Print Page | Close Window

"DANGER Will Robinson" Danger!

Printed From: Mastermason.com Forums
Category: Forum Lounge (off-topic & lighter discussions)
Forum Name: General Discussions
Forum Description: Non-Esoteric Masonic Discussions
URL: http://forum.mastermason.com/forum_posts.asp?TID=12577
Printed Date: July/03/2020 at 11:38am
Software Version: Web Wiz Forums 11.10 - http://www.webwizforums.com


Topic: "DANGER Will Robinson" Danger!
Posted By: GrimoireA3
Subject: "DANGER Will Robinson" Danger!
Date Posted: April/11/2016 at 11:13am
My security filter alerted me to a security threat and prevented me from accessing Mastermason.com forums all day yesterday (10April2016) with the following message:

Date: Sun, 10 Apr 2016, 16:29:35 GMT

Username: {it was blank}

Source IP: 10.240.4.132

URL: GET http://forum.mastermason.com/

Category: Computers and Internet

Reason: Block-Malware

ThreatType: othermalware

Threat reason: Identified as malicious domain or URL.

Notification: WBRS

----------------------------------------

Decimal: 183501956


Apparently somebody in the deep web or dark net (TOR - the onion router) doesn't like the forum??


I gave this information to some of my buddies over at MIT where I used to work. What do you guys think? Has this ever happened before to Master Masons forum??

-------------
Please Note: I am not a Mason. And also, I am not an anti-Mason!



Replies:
Posted By: Adept?
Date Posted: April/11/2016 at 11:51am
I've never had an issue with it, but I only access the site from private secured sources.  In checking your log on history I see that you are using public, and most likely unsecured connections to access the internet.  There is no telling who or what is tracking you, or accessing the same connection as you, at any location that offers free public WIFI.  A good way to check is through command prompt on your computer.  Through it , you can see a list of all established connections, and any that may have attempted and failed.  You may also want to check your computer for a virus, or malware.

   The source IP you posted comes back as private, and gave me no information as far as location or owner... you'll want to check on it and disconnect anything connected through it, and stop and remove any processes that may be running on your computer from it.  (under processes in task manager)  anything with an established connection to that IP, or any files with that source could be harmful to your computer, and any personal info you have on it, or type into it. 


-------------
"It is humanity that creates god, and men think that god has made them in his image, because they make him in theirs."


Posted By: coach
Date Posted: April/11/2016 at 1:12pm
Originally posted by GrimoireA3 GrimoireA3 wrote:

My security filter alerted me to a security threat and prevented me from accessing Mastermason.com forums all day yesterday (10April2016) with the following message:

Date: Sun, 10 Apr 2016, 16:29:35 GMT

Username: {it was blank}

Source IP: 10.240.4.132

URL: GET http://forum.mastermason.com/

Category: Computers and Internet

Reason: Block-Malware

ThreatType: othermalware

Threat reason: Identified as malicious domain or URL.

Notification: WBRS

----------------------------------------

Decimal: 183501956


Apparently somebody in the deep web or dark net (TOR - the onion router) doesn't like the forum??


I gave this information to some of my buddies over at MIT where I used to work. What do you guys think? Has this ever happened before to Master Masons forum??


DUDE! You're dealing with Freemasons. Did you not expect us to make every effort to try and take you over?

-------------
Building Builders - Masonic Education!

http://www.coach.net/BuildingBuilders.htm" rel="nofollow - Books I Wrote | http://www.facebook.com/johns.nagy" rel="nofollow - My FB Wall


Posted By: GrimoireA3
Date Posted: April/11/2016 at 5:59pm
Originally posted by Adept? Adept? wrote:

I've never had an issue with it, but I only access the site from private secured sources.  In checking your log on history I see that you are using public, and most likely unsecured connections to access the internet.  There is no telling who or what is tracking you, or accessing the same connection as you, at any location that offers free public WIFI.  A good way to check is through command prompt on your computer.  Through it , you can see a list of all established connections, and any that may have attempted and failed.  You may also want to check your computer for a virus, or malware.

   The source IP you posted comes back as private, and gave me no information as far as location or owner... you'll want to check on it and disconnect anything connected through it, and stop and remove any processes that may be running on your computer from it.  (under processes in task manager)  anything with an established connection to that IP, or any files with that source could be harmful to your computer, and any personal info you have on it, or type into it. 


Thanks!

-------------
Please Note: I am not a Mason. And also, I am not an anti-Mason!


Posted By: GrimoireA3
Date Posted: April/11/2016 at 6:05pm


Originally posted by coach coach wrote:

DUDE! You're dealing with Freemasons. Did you not expect us to make every effort to try and take you over?


Being taken over by Freemasons would not be a bad thing. Being spied upon by a species of malware is not a good thing.

-------------
Please Note: I am not a Mason. And also, I am not an anti-Mason!


Posted By: Adept?
Date Posted: April/11/2016 at 6:28pm
please don't take what I said as the gospel.  I'm not a computer genius by any stretch of the imagination.  It could be nothing at all, but it sounds fishy to me, better safe than sorry, and I do know enough to know that when hackers attack a server or server group, they commonly employ multiple public networks to do so, for a number of reasons.   just to name a couple...To further hide themselves, and to use the other servers resources as a power boost of sorts to greatly assist in the attack on the victim server or network.  Basically in doing so they are using their computer to access and use multiple other computers to attack another, safety in numbers don't you know.  5 on 1 is better than 1 on 1.

As i said, I'm not a super wiz with computers, but I know a little.  When using public networks... better safe than sorry.


-------------
"It is humanity that creates god, and men think that god has made them in his image, because they make him in theirs."


Posted By: GrimoireA3
Date Posted: April/12/2016 at 8:19am
Originally posted by Adept? Adept? wrote:

please don't take what I said as the gospel.  I'm not a computer genius by any stretch of the imagination.  It could be nothing at all, but it sounds fishy to me, better safe than sorry, and I do know enough to know that when hackers attack a server or server group, they commonly employ multiple public networks to do so, for a number of reasons.  <span style="line-height: 16.8px;"> just to name a couple...</span>To further hide themselves, and to use the other servers resources as a power boost of sorts to greatly assist in the attack on the victim server or network.  Basically in doing so they are using their computer to access and use multiple other computers to attack another, safety in numbers don't you know.  5 on 1 is better than 1 on 1.

As i said, I'm not a super wiz with computers, but I know a little.  When using public networks... better safe than sorry.


Yes. Again, thank you for your efforts. But I get the distinct impression from the information that I'm not the target but Master Mason forums? Unless I'm reading the security info wrong?

-------------
Please Note: I am not a Mason. And also, I am not an anti-Mason!


Posted By: Adept?
Date Posted: April/12/2016 at 8:34am
You don't have to be the target in order to receive harmful data. I would sooner think that the public network you were using was the target, or at least being used as a tool to attack the target. But hey...what the hell do I know...? LOL!   

-------------
"It is humanity that creates god, and men think that god has made them in his image, because they make him in theirs."


Posted By: GrimoireA3
Date Posted: April/12/2016 at 9:00am
Originally posted by Adept? Adept? wrote:

You don't have to be the target in order to receive harmful data. I would sooner think that the public network you were using was the target, or at least being used as a tool to attack the target. But hey...what the hell do I know...? LOL!   


Apparently you know a lot. But if what you say is true, I wonder why the wi fi at Massachusetts General Hospital would be subject to attack?

Boston and Cambridge have a ridiculous amount of free wi fi connections which you are encourage to utilize. The entire Boston Common and all of Harvard Square have public access to wi fi. And dozens of institutions, coffee shops, banks, bars, etc. all are wi fi accessible, and again, you are highly encouraged to utilize the wi fi - which is exactly what I do.

So it would be hard to determine which public wi fi my security screen blocked?

Thanks again.

-------------
Please Note: I am not a Mason. And also, I am not an anti-Mason!


Posted By: edwmax
Date Posted: April/20/2016 at 12:09pm
I suspect being on a private network (10 dot) at the time, all internet traffic may be routed through a network proxy server.  Then your security filter perceived an IP miss-match between the proxy server (10.240.4.132) and MM.com actual IP address.      .... Of course, not being there it is hard to say what was happening.    The 10 dot ip number will not work outside of its own network or on the internet.

What did your MIT biddies say?


-------------
"He who would assume to govern others must first learn to govern himself."





Thomasville 369


Posted By: GrimoireA3
Date Posted: April/20/2016 at 4:46pm
Originally posted by edwmax edwmax wrote:

I suspect being on a private network (10 dot) at the time, all internet traffic may be routed through a network proxy server.  Then your security filter perceived an IP miss-match between the proxy server (10.240.4.132) and MM.com actual IP address.      .... Of course, not being there it is hard to say what was happening.    The 10 dot ip number will not work outside of its own network or on the internet.

What did your MIT biddies say?


Hi edwmax,

I haven't been back over to MIT since last week. But my MIT buddies immediately recognized the '10' as a TOR address, and said they would give it a try. I'm going back over to MIT this Fri/Sat to watch a sci fi movie and will talk with my buddies then, see what they found out. Thanx!

-------------
Please Note: I am not a Mason. And also, I am not an anti-Mason!


Posted By: edwmax
Date Posted: April/20/2016 at 7:14pm
Originally posted by GrimoireA3 GrimoireA3 wrote:

Originally posted by edwmax edwmax wrote:

I suspect being on a private network (10 dot) at the time, all internet traffic may be routed through a network proxy server.  Then your security filter perceived an IP miss-match between the proxy server (10.240.4.132) and MM.com actual IP address.      .... Of course, not being there it is hard to say what was happening.    The 10 dot ip number will not work outside of its own network or on the internet.

What did your MIT biddies say?


Hi edwmax,

I haven't been back over to MIT since last week. But my MIT buddies immediately recognized the '10' as a TOR address, and said they would give it a try. I'm going back over to MIT this Fri/Sat to watch a sci fi movie and will talk with my buddies then, see what they found out. Thanx!


I'm not sure how they could do that.  Officially, 10 dot are military LAN network IPs.  But, since these are private network IPs, anyone can use them within their own LAN networks.   I have setup several networks using 10 dots.


-------------
"He who would assume to govern others must first learn to govern himself."





Thomasville 369


Posted By: GrimoireA3
Date Posted: April/21/2016 at 6:10am
Originally posted by edwmax edwmax wrote:



I'm not sure how they could do that.  Officially, 10 dot are military LAN network IPs.  But, since these are private network IPs, anyone can use them within their own LAN networks.


Maybe Anonymous isn't what they're cracked up to be?


  
Originally posted by edwmax edwmax wrote:

I have setup several networks using 10 dots.



Aha!!!

-------------
Please Note: I am not a Mason. And also, I am not an anti-Mason!


Posted By: edwmax
Date Posted: April/21/2016 at 11:40am
Originally posted by GrimoireA3 GrimoireA3 wrote:

Originally posted by edwmax edwmax wrote:



I'm not sure how they could do that.  Officially, 10 dot are military LAN network IPs.  But, since these are private network IPs, anyone can use them within their own LAN networks.


Maybe Anonymous isn't what they're cracked up to be?

.....


TOR is not 100% Anonymous.  It is only very difficult to trace due to the communication layer being encrypted at each router hop.  TOR routers only de-crypt one hop at a time to send traffic to the next TOR router until the last hop which then send the un-encrypted traffic to its destination.

TOR was first developed by the US Naval Research Lab for encrypted communications over the internet and public networks. As such, 'private' IP numbers (10 dot; ect) can not work over these networks.  But private IP could show up through VPN connected networks or spoofed IPs.    ... The current TOR project is openly supported by EFF and other private companies for private
communication over the internet.  Their private communications would also be encrypted by the sending & receiving computer/server.   .... This layer of encryption is not possible for general internet surfing.




-------------
"He who would assume to govern others must first learn to govern himself."





Thomasville 369


Posted By: GrimoireA3
Date Posted: April/22/2016 at 9:56am


Originally posted by edwmax edwmax wrote:

TOR is not 100% Anonymous.


Very true. Those who use Bitcoins on the dark net or deep web to make illicit transactions are finding out first hand that The Onion Router is not totally anonymous.


 
Originally posted by edwmax edwmax wrote:

It is only very difficult to trace due to the communication layer being encrypted at each router hop.  TOR routers only de-crypt one hop at a time to send traffic to the next TOR router until the last hop which then send the un-encrypted traffic to its destination.


Thank you! As my MIT buddies explained to me during a 'Bitcoin' presentation.

Originally posted by edwmax edwmax wrote:

TOR was first developed by the US Naval Research Lab for encrypted communications over the internet and public networks. As such, 'private' IP numbers (10 dot; ect) can not work over these networks.  But private IP could show up through VPN connected networks or spoofed IPs.    ... The current TOR project is openly supported by EFF and other private companies for private
communication over the internet.  Their private communications would also be encrypted by the sending & receiving computer/server.   .... This layer of encryption is not possible for general internet surfing.


My MIT hacking buddies are as reluctant to talk about their methods as Masons are about the rituals in their Lodges. But I gave them my info anyways. Let's see what occurs down the road.

Thank you for your time and effort edwmax!





-------------
Please Note: I am not a Mason. And also, I am not an anti-Mason!



Print Page | Close Window

Forum Software by Web Wiz Forums® version 11.10 - http://www.webwizforums.com
Copyright ©2001-2017 Web Wiz Ltd. - https://www.webwiz.net