Anonymous
2007-12-13 16:46:51 UTC
THIS UNWANTED GARBAGE ORIGINATED FROM AND BROUGHT TO YOU COURTESY OF:
PATRICK PARIS -- SYPHILITIC PERVERT
PATRICK PARIS -- HATEFUL SCUMBAG
PATRICK PARIS -- PIECE OF SHIT
PATRICK PARIS -- STINKING PIECE OF FRENCH PIG SHIT
On Aug. 12 and 13 alone, a reported 32,703 checks were carried out on suspicious
individuals. Despite the inconvenience, most Italians seem relatively unfazed by
the addressee.
Don't come up with ridiculous reasons for not doing anything illegal or anything
like that. I just want to hear any complaints that so and so are the VICTIM Moore
and see how many users are mostly cowardly rats. You people that run remailers
should stop thinking of yourselves as knights in shining armour who give poor
Cuban dissidents a way to communicate with headquarters in Miami so the Cubanexile
airforce can drop supplies to them in 5 minutes or so.
you sure you are not Secure Beer?
I dont think it was Frogs word for whatever it was that SB did. I
seem to recall several people on the group agreeing that SB had done
something not quite kosher.
I am just curious about what it was.
Wait. Are you Bluejay???
<<==========>>
Subject: Re: Twistycreek re-mailer open to public
Hash: SHA1
On Sat, 15 Oct 2005 23:30:05 +0200 (CEST), Nomen Nescio <***@dizum.com>
wrote:
Snipped
I have a static IP. The new modem is a combination modem/router. You are
correct, the static IP is on the WAN side. I have 4 other computers
connected to it. 1 laptop by wireless so I have a wireless router plugged
in to one of the ports. The 3 others are direct connected to the router.
The re-mailer has a fixed IP while I let the other 2 receive their
addresses
by DHCP. The wireless laptop receives a 192.168.0.2 DHCP address from the
wireless router. The others all have 10.1.10.xxx IPs.
I have the re-mailer PC separated by giving it a different workgroup name.
So though it is on the network, I can't "see" it from the other computers.
To access the router, I have to type in 10.1.10.1 which brings up the login
page for the router. I set the re-mailer PC to a fixed IP. I let the other
PCs get their IPs from the router by DHCP. The router itself has a built in
firewall which I enabled. Then each computer has a McAffee
virus/securitycenter/firewall combination on it.
The only one that gets pinged is this one, the re-mailer. Things slowed
down once I blocked everything including the router. I am surprised it
still works at all.
As of this morning, I have had no more repeat pings. The ones listed below
are the last.
I just don't know how I can get pinged or whatever from the same address as
my router. I thought a real Domain IP should show up. Again, I am far from
the expert so would really like to know how this can be done. Seems pretty
tricky. I just don't like the name Blackhole. Gives me the shudders. I sure
know what a "blacklist" is and blackhole and blacklist are somewhat
synonymous. A Google search of the terms brings up pages that describe them
in kind.
I picked out the last 3 of about 12 or more total.
Here they are.
__________________________________________
2005/10/15 10:06:26 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0 ICMP
Ping
2005/10/15 10:12:35 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0 ICMP
Ping
2005/10/15 16:26:11 10.1.10.95:68 (ANONYMOUS) 255.255.255.255:67 Bootstrap
Protocol Server
__________________________________________
All trace routes come back to the below though the map part of the trace
route does not show anything.
Maybe this is all OK and they just happened to pick bad names for their
servers. BLACKHOLE? Yuuch!!!
Sender ANONYMOUS? Why not a real name?
Reminds me of Carnivore. Some stealth project :) A bad pick for a name at
any case. Great for a re-mailer though :)
__________________________________________
OrgName: Internet Assigned Numbers Authority
OrgID: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US
NetRange: 10.0.0.0 - 10.255.255.255
CIDR: 10.0.0.0/8
NetName: RESERVED-10
NetHandle: NET-10-0-0-0-1
Parent:
NetType: IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment: This block is reserved for special purposes.
Comment: Please see RFC 1918 for additional information.
Comment:
RegDate:
Updated: 2002-09-12
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: ***@iana.org
OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
OrgTechEmail: ***@iana.org
__________________________________________
The part that disturbs me is from the website. It says:
__________________________________________
Special-Use Addresses
Several address ranges are reserved for "Special Use". These addresses all
have restrictions of some sort placed on their use, and in general should
not appear in normal use on the public Internet. The following briefly
documents these addresses in general they are used in specialized
technical contexts. They are described in more detail in RFC 3330.
"Private Use" IP addresses:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
The above address blocks are reserved for use on private networks, and
should never appear in the public Internet. There are hundreds of thousands
of such private networks (for example home firewalls sometimes make use of
them). The IANA has no record of who uses these address blocks. Anyone may
use these address blocks within their own network without any prior
notification to IANA.
The point of private address space is to allow many organizations in
different places to use the same addresses, and as long as these
disconnected or self-contained islands of IP-speaking computers (private
intranets) are not connected, there is no problem. If you see an apparent
attack, or spam, coming from one of these address ranges, then either it is
coming from your local environment, or the address has been "spoofed".
__________________________________________
This part gets me:
"If you see an apparent attack, or spam, coming from one of these address
ranges, then either it is coming from your local environment, or the
address has been "spoofed". "
So, in the end, am I getting spoofed by a hacker, or by my own
cablemodem/router?
My read is that IPs of 10.0.0.0 - 10.255.255.255 should never appear on the
Internet. Why then should a ping or anything else come from that address
range and show up in my firewall log? Why would trace route take me back to
their site? Why would my modem use names like mail.brianbinder.com and
ANONYMOUS? Those names don't exist on any of the other PCs.
In the end, I am just puzzled. Forgive me if I tend to lean toward the
extremely cautious side of things, but this is a re-mailer. I take
operating it very seriously and believe I should do my best to protect it
to the point of erring towards the paranoid :) It is a new
cablemodem/router so I don't know what to expect out of it.
If someone can tell me what this is about, I would indeed be grateful.
Until I know more, I'll leave things as they lay. It seems to be working
OK, so if it isn't broken, don't fix it :) And, the pings have stopped :)
Regards all
BTW, I tried to answer this late last night but just plain messed something
up.
<<==========>>
Subject: Re: What Did He Do?
the flooding make the two synonymous. It's equally likely that some other
person who had an obsession with FrogAdmin simply stopped flooding when
Frog went away. There's really no way to know for sure.
Not that I'm defending anyone mind you.
suppose that's subjective.
someone is doing it out of spite for other group participants or just to
feel "cool", and their feelings about remailers in general have nothing at
all to do with it.
A true "hater" would flood other groups, and as far as I'm aware no other
groups were flooded. Of course I just might be clueless here...??
responsible for the vast majority of random usenet abuse, and because of
that, the bulk of the bad reputation Remailers have. :(
Sounds like a basis for the next bockbuster SciFi movie/novel Thomas. Color
up the characters a bit, maybe make the flood a more devious attack, and
make the victim the Iraqi Embassy... you might be on to something. :)
*I* think that if the Co$ was behind some nefarious activity it wouldn't' be
limited to these groups, and they wouldn't give a rat's ass about people
like you and I who took shots at the flooders and those we thought might be
responsible. *I* think their attack would be far more broad and subtle,
like the random abuse that permeates some groups for a while, then seems to
move on once they're bloodied up enough. This is *far* more damaging to
remailers than flooding APAS and a few people who already have their minds
made up about Remailers.
Just my $.02 worth... :)
PATRICK PARIS -- SYPHILITIC PERVERT
PATRICK PARIS -- HATEFUL SCUMBAG
PATRICK PARIS -- PIECE OF SHIT
PATRICK PARIS -- STINKING PIECE OF FRENCH PIG SHIT
On Thu, 20 Oct 2005, Anonymous via the Cypherpunks Tonga Remailer
I heard he did something pretty shabby and Frog caught him at it and let
everybody know, and SB slinked off in disgrace, and that was the reason
he had it in for Frog.
What was the shabby thing he did?
everybody know, and SB slinked off in disgrace, and that was the reason
he had it in for Frog.
What was the shabby thing he did?
individuals. Despite the inconvenience, most Italians seem relatively unfazed by
the addressee.
You're a misinformed moron. Frog was a psychotic drug addict and a
scumbag whose purpose was to destroy the remailer network. He attacked
Secure Beer because he was a good, useful contributor.
scumbag whose purpose was to destroy the remailer network. He attacked
Secure Beer because he was a good, useful contributor.
like that. I just want to hear any complaints that so and so are the VICTIM Moore
and see how many users are mostly cowardly rats. You people that run remailers
should stop thinking of yourselves as knights in shining armour who give poor
Cuban dissidents a way to communicate with headquarters in Miami so the Cubanexile
airforce can drop supplies to them in 5 minutes or so.
That's all there is to it. If you think anything that sick freak Frog had
to say had any truth to it you are one truly stupid asshole.
It's surprising to see such venom in reply to a simple question. Areto say had any truth to it you are one truly stupid asshole.
you sure you are not Secure Beer?
I dont think it was Frogs word for whatever it was that SB did. I
seem to recall several people on the group agreeing that SB had done
something not quite kosher.
I am just curious about what it was.
Wait. Are you Bluejay???
Subject: Re: Twistycreek re-mailer open to public
Hash: SHA1
On Sat, 15 Oct 2005 23:30:05 +0200 (CEST), Nomen Nescio <***@dizum.com>
wrote:
Snipped
I thought you had a static IP now, not some 10.x.x.x crap? Or is
the static IP on the WAN side of the router? If so, no 10.x.x.x
traffic should be coming in to your network (the router should
be able to stop it and the ISP shouldn't be routing it to you in
the first place).
Anyway, block ports 135-139 and 445 at the router. All virus
stuff.
I have everything blocked except port 25 which is forwarded.the static IP on the WAN side of the router? If so, no 10.x.x.x
traffic should be coming in to your network (the router should
be able to stop it and the ISP shouldn't be routing it to you in
the first place).
Anyway, block ports 135-139 and 445 at the router. All virus
stuff.
I have a static IP. The new modem is a combination modem/router. You are
correct, the static IP is on the WAN side. I have 4 other computers
connected to it. 1 laptop by wireless so I have a wireless router plugged
in to one of the ports. The 3 others are direct connected to the router.
The re-mailer has a fixed IP while I let the other 2 receive their
addresses
by DHCP. The wireless laptop receives a 192.168.0.2 DHCP address from the
wireless router. The others all have 10.1.10.xxx IPs.
I have the re-mailer PC separated by giving it a different workgroup name.
So though it is on the network, I can't "see" it from the other computers.
To access the router, I have to type in 10.1.10.1 which brings up the login
page for the router. I set the re-mailer PC to a fixed IP. I let the other
PCs get their IPs from the router by DHCP. The router itself has a built in
firewall which I enabled. Then each computer has a McAffee
virus/securitycenter/firewall combination on it.
The only one that gets pinged is this one, the re-mailer. Things slowed
down once I blocked everything including the router. I am surprised it
still works at all.
As of this morning, I have had no more repeat pings. The ones listed below
are the last.
I just don't know how I can get pinged or whatever from the same address as
my router. I thought a real Domain IP should show up. Again, I am far from
the expert so would really like to know how this can be done. Seems pretty
tricky. I just don't like the name Blackhole. Gives me the shudders. I sure
know what a "blacklist" is and blackhole and blacklist are somewhat
synonymous. A Google search of the terms brings up pages that describe them
in kind.
I picked out the last 3 of about 12 or more total.
Here they are.
__________________________________________
2005/10/15 10:06:26 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0 ICMP
Ping
2005/10/15 10:12:35 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0 ICMP
Ping
2005/10/15 16:26:11 10.1.10.95:68 (ANONYMOUS) 255.255.255.255:67 Bootstrap
Protocol Server
__________________________________________
All trace routes come back to the below though the map part of the trace
route does not show anything.
Maybe this is all OK and they just happened to pick bad names for their
servers. BLACKHOLE? Yuuch!!!
Sender ANONYMOUS? Why not a real name?
Reminds me of Carnivore. Some stealth project :) A bad pick for a name at
any case. Great for a re-mailer though :)
__________________________________________
OrgName: Internet Assigned Numbers Authority
OrgID: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US
NetRange: 10.0.0.0 - 10.255.255.255
CIDR: 10.0.0.0/8
NetName: RESERVED-10
NetHandle: NET-10-0-0-0-1
Parent:
NetType: IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment: This block is reserved for special purposes.
Comment: Please see RFC 1918 for additional information.
Comment:
RegDate:
Updated: 2002-09-12
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: ***@iana.org
OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
OrgTechEmail: ***@iana.org
__________________________________________
The part that disturbs me is from the website. It says:
__________________________________________
Special-Use Addresses
Several address ranges are reserved for "Special Use". These addresses all
have restrictions of some sort placed on their use, and in general should
not appear in normal use on the public Internet. The following briefly
documents these addresses in general they are used in specialized
technical contexts. They are described in more detail in RFC 3330.
"Private Use" IP addresses:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
The above address blocks are reserved for use on private networks, and
should never appear in the public Internet. There are hundreds of thousands
of such private networks (for example home firewalls sometimes make use of
them). The IANA has no record of who uses these address blocks. Anyone may
use these address blocks within their own network without any prior
notification to IANA.
The point of private address space is to allow many organizations in
different places to use the same addresses, and as long as these
disconnected or self-contained islands of IP-speaking computers (private
intranets) are not connected, there is no problem. If you see an apparent
attack, or spam, coming from one of these address ranges, then either it is
coming from your local environment, or the address has been "spoofed".
__________________________________________
This part gets me:
"If you see an apparent attack, or spam, coming from one of these address
ranges, then either it is coming from your local environment, or the
address has been "spoofed". "
So, in the end, am I getting spoofed by a hacker, or by my own
cablemodem/router?
My read is that IPs of 10.0.0.0 - 10.255.255.255 should never appear on the
Internet. Why then should a ping or anything else come from that address
range and show up in my firewall log? Why would trace route take me back to
their site? Why would my modem use names like mail.brianbinder.com and
ANONYMOUS? Those names don't exist on any of the other PCs.
In the end, I am just puzzled. Forgive me if I tend to lean toward the
extremely cautious side of things, but this is a re-mailer. I take
operating it very seriously and believe I should do my best to protect it
to the point of erring towards the paranoid :) It is a new
cablemodem/router so I don't know what to expect out of it.
If someone can tell me what this is about, I would indeed be grateful.
Until I know more, I'll leave things as they lay. It seems to be working
OK, so if it isn't broken, don't fix it :) And, the pings have stopped :)
Regards all
BTW, I tried to answer this late last night but just plain messed something
up.
<<==========>>
Subject: Re: What Did He Do?
This whole group got flooded much worse than now by Eelbash for many
years and even when I was in a mental institution for a couple of months
the flooding continued (and I was on dail up at the time to add to
that). Then Frog-Admin announces his remailer gone and so are the floods
all of the sudden.
Flawed logic I think Thomas. You're suggesting Frog's demise and the end ofyears and even when I was in a mental institution for a couple of months
the flooding continued (and I was on dail up at the time to add to
that). Then Frog-Admin announces his remailer gone and so are the floods
all of the sudden.
the flooding make the two synonymous. It's equally likely that some other
person who had an obsession with FrogAdmin simply stopped flooding when
Frog went away. There's really no way to know for sure.
Not that I'm defending anyone mind you.
Then Eelbash comes (worse in some ways to Frog-Admin but less damaging
in other ways because noone takes him seriously). And then the minor
floods come.
I'm not even sure I'd call a couple days of random text a flood, but Iin other ways because noone takes him seriously). And then the minor
floods come.
suppose that's subjective.
1. I think the floods are linked to remailer load.
Lost me. ???2. I think someone who hates remailers is behind it.
I think someone who cares little one way or the other is behind it. I thinksomeone is doing it out of spite for other group participants or just to
feel "cool", and their feelings about remailers in general have nothing at
all to do with it.
A true "hater" would flood other groups, and as far as I'm aware no other
groups were flooded. Of course I just might be clueless here...??
3. I think think Eelbash Admin and Frog-Admin are two distinct persons
No doubt.4. I think Eelbash *loves* Frog-Admin
5. I think Eelbash is Frog-Admin's 'love child' as he puts it himself
I think that's more information than I need to know. <g>5. I think Eelbash is Frog-Admin's 'love child' as he puts it himself
6. I think Scientology is twisted, secretive and hateful toward
remailers enough to experiment with disrupting the network
I agree with you there. I think that Scientology and Kooks like KRP areremailers enough to experiment with disrupting the network
responsible for the vast majority of random usenet abuse, and because of
that, the bulk of the bad reputation Remailers have. :(
7. I think Eelbask and Frog-Admin got something in return for the
flooding
8. http://xenu.net/archive/ot/ can save you a lot of money
9. Remember who got pissed at penet.fi (it was CoS)
Hmmm..... a link between FA and the Cult of Scientology?flooding
8. http://xenu.net/archive/ot/ can save you a lot of money
9. Remember who got pissed at penet.fi (it was CoS)
Sounds like a basis for the next bockbuster SciFi movie/novel Thomas. Color
up the characters a bit, maybe make the flood a more devious attack, and
make the victim the Iraqi Embassy... you might be on to something. :)
*I* think that if the Co$ was behind some nefarious activity it wouldn't' be
limited to these groups, and they wouldn't give a rat's ass about people
like you and I who took shots at the flooders and those we thought might be
responsible. *I* think their attack would be far more broad and subtle,
like the random abuse that permeates some groups for a while, then seems to
move on once they're bloodied up enough. This is *far* more damaging to
remailers than flooding APAS and a few people who already have their minds
made up about Remailers.
Just my $.02 worth... :)
--
Hand crafted on October 20, 2005 at 19:26:32 -0400
Outside of a dog, a book is a man's best friend.
Inside of a dog, it's too dark to read.
-Groucho Marx
Hand crafted on October 20, 2005 at 19:26:32 -0400
Outside of a dog, a book is a man's best friend.
Inside of a dog, it's too dark to read.
-Groucho Marx