Using tor, I am currently nmap'ing gov.bc.ca

[jenai]

*** Warning: do not try this at home on your linux box without tor enable lest the government security cops track your IP down to your ISP, and notify your ISP that you have violated your AUP and TOS!!! >:)

People who are in the know have derided my use of tor and privoxy to anonymize my packets.

However, after a Linux meeting at a certain geek locale, I decided to nmap gov.bc.ca and net.gov.bc.ca using tor to cover my butt.

Why? to see if enough data leaks back to determine what OS they are using, be it Open Source or worse, Microsloth or what have you.

Sadly,Cisco guards all the gov.bc.ca nodes so their IOS 12.2 is what they are using.

I dunno if that is their own OS or a variation of UNIX. However, it's hardened and probably isn't OS.

Here is a couple of typical nmap responses:

Node 1
**** remote operating system guess ****
* used port 443/tcp (open)
* used port 65301/tcp (closed)
* os match: Cisco 3750 switch running IOS 12.2
* accuracy: 87%
* reference fingerprint line number: 693
* os match: Cisco DOCSIS cable modem termination server running IOS 12.1
* accuracy: 86%
* reference fingerprint line number: 676
* os match: Cisco Aironet 350 WAP running IOS 12.3
* accuracy: 86%
* reference fingerprint line number: 119
...

Node 2
**** remote operating system guess ****
* used port 443/tcp (open)
* used port 65301/tcp (closed)
* os match: Cisco Aironet 350 WAP running IOS 12.3
* accuracy: 87%
* reference fingerprint line number: 119
* os match: Cisco 3750 switch running IOS 12.2
* accuracy: 87%
* reference fingerprint line number: 693
* os match: Cisco DOCSIS cable modem termination server running IOS 12.1
* accuracy: 86%
* reference fingerprint line number: 676
* os match: Cisco 820-series router running IOS 12.3
* accuracy: 85%
* reference fingerprint line number: 641

Basially, though, unless the geeks at gov.bc.ca admit to it, there aint any way of knowing what they prefer -- but they love Cisco.

Hopefully IOS 12.3 is hardened enough to avoid any overload errors because those HTTPS ports are the only weak link in the CISCO routers.

[Pussy*Kat]

uhhh....

[jenai]

^^ i warned you.

[jenai]

conclusion:

our government's servers are not being protected by Open Source. They bought into Cisco, which aint Open Source.

they aint even using OpenBSD!!!

hopefully the HTTPS exploits on Cisco routers and proxy servers are all useless.

[b0ld]

so you really think your anonymous.....?

stupid fuckin script kiddie...

[rawb]

Quote:

Originally Posted by jenai

HAY GUYS I RUN LINUX AND I JUST FIGURED OUT HOW TO NMAP STUFF AND FOR SOME REASON I THINK THAT THE GOV, FNK, OR MY ISP WOULD CARE THAT I AM TRYING TO GUESS THE OS THEY RUN

fixed.

OH YA PS: they run ibm servers, a mixture of linux and solaris with websphere and the ibm version of apache. their database servers are oracle. the ip you're trying to connect to is load balanced so you're actually scanning a virtual ip on a cisco load balancing device, which is useless information. OMG ALL THIS WAS FIGURED OUT WITH A PUBLIC IP THEY CAN TRACE BACK TO ME OMG BRB JAIL.

[Phrenetic]

you should hack The Gibson

[rawb]

Quote:

Originally Posted by jenai

conclusion:

our government's servers are not being protected by Open Source. They bought into Cisco, which aint Open Source.

they aint even using OpenBSD!!!

hopefully the HTTPS exploits on Cisco routers and proxy servers are all useless.

[Phrenetic]

Spandex: it's a privilege, not a right.

[jenai]

network security geeks being paid civil servant wages [$15-35 an hour or a yearly salary) are tomorrow's cybercops.

nothing escapes their scrutiny, though it'd violate their hacker code to implement NSA-like surveillance on their networks.

however, the regular cops are worse cos they are mistaken in believing that the Leftist activists are "domestic terrorists" when common street criminals are almost as bad as terrorists.

truth is, letting at-risk children stay in risky family situations is the potential seed of tomorrow's domestic terrorism, and the State is aiding and abetting this travesty. yes, right-wing politics is the root of the mother of terrorism, not social activism!!

port scanning is not a crime!

[jenai]

is that Bill Gibson of Neuromancer fame?

i swear, the guy barely uses a computer.

[rawb]

Quote:

Originally Posted by jenai

network security geeks being paid civil servant wages [$15-35 an hour or a yearly salary) are tomorrow's cybercops.

nothing escapes their scrutiny, though it'd violate their hacker code to implement NSA-like surveillance on their networks.

however, the regular cops are worse cos they are mistaken in believing that the Leftist activists are "domestic terrorists" when common street criminals are almost as bad as terrorists.

truth is, letting at-risk children stay in risky family situations is the potential seed of tomorrow's domestic terrorism, and the State is aiding and abetting this travesty. yes, right-wing politics is the root of the mother of terrorism, not social activism!!

port scanning is not a crime!

you have no idea what you are talking about

[NinjaBoy]

Quote:

Originally Posted by jenai

network security geeks being paid civil servant wages [$15-35 an hour or a yearly salary) are tomorrow's cybercops.

nothing escapes their scrutiny, though it'd violate their hacker code to implement NSA-like surveillance on their networks.

however, the regular cops are worse cos they are mistaken in believing that the Leftist activists are "domestic terrorists" when common street criminals are almost as bad as terrorists.

truth is, letting at-risk children stay in risky family situations is the potential seed of tomorrow's domestic terrorism, and the State is aiding and abetting this travesty. yes, right-wing politics is the root of the mother of terrorism, not social activism!!

port scanning is not a crime!

Even if we had your name and address and forwarded to the Government, RCMP or their web administrators, I'm pretty sure they wouldn't care that you are spending your meager existence trying to figure out what OS they run.

PS - That was the worse segway I've ever seen between topics.

Quote:

port scanning is not a crime!

And nobody cares.

[ebbomega]

Quote:

Originally Posted by jenai

port scanning is not a crime!

Yeah, but OS Fingerprinting can be considered an invasion of privacy, and is oft looked at as a malicious act. Whoever you're scanning can get ahold of your ISP and get you flagged as a cracker.

The lesson of this exercise? DON'T EVER PORTSCAN A COMPUTER UNLESS YOU OWN IT OR KNOW THE PERSON WHO DOES.

[ppcock]

sage, who are you talking to?

[SEAN!]

Quote:

Originally Posted by jenai

conclusion:

our government's servers are not being protected by Open Source. They bought into Cisco, which aint Open Source.

they aint even using OpenBSD!!!

hopefully the HTTPS exploits on Cisco routers and proxy servers are all useless.

yo nikkuh, how is open source supposed to protect a mufuckah if everyone knows what its made of.

its like wearing a level three vest when everyone got rifles, completely fuckin useless.

[SEAN!]

Quote:

Originally Posted by jenai

network security geeks being paid civil servant wages [$15-35 an hour or a yearly salary) are tomorrow's cybercops.

nothing escapes their scrutiny, though it'd violate their hacker code to implement NSA-like surveillance on their networks.

however, the regular cops are worse cos they are mistaken in believing that the Leftist activists are "domestic terrorists" when common street criminals are almost as bad as terrorists.

truth is, letting at-risk children stay in risky family situations is the potential seed of tomorrow's domestic terrorism, and the State is aiding and abetting this travesty. yes, right-wing politics is the root of the mother of terrorism, not social activism!!

port scanning is not a crime!

you're all sorts of crazy.

bipolar disorder must be a bitch.

actually i guess its a bit like meth, verbal diarrhea that dosn't make any sense only instead of saying it, you actually think and believe it.

[ebbomega]

Quote:

Originally Posted by SEAN!

yo nikkuh, how is open source supposed to protect a mufuckah if everyone knows what its made of.

Best practices comparison. "Security through obscurity" is a bit of a BS idea because it assumes that the hacking public will never figure out your security schemes.

Quote:

its like wearing a level three vest when everyone got rifles, completely fuckin useless.

I must report you to the metaphor police. Open source is the equivalent of wearing kevlar. Keeping security protocols closed is the equivalent of wearing a plastic vest made up to look like kevlar in the hopes that whoever is holding the gun won't pull the trigger because they figure you're wearing kevlar and there's no point.

I'll leave it to you which one is more secure.

[ppcock]

I'm going to back orifice sage's box.

[ebbomega]

Quote:

Originally Posted by ppcock

I'm going to back orifice sage's box.

HAHAHA SUCKS TO BE YOU CAN'T INSTALL ON LUNIX MACHINE L)L)L)L)L)L

[SEAN!]

Quote:

Originally Posted by ebbomega

Best practices comparison. "Security through obscurity" is a bit of a BS idea because it assumes that the hacking public will never figure out your security schemes.



I must report you to the metaphor police. Open source is the equivalent of wearing kevlar. Keeping security protocols closed is the equivalent of wearing a plastic vest made up to look like kevlar in the hopes that whoever is holding the gun won't pull the trigger because they figure you're wearing kevlar and there's no point.

I'll leave it to you which one is more secure.

honestly, i don't know anything about computers.

i just thought if everyone had the basic elements of what you were doing someone would figure it out if they really wanted to.

do you think the NSA or CSIS use opensource software, they're not thinking obscurity is their only defence, its just the first step.

[ebbomega]

Quote:

Originally Posted by SEAN!

honestly, i don't know anything about computers.

i just thought if everyone had the basic elements of what you were doing someone would figure it out if they really wanted to.

do you think the NSA or CSIS use opensource software, they're not thinking obscurity is their only defence, its just the first step.

Yup, it's called OpenSSL. THANKS FOR COMING OUT.

[ppcock]

Quote:

Originally Posted by ebbomega

HAHAHA SUCKS TO BE YOU CAN'T INSTALL ON LUNIX MACHINE L)L)L)L)L)L

Dude, with sage's posts about nothing. I'm sure I can find a way to do it.
Or disguise myself as a 13 year old girl who's obsessed with the Show Cats and put him behind bars for sex with a minor for a few years.

To catch a predator bizzznitches!

[rawb]

there is nothing wrong with security through obscurity, it is an incredibly effective part of any security strategy. the only issue comes in when it is used as the only method of security.

[ebbomega]

Quote:

Originally Posted by ppcock

Dude, with sage's posts about nothing. I'm sure I can find a way to do it.
Or disguise myself as a 13 year old girl who's obsessed with the Show Cats and put him behind bars for sex with a minor for a few years.

To catch a predator bizzznitches!

As with all computer security tricks, social engineering will get you everywhere. Especially where it involves watching as they type in their password. Then it's just a matter of knowing what kind of remote connectivity apps they have installed (ubuntu ships with openssh) and then sudo for root access.

Even easier if he has an infrared keyboard, then you can sniff out his password next time he updates his computer just by standing by his window.