We had technical difficulties getting started and had communication issues due to server attacks on our communication lines and the instability of the public live streams. People were asking why we didn’t run tools on the data. It is because we were not remoted into a Windows server that had the image loaded; we had just mounted a forensic image of the files and were able to view the file tree and files only. Due to the setup of the forensic image, we were not able to run tools such as regedit, event viewers, or dll analyzers. We could not run the executable files inside the forensic image. We did not have a windows server setup with the image loaded due to obtaining the publicly available data at the last minute. There simply was not enough time to set up a server because the show was already scheduled and we wanted to do it live. We came across unprepared, and it is true in a sense because we had just obtained the data. It was my very first time looking at the data and I did not know what exactly would be found on the systems ahead of the event.
Interestingly, we did uncover a few critical things:
- There appeared to be web server logs that potentially indicate that the server was accepting and executing commands remotely.
- Election-related data pre-upgrade was not present on the machine post-upgrade. This indicates that election-related data was deleted or otherwise removed during the upgrade process.
- The server had a suspicious configuration script designed to remove server security, potentially opening the machine up to a network hack.
These issues warrant additional investigation.
No, it did not open it up to a hack. It opened the contents up to all who views.it and added HKEY for net_lib which I interpreted as networke library. Seemed to me they took all security.of any type off and removed the possibility of adding it back, then removed the encryption, they added to the net lib. Looks.like it was done purposfully to make anything else on the network able to access, read, and change ANYTHING with no hack required
I follow a female time traveler and she has called out CM bc he said Trump lost immediately after the election. She believes he gave up too fast. Calls him traitor. The group was saying he was there to be exposed.
I don’t have an opinion this is just a report of what I saw posted in the group.
Yes, I know of whom you speak. Didn’t have much to say after the lawyer issue was explained, though. This person seems to only be concerned with putting down others’ efforts, calling people “Paytriots” when she also has TIP ME button right on her own website. We are all in this together, and WHO SAID IT FIRST shouldn’t be someone’s main focus all the time. Gives a whole new meaning to “information warfare”.
I agree that the issues at hand warrant additional investigation, but the excuse of not having time to put up a windows server is kinda whack.
Settup is fine, getting all access per.issions, the image onto a workable executable environment, verifying security, opening up netwrok for Ron to work on it remotely....no bad idea to begin with. Let it sit in its natural state.
I'm feeling a bit strung along right now.