Monitoring Cyber Iran and Syria in the ToR network

gAtO wAs mOnItOrInG – bad ToR-Relays and found that during this unrest in Iran and Syria. We have 17 bad ToR-Relays 95% in Iran and Syria. This is how the shut down the network to suppress information communication securely to the outside world. Time stamp is 05-31-2012 00:52:05 MET.

Tor Network Status – http://torstatus.blutmagie.de/index.php you can find all kinds of information about the .onion relays that make up the networks.

While back in cyber world —:Stuxnet – Flame – I can tell you that lot’s of Iranian site use older web apps , cms, jommla and they have vulnerabilities.
http://uscyberlabs.com/blog/2012/02/10/1890/
But they are educated and everyone learns from being attacked.

When you underestimate your enemy you are going to lose.

Example :-gAtO been working on a ToR project and last night I was monitoring the ToR-Relays for bad ones and 15 out of 17 -ToR-Relays all doing exit node were Iranian and Syrians all bad and compromised. With the unrest in the news with Iran and Syria these two countries were playing with Tor-Relay nodes to extract exit information on dissidents.

If they catch some dissident posting anti-Iran, anti-syria online and they will find their IP and kill them. In the middle-east hacktivist may pay the ultimate price and the CIA and others are communicating with the rebels using the ToR-.onion network the invisible web takes on a new importance during crisis time.

All goes underground under the radar but it show’s that they have an active cyber policy, with countermeasure and surveillance. These guy are fighting back anyway they can.

Cyber and culture must be understood, the more you invest in your infrastructure the more vulnerable you will become and how a society integrates the technology into it’s culture will make changes, trust me business will love it but in the middle east religion is very important geo-political tool and propaganda is the number one thing I see while surfing the Iran. Syria websites.

Today I see “cyber ambiguity” from Israel –On Tuesday, a day after a Moscowbased security company revealed that a new cyber weapon called “Flame” had struck Iran, Vice Premier and Minister of Strategic Affairs Moshe Ya’alon fueled speculation of Israeli involvement by praising Israeli technological prowess in response to a radio interview on the issue.

Israel, he said, was blessed with superior technology. “These achievements of ours open all kinds of possibilities for us,” he said.

Prime Minister Binyamin Netanyahu said when he spoke that evening that when it comes to cyberspace, the size of a country is insignificant – but that there is great significance to a country’s “scientific strength, and with that Israel is blessed.”

http://www.jpost.com/Features/FrontLines/Article.aspx?id=272264
As all these state actor play cyber games with cyber war, gATo will keep monitoring the ToR network to look and see and learn about societies in cyberspace -gATO oUt

Published by:

CWZ's picture

Name
Reza Rafati

Information
I am the founder of Cyberwarzone.com and I focus on sharing and collecting relevant cyberconflict news., The goal of Cyberwarzone is to provide the world a portal with global cyberwar information. The effort in getting this cyberwarfare information is hard. But as the internet is growing we need to get an global cyberwar & cybercrime monitoring system., By the people and for the people. We will be gathering information about Cybercrime, Cyberwarfare and hacking. LinkedIn: http://www.linkedin.com/pub/reza-rafati-%E2%99%82/1a/98b/197

Country
The Netherlands

My website
Cyberwarzone.com

Twitter:
http://twitter.com/#!/cyberwarzonecom