NSA to hackers: We’re not prepared for major attack

Proper computer security basics:

1. Do not run services you don't need
   
2. Protect the running services with a decent firewall, e.g. iptables
   
3. Configure your running service properly, i.e. application-level security
   
4. Use strong authentication methods
   
5. Encrypt your traffic
   
6. Limit outgoing traffic to what is essential for operations
   
7. Never log on to your system as an admin for regular operations
   
8. Use an IPS for allowed traffic
   

There is a lot more.

reply to post by _R4t_


It's not public property:

WARNING: You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions:
-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC, monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.
-At any time, the USG may inspect and seize data stored on this IS.
-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.
-This IS includes security measures (e.g., authentication and access controls) to protect USG interests — not for your personal benefit or privacy.
-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.

SAN INFORMATION IS SUBJECT TO THE PRIVACY ACT OF 1974. Contents shall not be disclosed, discussed, or shared with individuals unless they have a direct need-to-know in the performance of their official duties. Privacy Act information should be treated as “For Official Use Only.” Unauthorized disclosure of Privacy Act information may result in civil and criminal penalties. (DoD Directive 5400.11, “DoD Privacy Program”)

-At any time, the USG may inspect and seize data stored on this IS.

reply to post by _R4t_


They use HAIPE for their "inner" network. A protocol that has been partially designed by NSA.
The weakest link is not the security of their classified networks, but the people operating them.

I said "partially", because it's based on IPSec.

Originally posted by Stiglitz
Proper computer security basics:

1. Do not run services you don't need
   
2. Protect the running services with a decent firewall, e.g. iptables
   
3. Configure your running service properly, i.e. application-level security
   
4. Use strong authentication methods
   
5. Encrypt your traffic
   
6. Limit outgoing traffic to what is essential for operations
   
7. Never log on to your system as an admin for regular operations
   
8. Use an IPS for allowed traffic
   

There is a lot more.

Dude I'm a NOCC tech for a multi-national ISP and yes thats the BASIC of security and proper admin ethics but my point is its not because there's alot of services running on a server that its not secure. Hell they can be honeypots.. We have off net servers we intentionally leave a bit open so it gives us something to do when we're bored... But you can try fcking with it if you dare were going to snort you a$$ and your going to hit a tripwire and you'll have 5 people putting bets on your rear on how stupid you are of trying or we're simply going to sit there watch everything your typing until we get tired and drop everything coming from your host or ISP...

You seem to point one server and base the whole picture over it... I'm not sure whether your trying to show people you can run nmap or some # but take a step back and chill buddy.. lol... When you write me a heap overflow thats not some stolen code from bugtraq maybe we'll take you seriously...

But if your to stumble in here with some lame "I'm a gov employee" pointing one stupid server that's more than certainly off net and try to impress people providing basic security guidelines and nmap cut n' pastes that my friggen dog can do please go somewhere else we've seen kids like this before by the shovel...



I

reply to post by _R4t_


I'm overwhelmed. I googled NOCC.


Former employee of the government. Too emotional to read?

reply to post by _R4t_

Plenty of unsecured WiFi spots, untraceable MAC addresses, networks such as Tor, Jon Donym, secure browser profiles, etc. to do whatever it is you gotta do.

Not that a secured WiFi spot bothers me much. Aircrack is such a nice and easy tool to use. WPA encryption? LOL.

reply to post by Stiglitz


I forgot the most basic part: use a real OS.

reply to post by pillock


whoops my bad sorry dude!

Originally posted by Stiglitz
reply to post by _R4t_

 

Plenty of unsecured WiFi spots, untraceable MAC addresses, networks such as Tor, Jon Donym, secure browser profiles, etc. to do whatever it is you gotta do.

Not that a secured WiFi spot bothers me much. Aircrack is such a nice and easy tool to use. WPA encryption? LOL.

You are a complete newb at this and it shows you dont even know the proper terms for any of the stuff you spoke... Your just googling stuff that you barely understand and trying to impress people and im calling you on it...

Untraceable mac address: primary if its untraceable its unreacheable... If its unreacheable you dont get any connection on the network because "your not on the network" dumbass...what you attempted to refer to is a spoofed mac address with is a faked mac so that your real mac isnt made public...but no mac can be untraceable einstein...

Networks such a ps TOR: tor isn't really a network is a chain of proxy you moron...and yes there is other like tor but just like tor the last node in the network is unencrypted meaning the smartass hosting the TOR node at the end of the chain see everything ur typing and doing... I host one,,,ill prolly get your bank account soon if u think ur safe on this... Not to mention that it leaks data making your annonymity not so annonymous... Oh and if was developed by the nsa incase u didnt mnow...big brother owns it...

Secure browser profile: do you have down syndrom or something u really think a browser profile at one end of the OSI model is going to do anything against tools that are disecting the other end??? Oh wait lemme guest you have no clue what the OSI model is... Or if you do u definately dont know how it works...

Aircrack uh??? No no were not script kiddies here... If u'd know crap you would know aircrack only is really effective against single keyed wep networks... If they are key hopping u wont even stand a chance with 10 billion Ivs...

Oh and My favorite one "WPA LOL" really??. I meant really cmon you seriously think aircrack with crack wpa like it does with wep? You dont know crap do you... Aircrack exploit a flaw in wep by attacking weak packets and deduction the key from there... WPA has no such flaw its not been cracked.. Aircrack use dictionary attacks which.mean you really ln a huge wordlist and the hope that then dude that your trying or pwn changed his passphrase to his dog name or some sh!t... It'll take u 5 years with a supercomputer to get through a passphrase thats randomely generated.

U dont know anything ur just a kid that downloaded backtrack and is copying youtube videos on how to attack ur neighbourgs APs...

Dare to say otherwise and ill publicly post an exploit and challenge u correct the codes to make it compilable, we'll see how much crap u talk then... Ill even make videos of ur compilling errors... Might wanna start learning C right about now beeeeeetch....

Ohhh and wait you had to google NOCC your trying to tell the people here your a former goverment worker in the security business and you dont know what NOCC is??? Your shooting urself in the face with this one...

Do you know where government agencies with subpoena go to get traffic or data infos on people??? To the people that control and route said traffic... Do you know who does that?? People sitting with 3-4 monitors infront of a vmax size screen like in cinema pretty much watching and handling traffic for entire telcos and/or country... Commonly refered to as NOCC...

You dont even know the basic departments of an isp and ur trying to tell us ur into security WTF man seriously theres people here that are into this for a living... Not cracking wifies for free porn... Judging by the above you have between 2-3 months into this, you cant code, you have no knowledge of ISPs and you rely at 100% on tools others wrote for you... Hell you dont know crap networking neither otherwise u wouldnt of mentioned something stupid like untraceable mac address...

Seriously, dont answer back and change username here at least u'll still have ur dignity left...

Thats a NOCC op center... Kiddy





Aircrack this....

reply to post by _R4t_


WPA2 can be cracked within 24 hours with a decent video chipset, e.g. NVIDIA. This is very old news.
No, I'm not impressed by JWICS, SIPRNET, HAIPE, NOCC etc. People and poor security protocols are the weakest link in any operational security. Julian Assange proved that a while ago.

Since you're such an expert, you probably heard of Moxie Marlinspike, who hosts a site to crack WPA amongst others www.cloudcracker.com...
No need for that site really; all you need is Backtrack Linux and some basic knowledge.

I work with people who "hack" (write kernel code) on a daily basis. And that's all you need to know.

Calling people a moron because you disagree with them is hardly a sign of intellectual superiority and only displays a weakness of character. But then again, I didn't expect much more. Image is everything, isn't it?

reply to post by _R4t_


"A MAC, for "Media Access Control" address is a unique number that's assigned to every ethernet network interface.

In theory, it's unique anyway. In theory, every network card or network interface should have its own unique MAC address that is different from every other network card on the planet.

There are two problems:

Occasionally, manufacturers don't ensure that they're unique, so multiple network interfaces can in fact have the same MAC address.

The MAC address can be set in software in many network interfaces, meaning that whatever the original MAC address, it can be overridden later."

reply to post by _R4t_


www.aboutlinux.info...

The higher the voice the smaller the intellect.
Ernest Newman

Did you know that if you tunnel your entire Internet traffic through, let's say, an OpenVPN or SSH connection, the ISPs in between can't see jack sh1t?


PS: NOCC that.

Originally posted by Stiglitz
Did you know that if you tunnel your entire Internet traffic through, let's say, an OpenVPN or SSH connection, the ISPs in between can't see jack sh1t?

edit on 29-7-2012 by Stiglitz because: (no reason given)

PS: NOCC that.

edit on 29-7-2012 by Stiglitz because: (no reason given)

So since you can't deny my previous post your solutuion is coming back with a half baked computer illiterate question right???.... Let me put this in perspective for you...

You use a vpn so that or a ssh tunnel in the following setup A being ur pc B the proxy tunnel C the host your trying to securely access...

A=====B======C

Primary from a cop try to bust you point of view: they come to us to get the raw traffic encrypted or not, once they see the encrypted traffic coming from you they apply the "hes got something to hide statement" and wont need alot more to get a subpoena to go seize your computer... Plus they dont have to sift through tons of data now since they know you arent trying to hide this one for nothing...

They'll then ask us to where the traffic is going... If you knew anything about tcp ip you would know this cant be hidden through encryption... Then they"ll match your outgoing traffic to one of the attacking machines they know caused the attack and will stumble in ur house at 4am sticking shotguns up your ass... By the time you understand what happen they'll have hooked a switchblade to ur machine to drop the content of your RAM and will bring this to forensic analyst so that your ssh key can be recovered...once its recivered they'll apply it to the raw data they had from us to make it completely unencrypted...

From a hacker point of view i could pwn you multiple ways SSH isnt completely safe theres vulnerable protocols on SSH some that are proto specific some os based... The debian ssh vulnerability is a good example but why do i even write this down its above you 300 times anyways...

The vulnerability if both hosts vulnerable will make any ssh data completely plaintext...

OR i could just pwn ur sorry rear and crack a beer open and pop some popcorn while watching ur desktop live....

From a nocc perpective: doest matter if your vpn'ing urself from a to b to hide ur data from the isp your with... I'll just check the data thats coming out of b going to c cuz every isp is interconnected and we can all access eachothers traffic at some level...


Then again were talking rocket science and your best argument is "pfffttt dis you know gravity will cause your problem!"

You fail neophyte go back to aircrack....

reply to post by _R4t_


RAM and hard drives can be securely deleted and I don't mean by using the recycle bin. They can also be disposed of in a secure manner, i.e. shredded.
The originating IP does not necessarily indicate the location of the source host. IP addresses can be spoofed.
The MAC address does not necessarily indicate the real vendor or device that was used. MAC addresses can be spoofed.
The data provided by a user agent can be manipulated and altered.
There are servers on the Internet that don't keep traffic logs, even though this is a legal requirement in many countries.

Yet again, you resort to foul language and trolling. It ends here.

Originally posted by _R4t_
From a nocc perpective: doest matter if your vpn'ing urself from a to b to hide ur data from the isp your with... I'll just check the data thats coming out of b going to c cuz every isp is interconnected and we can all access eachothers traffic at some level...

Not if the payload is also encrypted.

Originally posted by Stiglitz

Originally posted by _R4t_
From a nocc perpective: doest matter if your vpn'ing urself from a to b to hide ur data from the isp your with... I'll just check the data thats coming out of b going to c cuz every isp is interconnected and we can all access eachothers traffic at some level...

Not if the payload is also encrypted.

Riiiighhhtttttt Neo... You do know that a ip packet is constituted of different sections right, one being the ip header containing the source/destination hosts and the last part the Data or payload part... So how do you think encrypting the wrong part of a packet going to help u here...

Better yet if you have a packet thats 100% encrypted how do you expext the router, modem and isp to know where its supposed to go....

I quit you dont have the level of knowledge required for any of this arguying with you pass this point is just pointless you dont even know the first thing your supposed to know in networking which is tcp/ip....

Perhaps i believe your a former gov employee now...The "former" speaks alot now...

Good luck on your quest and dont try to start running before walking you have the type of mentality and lack of technical expertise thats going to land you in a cell with a jailmate named Bubba yhat LOVE penetration too... Just not network security type penetration...

Cya on the news!