Ex-Brother-in-Laws infected PC and possible trouble

diif · 10-18-2015, 03:36 AM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Originally posted by stj

there is evidence that it may have been in play at fukushima.
the engineers said they couldnt get automated generators to start and guages where showing bs.

More likely due to the flood waters, or as is usual when back up whatevers fail to start the fact they had not been tested.

stj · 10-18-2015, 02:31 AM

Re: Ex-Brother-in-Laws infected PC and possible trouble

lol - here you go!
http://fossforce.com/2015/10/microso...ising-malware/

stj · 10-17-2015, 03:41 PM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Originally posted by diif

Stuxnet was designed to sabotage Iran's nuclear program.

there is evidence that it may have been in play at fukushima.
the engineers said they couldnt get automated generators to start and guages where showing bs.

Spork Schivago · 10-17-2015, 12:38 PM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Wasn't there some hackers that turned off some fans somewhere to get something to overheat, trying to show that the governments computer security was lacking? Nothing deadly was done, but I thought I remember seeing something like that. Maybe it was in a movie...

diif · 10-17-2015, 12:22 PM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Stuxnet was designed to sabotage Iran's nuclear program.

Spork Schivago · 10-17-2015, 12:14 PM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Sneaky governments. One time I found some IP address that belongs to the FBI. I just randomly ran a whois query on some random IP address. It was a low number, if I remember correctly, something like 4.4.4.4 (but it wasn't 4.4.4.4). Said something weird, like FBI Database or something in one of the fields. I could probably find the IP address again if anyone's interested.

diif · 10-17-2015, 11:24 AM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Originally posted by Spork Schivago

Are they the names of malware / viruses / trojans / whatever?

Yes

Spork Schivago · 10-17-2015, 11:18 AM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Originally posted by diif

Duqu, Stuxnet and Flame I think have all been state sponsored.

Are they the names of malware / viruses / trojans / whatever?

stj · 10-17-2015, 10:56 AM

Re: Ex-Brother-in-Laws infected PC and possible trouble

not just state sponsored, assisted by the company's behind the infected prooducts.
(microsoft / siemens)

it would be interesting to see those company's prosecuted.

diif · 10-17-2015, 09:56 AM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Duqu, Stuxnet and Flame I think have all been state sponsored.

Spork Schivago · 10-17-2015, 09:04 AM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Originally posted by diif

Most governments are broke and pretty clueless about security. The US military servers as Spork points out have been open and compromised for many years. Its why Garry McKinnon was just running default passwords against the servers. When Virgin can't even secure a webpage it sure isn't them doing the hoovering, that would be GCHQ and the NSA. Virgin just use block lists just like Sky and Talk Talk as mandated by the government. Pointless when there are vpns and proxies but I guess it stops the clueless ones.
Most cyber attacks are from different countries. ISPs care about their bottom line not stopping viruses. And what about those counties that support and even employ hackers ?

Good point on the countries that support and even employ hackers. Wasn't it Kaspersky that found that massive malware / virus? Installed on government officials PCs, mostly in Afghanistan / Iraq? Only a very few percentage of officials in the USA had it on their PC (something like 3). Kaspersky said it would take years to fully understand what it could do, but turning on the webcam, the microphone, capturing live screen shots / videos, giving the hacker full control of the PC was just some of the things. They said to date, they had never seen such a complex piece of software and was almost certain some government hired hackers to write the code...

diif · 10-17-2015, 02:10 AM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Originally posted by stj

a number of ISP's run deep-packet inspection on all traffic.
unfortunatly they are only interested in gathering data for the government about everybody.
Virgin runs atleast 2 NARUS units in the fucked-up u.k.

that's the joke here, the governments are the real terrorists or they could use all the shit we pay for to fix things.
for example the ISP's could pinpoint and stop most viruses and port attacks.
they could also provide the courts with a copy of hillary's emails in and out of her server(s)

Most governments are broke and pretty clueless about security. The US military servers as Spork points out have been open and compromised for many years. Its why Garry McKinnon was just running default passwords against the servers. When Virgin can't even secure a webpage it sure isn't them doing the hoovering, that would be GCHQ and the NSA. Virgin just use block lists just like Sky and Talk Talk as mandated by the government. Pointless when there are vpns and proxies but I guess it stops the clueless ones.
Most cyber attacks are from different countries. ISPs care about their bottom line not stopping viruses. And what about those counties that support and even employ hackers ?

goontron · 10-16-2015, 09:01 PM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Originally posted by Spork Schivago

Are you saying you've used Amazon AWS or Google's Cloud Hosting thing to hide your IP or they used it? I'm afraid if I try using something like that, if the Amazon servers are in my country, my government could get it and prosecute (if they cared). When I was 14 or 15, I was exploring a Unix type of machine. I didn't mean any harm or anything, but the owner detected my exploration and thought I was a hacker from Cornell (we live maybe 50 miles away or so). Needless to say, she reported me to C.E.R.T. (Computer Emergency Response Team). I believe they were part of the FBI. I got in a lot of trouble but when she found out my age and everything, she dropped all the charges. My parents wouldn't let me use a PC for a full year after that. It really sucked. She was real nice and said next time I want to explore, I might want to contact the owner first and let them know so my actions weren't considered malicious.

they had proxies through them.

Spork Schivago · 10-16-2015, 07:27 PM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Originally posted by stj

a number of ISP's run deep-packet inspection on all traffic.
unfortunatly they are only interested in gathering data for the government about everybody.
Virgin runs atleast 2 NARUS units in the fucked-up u.k.

that's the joke here, the governments are the real terrorists or they could use all the shit we pay for to fix things.
for example the ISP's could pinpoint and stop most viruses and port attacks.
they could also provide the courts with a copy of hillary's emails in and out of her server(s)

When I was stationed at Camp Geiger, when I was in the USMC, we had two networks. A secure network for sensitive data and the regular network. I didn't have access to the secure network but I did to the main one. My friend and I ran a portscan on the IPs connected to that network and what we found was astonishing! So many of the PCs where infected with backdoors. Back Orifice was a popular one back then I believe. I just wish I had a chance to run it on the secure network. I reported it to my Sergeant and he didn't do anything. Said he was afraid my friend and I would get in trouble for running the scan in the first place.

stj · 10-16-2015, 07:16 PM

Re: Ex-Brother-in-Laws infected PC and possible trouble

a number of ISP's run deep-packet inspection on all traffic.
unfortunatly they are only interested in gathering data for the government about everybody.
Virgin runs atleast 2 NARUS units in the fucked-up u.k.

that's the joke here, the governments are the real terrorists or they could use all the shit we pay for to fix things.
for example the ISP's could pinpoint and stop most viruses and port attacks.
they could also provide the courts with a copy of hillary's emails in and out of her server(s)

diif · 10-16-2015, 07:03 PM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Originally posted by Spork Schivago

I thought for sure, with all the money Microsoft was making, they'd have a stateful packet inspection firewall that they provided with the OS. Just about every Linux distro comes with one for free, iptables. And yeah, maybe a combination of stuff could be used, a signature database that everyone has access too (ie, McAfee, Norton, open-source programs, etc) and then some sort of heuristic type detection. I know Norton for Windows has been working on some heuristic type detection stuff. A lot of false positives though I guess.

Deep packet inspection is expensive enterprise stuff, and the antivirus companies all have their own databases. That way they can claim they are better that their competitors.

Far better to follow basic common security practices. And certainly don't hand your PC to the bad guys.

Spork Schivago · 10-16-2015, 06:56 PM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Originally posted by diif

Smoothwall, monowall or pfsense are all good Linux firewalls.
Software to do packet inspection is not cheap and certainly not a Windows feature.
Even so with the thousands of differing types of malware released daily it would still need the signatures to compare against.

I thought for sure, with all the money Microsoft was making, they'd have a stateful packet inspection firewall that they provided with the OS. Just about every Linux distro comes with one for free, iptables. And yeah, maybe a combination of stuff could be used, a signature database that everyone has access too (ie, McAfee, Norton, open-source programs, etc) and then some sort of heuristic type detection. I know Norton for Windows has been working on some heuristic type detection stuff. A lot of false positives though I guess.

Spork Schivago · 10-16-2015, 06:53 PM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Originally posted by goontron

ive gone after the scammers before. Amazon AWS as a proxy, or googles cloud hosting thing.

Are you saying you've used Amazon AWS or Google's Cloud Hosting thing to hide your IP or they used it? I'm afraid if I try using something like that, if the Amazon servers are in my country, my government could get it and prosecute (if they cared). When I was 14 or 15, I was exploring a Unix type of machine. I didn't mean any harm or anything, but the owner detected my exploration and thought I was a hacker from Cornell (we live maybe 50 miles away or so). Needless to say, she reported me to C.E.R.T. (Computer Emergency Response Team). I believe they were part of the FBI. I got in a lot of trouble but when she found out my age and everything, she dropped all the charges. My parents wouldn't let me use a PC for a full year after that. It really sucked. She was real nice and said next time I want to explore, I might want to contact the owner first and let them know so my actions weren't considered malicious.

diif · 10-16-2015, 06:50 PM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Originally posted by Spork Schivago

Yeah, hostfiles don't really provide the security that they used to. In Linux, there's distros you can use to setup a PC as a firewall and I've seen software that inspects in the packets for known attacks. Perhaps the software also searches the incoming packets for known malware / viruses. You know, block the shit before it hits the local client rather than at the actually client. I'm sure Windows has a similar feature.

Smoothwall, monowall or pfsense are all good Linux firewalls.
Software to do packet inspection is not cheap and certainly not a Windows feature.
Even so with the thousands of differing types of malware released daily it would still need the signatures to compare against.

goontron · 10-16-2015, 06:35 PM

Re: Ex-Brother-in-Laws infected PC and possible trouble

Originally posted by Spork Schivago

My ex-Brother-in-Law got infected with some sort of ransomware. He's freaking out. Said his PC was beeping and had him call some number, everything was locked up. He called the number, installed the software they told him to install, and then when someone connected to PC, asking for personal info, he shut down the PC. When he restarts, he can't do anything. I'm familiar with the ransomware.

I had some questions though. Instead of just removing the malware / formatting the PC / reinstalling, whatever, if I could monitor the network traffic, using something like Wireshark, and grab an IP address, and then trace that IP address to a country, assuming they're not connecting via a proxy or something, how much trouble could I get into if I tried hacking into their network?

There's scanning tools like Nessus that make scanning for vulnerabilities fairly simple and then there's tools, like Metasploit, that make exploiting those vulnerabilities fairly simple. If they're in a country where we don't have diplomatic relations, could I still get in trouble? Or if I where to go through a proxy with a country that we didn't have diplomatic relations with, to hide my real IP, and then tried getting into their network, could I get in trouble?

Thanks.

ive gone after the scammers before. Amazon AWS as a proxy, or googles cloud hosting thing.

Ex-Brother-in-Laws infected PC and possible trouble

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Related Topics