I am going now to give a general characterization of the information that is
is the main.uschess.org logs. Later today, I hope I will receive permission
to post the actual lines from the logs for the inspection of concerned USCF
members.

I already presented two posts that were made on the rec.games.chess.politics
newsgroup, both posted by the "Fake Ray Gordon". One of these had the IP
address 75.111.194.9, a Suddenlink cable IP address from Texas. This post is
one of six that were made by FRG on September 19. The other post was one
made from 201.134.236.150 yesterday. This is an IP address in Mexico City.

Now, this web site keeps both regular web logs and a log that is maintained
by the joomla-bridge for this forum. The regular web logs record the
date/time, IP address, the request, including query string, and the user
agent string that was sent by the browser for every hit on the web server.
The joomla-bridge log keeps all of this information, plus it gives the
Joomla user id, and the Joomla and phpbb3 usernames of the user for each hit
on the forums.

Starting on September 16, a particular user was logged in on the forums and
made numerous requests on the forum software with the IP address
75.111.194.9. This continued until September 20. During this time, with one
short exception every hit by this user, at least when logged in under his
account, was from this IP address. The exception was a short visit to the
forums when the person accessed the forums from an IP address associated
with university in Texas. After the short interruption he went back to
75.111.194.9. It was during this period that all the posts in the forum with
a poster IP of 75.111.194.9 occurred. September 19, which is when the 6 FRG
posts from 75.111.194.9 were made in the newsgroup, fell toward the end of
this period.

Later, on September 20, the person stopped using 75.111.194.9, and appeared
briefly with another IP, from a cell phone company. Then, still later on
September 20, the person started using 201.134.236.150, which is an IP
address in Mexico City. Though the person had stopped posting in the forums
by then, he still needed to be logged into the forums in order to read the
USCF Issues forum and to check PM's. All those accesses, of which there were
many, were from 201.134.236.150. The usage of 201.134.236.150 continued
through last night throughout the night. It looks like the person was up all
night monitoring this forum. During the night, he was apparently also busy
deleting large numbers of FRG and FSS posts from the usenet groups. It was
this Mexico City IP, 201.134.236.150, which was used to post the second of
the two posts I presented last night, the one that referred to me and Bogner
as "crooks" and speculated as to whether we were stealing credit card
numbers from USCF members.

So, not only do the IP addresses on posts in the forums tie these two IP
addresses associated with FRG to the forum member, but the logs show that a
specific forum member was using these two IP addresses essentially
continuously on this forum, with the exception of the short visit from the
university.

There is also evidence from the User Agent strings. User agent strings are
information sent by web browsers to servers to describe themselves, so that
the servers know what kind of browser it is, and can generate the
appropriate HTML. Different browsers occasionally require different HTML
code. Essentially all of the thousands of posts made during the last several
months by FRG and FSS have had the same user agent string as the September
19 Usenet post that I posted. This was:

Mozilla/4.0 (compatible; MSIE 7.0; AOL 9.0; Windows NT 6.0; SLCC1; .NET CLR
2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506;
InfoPath.2),gzip(gfe),gzip(gfe)

This is a quite specific user agent string, and in the logs for the forums,
there have been only two users with this user agent string since the
joomla-bridge logs started to be kept on September 14. One of those two
users accessed the forums rarely in the period, and by looking at
timestamps, it is possible to eliminate that person as a possibility, even
without considering IP addresses. The other user with this user agent string
was the same person who was coming into this forum from 75.111.194.9 and who
posted here under that IP. I repeat that this is the IP from which FRG made
6 posts to the Usenet groups on September 19.

Next, you will note that the user agent string is different on the Usenet
post by FRG yesterday from Mexico City. This was: Mozilla/4.0 (compatible;
MSIE 7.0; AOL 9.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center
PC 5.0; .NET CLR 3.0.04506; Tablet PC 2.0),gzip(gfe),gzip(gfe)

This second string is similar to the first, but it is a Tablet PC 2.0.
Apparently, FRG took his laptop with him from Texas to Mexico City, not his
desktop system. Significantly, when the forum user who had been posting and
visiting under 75.111.194.9 suddenly appeared on the forum with the same
Mexico City IP as FRG used, he also had the same Tablet PC 2.0 user agent
string as well. Every hit on this forum from Mexico City has had that user
agent string, the same one as appeared on the FRG post yesterday.

So both the IP addresses and the user agent strings used by the particular
person on this forum match those used by FRG for the September 19 and
September 26 posts, and one of the user agent strings matches the one that
FRG, FSS, etc have been recording on Usenet for many months.