dChan
Anonymous ID: e58bf9 Nov. 26, 2020, 5:18 p.m. No.11800882   🗄️.is 🔗kun   >>0911 >>0935 >>1025 >>1053 >>1091

Good day, anons. I'm passing along some information another anon put together regarding possible workarounds for future scenarios and some interesting software. Any transcription errors are mine. As always, research before you apply. Happy Thanksgiving, all.

 

"There are some work arounds that I use for internet service providers that filter traffic. They will more than likely stop resolving 8kun via their DNS as we move forward. Whatever operating system you are using can always modiy the DNS given to you by your routerwhich is usually provided by the ISP. To override their DNS servers you an add your preferred DNS server IPs to your network interface. On your wired or wireless network interface add these IPs.

For example: OpenDNS

208.67.222.222,208.67.220.220

 

Below is a list of primary and secondary servers that get me around DNS filtering of kun and ISP's that block tor traffic.

 

Private DNS:

208.67.222.222 Open DNS primary

208.67.220.220 OpenDNS secondary

8.26.56.26 Comodo Secure DNS primary

8.20.247.20 Comodo Secure DNS secondary

9.9.9.9 Quad9 primary

149.112.112.112 Quad9 secondary

64.6.64.6 Verisign DNS primary

64.6.65.6 Verisign DNS secondary

https://www.privacytools.io/providers/dns/

 

DNS addresses for hosts file.

 

"As of today the current clearnet IP for kun is resolving at this IP: 203.28.246.1

8kun.top:

230.28.246.1 8kun.top

230.28.246.1 media.8kun.top

230.28.246.1 sysy.8kun.top

230.28.246.1 nerv.8kun.top

230.28.246.1 softserv.8kun.top

 

"Here are the other domains I am currently aware of that they manage @ kun. I am sure they have a fail-over IP and domain if the primary sire gets knocked down (I have a feeling they are not going to be able to do this with the current security measures in place) They only thing they can do is limit resolution to the site and remove the DNS servers world wide. If I find the other domains out there I will let you know. These may be active however 8kun.us and 8kun.tw don't seem to have anything behind them currently.

 

203.28.246.1 8kun.top 8kun.us 8kun.tw

203.28.246.1 media.8kun.top media.8kun.us media.8kun.tw

203.28.246.1 nerv.8kun.top nerv.8kun.us nerv.8kun.tw

203.28.246.1 softserv.8kun.top softserv.8kun.us softserv.8kun.tw

 

Regarding tools and setups:

 

I like what CSI Linux guys are doing. The OS they are putting out is a turnkey research environment. They have a lot of tools I already use installed. It also has a built in gateway for when you need to tread lightly. Pretty much every tool you could ever want for sourcing open information. Using a VM for snapshots, gathering information and following methodology / chain of custody is pretty seamless. (Could be very useful for the days to come.)

Helpful for scattered add/ocd autistic types.

This does have the disposable concept built into how the OS and browser is setup. So the one challenge is you need a little room on your hard drive, a decent CPU and at least 8GB of RAM. They have a virtualbox image… so it is what it is. It is however a great set of tools for researchers.

 

CSI Linux:

CSI Linux is available in both virtual machine appliance and bootable distro to use as a daily driver. For those that are familiar with the previous versions, in 2020.3 we have merged the CSI Linux Analystand and CSI Linux gateway to give you the most seamless and easiest way to investigate the service and dark web. Most of our focus in on tor, but we also support I2P, Freenet and Zeronet. CSI Linux SIEM contains the tools you need for identifying the local network threats.

https://csilinux.com"