ArkNinja Posted October 10, 2009 Share Posted October 10, 2009 I was wondering what your guys' perspective was on the best way to conceal your IP/identity. I'm talking about how in the movies you see the internet connection bouncing off many different points before finally connecting to the victim/attacker (depending on if it is from an attacker or victims point of view). I know there are programs (such as Tor) that do this already, but I am wondering about the effectiveness of this tactic. So here are my questions: 1. Can a person who is investigating an attack figure out who connected to the proxy machine without access to the machine logs, and if so how? 2. Does adding to the amount of proxy machines increase the probability of not being caught significantly if access to the logs are not available? 3. Are there ways to mask/spoof your external IP without the use of proxies? ~ArkNinja Quote Link to comment Share on other sites More sharing options...
Sparda Posted October 10, 2009 Share Posted October 10, 2009 I was wondering what your guys' perspective was on the best way to conceal your IP/identity. I'm talking about how in the movies you see the internet connection bouncing off many different points before finally connecting to the victim/attacker (depending on if it is from an attacker or victims point of view). I know there are programs (such as Tor) that do this already, but I am wondering about the effectiveness of this tactic. So here are my questions: Some TOR exit nodes may be monitored. However, providing there is at least one additional TOR nodes between you and the exit nod, the exit node does not know your real IP address, the 'middle' TOR node does know your IP address. 1. Can a person who is investigating an attack figure out who connected to the proxy machine without access to the machine logs, and if so how? No* 2. Does adding to the amount of proxy machines increase the probability of not being caught significantly if access to the logs are not available? Yes* 3. Are there ways to mask/spoof your external IP without the use of proxies? Depends *As long as you don't give the target any information about your self. Quote Link to comment Share on other sites More sharing options...
ArkNinja Posted October 10, 2009 Author Share Posted October 10, 2009 3. Are there ways to mask/spoof your external IP without the use of proxies? Depends Elaborate? Quote Link to comment Share on other sites More sharing options...
Sparda Posted October 10, 2009 Share Posted October 10, 2009 Depends Elaborate? You can literally use a different IP address to send data, but that means you will never receive a response. Quote Link to comment Share on other sites More sharing options...
ArkNinja Posted October 10, 2009 Author Share Posted October 10, 2009 Wouldn't that be a moot point then? It wouldn't really be a connection, unless you were sending over an exploit maybe, then thats when I could see it being useful, but wouldn't a download require a two-way connection as well? Quote Link to comment Share on other sites More sharing options...
Sparda Posted October 10, 2009 Share Posted October 10, 2009 Wouldn't that be a moot point then? It wouldn't really be a connection, unless you were sending over an exploit maybe, then thats when I could see it being useful, but wouldn't a download require a two-way connection as well? Exactly ;) Quote Link to comment Share on other sites More sharing options...
ArkNinja Posted October 10, 2009 Author Share Posted October 10, 2009 Although you could use that to be a bit tricky by using the IP of a controlled machine then forwarding all traffic back to your IP, it would be the same as a proxy, but might be harder to detect. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted October 10, 2009 Share Posted October 10, 2009 Although you could use that to be a bit tricky by using the IP of a controlled machine then forwarding all traffic back to your IP, it would be the same as a proxy, but might be harder to detect. Depends on where that controlled machine is. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.