LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Closed Thread
  Search this Thread
Old 09-27-2004, 01:40 AM   #1
breezewax
Member
 
Registered: Sep 2004
Location: san diego, ca
Distribution: Slackware 10.2
Posts: 74

Rep: Reputation: 15
probably one of the most basic security questions...


...why, exactly, isn't there a Website out there that's source cannot be found and thereby shut down by authorities? Curious.
 
Old 09-27-2004, 05:28 AM   #2
Ambrosia
LQ Newbie
 
Registered: Aug 2004
Location: Germany
Distribution: Debian Sid
Posts: 17

Rep: Reputation: 1
Sorry..but I don't quite understand the question.

What do you mean by source? Shut down for what reason?
 
Old 09-27-2004, 11:57 AM   #3
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
The answer is: No. If anyone can reach your website, then they (someone with a wiretap order) can follow it the entire way back to wherever the box is physically located.
 
Old 09-27-2004, 03:27 PM   #4
breezewax
Member
 
Registered: Sep 2004
Location: san diego, ca
Distribution: Slackware 10.2
Posts: 74

Original Poster
Rep: Reputation: 15
i see...the implications of such a Website struck me the other night...would change everything. just a thought ...thanks
 
Old 09-27-2004, 06:37 PM   #5
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Yes, the implications would be a complete anarchy and breakdown of lawful society because any content that could be made digital could be distributed indefinitely, regardless of legal status. Your question borders very closely on soliciting help will illegal activities.
 
Old 09-28-2004, 05:46 PM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,394
Blog Entries: 55

Rep: Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565
Your question borders very closely on soliciting help will illegal activities.
Not trying to break the united front, but as fellow moderator I respectfully disagree on the count the question is set rather broad (if he where eliciting help with specific details I would consider politely shutting it down).
Personally I kinda enjoyed his question cuz it got me thinking if it would be (at least theoretically) possible to accomplish this w/o being able (or at least make it very hard) to pinpoint a physical location.
 
Old 09-29-2004, 03:38 AM   #7
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
You could obfuscate a lot, but using BGP looking glasses you could narrow it down to the last AS. Of course you wouldn't have to use all routed packets, you could use reverse proxying and/or web services to further obscure the backend, but at least you would be able to find the front-end server which would inevitably lead to the content server.

One way you could hide something would be to use stegonography to hide traffic inside other protocols or data, but that would require that the clients also have specialized software that understands your stego. At that point it wouldn't really be a web server in the common understanding, but more of a peer-to-peer application.

Using IPSec in tunnel mode would probably be the closest you could get to really hiding the source of a web server, but the encrypted traffic could still be followed to the last gateway where it's unencrypted.
 
Old 10-02-2004, 01:42 AM   #8
breezewax
Member
 
Registered: Sep 2004
Location: san diego, ca
Distribution: Slackware 10.2
Posts: 74

Original Poster
Rep: Reputation: 15
yeah it's incredible that such a drastic event could even possibly occur, and most of the public have never really thought about it. i've also heard of the idea of simply hiding the hosting machine inside common electronics or even running it from a network printer...i'm just glad i'm not one of the people who has to deal with that possibility
 
Old 10-04-2004, 12:24 PM   #9
davholla
Member
 
Registered: Jun 2003
Location: London
Distribution: Linux Mint 13 Maya
Posts: 720

Rep: Reputation: 32
Quote:
Originally posted by chort
The answer is: No. If anyone can reach your website, then they (someone with a wiretap order) can follow it the entire way back to wherever the box is physically located.
Then surely it should be possible to find where websites showing beheadings of western citizens in Iraq/US (sorry I meant to right Saudi) are being hosted ?
If that is so I hope it happens soon and action is taken.

Last edited by davholla; 10-04-2004 at 04:22 PM.
 
Old 10-04-2004, 12:31 PM   #10
sh1ft
Member
 
Registered: Feb 2004
Location: Ottawa, Ontario, Can
Distribution: Slackware, ubuntu
Posts: 391

Rep: Reputation: 31
Quote:
Originally posted by davholla
Then surely it should be possible to find where websites showing beheadings of western citizens in Iraq/US are being hosted ?
If that is so I hope it happens soon and action is taken.
Of course, what happens if these websites are hosted outside of a so-called '1st world' country? Is it then the legal responsibiltiy of (i'm assuming here your from u.s.) the united states to shut down these sites? What right do they have to do this.

There's no question that the content is offensive, but I don't see how you believe a seperate state like U.S. has a right to shut it down if it outside their jurisdiction.

On another note, does it really matter if the source can be found if the website is somewhere like say, an oil rig in international waters, does it? Just curious
 
Old 10-04-2004, 04:25 PM   #11
davholla
Member
 
Registered: Jun 2003
Location: London
Distribution: Linux Mint 13 Maya
Posts: 720

Rep: Reputation: 32
Actually I'm from the UK (look at my location).

Surely in all states of the world apart from possibly North Korea, the owners of these websites could be questioned as they know about criminal acts.

I know the US is not universally loved (I am not happy on some Americans support for the IRA but lets not get off topic).
However as far as I know no Goverment with the possible exception of North Korea supports the beheadings of hostages in Iraq/Saudi, who come from many countries (hopefully no more will be killed).
 
Old 10-10-2004, 01:30 PM   #12
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,394
Blog Entries: 55

Rep: Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565
As moderator I do not like the way this thread is heading.
The Linux - Security forum deals with security.
Security != politics, so this thread will be closed.
Anyone wants this thread reopened can ask me by email.
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
basic questions on hostname and domain name + related postfix questions Moebius Linux - Newbie 7 09-04-2007 12:50 PM
[Security Questions] Last Login, how good is this feature for security breach info? t3gah Linux - Security 2 06-14-2005 02:02 AM
basic security?? wrat Linux - Security 5 05-15-2004 03:55 AM
Basic Security questions with 2.4 and 2.6 MissMetal Linux - Security 2 04-22-2004 06:53 PM
Security Basic vcheah Linux - Security 2 01-08-2002 05:38 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:51 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration