±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 1 Overall: 34850
New Yesterday: 8 Visitors: 188

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Help Our Homeland

Computer forensics discussion. Please ensure that your post is not better suited to one of the forums below (if it is, please post it there instead!)
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page 1, 2  Next 
  

Help Our Homeland

Post Posted: Thu Dec 06, 2018 6:41 am


TinyBrain
Senior Member
 
 
  

Re: Help Our Homeland

Post Posted: Thu Dec 06, 2018 7:26 am

Resolves to http[:]//israelneedsu.com/ if you wish to click.
_________________
Blog: secureartisan.wordpress.com 

pbobby
Senior Member
 
 
  

Re: Help Our Homeland

Post Posted: Thu Dec 06, 2018 9:09 am

- pbobby
Resolves to http[:]//israelneedsu.com/ if you wish to click.


Which might clear a bit who are the "we" for which it is "our homeland".

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 

jaclaz
Senior Member
 
 
  

Re: Help Our Homeland

Post Posted: Thu Dec 06, 2018 4:23 pm

Couldn't resist poking at it a bit, with suitable protections.

The web page has javascript that appears to be designed to be unreadable. I've never seen an 800 thousand column line before. I didn't even know you could do that.

While the IP address (185.230.60.161) is registered as Tel Aviv, a traceroute from New Jersey goes to Ashburn Virgina with no other information before the final destination. That isn't unusual, as that's an East Coast Hub for transatlantic traffic. What is odd is that there is no significant jump in time delay between Ashburn and 185... Even more interesting is tracing from a node in Dubai comes back to Ashburn Virginia as well. Same from Madrid. I seriously doubt the server is physically in Israel.  

watcher
Member
 
 
  

Re: Help Our Homeland

Post Posted: Fri Dec 07, 2018 2:26 am

Correct, the server is physically in Italy. Can you also proof?  

TinyBrain
Senior Member
 
 
  

Re: Help Our Homeland

Post Posted: Fri Dec 07, 2018 11:02 am

For reasons that may be obvious to some ....... I'm Out!  

watcher
Member
 
 
  

Re: Help Our Homeland

Post Posted: Sun Dec 09, 2018 5:52 am

The server isn't in Italy, in Italy there is only a reverse proxy server running. The server might be in .ch, on the same clusters where protonmail runs up in the mountains Smile

The whole "project" looks like a test bed leaked (on purpose) for "volunteer crackers" to see if the real origin can be figured or not, probably for running some important things in the future. Security based on obscurity, redirection, proxy and other gimmicks isn't real security, so if it is important, you better don't run things on a public cluster.

I'm also out from this conversation for obvious reasons.
_________________
Apple passcode unlock + decrypted filesystem dump, Android user locks unlock + physical dump with decrypted userdata partition. We provide our services world-wide, but we reserve the right for choosing which tasks we take and which we deny! 

passcodeunlock
Senior Member
 
 

Page 1 of 2
Go to page 1, 2  Next