Close

Page 2 of 4 FirstFirst 1234 LastLast
Results 21 to 40 of 75
  1. #21
    DF MaSter Black Oracle's Avatar
    Join Date
    May 2016
    Location
    Mars
    Posts
    86
    Thanks
    42
    Thanked:        95
    Karma Level
    0

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Quote Originally Posted by CzarJunkie View Post
    It's quite a privacy issue that I'm surprised hasn't been more of, especially as people love to bash Facebook on privacy issues.
    CJ it's funny you mentioned Facebook's Privacy! I have studied Digital Anthropology, which in basic terms is looking at how different cultures consider the various platforms and how they use them on a global basis. There is major differences in North and South India, but the one that will always stand out the most is China! I assumed this country would have very high issues regarding security, but mention Privacy, and it's a whole new ball game, nothing like I expected at all.

    In China you must not hide your login details to anyone of your family, they think you are trying to dishonour your own family. And, if you think that is bad, then you'll be surprised that in most premises only have one bedroom per family, having seperate rooms is considered bad by the rest of your family. Privacy to them is basically non-existent!

    Over here our cultures are totally different, and Privacy means Private!!

  2. #22
    VIP Member CzarJunkie's Avatar
    Join Date
    Jun 2001
    Location
    Atlantis
    Posts
    13,754
    Thanks
    832
    Thanked:        3,225
    Karma Level
    1992

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Quote Originally Posted by Black Oracle View Post
    CJ it's funny you mentioned Facebook's Privacy! I have studied Digital Anthropology, which in basic terms is looking at how different cultures consider the various platforms and how they use them on a global basis. There is major differences in North and South India, but the one that will always stand out the most is China! I assumed this country would have very high issues regarding security, but mention Privacy, and it's a whole new ball game, nothing like I expected at all.

    In China you must not hide your login details to anyone of your family, they think you are trying to dishonour your own family. And, if you think that is bad, then you'll be surprised that in most premises only have one bedroom per family, having seperate rooms is considered bad by the rest of your family. Privacy to them is basically non-existent!

    Over here our cultures are totally different, and Privacy means Private!!
    Is it possible for you to explain how and why facebook's XMPP servers display the end user's IP address to their chat partners as I'm having trouble finding any information for this online. Just a rough overview would be ideal.

    Thanks to CzarJunkie

    Over Carl (23rd June 2016)  


  3. #23
    DF Super Moderator piggzy's Avatar
    Join Date
    Jul 2014
    Location
    UK
    Posts
    3,540
    Thanks
    3,063
    Thanked:        1,553
    Karma Level
    371

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Quote Originally Posted by CzarJunkie View Post
    Can you expand on that?
    Not really. I am no expert but I am sure I remember reading that XMPP does include the IP in the comms if that is how it is configured. I am happy to be shown otherwise.

  4. #24
    DF VIP Member akimba's Avatar
    Join Date
    Jun 2006
    Location
    UK
    Posts
    2,846
    Thanks
    1,034
    Thanked:        783
    Karma Level
    369

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    why don't you have a FB chat with someone and see if can spot their IP? I not a fbooker so I couldn't run a test

    Thanks to akimba

    Over Carl (23rd June 2016)  


  5. #25
    DF Super Moderator piggzy's Avatar
    Join Date
    Jul 2014
    Location
    UK
    Posts
    3,540
    Thanks
    3,063
    Thanked:        1,553
    Karma Level
    371

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    http://www.xmpp.org/extensions/xep-0174.html

    3. DNS Records

    In order to advertise its availability for serverless messaging, a client MUST publish four different kinds of DNS records:

    1. A PTR record of the following form:
      _presence._tcp.local. PTR user@machine._presence._tcp.local.
    2. An address ("A" or "AAAA") record of the following form (where the IP address can be either an IPv4 address or an IPv6 address):
      machine.local. A ip-address
    3. An SRV record of the following form:
      user@machine._presence._tcp.local <ttl> SRV <priority> <weight> port-number machine.local.
    4. A TXT record whose name is the same as the SRV record and whose value follows the format described in the TXT Record section of this document, consisting of a set of strings that typically represent a series of key-value pairs such as the following:
      txtvers=1
      1st=user-first-name
      email=user-email-address
      hash=entity-capabilities-algorithm
      jid=user-jabber-id
      last=user-last-name
      msg=freeform-availability-status
      n=entity-capabilities-application-name
      nick=user-nickname
      node=application-identifier
      n=entity-capabilities-operating-system
      phsh=sha1-hash-of-avatar
      port.p2pj=5562
      status=avail-away-or-dnd
      vc=capabilities-string
      ver=entity-capabilities-identity

      Note: The DNS-SD specification stipulates that the TXT record MUST be published, but that it MAY contain no more than a single zero byte (e.g., if the user does not wish to publish any personal information).


    ________________________________________________________________________

    So the client must include their IP as per number 2. How visible that is though I am unsure.

  6. #26
    VIP Member CzarJunkie's Avatar
    Join Date
    Jun 2001
    Location
    Atlantis
    Posts
    13,754
    Thanks
    832
    Thanked:        3,225
    Karma Level
    1992

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Quote Originally Posted by akimba View Post
    why don't you have a FB chat with someone and see if can spot their IP? I not a fbooker so I couldn't run a test
    I don't use it. But I am keen on knowing if organisations such as FB abuse user's privacy.

    Thanks to CzarJunkie

    Over Carl (23rd June 2016)  


  7. #27
    VIP Member CzarJunkie's Avatar
    Join Date
    Jun 2001
    Location
    Atlantis
    Posts
    13,754
    Thanks
    832
    Thanked:        3,225
    Karma Level
    1992

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Quote Originally Posted by piggzy View Post
    Not really. I am no expert but I am sure I remember reading that XMPP does include the IP in the comms if that is how it is configured. I am happy to be shown otherwise.
    And is that the local IP of the user, or the IP of the server the user is connected to?

    Thanks to CzarJunkie

    Over Carl (23rd June 2016)  


  8. #28
    DF Super Moderator piggzy's Avatar
    Join Date
    Jul 2014
    Location
    UK
    Posts
    3,540
    Thanks
    3,063
    Thanked:        1,553
    Karma Level
    371

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Quote Originally Posted by CzarJunkie View Post
    And is that the local IP of the user, or the IP of the server the user is connected to?
    See above :-)

  9. #29
    VIP Member CzarJunkie's Avatar
    Join Date
    Jun 2001
    Location
    Atlantis
    Posts
    13,754
    Thanks
    832
    Thanked:        3,225
    Karma Level
    1992

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Quote Originally Posted by piggzy View Post
    See above :-)
    I don't understand that, can you explain it in layman's terms?

  10. #30
    VIP Member CzarJunkie's Avatar
    Join Date
    Jun 2001
    Location
    Atlantis
    Posts
    13,754
    Thanks
    832
    Thanked:        3,225
    Karma Level
    1992

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Quote Originally Posted by piggzy View Post
    See above :-)
    From that same page, they declare this under Security Considerations:

    13.4 Private Information

    The TXT record parameters optionally advertised as part of this protocol MAY result in exposure of privacy-sensitive information about a human user (such as full name, email address, and Jabber ID). A client MUST allow a user to disable publication of this personal information (e.g., via client configuration).
    Am I getting warmer?

    Thanks to CzarJunkie

    Over Carl (23rd June 2016)  


  11. #31
    DF Super Moderator piggzy's Avatar
    Join Date
    Jul 2014
    Location
    UK
    Posts
    3,540
    Thanks
    3,063
    Thanked:        1,553
    Karma Level
    371

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Quote Originally Posted by CzarJunkie View Post
    From that same page, they declare this under Security Considerations:



    Am I getting warmer?
    I believe so but again have not had much experience... So my understanding is they allow the user to hide their IP if facebook have written their client software that way. Have they?
    Also in all honesty this isnt going to stop a hacker getting an IP through it anyway. It just doesn't hand it on a plate.

  12. #32
    VIP Member CzarJunkie's Avatar
    Join Date
    Jun 2001
    Location
    Atlantis
    Posts
    13,754
    Thanks
    832
    Thanked:        3,225
    Karma Level
    1992

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Quote Originally Posted by piggzy View Post
    I believe so but again have not had much experience... So my understanding is they allow the user to hide their IP if facebook have written their client software that way. Have they?
    Also in all honesty this isnt going to stop a hacker getting an IP through it anyway. It just doesn't hand it on a plate.
    OK, so as far as you and Black Oracle are concerned, you can find a user's IP address using netstat when chatting to them using facebook messenger? And if so configured, XMPP will display the local IP address of your chat partner?

    Is that correct?

    Thanks to CzarJunkie

    Over Carl (23rd June 2016)  


  13. #33
    DF MaSter Black Oracle's Avatar
    Join Date
    May 2016
    Location
    Mars
    Posts
    86
    Thanks
    42
    Thanked:        95
    Karma Level
    0

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    http://creately.com/diagram/example/...x1/xmpp+server

    Very difficult without going in to technical details, but this is an XMPP server, which shows the clients in chart - you can blow it up, full-screen if need be.

  14. #34
    VIP Member CzarJunkie's Avatar
    Join Date
    Jun 2001
    Location
    Atlantis
    Posts
    13,754
    Thanks
    832
    Thanked:        3,225
    Karma Level
    1992

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Quote Originally Posted by Black Oracle View Post
    http://creately.com/diagram/example/...x1/xmpp+server

    Very difficult without going in to technical details, but this is an XMPP server, which shows the clients in chart - you can blow it up, full-screen if need be.
    So, as far as you are concerned, you can find a user's IP address using netstat when chatting to them using facebook messenger? And if so configured, XMPP will display the local IP address of your chat partner?

    Thanks to CzarJunkie

    Over Carl (23rd June 2016)  


  15. #35
    DF MaSter Black Oracle's Avatar
    Join Date
    May 2016
    Location
    Mars
    Posts
    86
    Thanks
    42
    Thanked:        95
    Karma Level
    0

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    What you have to look at is that all chat clients use the same technology! XMPP - Skype, was forever becoming hacked under the old method it used, so it was all changed to XMPP. But even now in a Skype conversation you can pull the original IP of the user up by using netstat -nbt

    It makes no difference what messenger you use these days you can still pull the originating IP, unless there is a VPN involved - but has NASA proved a VPN is not safe either! Proxies well you can 'chain' as many as you want, but the more you chain the more the signal drops, causing time-outs, etc.

    If configured properly TOR is one way around it, but you need extensive knowledge of TOR networking!

  16. #36
    DF MaSter Black Oracle's Avatar
    Join Date
    May 2016
    Location
    Mars
    Posts
    86
    Thanks
    42
    Thanked:        95
    Karma Level
    0

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Quote Originally Posted by CzarJunkie View Post
    So, as far as you are concerned, you can find a user's IP address using netstat when chatting to them using facebook messenger? And if so configured, XMPP will display the local IP address of your chat partner?
    That is correct using the correct switches or commands with netstat makes it a very powerful tool...

    Thanks to Black Oracle

    CzarJunkie (22nd June 2016)  


  17. #37
    DF VIP Member Over Carl's Avatar
    Join Date
    Apr 2006
    Location
    London
    Posts
    13,125
    Thanks
    3,975
    Thanked:        1,690
    Karma Level
    1251

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Just for a moment when you guys started talking about XMPP, I thought I may be wrong - I haven't studied the protocol but I was wondering whether IP addresses of users may be present, but then this would require something like wireshark rather than netstat to view.

    But then I read the info piggzy has kindly provided.

    Quote Originally Posted by piggzy View Post
    http://www.xmpp.org/extensions/xep-0174.html

    3. DNS Records

    In order to advertise its availability for serverless messaging, a client MUST publish four different kinds of DNS records:

    1. A PTR record of the following form:
      _presence._tcp.local. PTR user@machine._presence._tcp.local.
    2. An address ("A" or "AAAA") record of the following form (where the IP address can be either an IPv4 address or an IPv6 address):
      machine.local. A ip-address
    3. An SRV record of the following form:
      user@machine._presence._tcp.local <ttl> SRV <priority> <weight> port-number machine.local.
    4. A TXT record whose name is the same as the SRV record and whose value follows the format described in the TXT Record section of this document, consisting of a set of strings that typically represent a series of key-value pairs such as the following:
      txtvers=1
      1st=user-first-name
      email=user-email-address
      hash=entity-capabilities-algorithm
      jid=user-jabber-id
      last=user-last-name
      msg=freeform-availability-status
      n=entity-capabilities-application-name
      nick=user-nickname
      node=application-identifier
      n=entity-capabilities-operating-system
      phsh=sha1-hash-of-avatar
      port.p2pj=5562
      status=avail-away-or-dnd
      vc=capabilities-string
      ver=entity-capabilities-identity

      Note: The DNS-SD specification stipulates that the TXT record MUST be published, but that it MAY contain no more than a single zero byte (e.g., if the user does not wish to publish any personal information).


    ________________________________________________________________________

    So the client must include their IP as per number 2. How visible that is though I am unsure.
    How many of you have SRV records? I know I had to setup two, but it is highly unusual to have SRV records pointing to a domestic IP address, and setting these up are probably way beyond the capability of an average user. In addition, without a fixed IP address, SRV records have to rely on dynamic dns, and if facebook chat relied on such a mechanism, you would find you would not be able to use the service for a while after rebooting your home router, and messages could be sent to the wrong person for a while.

    I'm guessing some of our network/server admins have a few SRV records pointing at some servers for work, and maybe a few do for home servers, but this is definitely not the normal, yet seems to be a prerequisite for direct XMPP communication without a server.

    I could poke more technical holes and haven't fully explained the above as this is getting boring.

    Anyway, to put this matter to rest, I will do a little packet analysis myself. Unfortunately I don't really use facebook so I will have to arrange a time so I know I will have a friend who I can have a test conversation with. Gimme till Sunday max, but I'll probably be back to prove it a lot quicker than that.
    Last edited by Over Carl; 22nd June 2016 at 05:36 PM.

    2 Thanks given to Over Carl

    Black Oracle (22nd June 2016),  CzarJunkie (22nd June 2016)  


  18. #38
    DF MaSter Black Oracle's Avatar
    Join Date
    May 2016
    Location
    Mars
    Posts
    86
    Thanks
    42
    Thanked:        95
    Karma Level
    0

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Let's look at this from a totally different perspective...

    Everyone knows Microsoft's Gaming servers are forever getting attacked, now say at your end you add a second network card in your PC, then 'bridge' both network cards together. This allows you to place a 'sniffer' on your PC, but to everyone else you look fine online - but since you have a sniffer inline with all the people in the room, you can see all their IP Addresses - this is more commonly known as a 'swatting' attack, by knowing the IP of anyone in the room you can do whatever you like to them.

    However, these days it is taken a step further - all because you can see everyones IP addresses you can feed it through another program running at the same time to find their geo-location precisely down to their address, ZIP and even phone number! This is why it is called a 'swatting' attack because the person that has all these details, contacts your local police 'saying shooter on the loose and the address!' - first thing is dispatch a SWAT team!

    And, this is all done through a computer bridged to the connected console! XMPP really needs to be more secure, these days!!!

  19. #39
    DF Super Moderator piggzy's Avatar
    Join Date
    Jul 2014
    Location
    UK
    Posts
    3,540
    Thanks
    3,063
    Thanked:        1,553
    Karma Level
    371

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Quote Originally Posted by Over Carl View Post
    Just for a moment when you guys started talking about XMPP, I thought I may be wrong - I haven't studied the protocol but I was wondering whether IP addresses of users may be present, but then this would require something like wireshark rather than netstat to view.

    But then I read the info piggzy has kindly provided.



    How many of you have SRV records? I know I had to setup two, but it is highly unusual to have SRV records pointing to a domestic IP address, and setting these up are probably way beyond the capability of an average user. In addition, without a fixed IP address, SRV records have to rely on dynamic dns, and if facebook chat relied on such a mechanism, you would find you would not be able to use the service for a while after rebooting your home router.

    I'm guessing some of our network/server admins have a few SRV records pointing at some servers for work, and maybe a few do for home servers, but this is definitely not the normal, yet seems to be a prerequisite for direct XMPP communication without a server.

    I could poke more technical holes and haven't fully explained the above as this is getting boring.

    Anyway, to put this matter to rest, I will do a little packet analysis myself. Unfortunately I don't really use facebook so I will have to arrange a time so I know I will have a friend who I can have a test conversation with. Gimme till Sunday max, but I'll probably be back to prove it a lot quicker than that.
    An SRV record in most cases as you say would not exist but could not the client software create an acceptable SRV record on the fly to satisfy XMPP protocols ??
    Not saying that is what happens .. more thinking out loud!

    Thanks to piggzy

    Over Carl (23rd June 2016)  


  20. #40
    DF VIP Member Over Carl's Avatar
    Join Date
    Apr 2006
    Location
    London
    Posts
    13,125
    Thanks
    3,975
    Thanked:        1,690
    Karma Level
    1251

    Default Re: A guy on Facebook tried 'grooming' my 15 year old daughter! Wrong person to 'Hit'

    Quote Originally Posted by Black Oracle View Post
    Let's look at this from a totally different perspective...

    Everyone knows Microsoft's Gaming servers are forever getting attacked, now say at your end you add a second network card in your PC, then 'bridge' both network cards together. This allows you to place a 'sniffer' on your PC, but to everyone else you look fine online - but since you have a sniffer inline with all the people in the room, you can see all their IP Addresses - this is more commonly known as a 'swatting' attack, by knowing the IP of anyone in the room you can do whatever you like to them.
    Possibly true.

    But I am really baffled. Why not just run wireshark with a single NIC unbridged and just sniff that direct?

    Or if that is not possible, then the next choice of IT pros is to use a managed switch and setup port mirroring, then use wireshark on another computer or to use a network probe.

    I have worked with a few IT pros who have needed to sniff data. Just for example I have put in warranty claims with Draytek and Cisco when I have found faults with their equipment. By providing a professionally taken packet capture and explaining the faults, they acknowledged faults and replaced hardware that was faulty by design or created firmware updates which they would ask me to test before releasing worldwide. If I sent traces captured the way you started to describe, I am quite sure I would have never been allowed past level 1 tech support (i.e. have you turned it off and on again?).
    Last edited by Over Carl; 22nd June 2016 at 06:05 PM.

    Thanks to Over Carl

    JonEp (24th June 2016)  


Page 2 of 4 FirstFirst 1234 LastLast

Similar Threads

  1. this is so wrong..
    By Aido in forum The Dog and Duck
    Replies: 8
    Last Post: 17th September 2002, 04:15 PM
  2. Cheap Ink? (Sorry if in wrong place)
    By Goldberg in forum PC Hardware
    Replies: 9
    Last Post: 9th September 2002, 10:13 PM
  3. another 150 year land mark
    By 4me2 in forum The Dog and Duck
    Replies: 2
    Last Post: 30th August 2002, 05:09 PM

Social Networking Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •