy servers and all that is irrelevant. Surely in their mind they think they understand it. That means they're going to show up at somebody's doorstep who had the misfortune one day of getting an IP address assigned to him that now matches an IP address the police are looking for. They'll get somebody, and that's all that matters.

Link to comment
Share on other sites
bangon04 Ruby Member

bangon04

Posted
Posted

Many not so funny stray dogs here. RTP is pretty much more effektive then just handing speedtickets like European police tend sticking to. Just becouse they dont come to fingerprint for evidence when someone stole your barcondom does not mean they dont care about solving crimes.

From the OP:

"He acknowledged police still have no clue"

ain't that the truth....

Link to comment
Share on other sites
MrTee Silver Member

MrTee

Posted
Posted

http://news.softpedia.com/news/anonymous-releases-1gb-of-data-from-supreme-court-of-thailand-498941.shtml

"Apparently the court's sysadmin thought to be a good idea to use the Web server as a database for payroll slips, pension information, budget files, and criminal case data on the same machine."facepalm.gif

I can just imagine Anon's face on discovering all this booty .. coffee1.gif

Link to comment
Share on other sites
chrisinth Ruby Member

chrisinth

Posted
Posted

clap2.gif Of Course they'll catch them, can only be a matter of time as their efficiency is legend.

Will they actually arrest them or issue summonses for Anonymous members to report to the BIB whenever they have some free time ?

We compared many IP addresses against the DNA samples and it is a 100% match, we tested it in our police labs, no we don't have it anymore but we tell truth ....

They are apparently still confused that even though the DNA matched, they still couldn't get a ping from the destination.....................................rolleyes.gif

Link to comment
Share on other sites
Shaunduhpostman Advanced Member

Shaunduhpostman

Posted
Posted

Agree with some of the previous posts, that catching the actual hackers is not important to the kind of people we are dealing with here when you want to talk about govt. officials on the warpath. Unfortunately, to save face doesn't require that you are correctly placing blame. That they can't possibly catch the culprits is probably missing the point at the end of the day, as satisfying as it might be to rest assured that Anonymous can pretty much expose the Thai government with impunity and will continue to do so as long as it remains fun and interesting for them. Just sayin', as they say.

Link to comment
Share on other sites
freedom4life Silver Member

freedom4life

Posted
Posted (edited)

Release the so-called guilty Burmese and go after the Koh Tao mafia ...until then expect more protests and attacks of all kinds..your corruption has been your undoing..you have no moral high ground to stand on. Don't flaunt your pathetic laws in the faces of those who effort at exposing you. Laws used for you to hide behind and defend a system meant to benefit the few...

Edited by freedom4life
Link to comment
Share on other sites
dageurreotype Senior Member

dageurreotype

Posted
Posted

Release the so-called guilty Burmese and go after the Koh Tao mafia ...until then expect more protests and attacks of all kinds..your corruption has been your undoing..you have no moral high ground to stand on. Don't flaunt your pathetic laws in the faces of those who effort at exposing you. Laws used for you to hide behind and defend a system meant to benefit the few...

They don't care. And those that do know there's nothing they can do about the system. The fish stinks from the head down. End of.

Link to comment
Share on other sites
oldsailor35 Ruby Member

oldsailor35

Posted
Posted

I'd be interested to know how this works here if anyone knows.

1. Thai police ID IP address overseas - Common knowledge to be able to Id the country or even the city of the IP address but not the name of the person or their address.

2. To my knowledge only the IP service provider can divulge the actual name and address of the person IF they have broken the law in the country of the IP service provider or international law (Where extradition treaty exists).

Criticising Thai police is not a breach of international law or law in most countries so therefore they have no way of finding out who the hackers are.

Does that sound correct or have I missed something?

There will probably be some General out there who owns a detective agency who will take on the job for a few million bht. coffee1.gif

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.









×
×
  • Create New...