Silly ISP!

[TheHackerNextDoor]

In my community, there is 1 big ISP. We'll call them ISP A. Almost everyone in my area uses them, including me. They give everyone the exact same router, just with a different password. But guess what? They all have WPS! I logged in to my router, and sure enough, there was a WPS key! Is there such thing as limiting the number of attempts on a key? If not, about 99% of my community is vulnerable to reaver. Not that I'm going to exploit that, or anything :D

Silly ISP/Community!

Edited March 14, 2014 by laptopdude90

[GuardMoony]

You do know you just plead yourself as a potential criminal ?

[TheHackerNextDoor]

You do know you just plead yourself as a potential criminal ?

In case it wasn't obvious, I was kidding about having some fun. I'm on Tor anyway.

Edited March 13, 2014 by laptopdude90

[digip]

I'm on Tor anyway.

Yeah. You're safe. All your packets are belong to your exit node.

/me shakes head and lols

[TheHackerNextDoor]

Yeah. You're safe. All your packets are belong to your exit node.

/me shakes head and lols

Look up, see the https://?

[digip]

Look up, see the https://?

And that makes you anonymous how, Stephen? Surf much through your own domains shell too?

IP: 47.55.102.XXX

Hostname-Resolved: XXX.XXX.XXX.ns.bellaliant.net

Browser: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36

[TheHackerNextDoor]

And that makes you anonymous how, Stephen? Surf much through your own domains shell too?

IP: 47.55.102.XXX

Hostname-Resolved: XXX.XXX.XXX.ns.bellaliant.net

Browser: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36

Obviously, they are running the Tor exit node. HTTPS + Tor = Anonymous. The exit node can't sniff the traffic. That's what I was trying to say.

[digip]

Actually, the exit node, aside from owning your own, can be sniffed, and your host, can as well if they needed to or were court ordered to hand over the server to law enforcement, which happens all the time. Unless it's something you ran from home, which just leads to your home ISP's IP, that is even worse in obfuscating your location, and even less your identity. Running one from your own domain, if someone else were to use your exit node, and do something abusive, in most cases, gives law enforcement reason to monitor and usually take over the site and watch whats going on, often making the exit node owner responsible for anything that happens on their exit node, which has happened in the past, things like child porn causing innocent people running exit nodes using the standard client from home and having their home machine being one of the exit nodes, only to be arrested when they weren't even the ones doing the viewing.

Point being, your information, personally identifiable, is easily found, and not based on whether your traffic is encrypted or not, so just because you're on your host's IP from your site, tor or not, ssh, etc, that traffic being encrypted doesn't keep anyone from figuring out who you are in most cases if you're openly speaking on a forum(s) and other sites.

Don't want to get into a debate over how "anonymous" you think you are and safe from being found or identified, but lets just say your footprint has already left a trail of bits with enough info to figure out who and where you're from, long before you joined these forums, and much of it is organized and archived around the web every time you post something.

Especially if you really are a minor, GuardMoony was trying to make the point of, "think before you post", especially if admitting to doing things possibly against the law.

Thread and topic isn't exactly going anywhere at this point either, so we can just leave it at that since the concept doesn't seem to be sinking in...

Edit: By the way, the whole concept of TOR, is so your IP is constantly changing** so using the SAME exit node, is like standing in one place at all times.

Edited March 14, 2014 by digip

[TheHackerNextDoor]

Actually, the exit node, aside from owning your own, can be sniffed, and your host, can as well if they needed to or were court ordered to hand over the server to law enforcement, which happens all the time. Unless it's something you ran from home, which just leads to your home ISP's IP, that is even worse in obfuscating your location, and even less your identity. Running one from your own domain, if someone else were to use your exit node, and do something abusive, in most cases, gives law enforcement reason to monitor and usually take over the site and watch whats going on, often making the exit node owner responsible for anything that happens on their exit node, which has happened in the past, things like child porn causing innocent people running exit nodes using the standard client from home and having their home machine being one of the exit nodes, only to be arrested when they weren't even the ones doing the viewing.

Point being, your information, personally identifiable, is easily found, and not based on whether your traffic is encrypted or not, so just because you're on your host's IP from your site, tor or not, ssh, etc, that traffic being encrypted doesn't keep anyone from figuring out who you are in most cases if you're openly speaking on a forum(s) and other sites.

Don't want to get into a debate over how "anonymous" you think you are and safe from being found or identified, but lets just say your footprint has already left a trail of bits with enough info to figure out who and where you're from, long before you joined these forums, and much of it is organized and archived around the web every time you post something.

Especially if you really are a minor, GuardMoony was trying to make the point of, "think before you post", especially if admitting to doing things possibly against the law.

Thread and topic isn't exactly going anywhere at this point either, so we can just leave it at that since the concept doesn't seem to be sinking in...

Edit: By the way, the whole concept of TOR, is so your IP is constantly changing** so using the SAME exit node, is like standing in one place at all times.

Fair enough. However, at no point did I admit to doing any illegal activities.

[GuardMoony]

Like didip said. Just was trying to point out that you need to watch what you post. The main reason i did it was for the last paragraph sentence in your first post.

Just to make a small example:

- I know you like gaming. Also hosted servers or tried to

- You have been recently looking into arduino

- Your interested in bitcoins but didn't really commit to it.

- Been using Tor a lot.

- From Canada

- First Name Stephen

This only took 10min of work. And its not even everything i found.

[TheHackerNextDoor]

Like didip said. Just was trying to point out that you need to watch what you post. The main reason i did it was for the last paragraph sentence in your first post.

Just to make a small example:

- I know you like gaming. Also hosted servers or tried to

- You have been recently looking into arduino

- Your interested in bitcoins but didn't really commit to it.

- Been using Tor a lot.

- From Canada

- First Name Stephen

This only took 10min of work. And its not even everything i found.

Okay, I do apologize for starting an argument, however some of those facts aren't true.

[digip]

- I know you like gaming. Also hosted servers or tried to

I would agree there, since one of the domains seems down, maybe database whacked, but I have a screenshot of the old site before it went down.

No apologies needed. No one is trying to start an argument, just trying to be helpful so don't take it personally. Some of the info is probably spot on though and info easily found, like your interest in Raspberry Pi, electronics and radio controlled devices, but maybe you're running over someone else's machine, like minecraft, who knows...Votifier running? Proxmox on the host? Some info may not be true, may not even be your stuff, but your IP matches the domains reverse DNS the files are on.

I know of 2 domains already you host/hosted, a possible last name(if you used legit info when registering the site), possibly a sisters name, a friends name from school, and an email address(that is, if you managed to register the domain at age 11-13/14, which you'd probably need a parents CC or such to do, so maybe it's your fathers info we're looking at?).

Running a torrent server on port 53 to try and hide behind DNS, or is that someone else on the same IP or just file storage?

ie:
Index of /Torrents	Name	Last modified	Size	Description

	Parent Directory	 	 - 	 
	OSX-Mavericks.iso	05-Mar-2014 18:32 	5.1G	 
	Pi- one hundred billion.txt	06-Mar-2014 08:35 	 93G	 
	pidora-18-r2c.zip	10-Mar-2014 13:12 	492M	 
	raspbmc-2013-12-23.img.gz	10-Mar-2014 13:08 	260M	

Again, not an argument or anyone attacking you. Don't take it personally like its an attack on you, but we're only trying to help you understand that not everything you do to tunnel your traffic will protect you and has nothing to do with whether or not someone can identify you depending on what you do and say, and that not everything you do is protected just because you're on TOR or behind a tunneled connection. The above I posted may be your host's and whomever is hosting the services you registered the sites with so that may just be coincidental, but the possibility they are your files is also likely.

[TheHackerNextDoor]

I would agree there, since one of the domains seems down, maybe database whacked, but I have a screenshot of the old site before it went down.

No apologies needed. No one is trying to start an argument, just trying to be helpful so don't take it personally. Some of the info is probably spot on though and info easily found, like your interest in Raspberry Pi, electronics and radio controlled devices, but maybe you're running over someone else's machine, like minecraft, who knows...Votifier running? Proxmox on the host? Some info may not be true, may not even be your stuff, but your IP matches the domains reverse DNS the files are on.

I know of 2 domains already you host/hosted, a possible last name(if you used legit info when registering the site), possibly a sisters name, a friends name from school, and an email address(that is, if you managed to register the domain at age 11-13/14, which you'd probably need a parents CC or such to do, so maybe it's your fathers info we're looking at?).

Running a torrent server on port 53 to try and hide behind DNS, or is that someone else on the same IP or just file storage?

ie:
Index of /Torrents	Name	Last modified	Size	Description

	Parent Directory	 	 - 	 
	OSX-Mavericks.iso	05-Mar-2014 18:32 	5.1G	 
	Pi- one hundred billion.txt	06-Mar-2014 08:35 	 93G	 
	pidora-18-r2c.zip	10-Mar-2014 13:12 	492M	 
	raspbmc-2013-12-23.img.gz	10-Mar-2014 13:08 	260M	

Again, not an argument or anyone attacking you. Don't take it personally like its an attack on you, but we're only trying to help you understand that not everything you do to tunnel your traffic will protect you and has nothing to do with whether or not someone can identify you depending on what you do and say, and that not everything you do is protected just because you're on TOR or behind a tunneled connection. The above I posted may be your host's and whomever is hosting the services you registered the sites with so that may just be coincidental, but the possibility they are your files is also likely.

As previously stated, I am behind Tor. They are obviously the ones running the exit node.