do you feel someones got to you on your computer? do you suspect a keylogger or some other form of surveillance tool disturbing your privacy?
first you need an installer image of your favourite os. install that and all the apps and tools you need on a usb stick (you can get them with enough capacity today), a sd card or portable harddrive with builtin powersupply (the smaller ones don't take up more space than a package of cigarettes) and always take it with you whereever you go!
the latter is mandatory because if your are under monitoring from some goverment agency they can easily conceal a camera in your home and get your pw's that way. i read that Snowden entered his pw's under the cover of a blanket so it's not that far fetched.
if you live alone like me have several computers and have one of them running multiple services on virtual machines to ensure that some traffic is generated at arbitrary times.
then you need a good vpn. set your router, not the individual machines (physical or virtual) to use that vpn. don't worry! you can always have your prefered workmachine use a proxy so that you get an ip that matches your country.
Sunday, November 1, 2015
Tuesday, September 29, 2015
message to the dumb bastards in the goat fucker caliphat
do you really think i fall for something that naive? do you think i'm that desperate? come on! a mildly anatchistic middleaged british woman (could be interrested) dressing up like a fuckin' jawa from Star Wars!
i'm a tranny! i'm a guy who occationally dress up as a woman! and i like it! you throw people like me out from high places.
i may not be happy with the way things are done where i live now but at least i have the freedom to say and the opputunity to change things... to some extent.
did you really think i would participate in taking your hackers to the next level... even cyberwar?
do you think you will recruit any decent hacker by using an 80'ties punk rocker - that never were that good in the first place - as a posterwoman. i think you are getting desperate - really desperate. you want cyberwar... i'll fuckin' give it to you. try to get a network up and running. you will be found. you will be eradicated with digital fire.
you want my tactics? my skills? you ain't seen nothing yet. maybe i should offer my services to the nato cyber command and fuck you over bigtime. the Russians don't need my help in doing this.
this is what i propose take control of daesh accounts on social media and spam their followers with messages like:
- we're having great fun. bombs are dropping like rain and we're getting mutilated.
- you really die of smoking in our caliphate.
- i'm an old hag and the men would rather fuck a goat than me.
- my freedom is limited. can only walk the streets accompanied by my husband who is dead.
you get the picture.
fuck daesh and their medieval caliphate.
'nuff said, cheers
Helene
Tuesday, September 15, 2015
cyberunit - building an effective one
these are my thoughts (so far) on how to create an effective cyber-unit or hacker group:
*****************
*** cyberunit ***
*****************
authorities versus specialists
==============================
an authority has expert level knowledge on a specific topic, this can be but not limited to php, mysql, zap and so on.
a specialist is able to utilize any technique as a weapon (ie. for military use)
the authority-people handles long term strategy whereas the specialist people takes care of the tactical situations that may arise.
overview of the unit
====================
to know who is best suited to a specific task record information on who has most knowledge of different areas, like php, zap, shell-scripts, etc.
who has the best skills (ie hands-on) with specific software.
what area would the member best like to strengthen and what agitates them doing.
tactical layer
==============
handles mission planning since this is recon, attack, recon, attack and so on they decide best path to cut down time consumed on decision making.
strategic layer
===============
handles long term campaigns, choosing overall targets and choosing which areas - new techniques, example - internal knowledge that should receive focus.
wolfpack tactic
===============
this should make the basis for an unit that employs wolfpack tactics. it is so easy (with shared info on shared "hack"-servers) to add new personnel to an ongoing mission. and since everyone is making their own decisions within mission paramaters this is a very effeective method of organization. furthermore one can always re-assign unit members so that the strongest unit is presented for each "project".
every single member of the wolfpack knows the other members strengths and weaknesses. this tactic utilizes the way wolfpacks hunt.
shark tactic
============
get the target to focus attention on a single point and then attack (more or less) at random imitating a group of sharks floating by and each ripping a piece out of the target.
burst-fire hacking
==================
using the terminal can be tedious (you have to type a lot) so use scripts, aliases, functions and environment variables. also use tabs to seperate different tasks. it's easier to remember TARGET_IP_PRIMARY and TARGET_IP_SECONDARY than which ip is which target.
tools of the trade
==================
the computer is the gun and software the little pieces of ammunition you load it with. the os is more like a toolbox. a "hack"-server is a good idea to have running. it runs the software utilized by the unit and one connects to the servers and use port#'s to select the piece of program used.
old school techniques
=====================
you don't need a classy piece of software to send an email from everyone to everyone (you need access to the targets inbox to read any reply) just a smtp-gate and telnet.
*****************
*** cyberunit ***
*****************
authorities versus specialists
==============================
an authority has expert level knowledge on a specific topic, this can be but not limited to php, mysql, zap and so on.
a specialist is able to utilize any technique as a weapon (ie. for military use)
the authority-people handles long term strategy whereas the specialist people takes care of the tactical situations that may arise.
overview of the unit
====================
to know who is best suited to a specific task record information on who has most knowledge of different areas, like php, zap, shell-scripts, etc.
who has the best skills (ie hands-on) with specific software.
what area would the member best like to strengthen and what agitates them doing.
tactical layer
==============
handles mission planning since this is recon, attack, recon, attack and so on they decide best path to cut down time consumed on decision making.
strategic layer
===============
handles long term campaigns, choosing overall targets and choosing which areas - new techniques, example - internal knowledge that should receive focus.
wolfpack tactic
===============
this should make the basis for an unit that employs wolfpack tactics. it is so easy (with shared info on shared "hack"-servers) to add new personnel to an ongoing mission. and since everyone is making their own decisions within mission paramaters this is a very effeective method of organization. furthermore one can always re-assign unit members so that the strongest unit is presented for each "project".
every single member of the wolfpack knows the other members strengths and weaknesses. this tactic utilizes the way wolfpacks hunt.
shark tactic
============
get the target to focus attention on a single point and then attack (more or less) at random imitating a group of sharks floating by and each ripping a piece out of the target.
burst-fire hacking
==================
using the terminal can be tedious (you have to type a lot) so use scripts, aliases, functions and environment variables. also use tabs to seperate different tasks. it's easier to remember TARGET_IP_PRIMARY and TARGET_IP_SECONDARY than which ip is which target.
tools of the trade
==================
the computer is the gun and software the little pieces of ammunition you load it with. the os is more like a toolbox. a "hack"-server is a good idea to have running. it runs the software utilized by the unit and one connects to the servers and use port#'s to select the piece of program used.
old school techniques
=====================
you don't need a classy piece of software to send an email from everyone to everyone (you need access to the targets inbox to read any reply) just a smtp-gate and telnet.
it is paramount that info on techniques and related knowledge is shared widely and freely within the group to make everyone stronger.
Friday, February 27, 2015
hivemind
How the internet was born. Chaos at work. Man’s first God was fire. But it was not enough that our tribe had fire. No, we had to take our neighbors fire too or destroy it. Seriously. Haven’t we evolved past that. I mean 150.000 years have passed and it’s just the same.
How it escaped from the nerds to the masses. When the Amiga came anybody could get that arcade feeling at home. When the internet became widely available an explosion hit our world. One that will echo through history. A global communications and information network was born. Now it’s a vast ever growing, ever changing virtual entity comprised of all human knowledge.
How we all created it. Everyone laid their bricks or brick. No matter the size of the contribution it still enriched the world wide web. And the internet is fueled by information flowing freely.
A very vice man once said: “Information wants to be free!”
Today I shout: “Information must be free!”
It solves problems. Not just communication or distribution of media. But truth – dictators do have a harder time manipulating and controlling people. Excessive monitoring is a problem though. We get to that later.
“In a world where information is the most priced possession any hacker is a god.” No. Not quite. Some are, but most are just a damned inconvenience.
Good or evil – a matter of conviction. Terrorists, fascists, hackers, criminals, freedoms fighters, cyber-soldiers. Just our world reaching out to the internet. Who cares about kilobytes in a terra-byte world? Anybody with a keen eye. Do not fear those motivated by money. They rip your account and they’re done. The dangerous ones are those that are driven. Idealists. Crusaders. A good hacker is someone who creates a tool for the specific job or modify existing tools to solve the mystery in sight. That, and simplicity in design. Last but most important: “Use the source, g33k” Anyway. A hacker is traditionally perceived as someone who has an urge to learn everything there is to learn about computer-networks. Some may be. I don’t know. Me, I’m not. I am an uncompromising manipulating predator relying on stealth and deception. I do it, well, because I can. And it’s about the only thing I’m really good at. And I’m not super good at that either. I just love to create chaos and disorder. Disassemble the walls of society. Stick it to the world.
Piracy. The end of entertainment. No. There has been piracy from the second it was possible to duplicate someone else work. The tape recorder did not become the death of musicians or record companies. The VCR did not bring the fall of Hollywood. When tv became widely available doom prophets claimed it would kill the radio. Apparently it didn’t. But in reality if I take my acoustic guitar and start jamming in public. I’m just rockin’ out hard with “Hell bent for leather”. But if I did not get a written permission to do so I have become a criminal. Piracy do harm the industry but it has always been there. I have become more of a customer over the years due to better income and not always being at the front row of a concert. And I can download right now. Today I usually check out an “internet edition” and the ones I keep I mostly end up buying. Movies, I have a lot. But most of my collection are series from the 80’es and 90’es. And all the new ones I have seen in a cinema. And there is only one way to download most of what I like. Last one downloaded was “Shogun” from 1980. Last “larger” expense was “Diablo 3”. What a rip-off! Blizzard, that was not nice. But to be fair, I did wait from like 2007 for this game so no matter what it could not meet my expectations. Actually. All the things I have done in my life, the things in which I take great pride were never my own. I did not invent a single thing. I merely adapted others work to fit my world. But I did create an alternative. I broadened our world in a very small manner. And I think that that is humans defining attribute. That ability has lead us to this very moment. And it will long after we are gone and all this is but nothing in eternity. Why monopolize it?
If patents had been around when the first shovel came to existence 1 person would sit in a hole protecting the tool and anybody else would look for the functionality of a shovel just as long as it doesn’t appear to be one.
Social media. the newest product? But if we think we are the customer we are wrong. We produce the product. All those intimate details we share, that is the product. You can’t force someone to shut up and you can’t force someone to listen. But that, we all share. That’s the true value of the internet. Here we meet as equals because we meet on the same basis. Same opportunities. It’s quite simple. We deserve equal rights and opportunities. But we are not equal as in a mathematical equation. Some are strong. Some are not. Some are smart. Some are not. Some are hot. Some are not. Some are women. Some are not. Some are men. Some are not. We are not the same. We just have similar designs. We are like a trillion different versions of the same old buggy code.
Innovation? If the only new thing about it is in the form of we haven’t seen you in that dress before, then, who cares. If it has no real value but that of being only for a select few why even care. Does it concern me. No. It does not! So why the fuck do I have to read about it in adds? And they can bill me for my dreams.
Networking. The next big religion. Well. I know God or any God is not in the computer. But the teachings of any religion is very much present on the internet. People connect, share across borders, politics, religion, sex. Here we find understanding, tolerance and acceptance. Groups show you that you are not alone. You are not the only one struck by a terrible curse or having brilliant ideas. You are just a human. No more no less. We perceive the world through the internet. I prefer the written word. I like to construct sentences and see meaning come to life. Also because I have ADHD I can be pretty fired-up about something and that kills the meaning of what I want to say. It’s like counting the bullets from a stuck Gatling-gun.
Commercialization. Assimilation is not integration. Why do we choose the internet over tv as entertainment? Because it is real? Until money becomes the issue? Will it suffer the same fate as cinema, radio, tv? Ending up another pass-time experience? No it won’t. The underground is present on the internet and will always be so. It’s all about alternatives and if you are the only option it’s not really freedom of choice, is it? There will always be some tech-anarchist saying: we don’t want to be a part of that. And some of these people would rather give away their most brilliant ideas for free to benefit the masses. Not just some corporate board members pockets. But these people won’t run adds on prime time tv. You have to look for it. There’s freedom of choice for you. Free means it’s there. It’s available. It’s just not something you’ll find in stores. All human information is there. And it should be. And it should be widely available.
Excessive monitoring and logging. The death of the internet? No, I do not believe that. There will always be ways to hide your identity and traffic. I don’t think we should worry about all that information the governments and intelligence services of the world has stored and analysed. At least we shouldn’t fear what it could be abused for. Science fiction does that job very well. We should worry what it is actually used for. Because every time the subject comes up those with knowledge of what is happening say: “I can’t go into that.” Or they simply say nothing. I think it’s funny that when someone mentions the idea of investigating, say the financial sector, the medical sector, whatever, these sectors always come back with an answer saying we’ve already looked into it, there’s nothing to raise an eyebrow over. But when the talk falls on vpns, encryption, darknets, the like my defense is mandatory all of a sudden. And I say: yeah, I use encrypted connections. I even try to push my non-geekie friends to at least encrypt their mails and use a proxy when getting not-supposed-to-be-free stuff. So, yeah. It’s only the true innocent who doesn’t have a problem with somebody looking over their shoulder. Innocence is something we grow out off. Sadly.
CyberWar? Well. We do know a lot about methods, strategies, software because this is a very public war. We are all wired into the battlefield. We see the results all over the world. Only one way not to get fucked hard in the a-hole: be open of your methods and tools. Don’t reveal specific details. But always bare in mind that everything that must not get out in the open always end up being out in the open and then it is just to late to deny or cover it up. Damage done. Your opponent dealt you a devastating blow. In reality CyberWar is won or lost by the support of your people. When you loose your way and start thinking inwards for protection your own people become the enemy and then you have lost all. But really: This is one of those things I personally think should be considered one of life’s great lessons: “If it’s on a computer, eventually, it will get loose.” You want privacy and safety? Two words “Go offline”. But with the public very much aware the pursuit of pre-empetive retaliation is not worth the thinking. As stated earlier it’s a public war. And if you are righteous – on the side of good – you must put great distance between you and your foe. You can’t say we are the good guys and then do something far worse than your opponent. Lie! Deny your people the truth. Feed them shit that keep them aggravated against some unseen force. If you become the very same thing you wowed to destroy you have lost. Personally I would love to go back to ancient times in questions of war. When armies met on some distant battlefield. When generals lead the battle on the field. Then politicians could have their profitable wars. And those who would could seek out honor and fame. And the rest of us would just have peace.
Threats lurking: big data – and by big we are talking beyond comprehension, we’re talking more drives than I can fit in my shoe closet. Backup is not possible for these systems. The amounts of data are too large. The complexity to vast. And there is not a source-tree that get you back all that data stockpiling over the years. And data is money. I mean erasing it would accomplish nothing more than aggravating ones peers. But to manipulate it that is the key. Example: I don’t like my bank. I write a virus (actually a dbms-trigger) that alters updates in the database so that at a glance everything checks out but when the annual books are reviewed all hell is loose. Not good for a bank to deliver the annual report with notes. It could be a good tactic to annoy intelligence services data retention too. Poison13 would be a good name, I think.
cloud-computing: all your personal info in the hands of a private cut-throat corp. nice. i don't mind that some company knows what i'm buying for dinner because i use an reminder on a cell. but when they start to harvest that data to sell to add-companies to spam me i think it's too much.
Always near. With tablets killing off the remnants of the old way of thinking computers you have your board with you. When you get home it connects to your wireless keyboard, tv or tvs, stereo or whatever. I don’t know about you but I can’t wait! Wireless audio and no fans or static chip-noise to make the slightest impact on the sound… Not that I would actually be able to hear it since I mostly play Metal on a Marshall 100w tube-amp on 11.
But how did it all start for me? Well, it started when I fell in love with computer games. I had this urge to cheat so I learned assembler, debuggers. My first steps as a hacker was taken.
But I think that future generations will see themselves as inhabitants of a planet due the nature of the Internet. I think world-parties will arise. It already have with “Pirate Party”. Maybe one day we will begin to see ourselves as unique individuals in a collective with our slogan being:
one planet
one world
one people
“Don’t explain the logic. Share the dream, your vision. Let me discover it’s wisdom on my own. That’s where the magic’s at. In comparison, the rest is merely tedious details.”
I got the inspiration for this book partly by the media sector’s – lead by record- and movie- companies – relentless efforts to control how we use media. Also Al-Jazeera’s “Controlling the web” gave some inspiration. So did videos and tweets posted by individuals and groups. They be commentators for tech magazines. They be hacktivists.
I won’t make any links or references to anything. If you disagree or don’t believe me look it up yourself. Don’t rely on my word or my sources. Find your own. That is what the Internet is there for.
This is not a hint. This is an open comment on the affairs of the world today. It is my way of saying that I am tired of politicians caring more for corporate profit than the rights of the people they serve.
Any actual or insinuated name references or reference to any one person, group of persons or any brand is purely intentional and deliberate. so if you don’t like me calling you greedy, self-righteous (like me), ignorant, whining (again like me) or arrogant… Well, we are. And we’re dicks!
If this pisses you off write a book. I did…
*** and by "book" i mean a written text larger than one page :-)
How it escaped from the nerds to the masses. When the Amiga came anybody could get that arcade feeling at home. When the internet became widely available an explosion hit our world. One that will echo through history. A global communications and information network was born. Now it’s a vast ever growing, ever changing virtual entity comprised of all human knowledge.
How we all created it. Everyone laid their bricks or brick. No matter the size of the contribution it still enriched the world wide web. And the internet is fueled by information flowing freely.
A very vice man once said: “Information wants to be free!”
Today I shout: “Information must be free!”
It solves problems. Not just communication or distribution of media. But truth – dictators do have a harder time manipulating and controlling people. Excessive monitoring is a problem though. We get to that later.
“In a world where information is the most priced possession any hacker is a god.” No. Not quite. Some are, but most are just a damned inconvenience.
Good or evil – a matter of conviction. Terrorists, fascists, hackers, criminals, freedoms fighters, cyber-soldiers. Just our world reaching out to the internet. Who cares about kilobytes in a terra-byte world? Anybody with a keen eye. Do not fear those motivated by money. They rip your account and they’re done. The dangerous ones are those that are driven. Idealists. Crusaders. A good hacker is someone who creates a tool for the specific job or modify existing tools to solve the mystery in sight. That, and simplicity in design. Last but most important: “Use the source, g33k” Anyway. A hacker is traditionally perceived as someone who has an urge to learn everything there is to learn about computer-networks. Some may be. I don’t know. Me, I’m not. I am an uncompromising manipulating predator relying on stealth and deception. I do it, well, because I can. And it’s about the only thing I’m really good at. And I’m not super good at that either. I just love to create chaos and disorder. Disassemble the walls of society. Stick it to the world.
Piracy. The end of entertainment. No. There has been piracy from the second it was possible to duplicate someone else work. The tape recorder did not become the death of musicians or record companies. The VCR did not bring the fall of Hollywood. When tv became widely available doom prophets claimed it would kill the radio. Apparently it didn’t. But in reality if I take my acoustic guitar and start jamming in public. I’m just rockin’ out hard with “Hell bent for leather”. But if I did not get a written permission to do so I have become a criminal. Piracy do harm the industry but it has always been there. I have become more of a customer over the years due to better income and not always being at the front row of a concert. And I can download right now. Today I usually check out an “internet edition” and the ones I keep I mostly end up buying. Movies, I have a lot. But most of my collection are series from the 80’es and 90’es. And all the new ones I have seen in a cinema. And there is only one way to download most of what I like. Last one downloaded was “Shogun” from 1980. Last “larger” expense was “Diablo 3”. What a rip-off! Blizzard, that was not nice. But to be fair, I did wait from like 2007 for this game so no matter what it could not meet my expectations. Actually. All the things I have done in my life, the things in which I take great pride were never my own. I did not invent a single thing. I merely adapted others work to fit my world. But I did create an alternative. I broadened our world in a very small manner. And I think that that is humans defining attribute. That ability has lead us to this very moment. And it will long after we are gone and all this is but nothing in eternity. Why monopolize it?
If patents had been around when the first shovel came to existence 1 person would sit in a hole protecting the tool and anybody else would look for the functionality of a shovel just as long as it doesn’t appear to be one.
Social media. the newest product? But if we think we are the customer we are wrong. We produce the product. All those intimate details we share, that is the product. You can’t force someone to shut up and you can’t force someone to listen. But that, we all share. That’s the true value of the internet. Here we meet as equals because we meet on the same basis. Same opportunities. It’s quite simple. We deserve equal rights and opportunities. But we are not equal as in a mathematical equation. Some are strong. Some are not. Some are smart. Some are not. Some are hot. Some are not. Some are women. Some are not. Some are men. Some are not. We are not the same. We just have similar designs. We are like a trillion different versions of the same old buggy code.
Innovation? If the only new thing about it is in the form of we haven’t seen you in that dress before, then, who cares. If it has no real value but that of being only for a select few why even care. Does it concern me. No. It does not! So why the fuck do I have to read about it in adds? And they can bill me for my dreams.
Networking. The next big religion. Well. I know God or any God is not in the computer. But the teachings of any religion is very much present on the internet. People connect, share across borders, politics, religion, sex. Here we find understanding, tolerance and acceptance. Groups show you that you are not alone. You are not the only one struck by a terrible curse or having brilliant ideas. You are just a human. No more no less. We perceive the world through the internet. I prefer the written word. I like to construct sentences and see meaning come to life. Also because I have ADHD I can be pretty fired-up about something and that kills the meaning of what I want to say. It’s like counting the bullets from a stuck Gatling-gun.
Commercialization. Assimilation is not integration. Why do we choose the internet over tv as entertainment? Because it is real? Until money becomes the issue? Will it suffer the same fate as cinema, radio, tv? Ending up another pass-time experience? No it won’t. The underground is present on the internet and will always be so. It’s all about alternatives and if you are the only option it’s not really freedom of choice, is it? There will always be some tech-anarchist saying: we don’t want to be a part of that. And some of these people would rather give away their most brilliant ideas for free to benefit the masses. Not just some corporate board members pockets. But these people won’t run adds on prime time tv. You have to look for it. There’s freedom of choice for you. Free means it’s there. It’s available. It’s just not something you’ll find in stores. All human information is there. And it should be. And it should be widely available.
Excessive monitoring and logging. The death of the internet? No, I do not believe that. There will always be ways to hide your identity and traffic. I don’t think we should worry about all that information the governments and intelligence services of the world has stored and analysed. At least we shouldn’t fear what it could be abused for. Science fiction does that job very well. We should worry what it is actually used for. Because every time the subject comes up those with knowledge of what is happening say: “I can’t go into that.” Or they simply say nothing. I think it’s funny that when someone mentions the idea of investigating, say the financial sector, the medical sector, whatever, these sectors always come back with an answer saying we’ve already looked into it, there’s nothing to raise an eyebrow over. But when the talk falls on vpns, encryption, darknets, the like my defense is mandatory all of a sudden. And I say: yeah, I use encrypted connections. I even try to push my non-geekie friends to at least encrypt their mails and use a proxy when getting not-supposed-to-be-free stuff. So, yeah. It’s only the true innocent who doesn’t have a problem with somebody looking over their shoulder. Innocence is something we grow out off. Sadly.
CyberWar? Well. We do know a lot about methods, strategies, software because this is a very public war. We are all wired into the battlefield. We see the results all over the world. Only one way not to get fucked hard in the a-hole: be open of your methods and tools. Don’t reveal specific details. But always bare in mind that everything that must not get out in the open always end up being out in the open and then it is just to late to deny or cover it up. Damage done. Your opponent dealt you a devastating blow. In reality CyberWar is won or lost by the support of your people. When you loose your way and start thinking inwards for protection your own people become the enemy and then you have lost all. But really: This is one of those things I personally think should be considered one of life’s great lessons: “If it’s on a computer, eventually, it will get loose.” You want privacy and safety? Two words “Go offline”. But with the public very much aware the pursuit of pre-empetive retaliation is not worth the thinking. As stated earlier it’s a public war. And if you are righteous – on the side of good – you must put great distance between you and your foe. You can’t say we are the good guys and then do something far worse than your opponent. Lie! Deny your people the truth. Feed them shit that keep them aggravated against some unseen force. If you become the very same thing you wowed to destroy you have lost. Personally I would love to go back to ancient times in questions of war. When armies met on some distant battlefield. When generals lead the battle on the field. Then politicians could have their profitable wars. And those who would could seek out honor and fame. And the rest of us would just have peace.
Threats lurking: big data – and by big we are talking beyond comprehension, we’re talking more drives than I can fit in my shoe closet. Backup is not possible for these systems. The amounts of data are too large. The complexity to vast. And there is not a source-tree that get you back all that data stockpiling over the years. And data is money. I mean erasing it would accomplish nothing more than aggravating ones peers. But to manipulate it that is the key. Example: I don’t like my bank. I write a virus (actually a dbms-trigger) that alters updates in the database so that at a glance everything checks out but when the annual books are reviewed all hell is loose. Not good for a bank to deliver the annual report with notes. It could be a good tactic to annoy intelligence services data retention too. Poison13 would be a good name, I think.
cloud-computing: all your personal info in the hands of a private cut-throat corp. nice. i don't mind that some company knows what i'm buying for dinner because i use an reminder on a cell. but when they start to harvest that data to sell to add-companies to spam me i think it's too much.
Always near. With tablets killing off the remnants of the old way of thinking computers you have your board with you. When you get home it connects to your wireless keyboard, tv or tvs, stereo or whatever. I don’t know about you but I can’t wait! Wireless audio and no fans or static chip-noise to make the slightest impact on the sound… Not that I would actually be able to hear it since I mostly play Metal on a Marshall 100w tube-amp on 11.
But how did it all start for me? Well, it started when I fell in love with computer games. I had this urge to cheat so I learned assembler, debuggers. My first steps as a hacker was taken.
But I think that future generations will see themselves as inhabitants of a planet due the nature of the Internet. I think world-parties will arise. It already have with “Pirate Party”. Maybe one day we will begin to see ourselves as unique individuals in a collective with our slogan being:
one planet
one world
one people
“Don’t explain the logic. Share the dream, your vision. Let me discover it’s wisdom on my own. That’s where the magic’s at. In comparison, the rest is merely tedious details.”
I got the inspiration for this book partly by the media sector’s – lead by record- and movie- companies – relentless efforts to control how we use media. Also Al-Jazeera’s “Controlling the web” gave some inspiration. So did videos and tweets posted by individuals and groups. They be commentators for tech magazines. They be hacktivists.
I won’t make any links or references to anything. If you disagree or don’t believe me look it up yourself. Don’t rely on my word or my sources. Find your own. That is what the Internet is there for.
This is not a hint. This is an open comment on the affairs of the world today. It is my way of saying that I am tired of politicians caring more for corporate profit than the rights of the people they serve.
Any actual or insinuated name references or reference to any one person, group of persons or any brand is purely intentional and deliberate. so if you don’t like me calling you greedy, self-righteous (like me), ignorant, whining (again like me) or arrogant… Well, we are. And we’re dicks!
If this pisses you off write a book. I did…
*** and by "book" i mean a written text larger than one page :-)
Saturday, January 3, 2015
a bit about hacking
INTELLIGENCE GATHERING
how find info without someone monitoring my connection getting suspicious
find fast new https proxy (any other proxy is not encrypted)
start a huge torrent dl. use a lot of connections. dl’ing a complete linux distro with sources should give you the time needed.
and then “clean” your log-files. your isp have logs of your connections and the amount of data transferred even if using encrypted lines.
bounce scans through same proxy
isp will see a lot of encrypted traffic but nothing that can be identified
FOOL SOMEONE SCANNING / ATTACKING ME
setup router to vm
multiple vm's and change between them… confuse
xp + apache + ms sql
red hat + tomcat + oracle
7 + iis + access
freebsd + apache + mysql +ftpd
A proven effective tactic is to say a lot of shit so when I do spill it nobody gives a shit. Everybody will say: "Oh! More shit from him. He can't be trusted." But hard evidence always prevail.
MAKE IT HARDER - CHAINED PROXY'ING
Normally chained proxy'ing would require some form of influence on the proxy server's configuration.
This is more like chained proxy'ing lite. But everyone looking will follow the proxy then the vpn and then they realise they wasted their time.
VPN, then tunnel an encrypted free / public proxy through it
always use a proxy for backup if vpn goes offline real ip is exposed. socks5 for speed https for privacy
*** SOLVED: dns dropped when vpn goes offline. traffic halted
******* GOOD PRACTICES
NEVER EVER USE CELL FOR THIS SHIT
IF TIME IS NOT IMPORTANT: REMOVE PARTITIONS ON OLD HDD AND MAKE NEW ONES, BUT MAKE IT ENCRYPTED. THE INITIAL ENCRYPTION SETUP
ON THE HDD WILL OVERWRITE EVERYTHING ON THE DISK. HATE WASTING A DRIVE :-)
do not store key-files (gpg etc) in keychains. install’em when needed and remove when done. at least if you are involved in
something you weren’t suppose to be doing but in fact is the right thing to do.
REMOVE ALL INFORMATION FROM PROXY SETUP ETC. IF I’M CAUGHT THEY STILL HAVE TO PROVE ME GUILTY
primary rule of engagement: be prepared. be scared
always have more than one connection available. not from the same isp but from different ones
a good practice could be to make bogus posts on known hacker boards. if you can get identified hackers to say “nice one but do you actually code?” the feds will most likely label you a wannabe hacker hang-around. the important thing is that they do not see you as a threat. even though top100 could be sweet it is the downfall of any good hacker
using standard language files to hide shell-code on a webserver
this one is so hard. avoid temptations of provocations. especially against intelligence services. after all they are primary threat unless you fuck with organized crime syndicates as they will kill you if they find you or worse force to work for them. no matter you’re screwed
watch public channels of known hacker groups. when they prepare for attack so do i. intelligence services will have their attention on ex. anonymous not me.
if contact is needed create a very temporary email address like “sdhgfjksahgfiuq2ye43” or similar and delete when your done. delete every mail in every box. empty trash. THEN delete the account. in fact always use a newly-created account for anything.
when done kill all log,tmp,swap as possible to give away no intel
if suspecting a keylogger active use history ( !x | grep), scripts, other automation methods
also to avoid logs. maybe read-only guest access with all shit on a ramdrive in system memory
*** MUST TRY
use squid to branch out connections. proxifier for mac works great at this
example:
firefox through vpn just to check target
terminal through i2p as httpproxy
nessus through tor as socks5
safari through zap
**
** tried. works. just dandy :-)
**
this should conceal not only my identity but also my true numbers since log files will show that the attack had been coordinated and happened simultaneously from multiple locations…
BURST-FIRE HACKING RULES :-)
*** END MT ***
maybe timer-based scripts to ensure deletion of files with possible intel of me i.e. log-files
*** CREDIT CARDS ***
have one card in one bank used for payments, internet buy, etc
have your regular accounts in another bank. transfer money when needed
that way even if your “public” card is exposed no harm they get a few dimes. fuck’em
*** END CREDIT CARDS ***
*** encrypted drives ***
i use it. internal and external. why make 2 different choices?
mental note: passware claims they can decrypt any computer. well. yes if it has not been shut down.
and apparently they have some difficulties with their facts. i perceive it as this:
they can do a memory extraction (from system memory through firewire or by attacking the swapfile) but their
example only allows for 3 or 4 gb extractions. and there are some problems with the file being to large
for good old win(32-bit). 64-bit shouldn’t have this problem.
but i have 16 gb of memory in my macbook pro 17” (late 2011) and virtually no swap-file (it’s always 0 mb out of 64 mb).
the swapfile is the one thing on my computer not armored with mathemagics.
the reason why i leave it unencrypted is that - i think, i hope, i pray - that the os won’t store “sensitive” info in the swapfile. it always take a few mb’s when it’s encrypted. i haven’t got any real proof but it’s a nice illusion.
but other intel points out that you are damn stupid if you crack your cell.
it opens up pandora’s shit-box of retrieving plist files with unencrypted pw’s. nice one
so in fact they can’t do shit as long as one remember to shut down when the computer is not in use.
also my cpu has aes-ni from intel which does the encrypting/decrypting virtually without memory lookups. off course the file has to be read from somewhere (the recovery partition). but tapping into memory is not as easy as tapping someones wifi.
and people pay these idiots? extract and decrypt my hairy tits .|..
ps: why pay $1000 for a piece of crap when the best in russian cyber-tech goes at half the price?
*** end encrypted devices ***
*** encryption keys ***
never send public keys using the email address they are linked to
gives your mail supplier an easy way to peep
and we all know how well the justice system works especially with “secret” judges
*** end encryption keys ***
connection rules
use random selection of vpn-servers. choose proxies per case.
setup laptop -> i2p/tor/ka+- -> vpn (use vpn proxy settings) and use 2 different ciphers
setup attack/fuzz/dynamic proxy -> tor/ka+/i2p (vpn is tunnel over these)
setup system proxies to desired attack-proxy
anon-net takes over when vpn ends. should take care of the honeypot issue
this way anon-net knows not your vpn and vice versa. should make it near impossible to trace me. up yours, loggers!
also if using a proxy for the vpn your vpn provider will not know your true ip
also it is vice to have vpn not restore original network settings (dns etc) so that connection is rendered utterly useless if vpn fails. nothing out. nothing in. this is to ensure that non-encrypted traffic never leaves the computer.
if having that feeling when "doing what you have to do to do be able to do what you do" better pull the internet cable. never use connects using wifi or bluetooth.
it is much faster to pull the connecting cable (incl 3g/4g usb dongles) than to log out and shutdown everything.
always have a powerful (mine is 750kv) stun gun to ensure data extraction will not be easy. zap all devices. tablets, cells, drives, laptops, modems, everything… oh yeah, always use fresh batteries
check what ip is broadcasted from web and terminal. "curl http://checkip.dyndns.org" or "curl http://showip.net | grep check_ip". and for the sheer provocation "whois pet.dk". the only usable information you get is your own public ip so who is pet? you :-)
always disable and delete logfiles on target. give them as little intel as possible
when communicate always use only small letters with no classic hacker 1337-shit like "h4ck" and never overuse any punctuation ("" ok) smileys -== ..|, -\|/-
furthermore to hide my true nationality use machine translations
never name names always name systems or sector. but again, if it increases success rate do it as in the ad’s
password policy is make them hard to remember to ensure that they are forgotten once in a while so that a new one is mandatory. just press “forgot password” every other day. hacking mail accounts is so damn easy for those pursuing that fine art.
how find info without someone monitoring my connection getting suspicious
find fast new https proxy (any other proxy is not encrypted)
start a huge torrent dl. use a lot of connections. dl’ing a complete linux distro with sources should give you the time needed.
and then “clean” your log-files. your isp have logs of your connections and the amount of data transferred even if using encrypted lines.
bounce scans through same proxy
isp will see a lot of encrypted traffic but nothing that can be identified
FOOL SOMEONE SCANNING / ATTACKING ME
setup router to vm
multiple vm's and change between them… confuse
xp + apache + ms sql
red hat + tomcat + oracle
7 + iis + access
freebsd + apache + mysql +ftpd
A proven effective tactic is to say a lot of shit so when I do spill it nobody gives a shit. Everybody will say: "Oh! More shit from him. He can't be trusted." But hard evidence always prevail.
MAKE IT HARDER - CHAINED PROXY'ING
Normally chained proxy'ing would require some form of influence on the proxy server's configuration.
This is more like chained proxy'ing lite. But everyone looking will follow the proxy then the vpn and then they realise they wasted their time.
VPN, then tunnel an encrypted free / public proxy through it
always use a proxy for backup if vpn goes offline real ip is exposed. socks5 for speed https for privacy
*** SOLVED: dns dropped when vpn goes offline. traffic halted
******* GOOD PRACTICES
NEVER EVER USE CELL FOR THIS SHIT
IF TIME IS NOT IMPORTANT: REMOVE PARTITIONS ON OLD HDD AND MAKE NEW ONES, BUT MAKE IT ENCRYPTED. THE INITIAL ENCRYPTION SETUP
ON THE HDD WILL OVERWRITE EVERYTHING ON THE DISK. HATE WASTING A DRIVE :-)
do not store key-files (gpg etc) in keychains. install’em when needed and remove when done. at least if you are involved in
something you weren’t suppose to be doing but in fact is the right thing to do.
REMOVE ALL INFORMATION FROM PROXY SETUP ETC. IF I’M CAUGHT THEY STILL HAVE TO PROVE ME GUILTY
primary rule of engagement: be prepared. be scared
always have more than one connection available. not from the same isp but from different ones
a good practice could be to make bogus posts on known hacker boards. if you can get identified hackers to say “nice one but do you actually code?” the feds will most likely label you a wannabe hacker hang-around. the important thing is that they do not see you as a threat. even though top100 could be sweet it is the downfall of any good hacker
using standard language files to hide shell-code on a webserver
this one is so hard. avoid temptations of provocations. especially against intelligence services. after all they are primary threat unless you fuck with organized crime syndicates as they will kill you if they find you or worse force to work for them. no matter you’re screwed
watch public channels of known hacker groups. when they prepare for attack so do i. intelligence services will have their attention on ex. anonymous not me.
if contact is needed create a very temporary email address like “sdhgfjksahgfiuq2ye43” or similar and delete when your done. delete every mail in every box. empty trash. THEN delete the account. in fact always use a newly-created account for anything.
when done kill all log,tmp,swap as possible to give away no intel
if suspecting a keylogger active use history ( !x | grep), scripts, other automation methods
also to avoid logs. maybe read-only guest access with all shit on a ramdrive in system memory
*** MUST TRY
use squid to branch out connections. proxifier for mac works great at this
example:
firefox through vpn just to check target
terminal through i2p as httpproxy
nessus through tor as socks5
safari through zap
**
** tried. works. just dandy :-)
**
this should conceal not only my identity but also my true numbers since log files will show that the attack had been coordinated and happened simultaneously from multiple locations…
BURST-FIRE HACKING RULES :-)
*** END MT ***
maybe timer-based scripts to ensure deletion of files with possible intel of me i.e. log-files
*** CREDIT CARDS ***
have one card in one bank used for payments, internet buy, etc
have your regular accounts in another bank. transfer money when needed
that way even if your “public” card is exposed no harm they get a few dimes. fuck’em
*** END CREDIT CARDS ***
*** encrypted drives ***
i use it. internal and external. why make 2 different choices?
mental note: passware claims they can decrypt any computer. well. yes if it has not been shut down.
and apparently they have some difficulties with their facts. i perceive it as this:
they can do a memory extraction (from system memory through firewire or by attacking the swapfile) but their
example only allows for 3 or 4 gb extractions. and there are some problems with the file being to large
for good old win(32-bit). 64-bit shouldn’t have this problem.
but i have 16 gb of memory in my macbook pro 17” (late 2011) and virtually no swap-file (it’s always 0 mb out of 64 mb).
the swapfile is the one thing on my computer not armored with mathemagics.
the reason why i leave it unencrypted is that - i think, i hope, i pray - that the os won’t store “sensitive” info in the swapfile. it always take a few mb’s when it’s encrypted. i haven’t got any real proof but it’s a nice illusion.
but other intel points out that you are damn stupid if you crack your cell.
it opens up pandora’s shit-box of retrieving plist files with unencrypted pw’s. nice one
so in fact they can’t do shit as long as one remember to shut down when the computer is not in use.
also my cpu has aes-ni from intel which does the encrypting/decrypting virtually without memory lookups. off course the file has to be read from somewhere (the recovery partition). but tapping into memory is not as easy as tapping someones wifi.
and people pay these idiots? extract and decrypt my hairy tits .|..
ps: why pay $1000 for a piece of crap when the best in russian cyber-tech goes at half the price?
*** end encrypted devices ***
*** encryption keys ***
never send public keys using the email address they are linked to
gives your mail supplier an easy way to peep
and we all know how well the justice system works especially with “secret” judges
*** end encryption keys ***
connection rules
use random selection of vpn-servers. choose proxies per case.
setup laptop -> i2p/tor/ka+- -> vpn (use vpn proxy settings) and use 2 different ciphers
setup attack/fuzz/dynamic proxy -> tor/ka+/i2p (vpn is tunnel over these)
setup system proxies to desired attack-proxy
anon-net takes over when vpn ends. should take care of the honeypot issue
this way anon-net knows not your vpn and vice versa. should make it near impossible to trace me. up yours, loggers!
also if using a proxy for the vpn your vpn provider will not know your true ip
also it is vice to have vpn not restore original network settings (dns etc) so that connection is rendered utterly useless if vpn fails. nothing out. nothing in. this is to ensure that non-encrypted traffic never leaves the computer.
if having that feeling when "doing what you have to do to do be able to do what you do" better pull the internet cable. never use connects using wifi or bluetooth.
it is much faster to pull the connecting cable (incl 3g/4g usb dongles) than to log out and shutdown everything.
always have a powerful (mine is 750kv) stun gun to ensure data extraction will not be easy. zap all devices. tablets, cells, drives, laptops, modems, everything… oh yeah, always use fresh batteries
check what ip is broadcasted from web and terminal. "curl http://checkip.dyndns.org" or "curl http://showip.net | grep check_ip". and for the sheer provocation "whois pet.dk". the only usable information you get is your own public ip so who is pet? you :-)
always disable and delete logfiles on target. give them as little intel as possible
when communicate always use only small letters with no classic hacker 1337-shit like "h4ck" and never overuse any punctuation ("" ok) smileys -== ..|, -\|/-
furthermore to hide my true nationality use machine translations
never name names always name systems or sector. but again, if it increases success rate do it as in the ad’s
password policy is make them hard to remember to ensure that they are forgotten once in a while so that a new one is mandatory. just press “forgot password” every other day. hacking mail accounts is so damn easy for those pursuing that fine art.
one other thing: use scripts, functions and aliases to speed up.
less unsafe network
safe servers network
********************
*** edit: “safe” implies “less unsafe” ***
every desktop machine has exactly the same software (even if not used by the user) in the same versions. cuts down 2nd-line support. and if a problem is solved on one machine it is solved on them all. example: an exploit becomes known. fix it one place and it’s fixed all over. also makes adding new machines easy as 1-2-go
two “dead-man-switches”
1. cuts connection to the grid (kills routers). this way key-loggers etc don’t call home
2. cuts bridges to server farm. if a virus is loos on the intra protect the servers. data is vital. not desktops.
this cannot be emphasized enough: there are no automatics on a secure network. none! it's always a good idea to lookup problems before installing an update.
servers who needs to be accessible from outside should be isolated on their own connection. this means that all machines on the inside of the network (lan) will have their own connection. so, at least 2 connections are required. this is a public/private seperation. it may seem like overkill but it allows that the router (internet access point) on the private part can have it's dmz redirect inbound traffic to a non-existing ip. administration on the public part is done through 22h ot a webbased interface.
no wi-fi allowed. no equip leaves building. none gets in (people must lock their cells in).
these will very soon be the really big exploit in the very near future (it’s already happening) and the potential for a major fuck-up is ludicrous
each server-function is located on ONE server each (i.e. web on one, maybe 4 * 1 dbms).
only mandatory ports are open on each firewall. if a machine does not need to do dns-lookups udp/tcp53/993 etc is sealed. also fw’s should be in stealth mode not answering icmp request.
if an extra measure is required use different versions of the software. every software has holes. but every version has different holes. no vm’s. if the vm is compromised, the host and every vm on it is compromised too.
a public server should be made completely cut-off from the real intra. all adm, updates, etc should be made through the internet. any public facing server is a drop of guard that is not needed. it will be hacked. a web-server alone is paramount to be compromised. add an underlying dbms and all bets are off. there is none. also it could be useful for data gathering of just how clever these little sob’s have gotten. kids are getting smart these days. just for the lulz
a multi-line internet connection would be nice too. the more ip’s the merrier. it still has to go through one tiny hole to get in or out
oh yeah. a couple of 3g/4g connections would be apt to have in store in case of a full-scale breach. why cut totally off. cunning panic is not panic. merely vigilance
** edit ***
it is impossible to uphold a directive that nothing comes in contact with the outside world. any device that has left the building - unlike Elvis who’s still ghosting around somewhere - that device becomes contaminated. before going in and back out it must be cleansed. that means that any documents stored locally will not enter servers. instead one must apply cloud-tech and very heavily encrypted connections. speed is not an issue so i guess that leaves pretty much up to the imagination. i think there are some american laws that prohibits too strong encryption, i think it boils down to that they want to ensure their experts can crack it. but i don’t see any right of anybody to interfere how an organisation or a group of individuals run their private networks.
have a hardware based system where the machine shuts down if the webcam is blocked
nothing is done automatic on a secure network. not updates. not access (no saved passwords). not nothing. and i literally mean the void of total absence of anything remotely not caused by a human
*** end edit ***
*** for those wearing tin-foil hats ***
do not equip the servers with conventional drives (incl sad)
instead have the configured system on a dvd and boot from that
all data is kept in memory or on a ram-drive
if someone tries to take the servers away they sure will be disappointed. its the only way
to make sure no info is »left behind«
*** end edit ***
*** dbms ***
no pw needed to access. auth is handled by a bridge in between.
open source big-data with flat structure.
every field has history (done by making delete disable the field altogether and update really inserts a new line)
*** end dbms ***
*** encrypted dns ***
i think the time has come to encrypt dns lookups
*** end dns ***
*** "cheap" public/private ***
one could make the following setup and cut cost on the connection
inet<->router<->public_server/part<-(>) [ firewall<->lan ]
the public_server has 2 interfaces. one incoming and one outbound.
this is not the same as using a dmz
the following services could be put in such a setup:
* dns
* mail
* web
* vpn
* certificate server (for homework stations if none put in private_part)
the (>) means that incoming traffic on the lan is filtered with a hardened firewall
example: because the mail-server is located on the public_part there is no need to send request for any mail server through to the lan
this setup could also be used to put in a hardened gatekeeper that scans incoming traffic for viruses, malware and other incoming nastys.
*** end "cheap" public/private ***
********************
*** edit: “safe” implies “less unsafe” ***
every desktop machine has exactly the same software (even if not used by the user) in the same versions. cuts down 2nd-line support. and if a problem is solved on one machine it is solved on them all. example: an exploit becomes known. fix it one place and it’s fixed all over. also makes adding new machines easy as 1-2-go
two “dead-man-switches”
1. cuts connection to the grid (kills routers). this way key-loggers etc don’t call home
2. cuts bridges to server farm. if a virus is loos on the intra protect the servers. data is vital. not desktops.
this cannot be emphasized enough: there are no automatics on a secure network. none! it's always a good idea to lookup problems before installing an update.
servers who needs to be accessible from outside should be isolated on their own connection. this means that all machines on the inside of the network (lan) will have their own connection. so, at least 2 connections are required. this is a public/private seperation. it may seem like overkill but it allows that the router (internet access point) on the private part can have it's dmz redirect inbound traffic to a non-existing ip. administration on the public part is done through 22h ot a webbased interface.
no wi-fi allowed. no equip leaves building. none gets in (people must lock their cells in).
these will very soon be the really big exploit in the very near future (it’s already happening) and the potential for a major fuck-up is ludicrous
each server-function is located on ONE server each (i.e. web on one, maybe 4 * 1 dbms).
only mandatory ports are open on each firewall. if a machine does not need to do dns-lookups udp/tcp53/993 etc is sealed. also fw’s should be in stealth mode not answering icmp request.
if an extra measure is required use different versions of the software. every software has holes. but every version has different holes. no vm’s. if the vm is compromised, the host and every vm on it is compromised too.
a public server should be made completely cut-off from the real intra. all adm, updates, etc should be made through the internet. any public facing server is a drop of guard that is not needed. it will be hacked. a web-server alone is paramount to be compromised. add an underlying dbms and all bets are off. there is none. also it could be useful for data gathering of just how clever these little sob’s have gotten. kids are getting smart these days. just for the lulz
a multi-line internet connection would be nice too. the more ip’s the merrier. it still has to go through one tiny hole to get in or out
oh yeah. a couple of 3g/4g connections would be apt to have in store in case of a full-scale breach. why cut totally off. cunning panic is not panic. merely vigilance
** edit ***
it is impossible to uphold a directive that nothing comes in contact with the outside world. any device that has left the building - unlike Elvis who’s still ghosting around somewhere - that device becomes contaminated. before going in and back out it must be cleansed. that means that any documents stored locally will not enter servers. instead one must apply cloud-tech and very heavily encrypted connections. speed is not an issue so i guess that leaves pretty much up to the imagination. i think there are some american laws that prohibits too strong encryption, i think it boils down to that they want to ensure their experts can crack it. but i don’t see any right of anybody to interfere how an organisation or a group of individuals run their private networks.
have a hardware based system where the machine shuts down if the webcam is blocked
nothing is done automatic on a secure network. not updates. not access (no saved passwords). not nothing. and i literally mean the void of total absence of anything remotely not caused by a human
*** end edit ***
*** for those wearing tin-foil hats ***
do not equip the servers with conventional drives (incl sad)
instead have the configured system on a dvd and boot from that
all data is kept in memory or on a ram-drive
if someone tries to take the servers away they sure will be disappointed. its the only way
to make sure no info is »left behind«
*** end edit ***
*** dbms ***
no pw needed to access. auth is handled by a bridge in between.
open source big-data with flat structure.
every field has history (done by making delete disable the field altogether and update really inserts a new line)
*** end dbms ***
*** encrypted dns ***
i think the time has come to encrypt dns lookups
*** end dns ***
*** "cheap" public/private ***
one could make the following setup and cut cost on the connection
inet<->router<->public_server/part<-(>) [ firewall<->lan ]
the public_server has 2 interfaces. one incoming and one outbound.
this is not the same as using a dmz
the following services could be put in such a setup:
* dns
* web
* vpn
* certificate server (for homework stations if none put in private_part)
the (>) means that incoming traffic on the lan is filtered with a hardened firewall
example: because the mail-server is located on the public_part there is no need to send request for any mail server through to the lan
this setup could also be used to put in a hardened gatekeeper that scans incoming traffic for viruses, malware and other incoming nastys.
*** end "cheap" public/private ***
Subscribe to:
Posts (Atom)