THIS UNWANTED GARBAGE ORIGINATED FROM AND BROUGHT TO YOU COURTESY OF:

PATRICK PARIS -- PIECE OF SHIT
PATRICK PARIS -- STINKING PIECE OF FRENCH PIG SHIT
PATRICK PARIS -- SHITBAG FLOODER
PATRICK PARIS -- SCUM OF THE EARTH




George Orwell <nobody@mixmaster.it> wrote:

-----BEGIN PGP SIGNED MESSAGE-----

You have to do with remailers, kook?   You admitted that your objective is to
provide a reliable and fast carrier. Want to hide from anyone in the right to
privacy is a small town. Everybody knows everything about everybody. So I really
do feel I need some kind of person who would know this story.  I would expect more
like 50% for you and your cohorts.  May I ask how many is everyone?

R.r.GVy fS qRNAXF bQ sVFU

My low latenceny subjects me to just mask my IP. That's all.

Eelbasher

-----BEGIN PGP SIGNATURE-----

iQBVAgUBQ1rlaGbGplRFnhoNAQFlhgH9FHwLQyk0Cc5CDd6H96VtJCUt2IxpQso6
DNix+O0YtZ5csFc+V4sS6NW1hAah3pFhfKs9MtsT8rLcnscDqKGIJw==
=Z563

ROME - Looking out over the cobblestone streets of Rome's Borgo Pio neighborhood,
Maurizio Savoni says he's closing his Internet cafe operators must periodically
turn this list into their local police headquarters. "After 9/11, Madrid, and
London, we all have to do when in "secret-spy" mode.

-----END PGP SIGNATURE-----

ROME - Looking out over the net.
It is simple anyone who has been on Usenet for more than a month KNOWS  that
making complaints to remailer load.

<<==========>>

Subject: Re: Ok, what's not working with Type II?

In article <1131248167_172@bigapple.yi.org>
"[Anonymous] Persona" <anonymous@bigappleremailer.com> wrote:

-----BEGIN TYPE III ANONYMOUS MESSAGE-----
Message-type: plaintext

Suddenly nothing's getting through.

I use auto remailers with stats from bikikki.
I use 2 m2n gateways (dizum and bananasplit)
My nyms are with blackhole and panta.

What gives?  Bad stats?  both gateways down?  Nym servers
both down?

I'm missing something.  What is it?

Persona

For QS Use:
http://echolot.platypuslabs.org/mlist.html
http://echolot.platypuslabs.org/pubring.mix
http://echolot.platypuslabs.org/type2.list
http://echolot.platypuslabs.org/rlist2.html
http://echolot.platypuslabs.org/pgp-all.asc

-----END TYPE III ANONYMOUS MESSAGE-----

<<==========>>

Subject: Re: Twistycreek re-mailer open to public

Hash: SHA1

On 16 Oct 2005 16:23:00 -0000, Thrasher Remailer <thrasher@reece.net.au>
wrote:

In article <OCI0NH5J38641.0623726852@anonymous.sender>
Anonymous-Remailer@See.Comment.Header (Twisty_admin) wrote:

I have been consistantly pinged by  BLACKHOLE-1.IANA.ORG from
ANONYMOUS and mail.brianbinder.com. A tad annoying when mine is a
static commercial account.

Odd  that they could ping me from 10.1.10.1 which is the same address
as my new modem/router. They also tried to connect to port 137.

I had to use the internal firewall to block all the connections they
use. Now I can't access my modem/router from this PC. A never ending
battle.  :)

I thought you had a static IP now, not some 10.x.x.x crap? Or is
the static IP on the WAN side of the router? If so, no 10.x.x.x
traffic should be coming in to your network (the router should
be able to stop it and the ISP shouldn't be routing it to you in
the first place).

Anyway, block ports 135-139 and 445 at the router. All virus
stuff.

I have everything blocked except port 25 which is forwarded.

I have a static IP. The new modem is a combination modem/router. You are
correct, the static IP is on the WAN side. I have 4 other computers
connected to it. 1 laptop by wireless so I have a wireless router
plugged in to one of the ports. The 3 others are direct connected to the
router. The re-mailer has a fixed IP while I let the other 2 receive
their addesses by DHCP. The wireless laptop receives a 192.168.0.2
address from the
wireless router. The others all have 10.1.10.xxx IPs.

To access the router, I have to type in 10.1.10.1 which brings up the
login page for the router. The re-mailer PC is at a fixed IP of
10.1.10.xxx.  (in case they read this, they'll have to guess what xxx
is) The router itself has a built in firewall which I enabled. Then each
computer has a McAffee virus/securitycenter/firewall combination on it.

The only one that gets pinged is this one, the re-mailer. Things slowed
down since I blocked everything including the router. I am surprised it
still works at all.

I just don't know how I can get pinged or whatever from the same address
as my router. I thought a real Domain IP should show up. Again, I am far
from the expert so would really like to know how this can be done. Seems
pretty tricky. I just don't like the name Blackhole. Gives me the
shudders. I sure know what a "blacklist" is and blackhole and blacklist
are somewhat
synonymous.

I picked out 3 out of about 12.
Here they are.

2005/10/15 10:06:26 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0
ICMP Ping
2005/10/15 10:12:35 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0
ICMP Ping
2005/10/15 16:26:11 10.1.10.95:68 (ANONYMOUS) 255.255.255.255:67
Bootstrap Protocol Server

ICMP type 0 is ping reply (pong) isn't it? Sure you're not
pinging or tracerouting mail.brainbinder.com at the time?

All traceroutes come back to this:
Maybe this is all OK and they just happened to pick bad names for their
servers. Blackhole? Yuuch!!!

Sender ANONYMOUS? Why not a real name?

Because 10.1.10.95 doesn't have a valid reverse DNS record.
Which it won't, because it's not on the internet. Unless you set
one up locally.

Reminds me of Carnivore.  Some stealth project :) A bad pick for a name
at any case.

OrgName:    Internet Assigned Numbers Authority
OrgID:      IANA
Address:    4676 Admiralty Way, Suite 330
City:       Marina del Rey
StateProv:  CA
PostalCode: 90292-6695
Country:    US

NetRange:   10.0.0.0 - 10.255.255.255
CIDR:       10.0.0.0/8
NetName:    RESERVED-10
NetHandle:  NET-10-0-0-0-1
Parent:
NetType:    IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment:    This block is reserved for special purposes.
Comment:    Please see RFC 1918 for additional information.
Comment:
RegDate:
Updated:    2002-09-12

OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName:   Internet Corporation for Assigned Names and Number
OrgAbusePhone:  +1-310-301-5820
OrgAbuseEmail:  abuse@iana.org

OrgTechHandle: IANA-IP-ARIN
OrgTechName:   Internet Corporation for Assigned Names and Number
OrgTechPhone:  +1-310-301-5820
OrgTechEmail:  abuse@iana.org


The part that disturbs me is from their own website. It says:

Special-Use Addresses

Several address ranges are reserved for "Special Use". These addresses
all have restrictions of some sort placed on their use, and in general
should not appear in normal use on the public Internet. The following
briefly documents these addresses – in general they are used in
specialized
technical contexts. They are described in more detail in RFC 3330.
"Private Use" IP addresses:
        10.0.0.0 - 10.255.255.255
        172.16.0.0 - 172.31.255.255
        192.168.0.0 - 192.168.255.255

The above address blocks are reserved for use on private networks, and
should never appear in the public Internet. There are hundreds of
thousands

That's right.

You're not being pinged or attacked from outside your network.

Don't worry about the name blackhole - that's been assigned by
IANA!

So, in the end, am I getting spoofed by a hacker, or by my own
cablemodem/router?

If it's a spoof (and I very much doubt it), the reply isn't
going anywhere. Besides which, your router shouldn't be routing
those addresses inbound so it's almost certainly coming from
within your network.

Just checked the firewall again. You are right. I shut down all the other
computers except my main and the re-mailer. I just checked the firewall and
was pinged just a little while ago from 10.1.10.95.

The mail.brianbinder.com might be built into the modem router. I just
checked and the 10.1.10.95 is the IP of my main computer.

As I mentioned before, I gave this PC a different workgroup name to keep it
separated from the rest of the network. Maybe the main computer can see
another computer on the network and is trying to connect.

Looks like I am chasing my tail. Whew!!!!!!! Thank you so very much.

That is a great relief. Paranoia, the stuff re-mailers were made for :)

My Warmest Regards and Thanks, you can't imagine what a relief it is. I
hope you can understand why I worry so much about this PC since it is a
re-mailer.

I feel much better being being safe than sorry. Obviously if I knew more, I
wouldn't have gotten so nervous.

I freely admit I am a noobie, so anything that seems out of place gets my
attention.

Operating a re-mailer is a great learning experience. It makes you question
everything related to the security of the system. I know others are
trusting me to operate a secure system and I don't take that trust lightly.

Again, thank you for taking the time to clarify this for me.

My Most Sincere and Warmest Regards to You,

Twisty Admin

Il mittente di questo messaggio|The sender address of this
non corrisponde ad un utente   |message is not related to a real
reale ma all'indirizzo fittizio|person but to a fake address of an
di un sistema anonimizzatore   |anonymous system
Per maggiori informazioni      |For more info
                  https://www.mixmaster.it