![]() ![]() ![]() Nov 12: sometime after this data, the hacker grabs the files and puts them into a ZIP.Oct 12: somebody sends the same e-mails to BBC journalist Paul Hudson.Using open proxies requires no sophisticated knowledge at all - as this blog post shows. The RealClimate website (which was attacked by the hacker) makes this claim: The use of a turkish computer would seem to imply that this upload and hack was not solely a whistleblower act, but one that involved more sophisticated knowledge.This is not true. However, if RealClimate or ClimateAudit has some advanced logging enabled, then they might be able to discover the original IP address. ![]() Most web server logs ignore the " X-Forwarded-For:" header, which means that this information is lost forever. I found the proxy added the header " X-Forwarded-For:" with my original IP address. I set my browser to the above proxy, and looked at the resulting HTTP request headers. Most proxies also forward the original IP address as a separate field in the web request. ![]() Open proxies are a great way to see how the rest of the world browses the Internet. I went to the Google search page, but was redirected to the Russian version. Then do a "Manual proxy configuration", setting the "HTTP Proxy" to 82.208.87.170, and the port to 8080.Īfter that, you should be able to browse the Internet just fine (albeit slowly). In Firefox, go to "Tools", "Options", "Adanced", "Network", "Settings" to open the proxy dialog box. You can use this open proxy yourself to hide your identity. In this manner, anything they do appears to come from the proxy's IP address, and not from the hacker's IP address. When hackers want to be anonymous, they choose one of these proxies at random, they configure their web browser to go through the proxy. Hacker websites maintain lists of active misconfigured proxies. Hackers constantly rescan the Internet looking for these open proxies, usually HTTP proxies at ports 80, 8080, and 3127, or SOCKS at port 1080. We don't know the hacker's real IP address.Īn "open proxy" is a machine that has been misconfigured to forward requests back out to the Internet. If we Google that IP address, we see that it is indeed an open proxy. However, the hacker may have made a mistake, and a review of the logs at RealClimate and ClimateAudit may reveal his/her identity.Īs this post describes, the hacker made a comment to a ClimateAudit blog post from IP address 82.208.87.170. It appears that the hacker used an " open proxy" in order to hide the origin of the attack. More details are emerging about the " Climategate" hack. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |