Board index FlightGear Multiplayer events

Mumble Server

Virtual fly-ins, fun flies, competitions, and other group events. Find out details of upcoming events, register for competitions, or organize your own tour of a favorite location.

Re: Mumble Server

Postby wkitty42 » Tue Apr 24, 2018 10:52 am

tdammers wrote in Mon Apr 23, 2018 7:29 am:
With the IP plus TimeStamp we can find the Provider

Most likely, that won't get us very far. It looks like they're using some sort of VPN service

more likely they're just using open proxies or TOR... VPNs have two endpoints and the the remote endpoints do not jump all over the globe...no matter what they are using, they definitely can be found with sufficient monitoring resources and time...
"You get more air close to the ground," said Angalo. "I read that in a book. You get lots of air low down, and not much when you go up."
"Why not?" said Gurder.
"Dunno. It's frightened of heights, I guess."
User avatar
wkitty42
 
Posts: 5700
Joined: Fri Feb 20, 2015 3:46 pm
Location: central NC, USA
Callsign: wk42
Version: git next
OS: Kubuntu 14.04.5

Re: Mumble Server

Postby hans05 » Tue Apr 24, 2018 7:53 pm

I did a quick search on some of the IP addresses and all of them where registered open proxies. Don't know if they can be TOR exit nodes at the same time with the same IP address.
At least it will be pretty much impossible to find the idiot. You could be courageous and keep on blocking the IP addresses. He might one day run out of free proxies (TOR exit nodes....) since the FREE proxies are not numerous as sand on the beach.
hans05
 
Posts: 113
Joined: Sat Sep 16, 2017 9:25 pm

Re: Mumble Server

Postby wkitty42 » Wed Apr 25, 2018 8:42 am

yes, open proxies can be TOR nodes, exit or otherwise, all with the same address... there's 65535 ports available so it is possible for there to be a lot of servers running on one IP... the question is if TOR allows its nodes to operate open proxies or if it doesn't care... i used to run an open proxy here until it was being abused by spammers and skiddies...

as i pointed out above, with sufficient monitoring resources, they can be found... consider if i were a TOR node... i can monitor all traffic passing through my system... we can easily find the exit points... if the traffic passes through my system, i can see where it came from and if it is headed to an exit... add additional monitoring points further upstream and soon enough we'll find their entry and can trace them back further...

there are also lists of open proxies that can easily be gathered and added to block lists... once employed and updates are scripted, there's little to no work involved in having them blocked... anyone who thinks they can't be traced on the internet has a huge surprise waiting for them... we could probably find them just from looking through the cambridge analytics data from facebook ;)
"You get more air close to the ground," said Angalo. "I read that in a book. You get lots of air low down, and not much when you go up."
"Why not?" said Gurder.
"Dunno. It's frightened of heights, I guess."
User avatar
wkitty42
 
Posts: 5700
Joined: Fri Feb 20, 2015 3:46 pm
Location: central NC, USA
Callsign: wk42
Version: git next
OS: Kubuntu 14.04.5

Re: Mumble Server

Postby Clive2670 » Wed Apr 25, 2018 4:59 pm

:P :P I wondered how long it would be before someone mentioned "cambridge analytics"!!! :roll: :roll:
Thanks Clive aka: G-BLS01
Can be seen flying the Boeing 777-200LR
Toshiba laptop,
Intel i5 4210U,
16Gb RAM,
AMD R7-M260 graphics 2Gb RAM
User avatar
Clive2670
 
Posts: 593
Joined: Mon Feb 08, 2016 7:11 pm
Location: Anywhere in the World at some point on Flightgear!
Callsign: G-BLS01
Version: 2018.3.1
OS: Windows 10 64bit

Re: Mumble Server

Postby bugman » Thu Apr 26, 2018 9:02 am

wkitty42 wrote in Wed Apr 25, 2018 8:42 am:anyone who thinks they can't be traced on the internet has a huge surprise waiting for them...


They probably also have never heard of fingerprinting ;)

Regards,
Edward
bugman
Moderator
 
Posts: 1710
Joined: Thu Mar 19, 2015 9:01 am
Version: next

Re: Mumble Server

Postby hans05 » Thu Apr 26, 2018 9:28 am

Interesting topic for me since I tend to not see this like some of you:

TOR works at least over 3 nodes, not one node has the capability of backtracking the user. The exit node only knows the target ip address but not the origin of the request, the entry node only knows the origin, but not the target. I follow the TOR project quite closely and it seems as of today that TOR is very difficult to break even for 5-eyes-state secret services. So I doubt that any of us would be able to do that (except one of you works for NSA or similar). :mrgreen:

Maybe the idiot does not know about fingerprinting, but if s/he does, then fingerprinting can be rendered useless. E.g. TOR proposes to always use the same standard window size and obfuscates all other information that is commonly used for fingerprinting. Fingerprinting based on download times or download package sizes are then again very advanced techniques that require a lot of power in the internet infrastructure that again I doubt any of us has (but correct me if I am wrong here....).

I want to say that if our idiot knows a bit about computer networks, I doubt you will be able to get him (and that is a good thing if you remember that there ARE people out there who have their life depending on staying secret on internet).

But it IS indeed possible to collect a list of all (free) proxies and also there must exist a list of TOR exit nodes since a lot of web sites are able to detect and block TOR traffic. I guess that would be a way forward.
hans05
 
Posts: 113
Joined: Sat Sep 16, 2017 9:25 pm

Re: Mumble Server

Postby Ger272 » Thu Apr 26, 2018 11:46 am

I still can not connect to itpns.ddns.net :/
Anyone else still having trouble?

[13:44] Welcome to Mumble.
[13:44] Connecting to server itpns.ddns.net.
[13:44] Connected.
[13:44] Server connection failed: The TLS/SSL connection has been closed.
Last edited by Ger272 on Thu Apr 26, 2018 1:52 pm, edited 1 time in total.
Download-Links to all available Ger272 liveries:

A320/A319 - A350XWB - A<380 - A310MRTT - C-160 Transall

--- DUE TO THE A320 RE-DESIGN ALL MY A320 TEXTURE AND LIVERY DEVELOPMENTS ARE ON A HOLD ---

For "How to download" check topic: Ger272 HQ Liveries.
Ger272
 
Posts: 222
Joined: Tue Nov 24, 2015 1:13 pm
Location: Germany (EDDT, EDDH, EDDC, EDDP, EDDF)
Callsign: LH390/ BER4EVR
Version: 2017.3.1
OS: Mac OS X 10.12.6

Re: Mumble Server

Postby jomo » Thu Apr 26, 2018 1:48 pm

Ger272 wrote in Thu Apr 26, 2018 11:46 am:I can not connect to itpns.ddns.net :/

I just tried
itpns.ddns.net port 64738
works perfect!
jomo / ATCjomo
ATC at EDDF Fr,Sa,Su,We from 20:00 to 24:00 CET/MEZ., see http://www.emmerich-j.de
User avatar
jomo
 
Posts: 917
Joined: Thu Feb 12, 2009 6:46 pm
Location: Mainz, Germany
Callsign: jomo jomoATC
OS: UBUNTU 18.4

Re: Mumble Server

Postby Clive2670 » Thu Apr 26, 2018 5:23 pm

Ger272 wrote in Thu Apr 26, 2018 11:46 am:I still can not connect to itpns.ddns.net :/
Anyone else still having trouble?

I've just tried 18:22 BST (UK) and all works well for me
Thanks Clive aka: G-BLS01
Can be seen flying the Boeing 777-200LR
Toshiba laptop,
Intel i5 4210U,
16Gb RAM,
AMD R7-M260 graphics 2Gb RAM
User avatar
Clive2670
 
Posts: 593
Joined: Mon Feb 08, 2016 7:11 pm
Location: Anywhere in the World at some point on Flightgear!
Callsign: G-BLS01
Version: 2018.3.1
OS: Windows 10 64bit

Re: Mumble Server

Postby wkitty42 » Sat Apr 28, 2018 3:10 pm

hans05 wrote in Thu Apr 26, 2018 9:28 am:But it IS indeed possible to collect a list of all (free) proxies and also there must exist a list of TOR exit nodes since a lot of web sites are able to detect and block TOR traffic. I guess that would be a way forward.

there is absolutely a list of all TOR nodes... our IDS system processes them all the time to allow normal TOR nodes access to our servers but not TOR exit nodes... those are blocked so traffic from folks sneaking about with TOR is also blocked...

however, the big word that has been danced around but not mentioned here is "metadata"... we don't have to see what's inside the stream to build metadata and be able to follow that back to the source ;)

consider the following...
    i'm running a server.
    there are 15 users on the server.
    there are some connections from TOR nodes.
    if i boot (aka disconnect) each user and watch what happens to the connections, i can easily tell which users are using what to connect to the server.
"You get more air close to the ground," said Angalo. "I read that in a book. You get lots of air low down, and not much when you go up."
"Why not?" said Gurder.
"Dunno. It's frightened of heights, I guess."
User avatar
wkitty42
 
Posts: 5700
Joined: Fri Feb 20, 2015 3:46 pm
Location: central NC, USA
Callsign: wk42
Version: git next
OS: Kubuntu 14.04.5

Re: Mumble Server

Postby hans05 » Sun Apr 29, 2018 10:29 pm

@ wkitty42

I am always eager to learn :-)
So far I am very puzzled by what you write. My understanding is

1. Tor exit nodes are the only Tor nodes from where packets are allowed to exit the Tor network. Therefore all Tor nodes that connect to your server must be exit nodes. I do not see how Tor-non-exit-nodes would ever be contacting your server. And if your IDS blocks exit nodes, then no Tor node should be connecting to your server. What am I not getting here?
2. Even if you are able to collect meta data, the data can be falsified (again: Tor-browser does that) and also I would like to learn from you how you would be able to find out who is behind the connection just with some meta data. I know there are companies who can do that. But they have a large network of (publicity driven) data collection services that aggregate data from hundreds of places and then you still need to relate that to a Facebook account or another of those internet service companies' account (that I alway say you should not have) in order to find a real life name and address. So your meta data idea (to my understanding) only works if a) the idiot does not use Tor browser (so that meta data is valid), b) uses the same system to surf on other web sites who collect data and c) you have one of the big players (Facebook, Google, Amazon, Apple....) who are willing to give you the real life name/address.
Well, of course that idiot is obviously an idiot, so maybe he makes some of the mistakes you can make. But he does seem to be smart enough to use proxies, so maybe he is only an idiot in the a**hole sense and not so much in the intelligence sense.

But then, IF you are able to get him, then for gods sake do it ;-)
Jomo is doing such a great job there, that it hurts to see him (and his customers of course) getting anoyed!!
hans05
 
Posts: 113
Joined: Sat Sep 16, 2017 9:25 pm

Re: Mumble Server

Postby wkitty42 » Mon Apr 30, 2018 1:37 am

hans05 wrote in Sun Apr 29, 2018 10:29 pm:1. Tor exit nodes are the only Tor nodes from where packets are allowed to exit the Tor network. Therefore all Tor nodes that connect to your server must be exit nodes. I do not see how Tor-non-exit-nodes would ever be contacting your server. And if your IDS blocks exit nodes, then no Tor node should be connecting to your server. What am I not getting here?

you are forgetting that TOR nodes may provide other services aside from TOR... for example: there are numerous TOR routing nodes that also provide NTP and are listed in the NTP pool... just because one runs a TOR node on a system doesn't mean that TOR is the only thing that system can do ;)
"You get more air close to the ground," said Angalo. "I read that in a book. You get lots of air low down, and not much when you go up."
"Why not?" said Gurder.
"Dunno. It's frightened of heights, I guess."
User avatar
wkitty42
 
Posts: 5700
Joined: Fri Feb 20, 2015 3:46 pm
Location: central NC, USA
Callsign: wk42
Version: git next
OS: Kubuntu 14.04.5

Re: Mumble Server

Postby hans05 » Mon Apr 30, 2018 10:01 am

by wkitty42 » Mon Apr 30, 2018 2:37 am

[----snip----]

you are forgetting that TOR nodes may provide other services aside from TOR... for example: there are numerous TOR routing nodes that also provide NTP and are listed in the NTP pool... just because one runs a TOR node on a system doesn't mean that TOR is the only thing that system can do


Uhm, sure, but then those nodes do not connect to your server, it is rather the other way around: You can poll for NTP service on those nodes. Also Tor traffic and other services on the same physical node will be logically separated. To break the separation you will really need to hack those nodes which I hope you will not do because that is utterly illegal ;-) Oh, and apart from it being illegal, you would of course need to hack quite a lot of those nodes because the Tor nodes chosen for a connection are of course changed frequently.

But again, if you can do it then do it :-)
(and then teach me how to do it, since I would be REALLY interested to learn about that!)
hans05
 
Posts: 113
Joined: Sat Sep 16, 2017 9:25 pm

Re: Mumble Server

Postby Octal450 » Wed Jul 04, 2018 1:50 am

Server was down due to power outage. Fixed.
Waste of time. Goodbye forever.
Octal450
 
Posts: 4398
Joined: Tue Oct 06, 2015 12:51 pm

Re: Mumble Server

Postby jomo » Sat Jul 28, 2018 6:20 pm

Most MP-servers are dead today.
At EDDF MP03 is working.
jomo / ATCjomo
ATC at EDDF Fr,Sa,Su,We from 20:00 to 24:00 CET/MEZ., see http://www.emmerich-j.de
User avatar
jomo
 
Posts: 917
Joined: Thu Feb 12, 2009 6:46 pm
Location: Mainz, Germany
Callsign: jomo jomoATC
OS: UBUNTU 18.4

PreviousNext

Return to Multiplayer events

Who is online

Users browsing this forum: No registered users and 2 guests