Mastermason.com Forums Homepage
Forum Home Forum Home > Forum Lounge (off-topic & lighter discussions) > General Discussions
  New Posts New Posts RSS Feed - "DANGER Will Robinson" Danger!
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

"DANGER Will Robinson" Danger!

 Post Reply Post Reply
Author
Message
GrimoireA3 View Drop Down
Banned
Banned


Joined: May/05/2013
Location: Boston
Status: Offline
Points: 625
Post Options Post Options   Thanks (0) Thanks(0)   Quote GrimoireA3 Quote  Post ReplyReply Direct Link To This Post Topic: "DANGER Will Robinson" Danger!
    Posted: April/11/2016 at 11:13am
My security filter alerted me to a security threat and prevented me from accessing Mastermason.com forums all day yesterday (10April2016) with the following message:

Date: Sun, 10 Apr 2016, 16:29:35 GMT

Username: {it was blank}

Source IP: 10.240.4.132

URL: GET http://forum.mastermason.com/

Category: Computers and Internet

Reason: Block-Malware

ThreatType: othermalware

Threat reason: Identified as malicious domain or URL.

Notification: WBRS

----------------------------------------

Decimal: 183501956


Apparently somebody in the deep web or dark net (TOR - the onion router) doesn't like the forum??


I gave this information to some of my buddies over at MIT where I used to work. What do you guys think? Has this ever happened before to Master Masons forum??
Please Note: I am not a Mason. And also, I am not an anti-Mason!
Back to Top
Adept? View Drop Down
Senior Member
Senior Member
Avatar

Joined: August/30/2013
Location: Maine
Status: Offline
Points: 746
Post Options Post Options   Thanks (1) Thanks(1)   Quote Adept? Quote  Post ReplyReply Direct Link To This Post Posted: April/11/2016 at 11:51am
I've never had an issue with it, but I only access the site from private secured sources.  In checking your log on history I see that you are using public, and most likely unsecured connections to access the internet.  There is no telling who or what is tracking you, or accessing the same connection as you, at any location that offers free public WIFI.  A good way to check is through command prompt on your computer.  Through it , you can see a list of all established connections, and any that may have attempted and failed.  You may also want to check your computer for a virus, or malware.

   The source IP you posted comes back as private, and gave me no information as far as location or owner... you'll want to check on it and disconnect anything connected through it, and stop and remove any processes that may be running on your computer from it.  (under processes in task manager)  anything with an established connection to that IP, or any files with that source could be harmful to your computer, and any personal info you have on it, or type into it. 
"It is humanity that creates god, and men think that god has made them in his image, because they make him in theirs."
Back to Top
coach View Drop Down
Moderator
Moderator
Avatar

Joined: October/23/2005
Location: Tampa Bay
Status: Offline
Points: 1324
Post Options Post Options   Thanks (0) Thanks(0)   Quote coach Quote  Post ReplyReply Direct Link To This Post Posted: April/11/2016 at 1:12pm
Originally posted by GrimoireA3 GrimoireA3 wrote:

My security filter alerted me to a security threat and prevented me from accessing Mastermason.com forums all day yesterday (10April2016) with the following message:

Date: Sun, 10 Apr 2016, 16:29:35 GMT

Username: {it was blank}

Source IP: 10.240.4.132

URL: GET http://forum.mastermason.com/

Category: Computers and Internet

Reason: Block-Malware

ThreatType: othermalware

Threat reason: Identified as malicious domain or URL.

Notification: WBRS

----------------------------------------

Decimal: 183501956


Apparently somebody in the deep web or dark net (TOR - the onion router) doesn't like the forum??


I gave this information to some of my buddies over at MIT where I used to work. What do you guys think? Has this ever happened before to Master Masons forum??


DUDE! You're dealing with Freemasons. Did you not expect us to make every effort to try and take you over?
Building Builders - Masonic Education!

Books I Wrote | My FB Wall
Back to Top
GrimoireA3 View Drop Down
Banned
Banned


Joined: May/05/2013
Location: Boston
Status: Offline
Points: 625
Post Options Post Options   Thanks (0) Thanks(0)   Quote GrimoireA3 Quote  Post ReplyReply Direct Link To This Post Posted: April/11/2016 at 5:59pm
Originally posted by Adept? Adept? wrote:

I've never had an issue with it, but I only access the site from private secured sources.  In checking your log on history I see that you are using public, and most likely unsecured connections to access the internet.  There is no telling who or what is tracking you, or accessing the same connection as you, at any location that offers free public WIFI.  A good way to check is through command prompt on your computer.  Through it , you can see a list of all established connections, and any that may have attempted and failed.  You may also want to check your computer for a virus, or malware.

   The source IP you posted comes back as private, and gave me no information as far as location or owner... you'll want to check on it and disconnect anything connected through it, and stop and remove any processes that may be running on your computer from it.  (under processes in task manager)  anything with an established connection to that IP, or any files with that source could be harmful to your computer, and any personal info you have on it, or type into it. 


Thanks!
Please Note: I am not a Mason. And also, I am not an anti-Mason!
Back to Top
GrimoireA3 View Drop Down
Banned
Banned


Joined: May/05/2013
Location: Boston
Status: Offline
Points: 625
Post Options Post Options   Thanks (0) Thanks(0)   Quote GrimoireA3 Quote  Post ReplyReply Direct Link To This Post Posted: April/11/2016 at 6:05pm


Originally posted by coach coach wrote:

DUDE! You're dealing with Freemasons. Did you not expect us to make every effort to try and take you over?


Being taken over by Freemasons would not be a bad thing. Being spied upon by a species of malware is not a good thing.
Please Note: I am not a Mason. And also, I am not an anti-Mason!
Back to Top
Adept? View Drop Down
Senior Member
Senior Member
Avatar

Joined: August/30/2013
Location: Maine
Status: Offline
Points: 746
Post Options Post Options   Thanks (0) Thanks(0)   Quote Adept? Quote  Post ReplyReply Direct Link To This Post Posted: April/11/2016 at 6:28pm
please don't take what I said as the gospel.  I'm not a computer genius by any stretch of the imagination.  It could be nothing at all, but it sounds fishy to me, better safe than sorry, and I do know enough to know that when hackers attack a server or server group, they commonly employ multiple public networks to do so, for a number of reasons.   just to name a couple...To further hide themselves, and to use the other servers resources as a power boost of sorts to greatly assist in the attack on the victim server or network.  Basically in doing so they are using their computer to access and use multiple other computers to attack another, safety in numbers don't you know.  5 on 1 is better than 1 on 1.

As i said, I'm not a super wiz with computers, but I know a little.  When using public networks... better safe than sorry.
"It is humanity that creates god, and men think that god has made them in his image, because they make him in theirs."
Back to Top
GrimoireA3 View Drop Down
Banned
Banned


Joined: May/05/2013
Location: Boston
Status: Offline
Points: 625
Post Options Post Options   Thanks (0) Thanks(0)   Quote GrimoireA3 Quote  Post ReplyReply Direct Link To This Post Posted: April/12/2016 at 8:19am
Originally posted by Adept? Adept? wrote:

please don't take what I said as the gospel.  I'm not a computer genius by any stretch of the imagination.  It could be nothing at all, but it sounds fishy to me, better safe than sorry, and I do know enough to know that when hackers attack a server or server group, they commonly employ multiple public networks to do so, for a number of reasons.  <span style="line-height: 16.8px;"> just to name a couple...</span>To further hide themselves, and to use the other servers resources as a power boost of sorts to greatly assist in the attack on the victim server or network.  Basically in doing so they are using their computer to access and use multiple other computers to attack another, safety in numbers don't you know.  5 on 1 is better than 1 on 1.

As i said, I'm not a super wiz with computers, but I know a little.  When using public networks... better safe than sorry.


Yes. Again, thank you for your efforts. But I get the distinct impression from the information that I'm not the target but Master Mason forums? Unless I'm reading the security info wrong?
Please Note: I am not a Mason. And also, I am not an anti-Mason!
Back to Top
Adept? View Drop Down
Senior Member
Senior Member
Avatar

Joined: August/30/2013
Location: Maine
Status: Offline
Points: 746
Post Options Post Options   Thanks (0) Thanks(0)   Quote Adept? Quote  Post ReplyReply Direct Link To This Post Posted: April/12/2016 at 8:34am
You don't have to be the target in order to receive harmful data. I would sooner think that the public network you were using was the target, or at least being used as a tool to attack the target. But hey...what the hell do I know...? LOL!   
"It is humanity that creates god, and men think that god has made them in his image, because they make him in theirs."
Back to Top
GrimoireA3 View Drop Down
Banned
Banned


Joined: May/05/2013
Location: Boston
Status: Offline
Points: 625
Post Options Post Options   Thanks (0) Thanks(0)   Quote GrimoireA3 Quote  Post ReplyReply Direct Link To This Post Posted: April/12/2016 at 9:00am
Originally posted by Adept? Adept? wrote:

You don't have to be the target in order to receive harmful data. I would sooner think that the public network you were using was the target, or at least being used as a tool to attack the target. But hey...what the hell do I know...? LOL!   


Apparently you know a lot. But if what you say is true, I wonder why the wi fi at Massachusetts General Hospital would be subject to attack?

Boston and Cambridge have a ridiculous amount of free wi fi connections which you are encourage to utilize. The entire Boston Common and all of Harvard Square have public access to wi fi. And dozens of institutions, coffee shops, banks, bars, etc. all are wi fi accessible, and again, you are highly encouraged to utilize the wi fi - which is exactly what I do.

So it would be hard to determine which public wi fi my security screen blocked?

Thanks again.
Please Note: I am not a Mason. And also, I am not an anti-Mason!
Back to Top
edwmax View Drop Down
Administrator
Administrator
Avatar

Joined: November/06/2007
Location: Georgia, USA
Status: Offline
Points: 7098
Post Options Post Options   Thanks (1) Thanks(1)   Quote edwmax Quote  Post ReplyReply Direct Link To This Post Posted: April/20/2016 at 12:09pm
I suspect being on a private network (10 dot) at the time, all internet traffic may be routed through a network proxy server.  Then your security filter perceived an IP miss-match between the proxy server (10.240.4.132) and MM.com actual IP address.      .... Of course, not being there it is hard to say what was happening.    The 10 dot ip number will not work outside of its own network or on the internet.

What did your MIT biddies say?
"He who would assume to govern others must first learn to govern himself."





Thomasville 369
Back to Top
GrimoireA3 View Drop Down
Banned
Banned


Joined: May/05/2013
Location: Boston
Status: Offline
Points: 625
Post Options Post Options   Thanks (0) Thanks(0)   Quote GrimoireA3 Quote  Post ReplyReply Direct Link To This Post Posted: April/20/2016 at 4:46pm
Originally posted by edwmax edwmax wrote:

I suspect being on a private network (10 dot) at the time, all internet traffic may be routed through a network proxy server.  Then your security filter perceived an IP miss-match between the proxy server (10.240.4.132) and MM.com actual IP address.      .... Of course, not being there it is hard to say what was happening.    The 10 dot ip number will not work outside of its own network or on the internet.

What did your MIT biddies say?


Hi edwmax,

I haven't been back over to MIT since last week. But my MIT buddies immediately recognized the '10' as a TOR address, and said they would give it a try. I'm going back over to MIT this Fri/Sat to watch a sci fi movie and will talk with my buddies then, see what they found out. Thanx!
Please Note: I am not a Mason. And also, I am not an anti-Mason!
Back to Top
edwmax View Drop Down
Administrator
Administrator
Avatar

Joined: November/06/2007
Location: Georgia, USA
Status: Offline
Points: 7098
Post Options Post Options   Thanks (1) Thanks(1)   Quote edwmax Quote  Post ReplyReply Direct Link To This Post Posted: April/20/2016 at 7:14pm
Originally posted by GrimoireA3 GrimoireA3 wrote:

Originally posted by edwmax edwmax wrote:

I suspect being on a private network (10 dot) at the time, all internet traffic may be routed through a network proxy server.  Then your security filter perceived an IP miss-match between the proxy server (10.240.4.132) and MM.com actual IP address.      .... Of course, not being there it is hard to say what was happening.    The 10 dot ip number will not work outside of its own network or on the internet.

What did your MIT biddies say?


Hi edwmax,

I haven't been back over to MIT since last week. But my MIT buddies immediately recognized the '10' as a TOR address, and said they would give it a try. I'm going back over to MIT this Fri/Sat to watch a sci fi movie and will talk with my buddies then, see what they found out. Thanx!


I'm not sure how they could do that.  Officially, 10 dot are military LAN network IPs.  But, since these are private network IPs, anyone can use them within their own LAN networks.   I have setup several networks using 10 dots.


Edited by edwmax - April/20/2016 at 7:16pm
"He who would assume to govern others must first learn to govern himself."





Thomasville 369
Back to Top
GrimoireA3 View Drop Down
Banned
Banned


Joined: May/05/2013
Location: Boston
Status: Offline
Points: 625
Post Options Post Options   Thanks (0) Thanks(0)   Quote GrimoireA3 Quote  Post ReplyReply Direct Link To This Post Posted: April/21/2016 at 6:10am
Originally posted by edwmax edwmax wrote:



I'm not sure how they could do that.  Officially, 10 dot are military LAN network IPs.  But, since these are private network IPs, anyone can use them within their own LAN networks.


Maybe Anonymous isn't what they're cracked up to be?


  
Originally posted by edwmax edwmax wrote:

I have setup several networks using 10 dots.



Aha!!!
Please Note: I am not a Mason. And also, I am not an anti-Mason!
Back to Top
edwmax View Drop Down
Administrator
Administrator
Avatar

Joined: November/06/2007
Location: Georgia, USA
Status: Offline
Points: 7098
Post Options Post Options   Thanks (0) Thanks(0)   Quote edwmax Quote  Post ReplyReply Direct Link To This Post Posted: April/21/2016 at 11:40am
Originally posted by GrimoireA3 GrimoireA3 wrote:

Originally posted by edwmax edwmax wrote:



I'm not sure how they could do that.  Officially, 10 dot are military LAN network IPs.  But, since these are private network IPs, anyone can use them within their own LAN networks.


Maybe Anonymous isn't what they're cracked up to be?

.....


TOR is not 100% Anonymous.  It is only very difficult to trace due to the communication layer being encrypted at each router hop.  TOR routers only de-crypt one hop at a time to send traffic to the next TOR router until the last hop which then send the un-encrypted traffic to its destination.

TOR was first developed by the US Naval Research Lab for encrypted communications over the internet and public networks. As such, 'private' IP numbers (10 dot; ect) can not work over these networks.  But private IP could show up through VPN connected networks or spoofed IPs.    ... The current TOR project is openly supported by EFF and other private companies for private
communication over the internet.  Their private communications would also be encrypted by the sending & receiving computer/server.   .... This layer of encryption is not possible for general internet surfing.




Edited by edwmax - April/21/2016 at 11:46am
"He who would assume to govern others must first learn to govern himself."





Thomasville 369
Back to Top
GrimoireA3 View Drop Down
Banned
Banned


Joined: May/05/2013
Location: Boston
Status: Offline
Points: 625
Post Options Post Options   Thanks (0) Thanks(0)   Quote GrimoireA3 Quote  Post ReplyReply Direct Link To This Post Posted: April/22/2016 at 9:56am


Originally posted by edwmax edwmax wrote:

TOR is not 100% Anonymous.


Very true. Those who use Bitcoins on the dark net or deep web to make illicit transactions are finding out first hand that The Onion Router is not totally anonymous.


 
Originally posted by edwmax edwmax wrote:

It is only very difficult to trace due to the communication layer being encrypted at each router hop.  TOR routers only de-crypt one hop at a time to send traffic to the next TOR router until the last hop which then send the un-encrypted traffic to its destination.


Thank you! As my MIT buddies explained to me during a 'Bitcoin' presentation.

Originally posted by edwmax edwmax wrote:

TOR was first developed by the US Naval Research Lab for encrypted communications over the internet and public networks. As such, 'private' IP numbers (10 dot; ect) can not work over these networks.  But private IP could show up through VPN connected networks or spoofed IPs.    ... The current TOR project is openly supported by EFF and other private companies for private
communication over the internet.  Their private communications would also be encrypted by the sending & receiving computer/server.   .... This layer of encryption is not possible for general internet surfing.


My MIT hacking buddies are as reluctant to talk about their methods as Masons are about the rituals in their Lodges. But I gave them my info anyways. Let's see what occurs down the road.

Thank you for your time and effort edwmax!



Please Note: I am not a Mason. And also, I am not an anti-Mason!
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 11.10
Copyright ©2001-2017 Web Wiz Ltd.

This page was generated in 0.125 seconds.