TheHackerNextDoor Posted March 13, 2014 Share Posted March 13, 2014 (edited) In my community, there is 1 big ISP. We'll call them ISP A. Almost everyone in my area uses them, including me. They give everyone the exact same router, just with a different password. But guess what? They all have WPS! I logged in to my router, and sure enough, there was a WPS key! Is there such thing as limiting the number of attempts on a key? If not, about 99% of my community is vulnerable to reaver. Not that I'm going to exploit that, or anything :D Silly ISP/Community! Edited March 14, 2014 by laptopdude90 Quote Link to comment Share on other sites More sharing options...
GuardMoony Posted March 13, 2014 Share Posted March 13, 2014 You do know you just plead yourself as a potential criminal ? Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted March 13, 2014 Author Share Posted March 13, 2014 (edited) You do know you just plead yourself as a potential criminal ? In case it wasn't obvious, I was kidding about having some fun. I'm on Tor anyway. Edited March 13, 2014 by laptopdude90 Quote Link to comment Share on other sites More sharing options...
digip Posted March 13, 2014 Share Posted March 13, 2014 I'm on Tor anyway.Yeah. You're safe. All your packets are belong to your exit node. /me shakes head and lols Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted March 13, 2014 Author Share Posted March 13, 2014 Yeah. You're safe. All your packets are belong to your exit node. /me shakes head and lols Look up, see the https://? Quote Link to comment Share on other sites More sharing options...
digip Posted March 14, 2014 Share Posted March 14, 2014 Look up, see the https://?And that makes you anonymous how, Stephen? Surf much through your own domains shell too? IP: 47.55.102.XXX Hostname-Resolved: XXX.XXX.XXX.ns.bellaliant.net Browser: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36 Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted March 14, 2014 Author Share Posted March 14, 2014 And that makes you anonymous how, Stephen? Surf much through your own domains shell too? IP: 47.55.102.XXX Hostname-Resolved: XXX.XXX.XXX.ns.bellaliant.net Browser: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36 Obviously, they are running the Tor exit node. HTTPS + Tor = Anonymous. The exit node can't sniff the traffic. That's what I was trying to say. Quote Link to comment Share on other sites More sharing options...
digip Posted March 14, 2014 Share Posted March 14, 2014 (edited) Actually, the exit node, aside from owning your own, can be sniffed, and your host, can as well if they needed to or were court ordered to hand over the server to law enforcement, which happens all the time. Unless it's something you ran from home, which just leads to your home ISP's IP, that is even worse in obfuscating your location, and even less your identity. Running one from your own domain, if someone else were to use your exit node, and do something abusive, in most cases, gives law enforcement reason to monitor and usually take over the site and watch whats going on, often making the exit node owner responsible for anything that happens on their exit node, which has happened in the past, things like child porn causing innocent people running exit nodes using the standard client from home and having their home machine being one of the exit nodes, only to be arrested when they weren't even the ones doing the viewing. Point being, your information, personally identifiable, is easily found, and not based on whether your traffic is encrypted or not, so just because you're on your host's IP from your site, tor or not, ssh, etc, that traffic being encrypted doesn't keep anyone from figuring out who you are in most cases if you're openly speaking on a forum(s) and other sites. Don't want to get into a debate over how "anonymous" you think you are and safe from being found or identified, but lets just say your footprint has already left a trail of bits with enough info to figure out who and where you're from, long before you joined these forums, and much of it is organized and archived around the web every time you post something. Especially if you really are a minor, GuardMoony was trying to make the point of, "think before you post", especially if admitting to doing things possibly against the law. Thread and topic isn't exactly going anywhere at this point either, so we can just leave it at that since the concept doesn't seem to be sinking in... Edit: By the way, the whole concept of TOR, is so your IP is constantly changing** so using the SAME exit node, is like standing in one place at all times. Edited March 14, 2014 by digip Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted March 14, 2014 Author Share Posted March 14, 2014 Actually, the exit node, aside from owning your own, can be sniffed, and your host, can as well if they needed to or were court ordered to hand over the server to law enforcement, which happens all the time. Unless it's something you ran from home, which just leads to your home ISP's IP, that is even worse in obfuscating your location, and even less your identity. Running one from your own domain, if someone else were to use your exit node, and do something abusive, in most cases, gives law enforcement reason to monitor and usually take over the site and watch whats going on, often making the exit node owner responsible for anything that happens on their exit node, which has happened in the past, things like child porn causing innocent people running exit nodes using the standard client from home and having their home machine being one of the exit nodes, only to be arrested when they weren't even the ones doing the viewing. Point being, your information, personally identifiable, is easily found, and not based on whether your traffic is encrypted or not, so just because you're on your host's IP from your site, tor or not, ssh, etc, that traffic being encrypted doesn't keep anyone from figuring out who you are in most cases if you're openly speaking on a forum(s) and other sites. Don't want to get into a debate over how "anonymous" you think you are and safe from being found or identified, but lets just say your footprint has already left a trail of bits with enough info to figure out who and where you're from, long before you joined these forums, and much of it is organized and archived around the web every time you post something. Especially if you really are a minor, GuardMoony was trying to make the point of, "think before you post", especially if admitting to doing things possibly against the law. Thread and topic isn't exactly going anywhere at this point either, so we can just leave it at that since the concept doesn't seem to be sinking in... Edit: By the way, the whole concept of TOR, is so your IP is constantly changing** so using the SAME exit node, is like standing in one place at all times. Fair enough. However, at no point did I admit to doing any illegal activities. Quote Link to comment Share on other sites More sharing options...
GuardMoony Posted March 15, 2014 Share Posted March 15, 2014 Like didip said. Just was trying to point out that you need to watch what you post. The main reason i did it was for the last paragraph sentence in your first post. Just to make a small example: - I know you like gaming. Also hosted servers or tried to - You have been recently looking into arduino - Your interested in bitcoins but didn't really commit to it. - Been using Tor a lot. - From Canada - First Name Stephen This only took 10min of work. And its not even everything i found. Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted March 15, 2014 Author Share Posted March 15, 2014 Like didip said. Just was trying to point out that you need to watch what you post. The main reason i did it was for the last paragraph sentence in your first post. Just to make a small example: - I know you like gaming. Also hosted servers or tried to - You have been recently looking into arduino - Your interested in bitcoins but didn't really commit to it. - Been using Tor a lot. - From Canada - First Name Stephen This only took 10min of work. And its not even everything i found. Okay, I do apologize for starting an argument, however some of those facts aren't true. Quote Link to comment Share on other sites More sharing options...
digip Posted March 15, 2014 Share Posted March 15, 2014 - I know you like gaming. Also hosted servers or tried toI would agree there, since one of the domains seems down, maybe database whacked, but I have a screenshot of the old site before it went down.No apologies needed. No one is trying to start an argument, just trying to be helpful so don't take it personally. Some of the info is probably spot on though and info easily found, like your interest in Raspberry Pi, electronics and radio controlled devices, but maybe you're running over someone else's machine, like minecraft, who knows...Votifier running? Proxmox on the host? Some info may not be true, may not even be your stuff, but your IP matches the domains reverse DNS the files are on. I know of 2 domains already you host/hosted, a possible last name(if you used legit info when registering the site), possibly a sisters name, a friends name from school, and an email address(that is, if you managed to register the domain at age 11-13/14, which you'd probably need a parents CC or such to do, so maybe it's your fathers info we're looking at?). Running a torrent server on port 53 to try and hide behind DNS, or is that someone else on the same IP or just file storage? ie: Index of /Torrents Name Last modified Size Description Parent Directory - OSX-Mavericks.iso 05-Mar-2014 18:32 5.1G Pi- one hundred billion.txt 06-Mar-2014 08:35 93G pidora-18-r2c.zip 10-Mar-2014 13:12 492M raspbmc-2013-12-23.img.gz 10-Mar-2014 13:08 260M Again, not an argument or anyone attacking you. Don't take it personally like its an attack on you, but we're only trying to help you understand that not everything you do to tunnel your traffic will protect you and has nothing to do with whether or not someone can identify you depending on what you do and say, and that not everything you do is protected just because you're on TOR or behind a tunneled connection. The above I posted may be your host's and whomever is hosting the services you registered the sites with so that may just be coincidental, but the possibility they are your files is also likely. Quote Link to comment Share on other sites More sharing options...
TheHackerNextDoor Posted March 15, 2014 Author Share Posted March 15, 2014 I would agree there, since one of the domains seems down, maybe database whacked, but I have a screenshot of the old site before it went down. No apologies needed. No one is trying to start an argument, just trying to be helpful so don't take it personally. Some of the info is probably spot on though and info easily found, like your interest in Raspberry Pi, electronics and radio controlled devices, but maybe you're running over someone else's machine, like minecraft, who knows...Votifier running? Proxmox on the host? Some info may not be true, may not even be your stuff, but your IP matches the domains reverse DNS the files are on. I know of 2 domains already you host/hosted, a possible last name(if you used legit info when registering the site), possibly a sisters name, a friends name from school, and an email address(that is, if you managed to register the domain at age 11-13/14, which you'd probably need a parents CC or such to do, so maybe it's your fathers info we're looking at?). Running a torrent server on port 53 to try and hide behind DNS, or is that someone else on the same IP or just file storage? ie: Index of /Torrents Name Last modified Size Description Parent Directory - OSX-Mavericks.iso 05-Mar-2014 18:32 5.1G Pi- one hundred billion.txt 06-Mar-2014 08:35 93G pidora-18-r2c.zip 10-Mar-2014 13:12 492M raspbmc-2013-12-23.img.gz 10-Mar-2014 13:08 260M Again, not an argument or anyone attacking you. Don't take it personally like its an attack on you, but we're only trying to help you understand that not everything you do to tunnel your traffic will protect you and has nothing to do with whether or not someone can identify you depending on what you do and say, and that not everything you do is protected just because you're on TOR or behind a tunneled connection. The above I posted may be your host's and whomever is hosting the services you registered the sites with so that may just be coincidental, but the possibility they are your files is also likely. As previously stated, I am behind Tor. They are obviously the ones running the exit node. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.