Re: Tunnelling via SSL anonymously to connect to remote host(s)

From: Nico Kadel-Garcia (nkadel@bellatlantic.net)
Date: 03/27/02 

From: "Nico Kadel-Garcia" <nkadel@bellatlantic.net>
Date: Wed, 27 Mar 2002 14:57:06 GMT

"Wolfgang Draxinger" <strikesat12@hotmail.com> wrote in message
news:21ko8.82197$Vl.2976985@typhoon.austin.rr.com...
> Ask the jew. He is probably better at these kinds of things than you are.
> "Anonymous" <nobody@noisebox.remailer.org> wrote in message
> news:4fa8256cad872c7b89ff0f882b6413ce@noisebox.remailer.org...
> > Problem Outline
> > ---------------
> > Imagine the following ficticious :-) scenario: You're a successful
> cosultant and you work your balls off for an
> > international firm, but the SOB project manager does not sign your time
> sheets for the last few weeks before your contract
> > finishes. After agreeing to overtime he suffers amnesia when it comes
to
> signing the timesheets. Now the agency will not
> > pay you unless you present SIGNED time sheets. You know you are in the
> right and you even have evidence to proove your
> > version of the story, however you live in a country which is several
> thousand KMs from where you were doing your contract
> > and you reckon that you would spend several thousand USD on legal/travel
> expenses in order to win the case (and you are not
> > always guaranteed recouperation of expenses if you win!). So you decide
> to right of the $10000 or so they owe you and put
> > it down to experience. The SOB project Mgr gets a raise and promotion
> because his budget is $10k lighter and as a result of
> > the consultant's hard work (working 90hrs/wk) the project was in on
time.
> You then talk to some other consultants and they
> > tell you similar stories where the same *** has done a trick on
them,
> whereby he does not sign the final month's
> > timesheets when he knows that the contractors are flying back to
Euorpe/US
> etc. He knows that a Jewish court will favour a
> > local Jew over a foreigner and that its too much hastle for people to
fly
> back to Israel to take him/Oracle to court.
> >
> > So this consultant decides that the SOB project Mgr, lets call him ASHER
> RUBEN (TEL AVIV/ORACLE ISRAEL) needs to suffer some
> > inconvenience for the considerable damages he has caused him and many
> other consultants. Being a unix and sysbase
> > specialist the consultant has all the skills to ensure that this SOB
> thinks twice before he screws another consultant.
> > Sometimes the law just lets you down and you have to get your own
justice
> and stop unscrupulous assholes like ASHER RUBEN
> > from defrauding individuals. The problem however is that these days
there
> is so much forensic evidence left behind if one
> > hacks into a computer system and the legal system comes down on hackers
> like a tone of bricks that even if you have to
> > skills to hack into a system, you cannot do it without leading them to
> your door!
> >
> > Questions
> > ---------UNDER A PURELY FICTICIOUS SCENARIO AND FOR EDUCATIONAL PURPOSES
> ONLY
> >
> > a) How can one telnet into the final system and run port-scanning tools
> wihout the source IP address being the one you have
> > used to dial-up your ISP or if you are behind a corporate n/w to your
> desk?

You don't. You borrow a computer at a public library, university, or donut
shop with internet access to run your tools from, and make sure your tools
are available from common web sites rather than your own machine.

> > b) Conventionally hackers login to an intermidiate server so the target
> thinks you come from xyz corp. However xyz corp has
> > logs that you came from there. So is there a way of perhaps using
> technologies like stunnel (or some other TCP wrapper
> > technique)and Shell accounts on intermidiate servers to somehow setup
your
> own proxy so that the trail stops there? I know
> > telnet is not using SSL but say tools such as SecureCRT, SSH etc will
> still forward your IP address, even if your ISP cannot
> > snoop on you and you avoid your ISP's logs.

Define "trail stops". By running your ssh session to the intermediate
machine, running your commands from there, *and making sure to zero the disk
when you reboot it*, you obscure most obvious traces and make forensics very
difficult. There are a stack of university sites I'd use the machines from
if I felt so inclined as to do this. The Free Software Foundatino machines
are apparently extremely porous, because of Richard Stallman's belief that
"computing should be free" and his belief that if they are free, people
won't misuse them.

An alternative would be to purchase cash-only accounts at an ISP too stupid
to be careful, and bounce things off of a shell-access account there. The
$cientologists did precisely this for six months: they are why it is now so
hard to buy cash-only or money-order accounts without a verifiable credit
card and phone line.

Of course, doing this sort of thing would mean you were an absolute ***,
and people like me would take a baseball bat to you if we caught you, but
the activity you are asking for analysis on is extremely rude and illegal
anyway.

> > Ok, the above are just ideas I am throwing around. I need help from an
> expert hacker on how to stop the trail getting back
> > to my IP address. How can I stop the trail dead at some intermediate
> server in my chain to the target system. There must
> > be a way as there's an awful lot of hacking going on undetected :-) Of
> course any comments are purely for educational
> > purposes!

Most hacking is done by incompetents using tools of mediocre quality
published by a few smarter people. Also, most sites just can't be bothered
to lock down their systems. (Believe me, I've tried!) If it inconveniences
one professor, one secretary to someone important, or one VP who can't find
time to learn better tools, you're stuck with the old systems,

> > Trust me this is for a just cause as there are plenty of lying, cheating
> hypocryts like RUBEN out there facing a contractor.

What goes around comes around. Don't do this. Instead, if you have to poke
around to get revenge, go after their fiscal records and publish them
anonymously. Also, be very careful to inform the wanker's supervisors that
he's a thief, and any other consultants that he has working for him. And
creditors! If he's doing this sort of bull***, what else is he hiding in
the books? And software copyright violations! Scumballs like this always
engage in copyright violation.....

> > You try and do an excellent job and these unscrupulous bastards hide
> behind their corporations and of course fucking
> > computer agencies are wankers who will always take the side of the
client
> as they know that they simply view contractors as
> > a FIFO and replace you with another warm body, even if he is unsuitable
> for the job. To any contractors, a warning. If you
> > are offered a contract with ORACLE ISRAEL, run like wind, they are
lying,
> cheating bastards and this is the view of many
> > contractors I have spoken to! Another ORACLE site to watch out for is
> ORACLE GERMANY (beware of project Managers: Peter van
> > den Berg who sometimes works out of the Netherlands office, and Gunnar
> Bower) Both these guys will smile at you and give you
> > a look as if butter would not melt in their mouth, yet they are total
> two-faced bastards and once screwed me out of several
> > thousand EUROS.

You know, posting your intentions here on a public newsgroup is the absolute
*last* thing you should have done. Now, if they get hacked into, they're
going to come looking for you, even if you didn't do it. Never announce or
ask for help with revenge: it eliminates plausible deniability.