infinite51

Members
  • Content count

    155
  • Joined

  • Last visited

Everything posted by infinite51

  1. +1 It is amazing what ineptitude I see out of the mainstream media, who want to sensationalize everything. Just look at shows like CSI or NCIS, oh yeah the government is able to reposition some low orbit satellites, umm yeah sure . Thought it does make for good TV
  2. It's impossible to say it will work at every chain of hotels such as the Hilton chain of hotels. Many hotels have different PBX systems, services, ect. So what works at one, does not necessarily work at all of them. If you’re really curious, try it and see for yourself if it still works with a particular hotels PBX system.
  3. Back on topic: Yes, 2600 gets to bit a bit paranoid at times...but not nearly as paranoid as that ultimate kook job Alex Jones. That guy is on another planet. What about that Jonathan Lee Riches... Now I think he filed 2 legitimate lawsuits. http://www.metro.co.uk/weird/671621-man-sues-guinness-book-of-records-over-most-lawsuits-claim. Come to think of it, He will probably file a lawsuit about this post.
  4. Sounds like people that get upset that a store has a minimum charge to use a cc to buy something. Sure you could call up Visa/Mc ect and complain that they are violating the terms and conditions of their agreement. But you would have to be a real fucktard.
  5. ^^^ props to this. I still remember when only some stores such as (Borders books) carried it. Eh, Borders? what happened to them, guess they are out of business.
  6. Umm. Yeah - Silly kids. If the gambling sites where blocked, then there is probably a reason for that.. Otherwise Google is your best friend
  7. Hey Decoder, glad to see your still around. Anyway, I do not know all the facts about the situation nor really care to know. Had the facts or allegations been false, I would see no reason why a company would not request they immediately be taken down. I know several small companies (similar in size to Trapcall), that setup Google Alerts to closely monitor and defend their companies reputation. Most companies monitor their customer’s records very closely, and it should be a fairly easy thing to see if any data was leaked that should not have been. The only thing I noticed was that someone was let go from the company, and I would assume that there was ample proof. Otherwise I hope that our friend finds a capable employment lawyer and really lays it into the company for terminating him on unfounded allegations.
  8. Well http://www.trapcall.com provides a 30 day free trial that provides full calling party number information. Though the service is run by Teltech, and from a previous thread there appears to be some doubt about customer data with that company. There seems to be some allegations as to how their customer data is handled. I would personally hope that this is not the case, both because I consider the individual who was said to have leaked confidential data a decent man, and the company is a leader in this voip niche industry. However the fact that the company has not responded nor requested that the information be taken down here, does not shine a good light on the companies privacy policies, and further suggests that data may have been compromised. Hopefully they can address the situation, but personally having worked for numerous Telco companies I can assure you that individuals who are 'illegally wiretapping' customer can face criminal as well as civil charges. I would hope that if these allegations are true that the individuals who's privacy was compromised, sue Teltech and put them out of business. Other than Teltec, most 800# voicemail services do the same thing, though you may have to pay a couple bucks a month. Also, there are a number of other ip-relay services that since the FCC changes, provide local numbers.
  9. I think you need to re-read the bill in its entirety. I assure you that it is not going to be the end of Caller ID spoofing or anything of the matter. "It shall be unlawful for any person within the United States, in connection with any telecommunications service or IP-enabled voice service, to cause any caller identification service to knowingly transmit misleading or inaccurate caller identification information with the intent to defraud, cause harm, or wrongfully obtain anything of value, unless such transmission is exempted pursuant to paragraph 3b " In short, if you want to display another number for privacy reasons or any reason for that matter it's perfectly fine. Instead the bill aims at creating legislation to make it easier to prosecute individuals who are using these services malicously and with a criminal intent, and I must say the bill is long overdue.
  10. Yes, the cell providers have been aware of these issues since at least as early as 2002. Yet, they choose to voluntarily do nothing about it, because their did not perceive any risk and justified that the probability at least at that time was small. And it really wasn't until the paid spoofing services started appearing that the general public could perform the exploit with ease. That said, last year several of the companies were fined by the FCC for not fixing this problem. And that is more likely the reason that finally after years, the cellphone providers decided to do something about it. Personally I think it is way overdue and could think of many instances where individuals could illegally access voicemail systems and gain a lot of proprietary and legally protected information. Just think about a lawyer at a lawfirm or CEO of a major company. Chances are these people would have it setup on their mobile phones for the ease of use, and any kid with a $5 spoofcard could then dialin and listen/delete or forward messages.
  11. Kim Zetter of Wired.com Reported: FBI Defends Disruptive Raids on at least two confirmed Texas Data Centers http://blog.wired.com/27bstroke6/2009/04/d...centers-ra.html "Among more than 300 legitimate businesses affected by the raid on Crydon were Intelmate, which provides inmate calling services for prisons and jails and had about $100,000 in equipment seized in the raid; a credit card processing company that had just become PCI compliant and was in the process of signing on its first customers; Primary Target, a video game company that makes first-person shooters; a mortgage brokerage; and a number of VoIP companies and international telecoms that provided customers with service to the U.S. through servers belonging to a separate company Faulkner ran called Intelivox. These customers essentially lost connectivity to the U.S. after the raid, Faulkner says." CBS also has run a story on the raids at: http://cbs11tv.com/local/Core.IP.Networks.2.974706.html ,including video of the FBI loading hundreds of computers in the back of trucks. If company's such as Liquid Motors, LLC ( http://www.liquidmotors.com ) can be put out of business and have the FBI and government confiscate all of their equipment valued of over $400,000+ because they sublet space out of a Core IP cages. Wired.com Magazine also published the court documents and TRO and lawsuit filed by Liquid Moters, Inc v Lynd/ USA at http://blog.wired.com/27bstroke6/2009/04/company-caught.html Not only does it bring up the legality of the FBI to seize servers and digital data that Law Firms, CPA's, Doctors, and anyone else that in entrusted with sensitive information and is bound to protect, that has equipment in Data Center's or Colocation Facilities. But it also now brings up how to work with your Insurance providers, lawyers, and Data Centers to incorporate into your Businesses Disaster Recovery Plan, so you can get back online and functioning. Any Ideas ? I have compiled a listing of numerous documents and links to news stories http://www.securityfocus.tv/dallascolo/ , I will also be working on .zipping all of the documents up so they can be easily downloaded.
  12. I am in the process of writing a report on spoofing services and am gathering information both from 911 call center (PSAP), in addition to other people that may be affected by these services. I wanted to hear from the Network Security community on this? In any regards I think the facts of spoofing services fairly exhausted and everyone on this board understands that using spoofing services for nefarious purposes can land you in jail. However, I thought I would address HR. 251 bill, which if brought up in senate would have undeniably been passed. The bill would have made it difficult for the general public or any individuals to use these services with the intent commit identity theft, make harassing calls or defraud any person. If you will recall when one of these service providers first introduced call spoofing in early 2004; only licensed private investigators, lawyers, domestic abuse shelters were permitted to utilize these service. I would be interested in hearing the communities perspective on this bill, and since the two year time period has elapsed whether a similar bill should be re-introduced? The original bill introduced by Eliot Engel (D) U.S. Representative of New York’s 17th District. Along with original testimony before the http://energycommerce.edgeboss.net/wmedia/...n_caller_id.wax : http://www.govtrack.us/congress/bill.xpd?bill=h110-251 "6/12/2007--Passed House amended. Truth in Caller ID Act of 2007 - Amends the Communications Act of 1934 to make it unlawful for any person in the United States, in connection with any telecommunication service or VOIP (voice over Internet protocol) service, to cause any caller identification service to transmit misleading or inaccurate caller identification information ("spoofing") with the intent to defraud or cause harm. Prohibits construing these provisions to prevent blocking caller identification or to authorize or prohibit law enforcement or U.S. intelligence agency activities."
  13. Apr 3, 2009 11:09 pm US/Central Report Shows Alleged Fraud Against AT&T, Verizon Reporting Jack Fink DALLAS (CBS 11 News) ― CBS 11 News has uncovered new information about FBI raids against Dallas companies that provide web servers for dozens of businesses in North Texas and across the country. http://cbs11tv.com/local/Core.IP.Networks.2.975776.html Court documents show it's all part of an alleged massive fraud scheme against AT&T and Verizon. Court records show Verizon first went to the FBI this past January, alleging some North Texas web server providers were cheating them and AT&T out of millions of dollars. Documents show this is the second time in less than a month FBI agents raided offices inside a Downtown Dallas office tower. The companies being investigated provide web servers for dozens of companies, including Catholic Media Group of Cincinnati, Ohio, which represents motivational speakers. During the raid, CMG's owner, Joe Condit, says his website and business went down. "It's crippled us completely. Now that we don't have a website, we have no business, and a lot of speakers are without representation." In Thursday's raid, the FBI seized equipment in the offices of Core IP Networks, owned by Matthew Simpson. Court documents show agents raided Crydon Technology's offices March 12 in the same downtown building as Simpson's and at the Infomart. Agents also raided a $600,000 house in Southlake. Crydon and the house are owned by Mike Faulkner. AT&T and Verizon operate physical equipment and facilities for the transmission of phone calls and other communications. Court records show federal law requires the telecom giants to provide for a fee those services to smaller telecom companies, who in turn provide services to their own customers. Documents say AT&T and Verizon told investigators they believe they were being defrauded out of $6 million in a three to four month period by a group of investors working together, including Faulkner, Simpson, and three others. The documents say those individuals profited more than $1 million. In a phone conversation, Faulkner said, "The allegations that I defrauded AT&T and Verizon are ridiculous... The companies that owe money to AT&T and Verizon are clients and not owned by me." Simpson said, "I'm not involved in alleged fraud against AT&T and Verizon, and I'm doing everything I can to cooperate with the investigation and to help my clients get back up and running." No charges have been filed. As for Joe Condit, he's hoping his company can survive. "We're all for catching the bad guys and the criminals. It also has to be recognized that young, small businesses can't take a hit like this, especially in this time." (© MMIX, CBS Broadcasting Inc. All Rights Reserved.)
  14. I lost access to an old hard-drive that crashed and needed to be destroy'ed. I was wondering if someone can throw me a grandcentral invite at infinite51@gmail.com Thanks Gents
  15. If you are able to get into Task Manager, go to file "Run" issue the command "explorer". With any luck you should get your toolbar and access into your system. You may have to execute the command 2-3 times till it executes. From there you can hopefully see how messed up your system is and if you can salvage it or not. I would suggest downloading several current antivirus programs with (current updates), along with a good adware remover (also with current updates). As a last resort you may consider backing up the files and restoring the OS as suggested.
  16. I have gathered all of the court documents and many of the reports, including the full amended complaint filed by Liquid Motors. Liquid Motors was the first company that had filed legal proceedings in the case of Liquid Motors, LLC v Allyn Lynd / USA. Claiming that the company’s, fourth amendment rights (pertaining to against reasonable searches & seizures) have been violated. You can view all case material at http://www.securityfocus.tv/dallascolo/
  17. Jfalcon: Great point's I am in the process of zipping up all of the evidence, court testimony and hopefully we can get to the bottom of this. In the orginal warrant the Colo cage was not specific to the machines that were implicated in the fraud. Other than "its a blue cage, there may be evidence of the fraud on the machines enclosed in it"... Since all the documents in total are over 100 pages, I will briefly recap one company that was affected by this raid. That I believe after speaking with other CEO and owners of similarly situated companies and reading court testimony appears to be credible. http://www.webhostingtalk.com/showthread.php?t=852163 "My company was in the affected colocation facilities of CoreIP and I wanted to share facts with the community to help you so what happened to our company doesn't happen to yours. 1. Your equipment can be seized if your colo provider or network provider is alleged to have committed criminal activities. We owned all our own equipment and the colo company did not have login access to any of our equipment. But since they provided the network connection to our firewall and had physical access to our equipment (could touch the equipment), the FBI seized the equipment. A judge in federal court upheld the FBI could do this when one of the affected companies sued the government and FBI for a temporary restraining order. This is very scary for all of our civil liberties! You should probably do background checks on anyone you rent space from. This includes your office space, your apartment, your public storage and your data center. If the owner is alleged to commit a crime, you property in facilities they own can be seized for analysis. 2. Your offsite DR should be with a different colo company and with a different network provider (ours wasn't - shame on us, just never thought of this scenario). The DR companies should have no relation to your production colo company and network provider. We planned for power, network, fire, terrorists, etc., just not multi-site FBI seizures. We probably need a criminal mind to consider this as a scenario. Now you don't. 3. You should have enough reserves in the bank to be able to buy all new equipment because if the FBI seizes your equipment, they will keep it until they have analyzed all of it. That takes many months. You need the reserves because even if your DR plans work, you now need another site for DR the minute your main site is seized. We had buy all new equipment over the last 5 days even though we will get our seized equipment back some time in the future. 4. I would recommend using virtualized servers and keep images of the servers off-site so once you buy new servers, you can quickly get them up and running. The backups they provide you will not run on other equipment. (i.e. it is not dd images). Our off-site images would not run on the new equipment either as servers have changed so much in the last 3 years. We had to build servers from the ground up and restore just configuration. 5. Have great vendors. You will need them to help so you can get back up and running fast. Many components we had take weeks to order and some of our vendor expedited delivery to help us out. They also provided on site engineers to help reconfigure the new environment. We now know who to do business with in the future. The unfortunate situation is the FBI is trying to catch bad guys and I support their intent. I just don't support their execution. The collateral damage they inflicted has caused more in losses for the innocent businesses affected than the alleged crimes of the people they are after. They do not understand colocation or data centers, nor do the judges. That is clear from their actions and the discussions we have had with them."
  18. i never said bury it when they come you can bury it and get a long cable to update them then all you do is pull out the cable, hell you could have a small lowpower old box updating it from wifi so you wouldnt have to do anything when they come but power off from ssh. Discurge: Many of the companies we are talking about here are legitimate companies that have partnerships with well respected companies such as Kelly Blue book, eBay, ect. They were again, not associated with the alleged fraud, other than having servers (costing in access of $400,000 in the same data-center). So as it relates to your off the wall Disaster Recovery plan, I am sorry but I don't think it's going to fly. Unless you are talking about an off shore version of StrataSpace a (underground colocation facility http://www.strataspace.com , which is located in the US).
  19. i Yes, that and some more stuff. Beating an FBI seizure is easy. It's a two step process: offshore stuff owned by non-US entities in countries with tough privacy laws; encryption, volatile key storage, and ability to zeroize it intentionally, but not accidentally. Combined properly, you make a seizure harder and worthless (i.e. keys are zeroized). I'd go into the details, but why tip them off? I prefer knowing I have a way to maintain an online business even if the FBI starts acting like pricks... I'd recommend against anyone posting details. Those of us who need to know how to protect our privacy and availability across borders do know or can find out. The FBI undoubtedly has people reading these forums, and I'd rather keep them out of the loop. Privacy is good for democracy. Great information guy's. Most of the information I hope to gain, will deal with the legal aspects of this case, and tracking down the truth of these shell companies, ect. One of the respondants in the case Michael Faulkner has been providing a great deal of information in the past week. I personally have been scratching my head trying to figure out his motives for doing so. Though I guess when your loose your business, house, toys and bank accounts you can become a little desperate and reach out to anyone that can listen. Overall, since I do a bit of development, do legal marketing, ect. As a result, the outcome of this case, and those that are filed by the companies affected by these raids are of importance. And frankly put, should the reports we glean from our research find its way into the email box or being looked at by the FBI so be it. I have a big problem with a guy that eggs on the government, when he has links to pirated material on his own site. From what I can tell thus far about Matthew Simpson, it appears as though his operations are at least slightly more legitimate, and perhaps he was just 25 year old man (according to his facebook profile matthew@coreip.net) that made a bad business arrangement. The FBI, NSA, Military, Navy/ computer and intelligence all read these forums and gleam information from that. It is not a secret... If you don't believe me, I am sure StankDawg will confirm.
  20. Would anyone like to do do some forensic work? I'll zip up all of the legal evidence released and if someone wants to setup two seperate google or some other collaboration forums... Interested? Three teams: One Feds - examine all case material and prove your case. Legal Defense for Michael Faulker & (Related Companies) Legal Defense for Core IP, LLC (Matthew Simpson)
  21. I don't get it, why would they even seize his kids' iPods and their gaming consoles? This seize is obviously super damageable in every way, I'm sure they could have found a better to "solve" the unpaid bill problem than financially destroy the guy like that. The Agent believed that information may have been stored on the eprom chips within the gaming consoles, he also believed that "he may have hide txt files within '.jpeg images'". Keep in mind that this same Agent served in Desert Storm prior to working for the Feds, so perhaps he heard about these types of techniques used by foreign governments... At the very least I personally am very intrigued to find out what type of rig or forensics equipment they use to investigate a Xbox, Playstation and wii gaming consoles. If anyone can find out a technical whitepaper on this, I am sure everyone here that is involved in Forensics investigations would be interested in hearing. PS: I am including a word document with Michael Faulkner's responses. Located on his webforum at www.uwwwb.com (under comments). I am not sure what his lawyers have advised him, but the fact that he is sharing so much information is somewhat odd. Michael_Faulkner_Responds_UWWB.doc core_ip_interconnection.pdf
  22. Sure, you can do all of that. And the Feds are very wise to many of those types of attacks. The FBI within the same unit has their Regional Forensics Labs (http://rcfl.gov/) has a great presentation on some of those attacks. Additionally, wired.com also had an inside look at one such facility. http://www.wired.com/politics/security/mul...amp;slideView=2 ------------------------------------------------------------------------------------------------------- If this is something you are interested in, maybe you should apply to the FBI I know that many departments have openings throughout the US. And given all of the electronic evidence involved in this case, if you are transferred to their department you may still have a chance to examine it.
  23. RPM I am not aware there is a restriction on the number of users listening to Voicemail messages on a particular system. Also, chances are if you are legitimately trying to access your own voicemail or conducting a legal penetration test of the vm system the chances of two people being in the same mailbox at the same time are fairly low.
  24. I have found one instance recently, in the state of Connecticut where a bill has been recently introduced to criminalize spoofing when used for illegal or nefarious purposes. http://cga.ct.gov/asp/cgabillstatus/cgabil...;SUBMIT1=Normal http://cga.ct.gov/2009/JFR/H/2009HB-06513-R00ET-JFR.htm John Emra, AT&T, "appeared in support of the intent of the legislation but recommends that the committee add language making clear that there would only be a violation of the law when there is intent to defraud or cause harm so as to not criminalize legitimate actions by people to protect their personal information."
  25. Kim Zetter a staff reporter for Wired.com Magazine finished publishing an updated article Entitled: FBI Defends Disruptive Raids on Texas Data Centers http://blog.wired.com/27bstroke6/2009/04/d...centers-ra.html Both from what I have read in the original warrant against Michael Faulkner and Crydon Technology's. And subsequently Core Ip, LLC. There are still many questions that need to be addressed. I would encourage the entire community to research these alleged incidents and carefully weigh the merits. And contact your elected officials, technology associations, senators, govenors. The fact that as Core Ip, LLC owner described Matthew Simpson Matthew Simpson Core IP Networks LLC Dear Customers, Today at 6:00am, the FBI conducted an unwarranted early morning raid of our 2323 Bryan Street Datacenters, on the 7th and 24th floors. I received a phone call at 6:05am from our NOC that the entire network was powered off. I called Capstar Commercial and TELX, our landlord, and was told that the FBI was in the datacenter with a search and seizure warrant. I asked that the agent in charge call me immediately. I received a call 15 minutes later from FBI Agent Allyn Lynd. Mr. Lynd would not tell me why he raided our datacenter or what he was looking for. He also accused me of hiding inside my house in Ovilla, Texas. I was actually in Phoenix, Arizona when this happened. I told him that, and he told me that he was "getting the dogs" after me, and hung up on me. I found out from an employee that there were 15 police cars and a SWAT team at my home in Ovilla. The FBI has seized all equipment belonging to our customers. Many customers went to the data center to try and retrieve their equipment, but were threatened with arrest. Neither I, nor Core IP are involved in any illegal activities of any kind. The only data that I have received thus far is that the FBI is investigating a company that has purchased services from Core IP in the past. This company does not even colocate with us anywhere, much less 2323 Bryan Street Datacenter. Currently nearly 50 businesses are completely without access to their email and data. Citizen access to Emergency 911 services are being affected, as Core IP's primary client base consists of telephone companies. If you run a datacenter, please be aware that in our great country, the FBI can come into your place of business at any time and take whatever they want, with no reason. I can be reached for further comment at: mnsclec@gmail.com Further information will be given as it becomes available. Yours, Matthew Simpson CEO, Core IP Networks, LLC "If you run a datacenter, please be aware that in our great country, the FBI can come into your place of business at any time and take whatever they want, with no reason. " This fact should send chills down your spine, especially after reading the first warrant. Personally after reading the original warrant and discussing it with my Data Center and numerous lawyers. Some glaring facts stick out such as the belief “that important text files may be saved within jpeg images”. . “That carrying an external hard drive to protect your company’s confidential information may be construed as criminal wrongdoing” and “data may reside on Nintendo wii, play station and other gaming devices”. However, even if we get past the original warrant, from a legal point of view, how does companies that were not a party to the alleged fraud. Fall prey to the government taking their equipment and assets?