Ha.kers bounce their ip addresses proxy chain this wor.k huobi address
Ha.kers bounce their ip addresses proxy chain this wor.k huobi address
How do hars bounce their IP addresses What is a proxy chain? How does this wor.k? The first part of your qution is Bounce their IP addresses. This is really a sensationalist type of understanding. Hars do not bounce their IP addresses. Bouncing is the action we see on TV shows, where the agent is tracing the route to the hars IP address. The funny thing is on TV, it is presumed we have to figure out the IP address of the har, as in the original source. Sadly, this is not true at all. We already know the IP address of the har, the original source. Sadly on TV anything 192. 172, 169, 254 are not actual IP addresses. Ill use a TimeWarner/Spectrum IP address as an example here. 72.160.24.x there are many like it, but this one is close to mine. Now, if I wanted to bounce my ha.k from across the world, I would utilize a few Proxies. Proxies are computers that are typically, a route from inside a company networ.k, out to the internet. So a typical use of a proxy is, a large company networ.k where my laptop, is VPNed into the companys internal networ.k. From there security routes my outbound public internet access through a serverproxy, which would show a different IP address. Internally, my VPN link assigns me a 172.x.x.x IP address, inside the corporate networ.k is a 10.100.x.x networ.k, to which my outbound to the internet IP is the corporates IP 17.x.x.x its a big company Now at this point, you could say Im proxied through one avenue. I can keep going further, some companies have associations internationally. But you might be able to follow me on this, we can end our exit to the public internet anywhere, it just depends on our options. So when we see on TV, the link between US city Chicago, to New York, bounce back to Nevada, then to California, then overseas to Japan, then through S.Korea, making a hop to Australia and so forth. Understand that we already know the end points IP address, it is the process of identifying the hops. IP addresses are numbers that computer networ.ks understand efficiently, meanwhile us humans remember things better as names. So once the agent has the trace started, the IP identifying the har is already known. Its just the matter of figuring out the end of where THAT is. Proxy chaining is the massive ha.k that is being used. In this case, lets just multiply one corporate networ.k into multiple corporate networ.ks around the world. As agents invtigate the hops they find those hops are from companies throughout the world, which were being used for the ha.k. Now, the hardt part, is what is rarely shown on TV, it is getting the last location identified well enough to put people on site. TV shows often show us, that during the active at.tack the har was located within an hour of discovery. the trace was performed within the next 45 minutes. The har is done, and is relocating from the use of the free wifi, that allowed the har to accomplish the ha.k using a compromised remote computer. By the time the agent arrives to the site of the compromised computer, the invtigators spend hours auditing the computer to discover the har was using that computer by remote. By now, our har is back at hom.e. browsing the internet, watching net.flix. As for law enforcement, if the matter is real, we later on find out the har gets caught days later, because the starbucks wifi gateway/router had logging turned on, MAC addresses added up to the timing, invtigators got the security surveillance video it happened to be worng this time. Caught the har in plain sight, identified the person which lead to DMV records and a hom.e address. Now, in reality… much of this cannot be done in this same method. But we can use this a case example of why it is important for people to keep their computers updated and secured. Today, a botnet would be a good method of making a hang attempt at a single target. from Denial of Service at.tacks, to cryolocking, the methods hars can use to defuse others attempts at locating the source. There are things like CnC Command and Control where the har can CnC a botnet. Malware with scripted services that use personal computers as proxies for less than hont purposes. Adding in Remote Access Tools RATs and you have a har who has co.ntrol and visual use of compromised computers. There is also the use of TOR The Onion Router which is also a method to proxy internet activities through nodes. Exit nodes, points that can be anywhere else in the world.
mac address
