does ip bouncing exist?

Data that travels over the air and how to protect (or decipher) it

does ip bouncing exist?

Post by dark159123 on Mon Mar 15, 2010 7:32 pm
([msg=36830]see does ip bouncing exist?[/msg])

i know this question may sound pretty script kiddie'sh, but im just asking this way because i have no idea of how it works (and if it does)...

in whenever you see someone hacking in movies and games, you always see them bouncing through a million satelites, etc... although i know there isn't any kind of cool lightning beam (i want a freaking light beam for satelites!) emitting from the satelite to satelite, i guess there is a bit of truth in it as it is so widespread (the bouncing part not the lightning beams).

so is it possible to "bounce" through other routers/networks/satelites/etc? and if it is then how do you do it? i know that whenever you're connecting to anything you run through alot of different routers, but can this get exploited to make a trace take longer? and has the technology even got anything to do with this?
Scientia Est Sanctum

Security is not to be archieved by eliminating danger, but by learning to defend yourself against it
User avatar
dark159123
Experienced User
Experienced User
 
Posts: 71
Joined: Sun Feb 28, 2010 4:37 pm
Location: The Cyberweb
Blog: View Blog (0)


Re: does ip bouncing exist?

Post by sanddbox on Mon Mar 15, 2010 8:21 pm
([msg=36832]see Re: does ip bouncing exist?[/msg])

dark159123 wrote:i know this question may sound pretty script kiddie'sh, but im just asking this way because i have no idea of how it works (and if it does)...

in whenever you see someone hacking in movies and games, you always see them bouncing through a million satelites, etc... although i know there isn't any kind of cool lightning beam (i want a freaking light beam for satelites!) emitting from the satelite to satelite, i guess there is a bit of truth in it as it is so widespread (the bouncing part not the lightning beams).

so is it possible to "bounce" through other routers/networks/satelites/etc? and if it is then how do you do it? i know that whenever you're connecting to anything you run through alot of different routers, but can this get exploited to make a trace take longer? and has the technology even got anything to do with this?


It sounds like you're thinking about something like TOR. Basically, it routes your internet traffic through a bunch of other TOR users so that your IP can't be traced.
Image

HTS User Composition:
95% Male
4.98% Female
.01% Monica
.01% Goat
User avatar
sanddbox
Expert
Expert
 
Posts: 2331
Joined: Sat Jul 04, 2009 5:20 pm
Blog: View Blog (0)


Re: does ip bouncing exist?

Post by TravisAlan on Mon Mar 15, 2010 8:39 pm
([msg=36833]see Re: does ip bouncing exist?[/msg])

I think TOR would be a specific example. What he is describing seems to be just a visual representation of proxying your connection.
It is fairly common but unless you use something encrypted (such as TOR) it is still very traceable.
TravisAlan
New User
New User
 
Posts: 25
Joined: Sat Dec 12, 2009 9:19 pm
Blog: View Blog (0)


Re: does ip bouncing exist?

Post by sanddbox on Mon Mar 15, 2010 9:02 pm
([msg=36835]see Re: does ip bouncing exist?[/msg])

TravisAlan wrote:I think TOR would be a specific example. What he is describing seems to be just a visual representation of proxying your connection.
It is fairly common but unless you use something encrypted (such as TOR) it is still very traceable.


What he described, with the exception of tor, isn't fairly common. Normally it would just be a proxy server that would be used.
Image

HTS User Composition:
95% Male
4.98% Female
.01% Monica
.01% Goat
User avatar
sanddbox
Expert
Expert
 
Posts: 2331
Joined: Sat Jul 04, 2009 5:20 pm
Blog: View Blog (0)


Re: does ip bouncing exist?

Post by TravisAlan on Mon Mar 15, 2010 9:06 pm
([msg=36837]see Re: does ip bouncing exist?[/msg])

Okay, im not saying its common to go through "millions of satellites," but I do believe it is common to go through a proxy server. Which is what I thought he was referring to.
TravisAlan
New User
New User
 
Posts: 25
Joined: Sat Dec 12, 2009 9:19 pm
Blog: View Blog (0)


Re: does ip bouncing exist?

Post by sanddbox on Mon Mar 15, 2010 10:34 pm
([msg=36846]see Re: does ip bouncing exist?[/msg])

TravisAlan wrote:Okay, im not saying its common to go through "millions of satellites," but I do believe it is common to go through a proxy server. Which is what I thought he was referring to.


He was referring to a connection being routed through multiple other hosts. A proxy server only involves one host.
Image

HTS User Composition:
95% Male
4.98% Female
.01% Monica
.01% Goat
User avatar
sanddbox
Expert
Expert
 
Posts: 2331
Joined: Sat Jul 04, 2009 5:20 pm
Blog: View Blog (0)


Re: does ip bouncing exist?

Post by dark159123 on Tue Mar 16, 2010 10:48 am
([msg=36878]see Re: does ip bouncing exist?[/msg])

actually i was just referring to routing in general...

thanks for the great answers guys!
Scientia Est Sanctum

Security is not to be archieved by eliminating danger, but by learning to defend yourself against it
User avatar
dark159123
Experienced User
Experienced User
 
Posts: 71
Joined: Sun Feb 28, 2010 4:37 pm
Location: The Cyberweb
Blog: View Blog (0)


Re: does ip bouncing exist?

Post by thetan on Fri Mar 19, 2010 11:42 am
([msg=37069]see Re: does ip bouncing exist?[/msg])

Even if you do use encryption, the absolute bottom line is if your ISP has it out for you then you can't hide. Your ISP is the messiah of all your etherwebz connectivity. You can establish all the SSL/TLS SSH whatever encrypted tunnels that you want but as long as your ISP wants to watch you theirs nothing you can do. Your ISP is _THE MAN_ in the middle and theirs no way you can verify that you do have a legit end to end encrypted connection with your intended point of destination or whether you have a shady encrypted connection with your ISP that in turn has a separate encrypted forwarding connection with your intended end point, giving the ISP plain text read ability.

Now I'm not saying that "h0m3y3 ISPz R EEEVIL!!!". All I want to get across is that you should never be to comfortable with your online privacy if you have a reason or an idealogical affinity towards privacy rights.

With ACTA on the horizon and cases in the past of whistle blowing EFF cases on ISPs and major web entities cooperating with NSA snooping via fiber optic splitters should wake any privacy conscience individual up to an alert state.
"If art interprets our dreams, the computer executes them in the guise of programs!" - SICP

Image

“If at first, the idea is not absurd, then there is no hope for it” - Albert Einstein
User avatar
thetan
Contributor
Contributor
 
Posts: 657
Joined: Thu Dec 17, 2009 6:58 pm
Location: Various Bay Area Cities, California
Blog: View Blog (0)


Re: does ip bouncing exist?

Post by r-ID on Fri Mar 19, 2010 12:36 pm
([msg=37073]see Re: does ip bouncing exist?[/msg])

well, it is possible to use secure proxy, you don't have to send public key every time, you only need to send it once.
r-ID
Poster
Poster
 
Posts: 172
Joined: Mon Dec 29, 2008 6:04 pm
Blog: View Blog (0)


Re: does ip bouncing exist?

Post by thetan on Fri Mar 19, 2010 1:11 pm
([msg=37076]see Re: does ip bouncing exist?[/msg])

r-ID wrote:well, it is possible to use secure proxy, you don't have to send public key every time, you only need to send it once.

A "Secure proxy" as you call it, is nothing more then a encrypted channel. It doesn't matter if you send it once or you send it a thousand times. The point is, if you send it at all then you have absolutely no way to verify your privacy.

As the recent SSL/TLS force renegotiation exploit has highlighted, anyone in the middle has to see the credentials only once and they have you in plaintext for the lifetime of that connection.

You know what else causes a renegotiation of credentials and is basically un-patch-able? Dropping the connection. Yes, dropping a secure connection will cause it to have to renegotiate all over again, leading back to the single point of failure, the online negotiation.

Also, as I've said said in my last post but will elaborate on now. You can think that you have a secure connection with any end point on the web. However, the thing is you may just have a secure connection to some malicious man in the middle who in turn has a separate secure connection to your intended destination and the "attacker" would just masquerade packets originating from your connection through it's connection to your intended end point (on a separate "secure" channel) and vice versa. While the packets are in transit from one channel to the other on the malicious machine they are in plain text and thus perfectly readable to the attacker. This is because the packets get decrypted once the reach the "attacker" (after all, you do have a secure connection _to him_) and then re-encrypted when sent to their target destination. Theirs no way your end point destination can verify that these packets aren't actually coming directly from you.
"If art interprets our dreams, the computer executes them in the guise of programs!" - SICP

Image

“If at first, the idea is not absurd, then there is no hope for it” - Albert Einstein
User avatar
thetan
Contributor
Contributor
 
Posts: 657
Joined: Thu Dec 17, 2009 6:58 pm
Location: Various Bay Area Cities, California
Blog: View Blog (0)


Next

Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests

cron