dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
40
funny0
join:2010-12-22

funny0 to hm

Member

to hm

Re: Trail of Pierre Poutine leads to open Wi-Fi connection

said by hm :

Funny, don't scare people off. It's not illegal (depending on how you get it).

Mlerner, the article is full of it. He didn't need wifi or be within 99-milies of that open wifi signal. Red herring. The article and the investigator are tossing BS out there.

What we know:

1. 99.225.28.34 Rogers IP, in a house with 4 occupants, w/ an open wifi, residents claim the wireless signal was weak.

If they are clueless about wireless and think the signal was weak, what makes you so sure they weren't rooted and being used as a proxy which slowed down their browsing?

2. It seems unlikely anyone in the Burke campaign head-quarters, which was located northeast of Guelph's down-town, could have connected to a Wi-Fi signal on the opposite side of the city.

They sure could have if this residence had an open proxy! So yes, it's very likely they could have connected. Matter of fact. This is the only way it could have occurred with 5 diff people across town. Unless Rogers wants to state they someone gave the same 2 IP's ...

3. But in court documents, Mathews (an Elections Canada investigator) offers no possible explanation for how or why five campaign workers all signed on from the same IP address used by Poutine - and over a Wi-Fi signal nowhere close to their office.

A) The Investigator who has no clue how this is done: That is because this investigator is A) Playing dumb B) Is dumb C) just wants this all swept under a rug. Many people know how to do this (except Milnoc who wants to hide from Anon and not learn something).

B) (How did 5 workers do this): 5 campaign workers DID NOT have to be parked at this residence's front door to get a wifi signal and that IP. All 5 of them would have proxied in. Heck of a lot more efficient than 6 people total all driving to the other side of town where only one single open wifi signal exists in all of Guelph, eh? This is the only way 5 people who we will assume are very clueless could have done this. There is no other way. Yet the investigator ignores this.

4. Other records obtained by Elections Canada show that five members of the Burke campaign team used that same IP address in the final weeks of the campaign to access CIMS, the Conservative party's central database of voter information.

That is because they had the following:
A) software running on their computer to redirect to the 99.225.28.34 proxy (ie a wingate software like what "Funny" stated, a type of firewall software)
B) Or their browser(s) were setup to use the proxy and they forgot about it.
C) Keep in mind, it's 5 people in the election camaign, not 5 different computers (they never state 5 diff computers).

So, to me the easiest thing that occurred is someone shared a computer that was set-up to connect to the proxy, others used it while the proxy was enabled. Easy as that.

5. Indeed, Mathews (an Elections Canada investigator) suggests that the subscriber information behind the IP address looks to be a dead lead, calling it "so far inconclusive."

The investigator needs to learn what a proxy is. Someone should file a complaint and have this guy removed from the investigation.

The wireless thing reported in the media is a red herring. It's not even required that they be near the signal with a rooted machine. Total BS.

So 5 or 6 people on the same IP across town, Could it be anything else aside from a proxy? No. Unless Rogers wants to come out and say maybe they have wrong records, or some possibility exists where 2 diff Rogers' modems will have the same IP.

Milnoc, I know this is hard for you, so just ignore me.

legal who sai danyhtng about illegal , its what you do with it that the fbi wants to know and when you do they got you and scare people off that was info leaked ot me that a russian proxy site made me a premium member to get access to all the "elite" proxies....when russians dont know.....

p.s. 10 years ago so what ya bet they acquired more ips....

agree
@videotron.ca

agree

Anon

said by funny0:

legal who sai danyhtng about illegal , its what you do with it that the fbi wants to know and when you do they got you and scare people off that was info leaked ot me that a russian proxy site made me a premium member to get access to all the "elite" proxies....when russians dont know.....

p.s. 10 years ago so what ya bet they acquired more ips....

heh I do not doubt it. 10 years ago is around when that info was leaked to me as well. Everyone got them from the russians. The Russians had the best.

To get a premium unused one, for example, the Guelph IP, Or to request a premium un-used one in the IP range of your choice, it was only 5 to 20$. These same forums for these request still exist 10 years later. You buy 3 premium ones and bingo a nice chain.

Or you have a friend who is into making XDCC bots or bot-nets, which most everyone has, and have him reserve 3 stable good ones for you to use as a proxy.

Pierre Poutine spent more on visa cards and Paypal than what could be accounted for. Could this have been done? for sure. It's not very elaborate and it's very cheap. Unless the guy did it himself.

The news article is very very weak. They don't state if they investigated what IP's connected to the 99-Rogers IP (or vice-versa), they only state the Guelph Election HQ had the other Rogers IP when connecting to the conservative election portal and that this IP had an open wifi.

That to me smells of proxy(s) and nothing else.

Very weak reporting, very weak court details given by the investigators which make it seem they never heard of a proxy.

Unless Rogers wants to come out and say two diff modems will have the same IP, which I doubt.

Ott_Cable
@teksavvy.com

Ott_Cable

Anon

If the internet could function correctly with duplicated IP addresses, we wouldn't be running out of IP address. The entire block of address get routed to Rogers from their peering/transit unless your shady Russian proxy IP block is also on Rogers network some how.

Once within Rogers own network (and I am assuming Rogers is the ISP for both locations), not sure how the packets get routed back to the two different locations in opposite side of town that claims to have the same IP address without having traffic losses or weird problems.

It might be as simple as the "IT guy" at their office incorrectly hard coded an static IP address on the network previously and that IP address, but eventually gotten allocated.

If Mr. Poutine is using a burner phone, why risk using the internet connection at work when you can also get a burner wireless internet stick?

clarified
@videotron.ca

clarified

Anon

Ott_Cable. I'm playing with words here. The two Modems did not have the same IP.

The people at the election HQ had a proxy running which gave them the IP of the people on the other end of town.

But now the RCMP will look into it as a last ditch effort.... Months later where the data will now likely be gone. Because the Electron Canada investigators can't comprehend what a proxy is and don't understand how someone across town can log in someplace with an IP they were not assigned.

»www.ottawacitizen.com/li ··· ory.html

It's like Vomio stated. This investigation is meant to fail and be swept under the rug.

Ott_Cable
@teksavvy.com

Ott_Cable

Anon

I can fake give away a phone# and change CID on my VoIP all I want, but if I want to get a call from someone else then the phone # I give out better be able to reach my phone. Same problem with the IP address except every single reply packets would have the other side ringing your number.

You can spoof the orginating IP address of a packet very easily, but don't expect to be able to run any regular internal protocols without having the ack/handshaking packets coming back to you. The rest of the internet have to be able to route that reply somehow. So claiming a "proxy" can fake an IP still does not explain how the person can use it to communicate correctly.

Do it
@videotron.ca

Do it

Anon

said by Ott_Cable :

So claiming a "proxy" can fake an IP still does not explain how the person can use it to communicate correctly.

It works.
I suggest you learn it and try it. I can point you to some thing but that would likely just get this post deleted, so I won't.

Once you do learn, you will then do a 360 and slap your forehead.

Then you will become addicted to proxies and your interest will increase and then you will become evil once you have your own pool of 1000 IP's for your personal use to play with.

I get the feeling "funny" has been down this road

Le Sigh
@videotron.ca

Le Sigh to Ott_Cable

Anon

to Ott_Cable
said by Ott_Cable :

So claiming a "proxy" can fake an IP still does not explain how the person can use it to communicate correctly.

I can't believe I'm googling for you, but any and all protocols will go through the spoofed address in either direction.

»www.google.ca/search?q=w ··· HihYGYCg

»www.google.ca/search?q=w ··· H3noGgAg

»www.google.ca/search?q=w ··· GZvYC4Dw

You can search more on your own. Use your imagination. People have only been doing this since the mid 90's.

PierrePoutin
@gurutek.biz

PierrePoutin to Ott_Cable

Anon

to Ott_Cable
Hey look my IP changed by only putting an empty Pringles can on my wi-fi card. I can now get open wi-fi in France!
PierrePoutin

PierrePoutin to Ott_Cable

Anon

to Ott_Cable
OMG! A Pringle can + a wire clothes hanger shows wi-fi from the Czech Republic! The gain of my homemade antenna is way to much. I better try to just use a penny and see where I end up!

So it's true! a Pringles can can connect all the was across Guelph! Can't be a proxy like the anon dummy says!
PierrePoutin

PierrePoutin to Ott_Cable

Anon

to Ott_Cable
A Penny on my card's wi fi antenna seems better. I can only now pick up weak wireless signals in Kansas City!

I need something with less power! On the hunt...
PierrePoutin

PierrePoutin

Anon

I now have a tinfoil hat on my wifi cards to connect to an open wifi some place in Canada. Not sure where. Think it's Iweb Technologies. Think that's in Quebec. Close. Ontario here I come...

wowzerss
@videotron.ca

wowzerss to Ott_Cable

Anon

to Ott_Cable
said by Ott_Cable :

I can fake give away a phone# and change CID on my VoIP all I want, but if I want to get a call from someone else then the phone # I give out better be able to reach my phone. Same problem with the IP address except every single reply packets would have the other side ringing your number.

You can spoof the orginating IP address of a packet very easily, but don't expect to be able to run any regular internal protocols without having the ack/handshaking packets coming back to you. The rest of the internet have to be able to route that reply somehow. So claiming a "proxy" can fake an IP still does not explain how the person can use it to communicate correctly.

Don't forget you have a port(s) open for this.

You can run *any* protocol and *any* service.
said by Ott_Cable :

Why can't it be as simple as a drive-by with a high gain wifi antenna (e.g. pringles can one) or even someone living in the same building stealing WiFi for accessing/uploading to the robocaller service?

A high gain Pringles can? I really, really doubt that. Besides that would require 5 (or 6) different people running around to the other side of Guelph with an empty Pringles can. heh (had a mental image of this, made me giggle). Though the person above claims to have reach Taiwan or something with a pringles can...

There are some people in this forum who have really high gain stuff that they can wire to that residential Rogers 99-ip. But it would have to be up on a tower, be in line of sight, and cause brain cancer with the power it would pump out to be able to reach the 80-km away and then the people would have to take the tower down w/ no one noticing so that the investigators wouldn't find out.

Seem plausible to you? Does it really require Myth Busters to solve? Is it even cost effective (never mind the labour)?

I wonder if Milnoc still thinks this can't be done?

Now does anyone see the issue with the investigator scratching his head when asked in court how it could be done?

Does it seem like someone is playing dumb?

milnoc
join:2001-03-05
Ottawa

milnoc

Member

said by wowzerss :

I wonder if Milnoc still thinks this can't be done?

I'm not saying it can't be done. Proxy or Wi-Fi wardriving, both will work. But the wardriving solution is the simplest one available that can ensure the best anonymity with minimal intervention. It requires very little set-up (change your network name and MAC address, activate private browsing) and can easily be accomplished from inside a parked car.

Setting someone up with a Trojan proxy server however can be a bit more complicated to pull off, especially for a campaign worker. And there's always the risk of accidentally infecting the campaign headquarters' network itself if you don't know what you're doing.

Ott_Cable
@teksavvy.com

Ott_Cable to wowzerss

Anon

to wowzerss
>Don't forget you have a port(s) open for this.

You are confusing how a firewall works vs how IP traffics are routed out in the cloud. The returning packets still needs to be routed by routers at the transit/peering. IP traffics might take different routes to/from your destination, so the 2 direction of traffic flow are 2 set of IP routes.

»think-like-a-computer.co ··· routing/
>When packets take a certain route to their destination they DO NOT have to take the same route back. I can’t stress this enough, packets DO NOT record the route they take.

A proxy server actually have to own the IP address(es) that it claims to have, but it lends it to a user so that it would appears that the traffic came from the server itself. It is not a magical box that send and receive IP packets from the internet cloud without using real IP addresses. Without using real routable IP addresses to the outside world, the return packet would not get back to the proxy server.

Now if the router/PC on the other side did get infected and get a proxy installed and the election office bounces traffic to it to access the robocall, then the election office would appear to have the same address. It is so much easier to use/crack a WiFi or buy a burner wireless sticks than using an infect host as there are always traces of the hidden proxy left behind to be discovered.