03/10/13

Finding the Bad Guy’s in Tor -triangulated irregular network

gAtO ThInKiNg - a car GPS works very simple, It takes the delay time from one geo-positioned satellite and compares is to another geo-positional satellite and estimates the position of the GPS in my CAR – I think they call it satellite triangulation or something cool, it’s been done with radios to guide pilots navigate ever since they developed radios. We do it with satellite and we can use networks too.

triangulated irregular network  -So now apply this to the Tor bad guy’s websites- a hidden service!math_clouadTag

With a simple command you can get the time it takes to crawl a website, so you have one server in the U.S one is South America, one in Europe and one in Asia and we run the same command getting the delays from each location. I bet with a little math and some basic network tools we could figure out the geo-location of any given website in Tor. One of my good mentors told me that in my crawls I was capturing timing information, we all see timing information with a simple ping command in the clear web but in Tor – UDP is unsupported so it does not work -//- we must take into account the Tor network thru-put and utilization bit that’s easy to get from a number of Tor tools.

Reverse triangulation of a network server should be easy to find with a little math, just take a good sample and the longer you wait the more data you collect and the better the chance you can find a geo-location of a website. We do this in the clear web all the time we can see bad areas of the world that are bad spammers, and other like mail from Africa Prince Scams offering you millions if you send them some money to cover the transfer, or Russian and Chinese phishing attacks. So we know geo-location and some IP are more prime to bad actors and we can draw a profile, a geo-location of a place and/or  country or an ISP so not having the IP of a Tor server may not be neededto find them we could use network triangulation. “triangulated irregular network  ” So the same thing can be done with networks and timing delays of data back and forth from a // client <–> Tor OR <–>server.

I got a crazy Idea that may or may-not work, but it sounds good—//  so— Now if I can only find a government grant and a good math major to help out and we have a big business model to find the bad guy’s geo-location even in Tor - gAtO oUt…

02/3/13

Offensive Cyber Capabilities

Companies Need Offensive Cyber Capabilities

gAtO hEaR - about banks seek U.S Help on Iran Cyberattack’s. We hear about cyber attacks in the financial sector, the oil and energy sectors, then Leon Panetta warned perpetrators to cease hacking the US while we have all kinds of sanctions against Iran -/ this is insanity. Your telling unknown hackers (we suspected Iran) to  just stop, or what. What can we do to prevent them from launching cyber attacks against America.

So Iran has only 3 NAT-access points and 1 submarine cable (Al-Faw, Iraq submarine cable)

 

Then you have all these security people putting up defenses without building a firewall so bad-ass that they cannot do business. If we keep building these defenses it will get to a point where it defeats the purpose of the Internet. So what is the logical next move, offensive cyber weapons and capabilities. We can find these attacks and pinpoint the IP of where they are coming from then all we need is offensive tools to find them and do a seal-team 6 extraction of something like that and get the word out that we will find you and hunt you down.

One little hacker can keep a bank tied up for days in the middle of the desert. They could go after our traffic system, our rail system we know that SCADA is so messed up and in some cases open with defaults passwords. So we beat our chest like some mad gorilla and hope to scare these hackers.

My friends we must take initiative and find ways to counter these attacks no more just defense and I don’t mean a Ddos attack that can be circumvented. We need to plant Bot-nets on these people’s machines and monitor them and if we have to go physical and bring them to justice. Forget about Iran and let’s just talk about Chinese hacker attacks of our intellectual property. They just denied it and go about planning the next attack. We seen Skynet were thousands of computers were given a disk wipe and the blue screen of death. Why don’t we do the same to these hackers going after our infrastructure.

We must change our tactics and be a little more aggressive and become real cyber warriors not just defenders but attacking them and destroying their machines, their servers and routers. How about we just monitor the 1 submarine cable and 3 access points in Iran that should lead us to some of these people. The US monitors our own people then we stand by and allow other hostile countries to go and hack us. This is cyber insanity - gAtO OuT