THIS UNWANTED GARBAGE ORIGINATED FROM AND BROUGHT TO YOU COURTESY OF:

PATRICK PARIS -- I RUB MY COCK IN YOUR FACE
PATRICK PARIS -- FAILED REMAILER OPERATOR
PATRICK PARIS -- SUCKED ONE SUCKED 'EM ALL
PATRICK PARIS -- PIECE OF SHIT






  In article <YJLAY9F138147.4308217593@Gilgamesh-Frog.org>,
  Eelbash Admin<Anonymous-Remailer@See.Comment.Header> wrote:
 

It is simple: with Frog retiring, there are only 2, possibly 3, adult
remailer operators left. I decided to do my bit for a responsible and
adult remailer system by running Bushwa.

 
In addition to *this* arrogance, remember he also publicly campaigned for
the delisting of Austria and Dizum.  He also told us that because of his
breeding, he was superior to the rest of us.
Yes, those actually were his reasons.

This all came after his failed attempt to institute hate-speech filters and
his "editing" of his users posts. This "superior champion of privacy" used
to read and edit users posts to make sure they met his criteria for
political correctness.

Then came his admission that he was unaware that mixmaster was a server as
well as a client, and that he had no clue what a "partitioning attack" was,
despite having run a remailer for "...over 15 years"
(a blatant,bald-faced LIE).

So his remailer was cut off from the rest of the network, become the one
and only remailer in the history of the network to receive a Remailer Death
Penalty, or RDP. Shortly thereafter, he tried to sneak back in as "Bushwa".

He was busted. Then he came back with "greatwall", despite the fact that
remailer names are supposed to observe an 8 character limit.

So now he is back again, as Asmodeus, although he is still crippled by only
being listed by 8 remailers, and 2 pingers.

His "career" as a remop is studded with examples like the ones above.
If you can find them, you can check out posts about his monitoring
and filtering behavior on past remailers he has run.
The ones we know about are:


 eelbash
 axloltl
 axolotl2
 cheshire
 congo
 bog
 bogg
 eelbash (again)
 bushwa
 greatwall
 asmodeus
 eelbash (again!)
 eelbash (again!!)
 
Last time it took 10 days between announcing his triumphant return,
and having to close down for ADMITTING that he was reading
people's posts and emails AGAIN.

<<==========>>

Subject: Re: Twistycreek re-mailer open to public

On 16 Oct 2005, BiKiKii Admin <Use-Author-Supplied-Address-Header@[127.1]>
wrote:

-----BEGIN PGP SIGNED MESSAGE-----

On 15 Oct 2005, Admin_rbtor wrote:
twistycreek

Good to see your return.

The Mix keyring still needs repair.
A number of remailers are missing capability flags.
i.e. antani, bikikii, frell, metacolo,

Ciao!

BiKiKii

Thank you so much my friend. You are truly a Gem. Forgive me, but it is
late and I am "pooped". I will get on that tomorrow first thing. Number 1
on my priority list, well coffee first :)

My Warmest Regards

-----BEGIN PGP SIGNATURE-----
Version: N/A

iQEVAwUBQ1BGgfRwi/QFFzi5AQFD5Qf/VzXbpi3scxlqkh3dvJK3yeJQHaAdg9+l
F7S3HQ7reGGBMFrKF7jQlWATyJattv6gfRsGbmF8tdS1Niu7itW5Az4NVuXJFfXf
jBkcPWhVMtVktFNmJwKS79z5aMH9W8TlPjqSqT/9zc/+du694cdb0D0UxTBIMQpj
QA1hIZCefQkEv/re6+wgeRYRWbOYH3QspqxaAXorgYrNxltkOFPdTogo6U/95rWc
YS1RMIY5Cg4Y6Y4q1FtBDy3pDOErnOQl/MLRfct0nj03pGrryujq2gjPGKSnS8Lo
Vr4ia/GL3dadW08PPRVVFrqNfUdmHve+0OMjp8uo0+eIGeA1hHu+Ig==
=ndrk
-----END PGP SIGNATURE-----

<<==========>>

Subject: Thank You Thrasher - Repost

Hash: SHA1

On 16 Oct 2005 16:23:00 -0000, Thrasher Remailer <thrasher@reece.net.au>
wrote:

In article <OCI0NH5J38641.0623726852@anonymous.sender>
Anonymous-Remailer@See.Comment.Header (Twisty_admin) wrote:

I have been consistantly pinged by  BLACKHOLE-1.IANA.ORG from
ANONYMOUS and mail.brianbinder.com. A tad annoying when mine is a
static commercial account.

Odd  that they could ping me from 10.1.10.1 which is the same address
as my new modem/router. They also tried to connect to port 137.

I had to use the internal firewall to block all the connections they
use. Now I can't access my modem/router from this PC. A never ending
battle.  :)

I thought you had a static IP now, not some 10.x.x.x crap? Or is
the static IP on the WAN side of the router? If so, no 10.x.x.x
traffic should be coming in to your network (the router should
be able to stop it and the ISP shouldn't be routing it to you in
the first place).

Anyway, block ports 135-139 and 445 at the router. All virus
stuff.

I have everything blocked except port 25 which is forwarded.

I have a static IP. The new modem is a combination modem/router. You are
correct, the static IP is on the WAN side. I have 4 other computers
connected to it. 1 laptop by wireless so I have a wireless router
plugged in to one of the ports. The 3 others are direct connected to the
router. The re-mailer has a fixed IP while I let the other 2 receive
their addesses by DHCP. The wireless laptop receives a 192.168.0.2
address from the
wireless router. The others all have 10.1.10.xxx IPs.

To access the router, I have to type in 10.1.10.1 which brings up the
login page for the router. The re-mailer PC is at a fixed IP of
10.1.10.xxx.  (in case they read this, they'll have to guess what xxx
is) The router itself has a built in firewall which I enabled. Then each
computer has a McAffee virus/securitycenter/firewall combination on it.

The only one that gets pinged is this one, the re-mailer. Things slowed
down since I blocked everything including the router. I am surprised it
still works at all.

I just don't know how I can get pinged or whatever from the same address
as my router. I thought a real Domain IP should show up. Again, I am far
from the expert so would really like to know how this can be done. Seems
pretty tricky. I just don't like the name Blackhole. Gives me the
shudders. I sure know what a "blacklist" is and blackhole and blacklist
are somewhat
synonymous.

I picked out 3 out of about 12.
Here they are.

2005/10/15 10:06:26 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0
ICMP Ping
2005/10/15 10:12:35 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0
ICMP Ping
2005/10/15 16:26:11 10.1.10.95:68 (ANONYMOUS) 255.255.255.255:67
Bootstrap Protocol Server

ICMP type 0 is ping reply (pong) isn't it? Sure you're not
pinging or tracerouting mail.brainbinder.com at the time?

All traceroutes come back to this:
Maybe this is all OK and they just happened to pick bad names for their
servers. Blackhole? Yuuch!!!

Sender ANONYMOUS? Why not a real name?

Because 10.1.10.95 doesn't have a valid reverse DNS record.
Which it won't, because it's not on the internet. Unless you set
one up locally.

Reminds me of Carnivore.  Some stealth project :) A bad pick for a name
at any case.

OrgName:    Internet Assigned Numbers Authority
OrgID:      IANA
Address:    4676 Admiralty Way, Suite 330
City:       Marina del Rey
StateProv:  CA
PostalCode: 90292-6695
Country:    US

NetRange:   10.0.0.0 - 10.255.255.255
CIDR:       10.0.0.0/8
NetName:    RESERVED-10
NetHandle:  NET-10-0-0-0-1
Parent:
NetType:    IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment:    This block is reserved for special purposes.
Comment:    Please see RFC 1918 for additional information.
Comment:
RegDate:
Updated:    2002-09-12

OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName:   Internet Corporation for Assigned Names and Number
OrgAbusePhone:  +1-310-301-5820
OrgAbuseEmail:  abuse@iana.org

OrgTechHandle: IANA-IP-ARIN
OrgTechName:   Internet Corporation for Assigned Names and Number
OrgTechPhone:  +1-310-301-5820
OrgTechEmail:  abuse@iana.org


The part that disturbs me is from their own website. It says:

Special-Use Addresses

Several address ranges are reserved for "Special Use". These addresses
all have restrictions of some sort placed on their use, and in general
should not appear in normal use on the public Internet. The following
briefly documents these addresses – in general they are used in
specialized
technical contexts. They are described in more detail in RFC 3330.
"Private Use" IP addresses:
        10.0.0.0 - 10.255.255.255
        172.16.0.0 - 172.31.255.255
        192.168.0.0 - 192.168.255.255

The above address blocks are reserved for use on private networks, and
should never appear in the public Internet. There are hundreds of
thousands

That's right.

You're not being pinged or attacked from outside your network.

Don't worry about the name blackhole - that's been assigned by
IANA!

So, in the end, am I getting spoofed by a hacker, or by my own
cablemodem/router?

If it's a spoof (and I very much doubt it), the reply isn't
going anywhere. Besides which, your router shouldn't be routing
those addresses inbound so it's almost certainly coming from
within your network.

Just checked the firewall again. You are right. I shut down all the other
computers except my main and the re-mailer. I just checked the firewall and
was pinged just a little while ago from 10.1.10.95.

The mail.brianbinder.com might be built into the modem router. I just
checked and the 10.1.10.95 is the IP of my main computer.

As I mentioned before, I gave this PC a different workgroup name to keep it
separated from the rest of the network. Maybe the main computer can see
another computer on the network and is trying to connect.

Looks like I am chasing my tail. Whew!!!!!!! Thank you so very much.

That is a great relief. Paranoia, the stuff re-mailers were made for :)

My Warmest Regards and Thanks, you can't imagine what a relief it is. I
hope you can understand why I worry so much about this PC since it is a
re-mailer.

I feel much better being being safe than sorry. Obviously if I knew more, I
wouldn't have gotten so nervous.

I freely admit I am a noobie, so anything that seems out of place gets my
attention.

Operating a re-mailer is a great learning experience. It makes you question
everything related to the security of the system. I know others are
trusting me to operate a secure system and I don't take that trust lightly.

Again, thank you for taking the time to clarify this for me.

My Most Sincere and Warmest Regards to You,

Twisty Admin

<<==========>>

Subject: Re: PGP 8.1 for Windows & Mac


Thrasher Remailer wrote:

In <436605d9$0$11066$e4fe514c@news.xs4all.nl>, nospam@hccnet.nl wrote:

Thrasher Remailer wrote:

In <141487877198371.PGP@version.81>, PGP@version.81 wrote:

   My Dears,
            The people are grumbling, murmuring, complaining,
protesting, even snarling, barking and so forth:
http://65.24.76.65/sounds/FX/bark1.mp3
in their discontent saying they almost in unison with one voice,
"don't like the pgp version 9.x"

Of course. 7.x and higher is bloatware (among many other issues)

It is not that bad I think. And PGP 9.0.2 is supposedly very easy to use
(once you pay to use the local mail proxy).

            One of the most long-standing respected esteemed
knowledgeable posters to these groups the honorable Boschloo has
here stated:
http://groups.google.com/group/alt.privacy.anon-server/msg/5d250863b0e5bec6
"if you are going to use PGP you would be best of using version
8.1"

Mr Boschloo is incorrect.

Untill we see a newer version of spgp.dll, pgp 6.5.8ckt09b3 is the highest
version welcome.  It would be best if spgp.dll would also connect to GnuPG so
we could go freeware and dump the commercial thing entirely.

Spoken like a true JBNx user :-)

damn right i am!  and one that really wants to use gnupg with jbn instead of

having to pay pgp for a licence.

So you use JBN commercially?

Kind Regards,
Thomas
- --
Gothika: "How can you trust someone who thinks you are crazy"