Go Back   FormKaos: Board > General Discussion > Coffee Lounge > Couch Potato
FAQ Community Arcade Today's Posts Search

Couch Potato Post your latest reviews on movies, tv shows, and video games.

Reply
 
LinkBack Topic Tools Rate Topic
  #1 (permalink)  
Old Sep 18, 08
Registered User
 
Join Date: Nov 2007
jenai can only hope to improve
Using tor, I am currently nmap'ing gov.bc.ca

*** Warning: do not try this at home on your linux box without tor enable lest the government security cops track your IP down to your ISP, and notify your ISP that you have violated your AUP and TOS!!! >:)

People who are in the know have derided my use of tor and privoxy to anonymize my packets.

However, after a Linux meeting at a certain geek locale, I decided to nmap gov.bc.ca and net.gov.bc.ca using tor to cover my butt.

Why? to see if enough data leaks back to determine what OS they are using, be it Open Source or worse, Microsloth or what have you.

Sadly,Cisco guards all the gov.bc.ca nodes so their IOS 12.2 is what they are using.

I dunno if that is their own OS or a variation of UNIX. However, it's hardened and probably isn't OS.

Here is a couple of typical nmap responses:

Node 1
**** remote operating system guess ****
* used port 443/tcp (open)
* used port 65301/tcp (closed)
* os match: Cisco 3750 switch running IOS 12.2
* accuracy: 87%
* reference fingerprint line number: 693
* os match: Cisco DOCSIS cable modem termination server running IOS 12.1
* accuracy: 86%
* reference fingerprint line number: 676
* os match: Cisco Aironet 350 WAP running IOS 12.3
* accuracy: 86%
* reference fingerprint line number: 119
...

Node 2
**** remote operating system guess ****
* used port 443/tcp (open)
* used port 65301/tcp (closed)
* os match: Cisco Aironet 350 WAP running IOS 12.3
* accuracy: 87%
* reference fingerprint line number: 119
* os match: Cisco 3750 switch running IOS 12.2
* accuracy: 87%
* reference fingerprint line number: 693
* os match: Cisco DOCSIS cable modem termination server running IOS 12.1
* accuracy: 86%
* reference fingerprint line number: 676
* os match: Cisco 820-series router running IOS 12.3
* accuracy: 85%
* reference fingerprint line number: 641

Basially, though, unless the geeks at gov.bc.ca admit to it, there aint any way of knowing what they prefer -- but they love Cisco.

Hopefully IOS 12.3 is hardened enough to avoid any overload errors because those HTTPS ports are the only weak link in the CISCO routers.
Reply With Quote
  #2 (permalink)  
Old Sep 18, 08
Platinum Edition
 
Join Date: Aug 2005
Pussy*Kat is a glorious beacon of lightPussy*Kat is a glorious beacon of lightPussy*Kat is a glorious beacon of lightPussy*Kat is a glorious beacon of lightPussy*Kat is a glorious beacon of lightPussy*Kat is a glorious beacon of lightPussy*Kat is a glorious beacon of light
uhhh....
Reply With Quote
  #3 (permalink)  
Old Sep 18, 08
Registered User
 
Join Date: Nov 2007
jenai can only hope to improve
^^ i warned you.
Reply With Quote
  #4 (permalink)  
Old Sep 18, 08
Registered User
 
Join Date: Nov 2007
jenai can only hope to improve
conclusion:

our government's servers are not being protected by Open Source. They bought into Cisco, which aint Open Source.

they aint even using OpenBSD!!!

hopefully the HTTPS exploits on Cisco routers and proxy servers are all useless.

Last edited by jenai; Sep 18, 08 at 10:50 AM. Reason: The BC government networks are pwn'd by Cisco.
Reply With Quote
  #5 (permalink)  
Old Sep 18, 08
bleep
 
Join Date: Aug 2004
b0ld is a jewel in the roughb0ld is a jewel in the roughb0ld is a jewel in the roughb0ld is a jewel in the rough
so you really think your anonymous.....?

stupid fuckin script kiddie...
Reply With Quote
  #6 (permalink)  
Old Sep 18, 08
DONT BE BITTER BE BETTER
 
Join Date: Apr 2001
rawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to all
Quote:
Originally Posted by jenai View Post
HAY GUYS I RUN LINUX AND I JUST FIGURED OUT HOW TO NMAP STUFF AND FOR SOME REASON I THINK THAT THE GOV, FNK, OR MY ISP WOULD CARE THAT I AM TRYING TO GUESS THE OS THEY RUN
fixed.

OH YA PS: they run ibm servers, a mixture of linux and solaris with websphere and the ibm version of apache. their database servers are oracle. the ip you're trying to connect to is load balanced so you're actually scanning a virtual ip on a cisco load balancing device, which is useless information. OMG ALL THIS WAS FIGURED OUT WITH A PUBLIC IP THEY CAN TRACE BACK TO ME OMG BRB JAIL.
Reply With Quote
  #7 (permalink)  
Old Sep 18, 08
Phrenetic's Avatar
brentsadowick.com
 
Join Date: Nov 2006
Phrenetic is a jewel in the roughPhrenetic is a jewel in the roughPhrenetic is a jewel in the roughPhrenetic is a jewel in the rough
you should hack The Gibson
Reply With Quote
  #8 (permalink)  
Old Sep 18, 08
DONT BE BITTER BE BETTER
 
Join Date: Apr 2001
rawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to all
Quote:
Originally Posted by jenai View Post
conclusion:

our government's servers are not being protected by Open Source. They bought into Cisco, which aint Open Source.

they aint even using OpenBSD!!!

hopefully the HTTPS exploits on Cisco routers and proxy servers are all useless.
Reply With Quote
  #9 (permalink)  
Old Sep 18, 08
Phrenetic's Avatar
brentsadowick.com
 
Join Date: Nov 2006
Phrenetic is a jewel in the roughPhrenetic is a jewel in the roughPhrenetic is a jewel in the roughPhrenetic is a jewel in the rough
Spandex: it's a privilege, not a right.
Reply With Quote
  #10 (permalink)  
Old Sep 18, 08
Registered User
 
Join Date: Nov 2007
jenai can only hope to improve
network security geeks being paid civil servant wages [$15-35 an hour or a yearly salary) are tomorrow's cybercops.

nothing escapes their scrutiny, though it'd violate their hacker code to implement NSA-like surveillance on their networks.

however, the regular cops are worse cos they are mistaken in believing that the Leftist activists are "domestic terrorists" when common street criminals are almost as bad as terrorists.

truth is, letting at-risk children stay in risky family situations is the potential seed of tomorrow's domestic terrorism, and the State is aiding and abetting this travesty. yes, right-wing politics is the root of the mother of terrorism, not social activism!!

port scanning is not a crime!
Reply With Quote
  #11 (permalink)  
Old Sep 18, 08
Registered User
 
Join Date: Nov 2007
jenai can only hope to improve
is that Bill Gibson of Neuromancer fame?

i swear, the guy barely uses a computer.
Reply With Quote
  #12 (permalink)  
Old Sep 18, 08
DONT BE BITTER BE BETTER
 
Join Date: Apr 2001
rawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to all
Quote:
Originally Posted by jenai View Post
network security geeks being paid civil servant wages [$15-35 an hour or a yearly salary) are tomorrow's cybercops.

nothing escapes their scrutiny, though it'd violate their hacker code to implement NSA-like surveillance on their networks.

however, the regular cops are worse cos they are mistaken in believing that the Leftist activists are "domestic terrorists" when common street criminals are almost as bad as terrorists.

truth is, letting at-risk children stay in risky family situations is the potential seed of tomorrow's domestic terrorism, and the State is aiding and abetting this travesty. yes, right-wing politics is the root of the mother of terrorism, not social activism!!

port scanning is not a crime!
you have no idea what you are talking about
Reply With Quote
  #13 (permalink)  
Old Sep 18, 08
NinjaBoy's Avatar
Full moon Sway
 
Join Date: Nov 2000
NinjaBoy is a name known to allNinjaBoy is a name known to allNinjaBoy is a name known to allNinjaBoy is a name known to allNinjaBoy is a name known to allNinjaBoy is a name known to allNinjaBoy is a name known to allNinjaBoy is a name known to allNinjaBoy is a name known to allNinjaBoy is a name known to all
Quote:
Originally Posted by jenai View Post
network security geeks being paid civil servant wages [$15-35 an hour or a yearly salary) are tomorrow's cybercops.

nothing escapes their scrutiny, though it'd violate their hacker code to implement NSA-like surveillance on their networks.

however, the regular cops are worse cos they are mistaken in believing that the Leftist activists are "domestic terrorists" when common street criminals are almost as bad as terrorists.

truth is, letting at-risk children stay in risky family situations is the potential seed of tomorrow's domestic terrorism, and the State is aiding and abetting this travesty. yes, right-wing politics is the root of the mother of terrorism, not social activism!!

port scanning is not a crime!
Even if we had your name and address and forwarded to the Government, RCMP or their web administrators, I'm pretty sure they wouldn't care that you are spending your meager existence trying to figure out what OS they run.

PS - That was the worse segway I've ever seen between topics.

Quote:
port scanning is not a crime!
And nobody cares.
Reply With Quote
  #14 (permalink)  
Old Sep 18, 08
ebbomega's Avatar
1up motherfucker
 
Join Date: Oct 2003
ebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to all
Quote:
Originally Posted by jenai View Post
port scanning is not a crime!
Yeah, but OS Fingerprinting can be considered an invasion of privacy, and is oft looked at as a malicious act. Whoever you're scanning can get ahold of your ISP and get you flagged as a cracker.

The lesson of this exercise? DON'T EVER PORTSCAN A COMPUTER UNLESS YOU OWN IT OR KNOW THE PERSON WHO DOES.
Reply With Quote
  #15 (permalink)  
Old Sep 18, 08
tiestn vancorstenfold
 
Join Date: Sep 2002
ppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of light
sage, who are you talking to?
Reply With Quote
  #16 (permalink)  
Old Sep 18, 08
Celebrate or Suffer
 
Join Date: Nov 2001
SEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of light
Quote:
Originally Posted by jenai View Post
conclusion:

our government's servers are not being protected by Open Source. They bought into Cisco, which aint Open Source.

they aint even using OpenBSD!!!

hopefully the HTTPS exploits on Cisco routers and proxy servers are all useless.
yo nikkuh, how is open source supposed to protect a mufuckah if everyone knows what its made of.

its like wearing a level three vest when everyone got rifles, completely fuckin useless.
Reply With Quote
  #17 (permalink)  
Old Sep 18, 08
Celebrate or Suffer
 
Join Date: Nov 2001
SEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of light
Quote:
Originally Posted by jenai View Post
network security geeks being paid civil servant wages [$15-35 an hour or a yearly salary) are tomorrow's cybercops.

nothing escapes their scrutiny, though it'd violate their hacker code to implement NSA-like surveillance on their networks.

however, the regular cops are worse cos they are mistaken in believing that the Leftist activists are "domestic terrorists" when common street criminals are almost as bad as terrorists.

truth is, letting at-risk children stay in risky family situations is the potential seed of tomorrow's domestic terrorism, and the State is aiding and abetting this travesty. yes, right-wing politics is the root of the mother of terrorism, not social activism!!

port scanning is not a crime!

you're all sorts of crazy.

bipolar disorder must be a bitch.

actually i guess its a bit like meth, verbal diarrhea that dosn't make any sense only instead of saying it, you actually think and believe it.
Reply With Quote
  #18 (permalink)  
Old Sep 18, 08
ebbomega's Avatar
1up motherfucker
 
Join Date: Oct 2003
ebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to all
Quote:
Originally Posted by SEAN! View Post
yo nikkuh, how is open source supposed to protect a mufuckah if everyone knows what its made of.
Best practices comparison. "Security through obscurity" is a bit of a BS idea because it assumes that the hacking public will never figure out your security schemes.

Quote:
its like wearing a level three vest when everyone got rifles, completely fuckin useless.
I must report you to the metaphor police. Open source is the equivalent of wearing kevlar. Keeping security protocols closed is the equivalent of wearing a plastic vest made up to look like kevlar in the hopes that whoever is holding the gun won't pull the trigger because they figure you're wearing kevlar and there's no point.

I'll leave it to you which one is more secure.
Reply With Quote
  #19 (permalink)  
Old Sep 18, 08
tiestn vancorstenfold
 
Join Date: Sep 2002
ppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of light
I'm going to back orifice sage's box.
Reply With Quote
  #20 (permalink)  
Old Sep 18, 08
ebbomega's Avatar
1up motherfucker
 
Join Date: Oct 2003
ebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to all
Quote:
Originally Posted by ppcock View Post
I'm going to back orifice sage's box.
HAHAHA SUCKS TO BE YOU CAN'T INSTALL ON LUNIX MACHINE L)L)L)L)L)L
Reply With Quote
  #21 (permalink)  
Old Sep 18, 08
Celebrate or Suffer
 
Join Date: Nov 2001
SEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of lightSEAN! is a glorious beacon of light
Quote:
Originally Posted by ebbomega View Post
Best practices comparison. "Security through obscurity" is a bit of a BS idea because it assumes that the hacking public will never figure out your security schemes.



I must report you to the metaphor police. Open source is the equivalent of wearing kevlar. Keeping security protocols closed is the equivalent of wearing a plastic vest made up to look like kevlar in the hopes that whoever is holding the gun won't pull the trigger because they figure you're wearing kevlar and there's no point.

I'll leave it to you which one is more secure.
honestly, i don't know anything about computers.

i just thought if everyone had the basic elements of what you were doing someone would figure it out if they really wanted to.

do you think the NSA or CSIS use opensource software, they're not thinking obscurity is their only defence, its just the first step.
Reply With Quote
  #22 (permalink)  
Old Sep 18, 08
ebbomega's Avatar
1up motherfucker
 
Join Date: Oct 2003
ebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to all
Quote:
Originally Posted by SEAN! View Post
honestly, i don't know anything about computers.

i just thought if everyone had the basic elements of what you were doing someone would figure it out if they really wanted to.

do you think the NSA or CSIS use opensource software, they're not thinking obscurity is their only defence, its just the first step.
Yup, it's called OpenSSL. THANKS FOR COMING OUT.
Reply With Quote
  #23 (permalink)  
Old Sep 18, 08
tiestn vancorstenfold
 
Join Date: Sep 2002
ppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of lightppcock is a glorious beacon of light
Quote:
Originally Posted by ebbomega View Post
HAHAHA SUCKS TO BE YOU CAN'T INSTALL ON LUNIX MACHINE L)L)L)L)L)L
Dude, with sage's posts about nothing. I'm sure I can find a way to do it.
Or disguise myself as a 13 year old girl who's obsessed with the Show Cats and put him behind bars for sex with a minor for a few years.

To catch a predator bizzznitches!
Reply With Quote
  #24 (permalink)  
Old Sep 18, 08
DONT BE BITTER BE BETTER
 
Join Date: Apr 2001
rawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to allrawb is a name known to all
there is nothing wrong with security through obscurity, it is an incredibly effective part of any security strategy. the only issue comes in when it is used as the only method of security.
Reply With Quote
  #25 (permalink)  
Old Sep 18, 08
ebbomega's Avatar
1up motherfucker
 
Join Date: Oct 2003
ebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to allebbomega is a name known to all
Quote:
Originally Posted by ppcock View Post
Dude, with sage's posts about nothing. I'm sure I can find a way to do it.
Or disguise myself as a 13 year old girl who's obsessed with the Show Cats and put him behind bars for sex with a minor for a few years.

To catch a predator bizzznitches!
As with all computer security tricks, social engineering will get you everywhere. Especially where it involves watching as they type in their password. Then it's just a matter of knowing what kind of remote connectivity apps they have installed (ubuntu ships with openssh) and then sudo for root access.

Even easier if he has an infrared keyboard, then you can sniff out his password next time he updates his computer just by standing by his window.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Forum Jump


All times are GMT -7. The time now is 11:44 AM.


Forum software by vBulletin
Circa 2000 FNK.CA