Category: ninja

Is a Residential VPN Service Essential?

If you’d asked about a residential VPN service 12 months ago not many people would know what you were talking about. Although there were a few companies like Storm Proxies a residential IP provider mainly supplying addresses for use in the UK and USA. They were mainly used for people seeking that little extra privacy and in the SEO and internet marketing arenas for promoting sites and using marketing tools. However having access to a residential IP address is becoming important in another areas – bypassing region blocks.

What Exactly is a Residential IP Address?

Well the reality is that you almost certainly already have one. If you go to any of the check my IP address type sites and look at your public IP address, it’s normally been assigned by your internet provider. Your modem or router will be assigned this by your ISP to establish your internet connection. Here’s mine, heavily censored obviously –

Residential vpn service

Residential IP Address

– it is assigned by British Telecom, whom I have the misfortune to be a customer, they allocate that address and it’s pretty much out of my control.    The address can be classified as a UK Residential IP Address and that in itself has many implications for example;

  • Can Watch BBC iPlayer and all UK TV channels
  • Blocked Access if I try and watch Hulu or NBC
  • Search Engines Set to UK Results
  • Netflix will Route to the UK version only

That’s only the start but it gives you an idea about how your IP address controls what you can do online.  Of course, many people weren’t happy about all this filtering, blocking and redirection.  They wanted to watch the BBC News when on holiday, watch the rugby from Ireland and knew that the US version of Netflix was way better than any other one.

The solution was simple enough – to hide your real IP address and instead relay your connection through a proxy or VPN service.  This was a perfect way to access any web site you liked, especially as most of the best services offered a range of servers in different countries.   At the click of a button you could switch from a UK address to watch the BBC, then switch to a US server to enjoy your Hulu subscription.

The important thing was having access to a server physically located in the country you needed, nothing else mattered – until now.  

It looks like it’s going to get much more complicated in the future and we can probably thank the media giant Netflix for this.  In a few short weeks they have effectively blocked 99% of the VPN servers used to access their site.   Not only have Netflix blocked access based on the location of the IP address, they have also restricted any connections from commercial IP addresses.   The problem is virtually every VPN service uses a commercial IP address as they are housed in data centers across the world.   You can get residential VPNs from specialist providers but they are extremely expensive, suppliers like proxyrack you usually have to go on a waiting list to get a residential vpn.

Most VPN Services Can’t Access Netflix 

It doesn’t matter how advanced your VPN or proxy solution is, if it doesn’t have a residential IP address it’s going to get blocked automatically.     These residential IP addresses however are mostly reserved for domestic customers – you can get one easily for your home connection but it’s very difficult to get a range to support VPN services in different countries.     The other worry is that when other media companies see the huge success that Netflix has had in blocking VPN access they are likely to follow suit.

There is some hope,  Identity Cloaker  have come up with a solution by integrating residential US IP addresses into their infrastructure.  They are not used all the time, but merely when a connection is made to the Netflix site – it is automatically routed through a US residential VPN.  You can see this working in this video rather confusingly called Using a Proxy for Netflix which shows how a UK viewer can access the US version of Netflix through a VPN without issues.

For access to US Netflix from anywhere try out the . and see how well it works for all the world’s major media sites including US Netflix.

If  you want any volume of residential IP addresses for running SEO tools, Bots for buying from various sites and similar then you’ll need to go direct to the residential vpn providers.   The problem is a single IP address is ok for watching a movie but pretty much useless for any sort of automated tool, in fact you’re going to need access to a significant amount to stop them being banned.  The best providers have a variety of systems to make this accessible including rotating and backconnect proxies which effectively rotate the IP address automatically.

Here’s the best one by far, which you can test out for 48 hours without commitment –Storm

Lessons from the Internet of Things – Do you Trust Your Fridge?

The ‘Internet of Things‘ is one of the most discussed topics on technical forums at the moment. The idea that you can enable all sorts of devices with a network card and a bit of memory to attach it online obviously has many benefits. It reminds me of the excitement of the ‘Trojan Room Coffee Machine which was a live video stream of a coffee machine hooked up in Cambridge University, via MPLS and an Acorn Archimedes (remember them!) in 1993. Sure it was just a coffee machine, certainly the picture rarely changed – it was either full, empty or half empty – but the realisation that you could check on it in real time without leaving your chair was kind of exciting at the time. The web cam was switched off in 2001, but many of us can still recall checking that the geeks in Cambridge had enough coffee.

isyourfridge-spamming

Nowadays of course, our devices are increasingly network aware, printers were of course, the logical first piece of equipment to stick online, it saved having them hooked up to computers and people could use them remotely. However it didn’t take long for hackers to target the first network enabled printers to infiltrate networks, distribute malware or just muck about by sending huge print jobs to them.

A story has broken this week in the security press which adds a strange twist with the first reported Spam attack by a fridge. The report released by the security firm, Proofpoint claims that a fridge took part in sending 750,000 email messages in a wide bot enabled Spam attack. It’s actually a little late as there have been similar reports as early as 2013 of this new vocation of our kitchen appliances, however it’s still rather disturbing.

Many of us, will perhaps question the need for kitchen appliances to have access to the internet. I for one can happily live without my fridge tweeting me that I’m out of milk, in fact being nagged by my fridge doesn’t appeal at all!! Manufacturers will point to the fact that internet access will provide a host of other benefits like fault finding and notifying manufacturer of potential problems. Again, the old school method of the fridge simply stopping working seems more than adequate. Imagine getting a call from a Samsung customer representative who has just been notified that your fridge light is not working by your erm fridge. It’s an internet horror story and the benefits negligible at best and in reality pretty much pointless.

Enabling these devices means there’s another headache you are responsible for, you’ll need to configure your fridge to connect, ensure it’s got a strong password and it’s behaving itself online.  How do you connect to your fridge, could you compromise other logins, should you use a VPN to connect?  Coming down in the morning and finding your fridge cornered by the FBI might seem far fetched but it’s not as ridiculous as it might seem.   Using these devices in botnets to attack other machines, send out spam or as proxies to attack other machines is perfectly feasible and it’s actually happening now.

Network security on these enabled devices is normally an after thought, it’s often much easier to hack into a network enabled device than a laptop or computer.   For example how many people would log onto their fridge after purchase to change the default password – but if you’ve bought  a fancy internet enabled smart fridge it’s something you really should do.   Already hackers have demonstrated how to to steal your google login from a Samsung fridge, at this years DefCon conference.  The fridge ran a flawed implementation of  SSL which failed to check false certificates making it vulnerable to MiTM attacks.

This ‘internet of things’ basically sounds like a huge pain, introducing fairly pointless benefits at the cost of loads of hassle and vulnerabilities.  Of course for things like printers and using my Smart TV to access online entertainment then it makes sense.  However I for one will not be upgrading my fridge anytime soon.

Surprising New Palestine Charity Donors

If you follow the security and hacker world, you’ll know that there is a constant tit-for-tat battle going on across countries, religions and ideologies.  One group will deface a certain web site usually with badly spelt propaganda and  ‘1337 speak’, then a few days later another group will retaliate with an attack on a different web site.  There’s lots of threats and tough talk, and it sometimes seems like there are literally thousands of these groups all over the world fighting their own cyber way.
computercrime

The reality is that it’s been happening for so long it doesn’t really make much impact any more, unless it’s a really big commercial name.  There’s another problem with this attack method, especially due to the minimal impact – it usually takes much more effort than it’s worth.  Of course there are literally thousands of ways to hack a web site – vulnerabilities on the code, the host, bruteforce passwords or pinch user credentials – the list is virtually endless.

However it does take time, and can take an awful lot of effort which is why it often looks like a complete waste of time.  You spend days finding out a web sites vulnerabilities and hack into it, replace it with your leet message – then take a couple of screenshots.  What happens then?  The owner changes all the password, closes the vulnerability and restores the original from backup and it’s all back to normal.  Unless you dash out and advertise the hack, then it’s likely not that many have even noticed and those who do have seen it all before anyway.   Of course if it’s a bank or a big commercial site then there is much more of an impact and of course commercial implications – but those sites are likely to take much more effort and resources to hack into anyway.

Which is why I think this was a rather innovative angle by a group of  pro-palestinian (or perhaps just anti-Israeli) hackers called AnonGhost (not impressed with that name!).  They’re involved in an cyber offensive against the Israeli’s, which sounds a bit more impressive than the reality, and have been for several years in line with other Muslim extremist groups like ISIS.  It all get’s very messy here as you have a ‘free speech’ hacker group like Anonymous, working towards the same target alongside ISIS sympathising hacking groups such as AnonGhost.  Obviously supporting any ISIS related group is kind of a backwards step toward promoting free speech and liberty.

Anyway the point is that instead of just stealing a few user details and posting up a bit of tedious cyber graffiti which is overwritten half an hour later, they did something different.   They stole lots of credit card details from an Israeli based site and posted some of them online, the rest they used to make donations to a Palestinian children’s charity.

anonghostdonate

Well that’s the story at least, there is a little bit of evidence to support it but not enough to be completely sure. The irony of course relies on these being stolen Israeli credit cards. Though whether the payments were completed by the charity site – fundrazr, is also perhaps difficult to believe -especially after the facts were posted all over the web.

As usual, the attackers probably didn’t hide their tracks very well and unless they used some very secure VPNs, like these, have probably now got loads of their details listed on databases compiled by various security agencies like GCHQ and the NSA.  However as a stunt,  it was at least a little bit innovative.

Hacking Your Exam Grades

There’s a scene in the iconic 80’s film Ferris Bueller’s Day Off where the hero logs into his school’s computer system and starts modifying his records.   It’s a dream that’s probably passed through the thoughts of millions of young people over the years.  If only I could just go and change a couple of those grades discretely, no-one would ever know.

ferris-hacker

Unfortunately as with nearly all ‘computer crimes’, committing is much, much easier than getting away with it. The problem is that it’s very difficult to hide your tracks online, one tiny mistake and there’ll be lots of markers pointing your way.

This is exactly what has happened to student Imran Uddin early this year. A bio-science student at the University of Birmingham, Imran decided that his projected 2:2 degree wasn’t quite good enough and decided to try and gain access to the Universities Exam system to modify his grades slightly – changing the scores on five exams in order to boost his grades.

His attack involved installing keyloggers into a selection of the Universities computers in order to steal staff passwords who had access to the exam recording system.
keylogger
These are little hardware devices which you can pick up for a few dollars on the internet, that plug into the back of a computer and record every keystroke made on that keyboard. It’s the easiest way to steal usernames and passwords as it operates at the hardware level and you don’t need to worry about encryption and security. Imran managed to grab a handful of staff accounts including ones that were able to change the exam grades, where he duly modified his own.

Of course, the problem is that these devices have to be installed and can be identified if someone looks carefully enough. Which is what happened in this case, a technician performing an upgrade on some computers in the Bio-Science lab noticed the device. Of course then all the University computers were checked and staff found several more including one on the back of a computer in a staff only area.

After that all roads led back to Mr Uddin and when police checked his own computers they found a huge amount of incriminating evidence. There were ebay searches and purchases of the keylogging devices, evidence of a failed attempt to login to the University marking system plus loads of other forensic evidence incriminating him.

Which is mainly the problem with these computer crimes, although they’re pretty easy to commit, it’s very difficult to hide all this incriminating evidence when people start looking for it. There will be CCTV records of the keyloggers being installed, records of IP addresses and logins and of course simply looking at backups of the exam system will reveal logs of grades being modified. You can route your connection through Russian or Australian proxies but if you leave obvious clues elsewhere it won’t help you.

I once investigated a system where criminal records where accessed by someone who shouldn’t have had access. Looking at the logs of this system it took about ten minutes to find them – although there were hundreds of thousands of records the culprit stood out like a sore thumb. While every legitimate user of the system logged in and performed searches using an account in this format – USR1077672356, one account was logged in as Jamie333 (details slightly modified!). It was the first account checked and despite the individual being cunning (his name was not Jamie) it didn’t take long to find lots more evidence.

Mr Uddin was sentenced to six months and presumably lost his degree completely, he also faces the possibility of legal action from the University too. It’s impossible to know how many people actually get away with crimes like this, but one small mistake or piece of bad luck and it’s very simple to track the culprits down. Still kind of feel sorry for the guy though, but there’s definitely a lesson to be learnt here!

How Can I Find Free Ninja Proxy Lists

Like everything online that is free,  proxy lists do come with some risks and problems – and you should know that you aren’t going to get a secure ninja proxy that should go without saying.   However for anyone who’s a bit pushed for cash  or just enjoys the adrenaline rush of routing all their web traffic through some unknown server – here’s a quick guide of finding free proxies.

Creating Free Proxy Lists

First of all you must remember that these proxies change almost hourly, so there’s no point finding a list that two years old – nothing will work.  There are also numerous web sites which compile this information from a variety of sources, but I’ve no idea which if any of these are trustworthy.   So we’ll leave ourselves in the laps of the search gods by using a simple search, the following will search for some proxy lists to check out.

+”:8080? +”:3128? +”:80? filetype:txt

Just put the search string into Google and it should produce a list of proxies where you can select a server to use.  Here’s a decent looking one I found using the above search expression.

free proxy list

 This particular list splits the proxies into IP address, port number, level of anonymity (pah) and the country of origin.  The country is particularly relevant if you’re trying to access some sort of resource.  However it should be noted that simple proxies are no longer able to bypass most geo-location checks at least for the  big media sites.

For example Hulu will not be accessible via a US proxy any more, the site will detect the proxy and block you.  They still work for a couple of sites (including the BBC last time I checked though), but for bypassing blocks for these sites you’re going to need encryption and a VPN, or use Smart DNS.

Anyway, so you’ve got your proxy ip address and it’s ready to go – what’s next?  Well you could run a quick check to see where and what this server belongs too, it might give you an idea of who’s running it and how it found itself on a proxy list.  Go to somewhere like https://who.is/ and type in the IP address, you’ll then see who owns it.

From the list I just produced I found a variety of services, dedicated servers from an ISP, an Arts company based in London and a few private addresses probably assigned to residential addresses from an ISP.

Which ones are safest ? Well it’s difficult to say, company infrastructure like the arts company are generally misconfigured and accidentally left open.  They might be quite quick initially, and perhaps safer to use but of course there is the issue of using someones servers without permission in this instance.    I’d personally stay clear of any addresses that look as though they are assigned to domestic customers mainly because they’ll probably be very slow and may be being used to try and harvest personal credentials (although any of the servers could be doing this.)

So after a quick check (or not) then you’re ready to use the server, what exactly do you do with it?

Well the simplest way is to just tell your browser to use the proxy while you’re surfing which is quite simple to do.    You need to find your browsers connection settings, here’s mine for Google Chrome – and simply add the proxy server address and the port number to use in the box next to it.  It will be in different places depending on browser but it shouldn’t be too hard to find, if it is you’re definitely out of your depth here!

proxysettings

 

At this point you just need to press OK and restart your browser and that’s it.  Next is a quick check, just go to Google and type ‘my ip address‘ and it should return your public internet facing address, which if the proxy is working properly should match that of the proxy server you inputted. You should also be able to navigate to a web site as normal, there may be a small delay depending on the speed of the proxy you are using.

Now be very careful, from this point on everything you do on that browser is routed through that proxy server, don’t visit any site that requires any credentials – certainly nothing like Paypal, webmail or any account of importance.  If you go and do your home banking via an random proxy server fished out from one of these proxy lists, then I’m afraid bad things are likely to happen.   Just use simple web sites or perhaps to stream from the BBC (UK proxy needed) to watch video.

If you’re using the proxy for security and to hide your location, remember that although the proxy may hide your location from websites you visit you have  no control about what information is logged on the proxy.  It’s worth bearing this in mind as commercial ninja proxies will delete or remove logs but you simply don’t know what happens on these servers.   After you’ve finished then remove the settings and restart your browser to stop using the proxy.