A question about Trace

Saiba-Tenma · Post by **Saiba-Tenma** » 20 Sep 2006, 13:19

OK call me a noob if you must. I am interested in learning about hacking. I am learning new stuff all the time and I find it very interesting. I am not saying that I am going to use it I am just saying I find it interesting and I would love to have the knowledge if I decide that one day I need it.

Ether way. Enough talk about me. My question is about the info I cant seem to find anywhere. I see lots of info about port scanning and how to get into systems and all that stuff but I don't ever see anything about how to stop or slow a server or computer from being able to trace your IP address or your computer at that. Please don't make fun but I have no other way of explaining it. I see it in the movies and I have played a couple hacker games and they all start off with you hoping from system to system and finally getting to the system you want to hack into. I am looking for information on how that is done and any other info I can learn about it.

Post by **bad_brain** » 20 Sep 2006, 15:44

k, what you mean with "hopping from system to system" is called proxy chaining. FreeCap for example is an application which can be used for this:
http://www.freecap.ru/eng/?p=index
but well, no matter how long your proxy chain is, you can never be sure to be 100% anonymous at the end....and proxy chaining will definitly slow down your connection immensely. one GOOD proxy server is worth more than 10 bad ones in a row, "good" means the server should run no logs (or at least delete them once a day)....and such proxy servers are very rare.
some might say now "duh, I hack a server then and abuse it as proxy, MUAHAHA!".....but, can you really say for sure you found and erased all logs afterwards? highly doubtful.

but well, it depends a little from your location...if you're from an east european country for example you would have better chances to find one than if you're from the US or the European Union, simply because of the stricter laws...in germany all connection data have to be stored for 6 months for example, and the only proxy provider I know which runs a anonymity-for-users policy (JAP by the University of Dresden) had/have a lot of trouble already with the state (lawsuits for "supporting criminality"

):
http://anon.inf.tu-dresden.de/index_en.html
but well, if someone don't need real highspeed for the connection JAP is a recommendation of mine, even to users outside of germany.

as you can see it's not that simple like in the movies....imo the best way for anonymity is an internet cafe, a fake beard and dark sunglasses...

z3mwaz · Post by **z3mwaz** » 20 Sep 2006, 18:24

I am a n00b also, but I know exactly what ur talkin about Saiba.
I play the PC game Uplink: Hacker Elite ALL the time, not cause i want to shutdown systems, hack banks, or steal anything.Its just entertaining, and it does teach you how to be patient.

Please Correct Me If I'm wrong

I dont know if i'm right but in real live it would be extreamly hard to do an "Active Trace"
In games and movies, that is where they show sometype of map showing a "Red Line" moving from the attacked host to the attacker.
That would mean the the "Victim" would have Real-time access to the log files of every bounce the u made alog the way....but u know how the government is>>>

Now a Passive Scan is more logical that an Active Scan, but would take more time, since the "Victim" would have limited access the log files of the proxy servers a.k.a. system bounces,
That means that if u "0wned" multiply system and could access the log files, then u could modify the logs in a way that it does not point to you.

!Important!
Dont just delete log files/entries. that is just a dead give away that you have root access to that system and they could use that as a starting point to try and track you in the furture.
Modify the logs entries to show a different connection other than your own.

I dont know how accurite this is so i'm sorry if i am misleading in anyway.
I myself am in n00b 101

P.S.
I am currently Downloading FreeCap v3.18
Seems like a good program.
Been reading the Help files

Anyone know good proxies that are secure

Post by **Gogeta70** » 20 Sep 2006, 22:23

Heh, you're getting to complicated. If you absolutely HAVE to find someone (if they did something illegal to your server, and you have the logs to prove it) then tracert their ip or whois it, and get their ISP. Contact their ISP and get the location of the owner of the ip.

Saiba-Tenma · Post by **Saiba-Tenma** » 21 Sep 2006, 01:06

gogeta70 wrote:Heh, you're getting to complicated. If you absolutely HAVE to find someone (if they did something illegal to your server, and you have the logs to prove it) then tracert their ip or whois it, and get their ISP. Contact their ISP and get the location of the owner of the ip.

I undstand what is being said in the posts above but then I get to this post. I wonder... I thought that the proxy hopping was to stop someone from having a log of the correct address. Is that not what it means?

Post by **pseudo_opcode** » 21 Sep 2006, 02:20

yes on the target server the logs will contain the ip address of proxy server not your computer.. but the proxy server will store log your IP address.

Its like you hacked computer E and your computer is A, in between you used proxies B,C,D.... here's what happened

A---->B---->C---->D---->E

Now E *can* trace you through the logs of B,C,D but if the logs of any one of the proxy is deleted, they cant trace you... so the probably of being anonymous by using a proxy chain is more than using a single proxy.

TIP:never erase the logs... just edit them(if you are a ninja) otherwise if you are a pirate.. do as you wish

As b_b said its very difficult to find good proxies and they slow down your internet surfing drastically... i think rather than using proxies you should try to spoof your ip thru other ways(dont bother at this time if you dont know what they are)

Post by **Gogeta70** » 21 Sep 2006, 06:00

Heh, looks like someone has been playing a little bit too much slave hack?

Post by **pseudo_opcode** » 21 Sep 2006, 06:10

haha i dont play on slave hack.. its an skiddie game.. also i dont have enough time

z3mwaz · Post by **z3mwaz** » 21 Sep 2006, 07:06

never played Slave Hack, but did google it a min ago.
i got lots of free time so... is it any good?

Post by **pseudo_opcode** » 21 Sep 2006, 08:06

yeah.. its a very good timepass and highly addictive... its fun even when you know when you are no good than a script kiddie

Saiba-Tenma · Post by **Saiba-Tenma** » 21 Sep 2006, 12:37

Not to say that I am doing it for anything more than fun but would someone be willing to take personal messages from me some times asking questions about hacking. Just incase there is something else I have a question about. Someone that really knows what they are doing. I really dont like having to drop and start over because of bad info. I guess that is why I have still not even tested my skills on my friend even tho he said I could. ^_^ I have just studied and studied... lol

I know... You are all saying something like... "Stupid noob... Some day you will learn!" ^_^

Post by **Gogeta70** » 21 Sep 2006, 15:09

Heh, suck-o is more friendly than that! C'mon, give us some credit. Anyway, feel free to PM any of the suck-o staff admins any time.

Post by **bad_brain** » 22 Sep 2006, 04:13

it's not the skill level that counts on suck-o, it's the will to learn and the intention behind it. we all started as newbies and nobody was born with a Unix-manual in his head...

Post by **Gogeta70** » 22 Sep 2006, 05:49

I was. Lol, just kiddin.

Chaos1986 · Post by **Chaos1986** » 10 Oct 2006, 19:45

bad_brain wrote:it's not the skill level that counts on suck-o, it's the will to learn and the intention behind it. we all started as newbies and nobody was born with a Unix-manual in his head...

That Is Very true Bad_Brain And nobody was born with a Unix-manual in his head...

Chaos1986