Teacher
Professional
- Messages
- 2,670
- Reaction score
- 806
- Points
- 113
Hello! Who will come after you? To whom will your computer reveal the secrets of your life at the first touch? Who can open it like a worthless tin can? Of course — law enforcement agencies!
If you do something on the net, you will sooner or never face the fate of the club of justice, but... how does it work?
Who works there? And is it difficult to get in?
In such organizations, they are not beating up Navalny supporters with a barcode on their forehead, but mostly red hackers.
There are also special schools of the Ministry of Internal Affairs on computer security, where they teach slightly different methods. The subjects are quite different, all lessons are as close as possible to the real work.
In general, recruitment to this institution is a delicate matter, but everyone can get there! That's just what kind of room is a matter of luck, maybe your own responsibility, well, maybe even the will of G-d, who knows how.
Returning to the reds, they have to do very dirty work for their professional competence. For example, you can delete posts of infidel and too free-thinking serfs.
Now let's talk about how they work, what strategies and tactics are used.
Activities, strategies and tactics
Let's look at the foundation. This is roughly what the standard of operational search measures looks like:
Example
To deal with each of the stages, we need to present some real picture. Let's say that you were surfing the Internet as usual and suddenly broke a website, but it turned out that this is the official website of the Moscow Region administration.
You first cursed Google for bringing you to this site, then blamed yourself for not even reading the site description, but were more interested in describing its errors, and also cursed yourself for leaking the database with confidential data. And then you instantly calmed down when you remembered that you were using a fresh anonymous proxy.
After relaxing, you go, put on tea, take out buns to sweetly celebrate the victory and enjoy the trophies downloaded from the site.
The next day, reeking of cigarette smoke and beer fumes, the site's sysadmin looks up from the table and notices that the logs are out of order and reveals a foreign object in the system gut. He quickly makes himself a strong cup of coffee, drinks an anti-pachmelin pill, and then an anti-pachmelin one, runs off with a fucking face and a report about ass-hacking to his boss.
And now, it is from this moment that the malicious hunt for you begins! And then everything follows the instructions: a statement is submitted to the local police with a full description of the break-in and other rubbish.
Well, naturally, the employee who accepted the applications will not be engaged in this case, since he does not have the appropriate skills and knowledge. The case is transferred to a special police — cyber police.
The first stage is a survey of citizens
Now the first stage begins-a survey of citizens who can help in the investigation. In our case, the site admin will be interviewed, they will find out through which hole the hack was made, from which IP address the hack was made, and they will also ask who was profitable for hacking, whether there are suspicions about someone, or whether it is a guest performer like you.
The second stage is making inquiries
More precisely, the processing of data from the first stage, roughly speaking, checks your IP address in order to find out who your provider is. An ordinary citizen can also do this using the WHOIS protocol. (application-level network protocol)
So, after breaking through the IP address obtained in the logs of the hacked machine, they see in the string Country: USA — that is, the machine with this IP address is located in the USA.
And this is one of two options: either some deversant from the CIA decided to break the site of the Moscow region administration, or this is a tserver — a regular proxy server. Well, the first option is unlikely, but still, all versions are being developed, and they should be checked.
First, the IP address is punched through the database of public servers. If the IP address is clean, then there is a chance that the server was recently hacked and a proxy was installed there. In this case, you can do without ringing open ports. Yes, of course, a proxy can be put on a non-standard port like 3128 or 8080, 80. But all the same, the services will be shown by the scanner, and there are a lot of other options for determining whether a proxy server is worth it or not. Take my word for it, this will not cause any difficulties for the guys from the police.
Having learned that this is a proxy server that you brazenly used to break into the system, the police is faced with the question of how to get information from that server about which IP address was accessed from this server at a certain time. They have two options: a formal request from their colleagues in the US, and if they receive a response, the case will develop much easier, and the response will be attached to the case.
Either the second option is not legal. If the official request is rejected by the police, which it will be, since there is no such agreement between our countries, then in order to advance the case, you will have to conduct unauthorized access to this server. Again, it will not be difficult for the guys from the police to do this, it is for such purposes that they will be able to they're sitting there. But, having received data from the server about your IP address, it will not be possible to sew it to the case, but you are already taking up development and it is at this moment that you need to get on treason.
So, having found out your IP address, it again makes its way through WHOIS and here it is already clearly visible that you are a friend from Russia who lives, for example, in the capital of our Homeland — Moscow. They tell you where you work, what you do, and a number of other relevant information.
Then they visit the provider and on some fictitious basis, such as your clients ' machines are sending spam or infected with viruses, they demand to provide logs for your person. And now there are documents that in the course of some other operational activities, it was revealed that your IP address from such to such a time accessed the IP address from which the site was hacked, but this can be freely attached to the case and it will serve against you in court.
The third stage is observation
The third stage comes into play — now your identity is carefully monitored, they monitor what sites you visit, where, what you send, and so on. They can even put up outdoor advertising.
During these events, your personality will finally consolidate itself in a not very successful direction, since it is unlikely that you will stop going to prohibited resources, breaking websites and cars, or scamming flea markets.
The fourth stage is an operational inspection
Simply put, you have become the main suspect and now it is easy to take a warrant for a search of your apartment and the seizure of your system unit and all media such as flash drives, disks and a number of other compromising materials on you. They can also take all your notebooks, printouts, magazines and a number of other paper media that may contain something tasty for the investigation. And yet, they do not disdain to poke around in your trash can (not in virtual, but real) all documents are also withdrawn from there with witnesses.
All your junk is taken to the building of the police, where they will pull out information about where you were, what you did, what software is installed on your computer, whether it is counterfeit (in which case another article will catch up with you). So, your hard drive is pulled out of the system tray and connected to a read-only device (this is done in case you decide to protect yourself and install a program that can format the hard drive).
Even if you formatted your hard drive before it was removed, then again, it will not be difficult for the employees of the police to pull out the necessary information for the investigation. Even such programs as ChromeAnalysis (a program that shows what, where, when, where the owner of this computer visited through the GoogleChrome browser), FoxAnalysis (shows the same thing as the ChromeAnalysis program), Web Historian (a universal program for analyzing temporary browser files) - these programs will show all your trips around the world of the Internet They will also help you create a correct report, and all your locations in the protected part of the Moscow Region Administration's website will be shown.
So, now you can see that it will not be difficult for employees of the police to pull out information from your hard drive that confirms the fact of hacking.
Fifth and sixth stages-message control
This is so that you don't have any options at all to get out of court. This option works by 70%, because you start calling friends, for example, a hacker friend Vasya Pupkin, and start telling them: "Remember I told you that the site was broken? So today they came, everything was seized, etc., etc." The recording of a phone conversation is also attached to the case and then you yourself talk about the fact of hacking.
Seventh stage-operational implementation
This stage is activated if the evidence base was not collected in the previous stages. A person is introduced into your social circle, you spread out all the information he needs and at the time of some hacking you are neatly packed, and everything starts from the fourth stage.
Starting from the fourth stage, when they come to your house with a search, you immediately need to go to the market and buy a CD with the song "Dolya Vorovskaya". This will be very useful for you in the future. Well, you need to support yourself somehow, right?
That's all! Thank you for reading, I wish Korean women in the basement, not cops in the peephole! <3
If you do something on the net, you will sooner or never face the fate of the club of justice, but... how does it work?
Who works there? And is it difficult to get in?
In such organizations, they are not beating up Navalny supporters with a barcode on their forehead, but mostly red hackers.
There are also special schools of the Ministry of Internal Affairs on computer security, where they teach slightly different methods. The subjects are quite different, all lessons are as close as possible to the real work.
In general, recruitment to this institution is a delicate matter, but everyone can get there! That's just what kind of room is a matter of luck, maybe your own responsibility, well, maybe even the will of G-d, who knows how.
Returning to the reds, they have to do very dirty work for their professional competence. For example, you can delete posts of infidel and too free-thinking serfs.
Now let's talk about how they work, what strategies and tactics are used.
Activities, strategies and tactics
Let's look at the foundation. This is roughly what the standard of operational search measures looks like:
- Survey-a conversation with citizens who may be aware of facts that are important for performing the tasks of operational search activities;
- Making inquiries;
- Observation;
- Operational inspection;
- Control of mail, telegraph and other messages;
- Listening to phone conversations;
- Operational implementation (putting an employee into development).
Example
To deal with each of the stages, we need to present some real picture. Let's say that you were surfing the Internet as usual and suddenly broke a website, but it turned out that this is the official website of the Moscow Region administration.
You first cursed Google for bringing you to this site, then blamed yourself for not even reading the site description, but were more interested in describing its errors, and also cursed yourself for leaking the database with confidential data. And then you instantly calmed down when you remembered that you were using a fresh anonymous proxy.
After relaxing, you go, put on tea, take out buns to sweetly celebrate the victory and enjoy the trophies downloaded from the site.
The next day, reeking of cigarette smoke and beer fumes, the site's sysadmin looks up from the table and notices that the logs are out of order and reveals a foreign object in the system gut. He quickly makes himself a strong cup of coffee, drinks an anti-pachmelin pill, and then an anti-pachmelin one, runs off with a fucking face and a report about ass-hacking to his boss.
And now, it is from this moment that the malicious hunt for you begins! And then everything follows the instructions: a statement is submitted to the local police with a full description of the break-in and other rubbish.
Well, naturally, the employee who accepted the applications will not be engaged in this case, since he does not have the appropriate skills and knowledge. The case is transferred to a special police — cyber police.
The first stage is a survey of citizens
Now the first stage begins-a survey of citizens who can help in the investigation. In our case, the site admin will be interviewed, they will find out through which hole the hack was made, from which IP address the hack was made, and they will also ask who was profitable for hacking, whether there are suspicions about someone, or whether it is a guest performer like you.
The second stage is making inquiries
More precisely, the processing of data from the first stage, roughly speaking, checks your IP address in order to find out who your provider is. An ordinary citizen can also do this using the WHOIS protocol. (application-level network protocol)
So, after breaking through the IP address obtained in the logs of the hacked machine, they see in the string Country: USA — that is, the machine with this IP address is located in the USA.
And this is one of two options: either some deversant from the CIA decided to break the site of the Moscow region administration, or this is a tserver — a regular proxy server. Well, the first option is unlikely, but still, all versions are being developed, and they should be checked.
First, the IP address is punched through the database of public servers. If the IP address is clean, then there is a chance that the server was recently hacked and a proxy was installed there. In this case, you can do without ringing open ports. Yes, of course, a proxy can be put on a non-standard port like 3128 or 8080, 80. But all the same, the services will be shown by the scanner, and there are a lot of other options for determining whether a proxy server is worth it or not. Take my word for it, this will not cause any difficulties for the guys from the police.
Having learned that this is a proxy server that you brazenly used to break into the system, the police is faced with the question of how to get information from that server about which IP address was accessed from this server at a certain time. They have two options: a formal request from their colleagues in the US, and if they receive a response, the case will develop much easier, and the response will be attached to the case.
Either the second option is not legal. If the official request is rejected by the police, which it will be, since there is no such agreement between our countries, then in order to advance the case, you will have to conduct unauthorized access to this server. Again, it will not be difficult for the guys from the police to do this, it is for such purposes that they will be able to they're sitting there. But, having received data from the server about your IP address, it will not be possible to sew it to the case, but you are already taking up development and it is at this moment that you need to get on treason.
So, having found out your IP address, it again makes its way through WHOIS and here it is already clearly visible that you are a friend from Russia who lives, for example, in the capital of our Homeland — Moscow. They tell you where you work, what you do, and a number of other relevant information.
Then they visit the provider and on some fictitious basis, such as your clients ' machines are sending spam or infected with viruses, they demand to provide logs for your person. And now there are documents that in the course of some other operational activities, it was revealed that your IP address from such to such a time accessed the IP address from which the site was hacked, but this can be freely attached to the case and it will serve against you in court.
The third stage is observation
The third stage comes into play — now your identity is carefully monitored, they monitor what sites you visit, where, what you send, and so on. They can even put up outdoor advertising.
During these events, your personality will finally consolidate itself in a not very successful direction, since it is unlikely that you will stop going to prohibited resources, breaking websites and cars, or scamming flea markets.
The fourth stage is an operational inspection
Simply put, you have become the main suspect and now it is easy to take a warrant for a search of your apartment and the seizure of your system unit and all media such as flash drives, disks and a number of other compromising materials on you. They can also take all your notebooks, printouts, magazines and a number of other paper media that may contain something tasty for the investigation. And yet, they do not disdain to poke around in your trash can (not in virtual, but real) all documents are also withdrawn from there with witnesses.
All your junk is taken to the building of the police, where they will pull out information about where you were, what you did, what software is installed on your computer, whether it is counterfeit (in which case another article will catch up with you). So, your hard drive is pulled out of the system tray and connected to a read-only device (this is done in case you decide to protect yourself and install a program that can format the hard drive).
Even if you formatted your hard drive before it was removed, then again, it will not be difficult for the employees of the police to pull out the necessary information for the investigation. Even such programs as ChromeAnalysis (a program that shows what, where, when, where the owner of this computer visited through the GoogleChrome browser), FoxAnalysis (shows the same thing as the ChromeAnalysis program), Web Historian (a universal program for analyzing temporary browser files) - these programs will show all your trips around the world of the Internet They will also help you create a correct report, and all your locations in the protected part of the Moscow Region Administration's website will be shown.
So, now you can see that it will not be difficult for employees of the police to pull out information from your hard drive that confirms the fact of hacking.
Fifth and sixth stages-message control
This is so that you don't have any options at all to get out of court. This option works by 70%, because you start calling friends, for example, a hacker friend Vasya Pupkin, and start telling them: "Remember I told you that the site was broken? So today they came, everything was seized, etc., etc." The recording of a phone conversation is also attached to the case and then you yourself talk about the fact of hacking.
Seventh stage-operational implementation
This stage is activated if the evidence base was not collected in the previous stages. A person is introduced into your social circle, you spread out all the information he needs and at the time of some hacking you are neatly packed, and everything starts from the fourth stage.
Starting from the fourth stage, when they come to your house with a search, you immediately need to go to the market and buy a CD with the song "Dolya Vorovskaya". This will be very useful for you in the future. Well, you need to support yourself somehow, right?
That's all! Thank you for reading, I wish Korean women in the basement, not cops in the peephole! <3
