A posting in german about my experiences with bodyscanners at the cologne airport can be found at
http://verzaell.uss.koeln/?p=67
Merry Christmas everyone!
A posting in german about my experiences with bodyscanners at the cologne airport can be found at
http://verzaell.uss.koeln/?p=67
Merry Christmas everyone!
Did not take too long this time.. Silk Road 3.0 is on its way..
A lot of the hidden services I mentioned in previous posts have been closed
by Law Enforcement yesterday and today. The famous “silk road 2.0” just like
other marketplaces:
Under Codename “Onymous” several Law Enforcement Agencies (FBI/Europol) the operator of
Silk Road 2.0 Blake Benthall (Defcon) has been arrested in San Francisco yesterday.
Looks like the FBI had an undercover agent in SR 2.0 right from the start
The complete story:
https://pdf.yt/d/RpyX9_xmapTkhmkb
If you ever wanted to use Facebook via TOR you you are no longer forced to use an exit node from TOR. Facebook is now present as a hidden service in TOR at the
URL: https://facebookcorewwwi.onion (only reachable with a TOR-enabled browser of course)
and http://facebookcorewwwi.onion/
They even use a SSL-Cert for the server..
Here is what Roger Dingledine (from the TOR-project) says about the finding of the new URL:
https://lists.torproject.org/pipermail/tor-talk/2014-October/035412.html
..and while we are at it; A kill from a contract killer can be ordered for 6500$ in US/Canada and
7000$ in Europe. I wonder if additional costs like travelling is included 🙂 Probably a big fake..
Recently I fell about an advertisement for a DDoS – Attack Service in the tor-network – it was way cheaper than I thought.
25 minutes of 150 Gbps costs only 15$; a silver paket for 1 hour is available for 20$ and a whole week with a hour/day downtime can be bought in a gold-paket for only 60$. These darknets are really dark these days…
Once in a while I take a look in the downloaded files from the ssh-honeypot.
Lately I saw a download of “linux-2.6.27.el6” which made we wonder.
If you are interested: There are more files available for download at http://222.186.15.13:8520/
..-probably all trojans and rootkits..
The known protocols of that kit include even gopher 🙂
gopher
http
https
file
news
mailto
socks
A short “string” on that file showed a lot of chinese ip-addresses, plus some replaced commands (netstat, ps, lsof) and a few additional options:
11CAttackBase
13CPacketAttack
10CAttackUdp
10CAttackSyn
11CAttackIcmp
10CAttackDns
10CAttackAmp
10CAttackPrx
15CAttackCompress
10CTcpAttack
9CAttackCc
10CAttackTns
9CAttackIe
7CSerial
short excerpt: (maybe these addresses are known elsewhere?
203.142.100.21
203.186.94.20
203.186.94.241
221.7.1.20
61.128.114.133
61.128.114.166
218.202.152.130
61.166.150.123
202.203.128.33
211.98.72.7
211.139.29.68
211.139.29.150
211.139.29.170
221.3.131.11
222.172.200.68
61.166.150.101
61.166.150.139
202.203.144.33
202.203.160.33
202.203.192.33
202.203.208.33
202.203.224.33….and so on..
The anti-abuse working group of RIPE has reported that the controversial european project “CleanIT”
has closed off:
“The project was closed in March, [..] mentioned that the document explicitly states that they do not believe that filtering and blocking is a way to deal with on-line terrorism and the promotion of terrorist activities that the project was trying to solve. “
Sounds like good news..
Warning: there is an openssl-bug floating around – but don’t tell anyone without explicit permission.
.. says the the german BSI, totally ignoring the fact that the exploit for this bug is public available, including the announcement on bugtraq and full disclosure…
The famous mailing list “full disclosure” closes its doors – John Cartwright, the Founder and maintainer
of the list announced the closing of the lis today.
<cite>
I’m not willing to fight this fight any longer. It’s getting harder to operate an open forum in today’s legal climate, let alone a
security-related one. There is no honour amongst hackers any more.
There is no real community. There is precious little skill. The
entire security game is becoming more and more regulated. This is all
a sign of things to come, and a reflection on the sad state of an
industry that should never have become an industry.
I’m suspending service indefinitely. Thanks for playing.
</cite>
Sad, but true .. I will miss this valuable source of information.