Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

Search found 6 matches

by Dynamoo
Thu Aug 08, 2013 7:13 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: #Torsploit takedown: analysis, reverse engineering, forensic
Replies: 76
Views: 122586

Re: #Torsploit takedown: analysis, reverse engineering, fore

2. I've heard lots of opinions about whether or not this was an illegal attack or not.. assume for a moment it was government related, might this have just been intelligence gathering? meaning that the data collected would go into a database of red flags and possible targets for standard investigat...
by Dynamoo
Thu Aug 08, 2013 3:38 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: #Torsploit takedown: analysis, reverse engineering, forensic
Replies: 76
Views: 122586

Re: #Torsploit takedown: analysis, reverse engineering, fore

There's no smoking gun directly linking the FH takedown with the Torspoit attack, true. But there's an affinity between these two events that would make them slot nicely together. However, it still doesn't really matter than much because the technical analysis of Torsploit has some strong indicators...
by Dynamoo
Thu Aug 08, 2013 2:02 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: #Torsploit takedown: analysis, reverse engineering, forensic
Replies: 76
Views: 122586

Re: how long...?

The take-down of FH was done in cooperation with the FBI. But the torsploit seems to be the doing of SAIC (or possibly the NSA). It might be that SAIC or NSA had deployed the torsploit quit some time ago, but without the knowledge of the FBI. It is, then, not to difficult to imagine a miscommunicat...
by Dynamoo
Wed Aug 07, 2013 1:43 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: #Torsploit takedown: analysis, reverse engineering, forensic
Replies: 76
Views: 122586

Re: how long...?

Because, in fact, the question sort of expands out further, into several related lines of inquiry: 1) The first URLquery reports that I can see date to 4th August . I don't think it would have been on there for much longer before that because at least a handful of people would notice it. 3) My opin...
by Dynamoo
Tue Aug 06, 2013 7:56 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: #Torsploit takedown: analysis, reverse engineering, forensic
Replies: 76
Views: 122586

Re: #Torsploit takedown: analysis, reverse engineering, fore

I thought of a simple version of my earlier post in case some non-techy visitors are viewing the thread. Think of the network block 65.222.202.0/24 as a Zip code that represents Verizon Street in Washington DC. If you stand at the end of Verizon Street, there's a building belonging to SAIC [number 0...
by Dynamoo
Tue Aug 06, 2013 4:30 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: #Torsploit takedown: analysis, reverse engineering, forensic
Replies: 76
Views: 122586

Re: #Torsploit takedown: analysis, reverse engineering, fore

Hi all, I believe that the analysis that 65.222.202.53 belongs to SAIC or the NSA is an error. The tool used DomainTools IP explorer to examine the block. DomainTools reports that the block belongs to SAIC, but in fact they only have the first /28 allocated to them from Verizon Business. Really, Dom...

Go to advanced search

Nothing to display.

Login