Archive for the ‘file sharing’ Category

Final Post

October 2, 2009

No – I’m not dead yet!!

This is a final post at Tigerstail.wordpress.com because I am tired of seeking knowledge and bitching about that which is. It is time to use my skills to develope the solutions to all of the problems I have discovered.

Join Me at jimmicap.wordpress.com

Advertisements

Netstat – My New Best Friend!

October 7, 2007

If your gonna be a hacker, you have to use netstat to figure out who’s hacking you and if you can’t defend yourself, you better not start an attack.

I have grow accostomed to having netstat open and sometimes even running in background. I never much thought about the fact that it is operating on a totally different operating system than Windows. One day while surfing, my whole Windows system froze (Firefox on Windows XP)and for no particlular reason I clicked on the DOS window and found netstat up and running and monotoring my system. There were connections to cnn.com and a content delivery system called Limelite which could be explained by being from the last site I visited.

There was also 66.228.208.169 which turned out to be registered to adtaq.com which was not an invited guest.

The next morning, I turned on my machine and immediately started a DOS window running “netstat -ano 7” which means it refreshes every 7 seconds. Before anything could even update, I had two intruders, the FBI and adtaq.com

Since I couldn’t find very much on adtaq.com and didn’t feel like wasting time I blocked them at my firewall.

Oh well, shit happens.

Just Plane Stupid!

October 6, 2007

As reported, the trial of Jammie Thomas for file sharing music was just plain stupid. The ability of Organizations to probe your machine is incredible and your computer is a treasure island of hidden information. The script kiddies in forums have been discussing firewalls, evidence eliminators and a lot of other information but what they pretty much ignore is that Jammie’s privacy was invaded and the music companies found the evidence they wanted by invading her privacy. They then sent her a letter notifying her of what she had done. She destroyed her hard drive but it was too late the evidence they had gathered without her knowledge or permission was enough to convict her.

Now I’m very paranoid about my own computer privacy and over the course of this blog, I have been using the DOS command netstat to find out who is connected and what processes they our running on my computer. I call these external information gathering connections Vulcan Mind Probes and I don’t particularly care whether its Google or Quantcast gathering cookie information to find out my tastes and the other sites I visit. As a matter of fact, I’m addicted to quantcast.com and love the information they gather on your machine so I guess I have to live with them invading my privacy with a Vulcan mind probe.

Now the FBI’s activity was the first I discovered and it’s sort of like having a constant companion. When they disappeared for a few days, I got even more paranoid because I was worried about them having a super stealth probe that I could not monitor. (They Do.) However, today is not the day I catch that. While typing this I set up the following at the DOS command prompt:

C:\WINDOWS>netstat -ano 7

The response showed one connection
TCP 192.168.0.101:2203 72.247.8.199:80 ESTABLISHED 548
The process id was for my antivirus program which was monitoring the connection.

As soon as I used the “Save and Continue Editing” function in WordPress, I got the following response

TCP 192.168.0.101:2203 72.247.8.199:80 ESTABLISHED 548
TCP 192.168.0.101:2205 66.185.33.184:80 TIME_WAIT 0
TCP 192.168.0.101:2207 66.185.33.184:80 TIME_WAIT 0
TCP 192.168.0.101:2210 72.247.8.199:80 ESTABLISHED 548

The new connection was not WordPress but a direct connection to my local ISP where the FBI’s Carnivore exist. I’m so used to this connection that I barely notice and assume that it’s a stealth key stroke logger reporting in with my reient activity.

This morning, I’m continuing my test with a trial version of “X-NetStat 5.1”. First I opened up two DOS Windows. In the first, I ran the above command and let it go continuously after restarting the machine from a cold start. In the second, I ran “netstat -bv 10” which is an extremely slow process so you always miss connections. Then I started “X-NetStat 5.1”.

Early reports showed no active external connections.

I then opened a blank browser and rechecked the results which still showed no external connections. I then connected to fatsavage.wordpress.com and “netstat -bv” was too slow to catch all the processes and users. Netstat -ano did a much better job of monitoring connections and processes but the hands down winner for monitoring connections was definitely “X-NetStat 5.1” which identified and reported the following connections:

72.14.253.91=po-in-f91.google.com
66.185.33.184=auto-66.185.33.184.wirelessworld.vi
72.247.8.199=a72-247-8-199.deploy.akamaitechnologies.com
72.14.207.104=eh-in-f104.google.com
38.98.19.109=38.98.19.109
66.77.65.78=66.77.65.78
198.65.147.194=198.65.147.194

The first connection is the Google stats connection doing its data mining and the second is my old friends at the FBI. Next is Akamai which is hosting WordPress and distributing it worldwide. Then we have a second Google probe and after that it’s not obvious but if you put the IP starting with 38 in your browser, thats a snap.com connection which I consider a cool tool and is welcome.

After that it gets a little more interesting as 66.77.65.78 belongs to Panther Express which is a direct competitor to Akaimi and is capable of high speed global information transfers and the final one, I found by putting the IP in the URL Locater. You can click the link below or just trust me:

198.65.147.194

Check it out or click the link! – No lie, its for IslamOnLine.net I simply can’t believe that anyone has put a Fatwa on me. I mean I’m not Salman Rushdie and I was not born a Muslim. Besides I thought my writing on Islamic porn was fairly balanced.

It turns out that this probably is not a Vulcan mind probe by Islamic forces but just another bunch of cops rattling there badges. The story will be posted at fatsavage.wordpress.com

So what is Just plain stupid?

Not only does IslamOnLine.net link directly to a porn portal, but it’s a well documented cop-site. With all the IP’s and hosting companies on line, you really want to know why anybody would want to use their own name and a cop-site porn server to attack someone. As we find out don’t blame the Muslims for this one.

In the end this totally irresponsible stupid probe takes out a cop porn site not previously identified and an Islamic site that is an American front.

Good Christ, these fucking idiots should go back to the WWII slogan – “loose lips, sink ships” and stop giving away the farm.