Customize

Is the CoS the NSA? Hardly.

Discussion in 'News and Current Events' started by XenuLovesU, Feb 25, 2008.

  1. XenuLovesU Member

    Is the CoS the NSA? Hardly.

    Mods: don't know if this qualifies as "general" enough for General Discussion, so feel free to move it. I think it's worth mentioning how archaic the CoS infrastructure is though :)

    How technologically sophisticated is the CoS, from an IT/networking perspective? Two words: not very.

    From the 30,000 foot IT/networking view, they look like they didn't even know the internet existed for the most part until 2001. Even now, for an organization with bizillions of dollars claiming a membership in the millions in 2008 -- they look like a mom-and-pop outfit with a few offices here and there.

    Their network topology looks like a bad example of, "how not to do the internets" (may make this into a PowerPoint... tffft). For tin-foil hat types who expected NSA level sophistication and connectivity -- sorry to disappoint you. It's no wonder they've had to call in outside security expertise, only to be told, "no you're doing it wrong."

    They're definitely doing it wrong.

    I have no doubt that there are a few bright, dedicated and knowledgeable people working on their end who KNOW how wrong they are, and grit their teeth because they aren't permitted to bitch about it. I would absolutely fucking hate to be a network admin or IT guy on their side, because truth-be-told, even simply looking at publicly available information about their networks shows that they're still in the bronze age. Hats off to you poor souls... I feel for you.

    None of the information below was gleaned through illegal means. No network scans or penetrations were involved. This is strictly publicly-available info that's out there if you know where to look for it.

    If you're not a netfag, it's probably best you stop reading here. The rest is just going to be one big yawn :)


    ----
    The bulk of the CoS connectivity is, by a wide margin, at their Hollywood Blvd. facility in California, most of which is provided by AT&T. That facility also appears to be multi-homed with another carrier, Level 3. The address space provided by AT&T (3 x /28, 1 x /24, and 2 x /23) is much larger than that provided by Level 3 (1 x /24), indicating the facility is not fully redundant and that the Level 3 connection cannot support their entire infrastructure should something go wrong with their (presumably) primary carrier, AT&T. This probably explains their mad scramble to to move their public-facing servers to Prolexic.

    Their next most-connected facility is Gold Base, in Gilman Hot Springs, California. Again, AT&T provides the connection, with one /25 range of IP addresses assigned to it. I don't see any redundancy for their IP space there thus far.

    Flag HQ in Florida comes in third, with two netblocks assigned by AT&T (1 x /29, 1 x /28) and a second connection provided by Telepacific (1 x /29), again indicating they do not have full redundancy.

    San Francisco comes in at number four, with 4 x /29 non-contiguous netblocks (indicating growth over time). Seems a bit odd that this org should have so much address space assigned to it. Tertiary facility? Way too many IPs for a "generic" location. Data indicates a location at 268 BUSH STREET #5000, SAN FRANCISCO, CA 94104, which is separate from their "public" org location on Montgomery. Don't know if they've moved it, if that's just a mailing address, or are running things separately in two locations.

    Other orgs (six in total) appear to all have /29 netblocks assigned to them (i.e. 8 IP addresses, six of which would be usable).

    This commentary is specific to the Church of Scientology International. They also have various other (small) connections to Narconon and Criminon offices, but these pretty much mirror the standard /29 nets in regular orgs.

    Still working through the long, long list of Scientology front companies, various law firms and PI's known to work for them and likely sympathetic-corporations controlled by big-dollar benefactors of Scientology. Will publish the full results, with yummy geek details when finished.

    And now, it is my GREAT pleasure to pass the tin-foil hat over to the "experts" in the OSA. I *really* hope you folks thought about how stupid it is to hire an army of asshat private investigators to do your bidding for you. Let's hope that none of them are likely to, um, leak any information you might find embarrassing? I'm not saying anyone would do anything to get to it -- I'm just saying it's time for you to start losing a LOT of sleep wondering if anyone IS. Hugs and kisses! That's what you get for being dicks and trying to be spaiz. I think you've FINALLY pissed off the wrong people.
  2. Anonymite Member

    Re: Is the CoS the NSA? Hardly.

    so is this good or bad for us? i'm geeky enough to know that knowing their ip's are very useful, but not geeky enough to know whether stuff like non-contiguous is cool or not.
  3. waianon Member

    Re: Is the CoS the NSA? Hardly.

    The answer to your question lies in this quote:

    Scientology doing it wrong = as far as interweb security goes, they be screwed. So good for us. :twisted:

    I heard the same thing from another thread - apparently the experts they called in told them that their systems are AT LEAST five years out of date.
  4. anonEmouser Member

    Re: Is the CoS the NSA? Hardly.

    I wonder if they even have their remote orgs VPN connected back to the motherships. I don't doubt that Gold/Hollywood/Flag are wired together--probably SanFran as well since that seems to be fairly well-wired--but on the whole it sounds like they just grabbed expensive sounding packages because they could.

    I mean, they couldn't possibly be still using frame relays, right? Talk about cash hemorrhaging...

    The class-C blocks are only needed for exterior facing sites or connectors. With their ATT blocks they could have over 1,000 exterior IP addresses--which makes for a crapton of websites, direct exterior pipelines, mail servers, etc. I'm curious as to how many of these they actually have connected to something.

    Pet theory--thanks to narcissism and arrogance, it may be possible that several high-up offices have a direct pipe outside, to avoid the filters put on the plebian classes.
    Flipping that on its head, with their xenophobia and paranoia (somewhat justified in this case) there will be minimal outside contact outside of the firewalls.

    ...actually, I wonder if they're running a proper DMZ or just a quick-hack hole through the firewall to the appropriate internal IPs.

    All this is entirely academic, of course. But given their less than stellar application and understanding of REAL tech, I bet the whole system resembles swiss cheese. With the latest attn from Anonymous, however, their external contractors may just bump them up to a reasonable level of security in 6 months or so.
  5. XenuLovesU Member

    Re: Is the CoS the NSA? Hardly.

    "Non-contiguous" isn't really good or bad.

    What it shows, in essence is a lack of planning on their part, or incremental growth over time in San Francisco. In the case of the SF org it most-likely means that they didn't originally plan for it to be much of an (IT) location and had to keep going back to their ISP to ask for more IP addresses. If they'd *planned* on it being something like a data-center or back-up facility, they would have asked for more addresses up front. It's just easier to manage things if all of your addresses for a facility are contiguous.

    If you're a well-funded, forward-thinking organization with net experts on your side, you don't nickle-and-dime things like getting IP addresses for a location. You just go out and get 100%-200% more than you think you'll need and be done with it. They're (to a corporation) chump change.

    "Contiguous" addresses would be a range of IPs that all come one right after another... 1,2,3,4,5. "Non-contiguous" addresses indicate buying blocks of them, one block at a time... 1,5,7,10,50.

    Over time, SF has become more important to them... and likely hosts some of their IT/network infrastructure in some capacity. There's really no other reason for the number of IPs continuing to grow.

    What does this mean? Not a lot, other than they've been spending money and expanding infrastructure in SF. It doesn't mean the org itself is doing well or bringing in new meat. Haven't really dug deep enough yet to say what they're hosting in SF.

    The real significance of these observations would be to allow us to figure out what *their* tech priorities are... where they're spending money... where to do more research. So far that's looking like LA, Gold and SF. To most folks on here, that info is useless. To a few, it's enlightening.
  6. AnonymousNow Member

    Re: Is the CoS the NSA? Hardly.

    Even if we obviously can't do anything illegal to the infrastructure, it is helpful to know what their capabilities are to act against others internets wise.
  7. anonEmouser Member

    Re: Is the CoS the NSA? Hardly.

    The San Fran org--the one at 701 Montgomery St, anyway--is only 5 years old. If that's where the lines are going to, I wonder why they need the connection?

    In the ribbon cutting ceremony, DM said that the new org was to be a "World class" one where all of the scieno programs would be based out of. Though there are narconon/criminon/applied scholastics centers elsewhere in san fran; the main offices could still be housed at the org however. Of course, we're talking about a speech from David the Angry Drunken Dwarf; a litre of salt is warranted.


    Edit: Just caught the OP update where the "Connected" SF center is 268 BUSH STREET #5000
    It may be handy to post the subnets (as long as they were obtained publically as mentioned) for peer-guardian type blocking. No sense allowing OSA to ride off their main org's fat pipes.
  8. Anonproto Member

    Re: Is the CoS the NSA? Hardly.

    man... I don't know whether to portscan them or try to sell them security consulting....
  9. TheSpAnon Member

    Re: Is the CoS the NSA? Hardly.

    you do both, you just do the second one really poorly multiple times... you know... for "profit!"

Share This Page

Customize Theme Colors

Close

Choose a color via Color picker or click the predefined style names!

Primary Color :

Secondary Color :
Predefined Skins