Re: PGP 8.1 for Windows & Mac

[Anonymous]

THIS UNWANTED GARBAGE ORIGINATED FROM AND BROUGHT TO YOU COURTESY OF:

PATRICK PARIS -- FAILED PROGRAMMER
PATRICK PARIS -- FAILED CRACKER
PATRICK PARIS -- FAILED REMAILER OPERATOR
PATRICK PARIS -- SHITBAG

Hi Nurse,
Om shanti nilaya

Thanks for all of the great links to PGP 8.1. I used to use PGP 6.5.8
and presently PGP 9.0.2 which works fine for me. But it is nice to
have PGP 8.1 to fall back on.

Thanks,

Frank, RN

<<==========>>

Subject: the newsgroupAnd those

of the best ways to
discourage unwanted
posting through remailers
Flgeneral is one of the

passed a new user i want
to be vandalismThe near
24hour dropout had been
caused in part by
Hurricane Rita We only
lost power for about 5

<<==========>>

Subject: Re: Twistycreek re-mailer open to public

In article <OCI0NH5J3864...@anonymous.sender>
Anonymous...@See.Comment.Header (Twisty_admin) wrote:

> >> I have been consistantly pinged by BLACKHOLE-1.IANA.ORG from ANONYMOUS and
> >> mail.brianbinder.com. A tad annoying when mine is a static commercial
> >> account.
> >>
> >> Odd that they could ping me from 10.1.10.1 which is the same address as my
> >> new modem/router. They also tried to connect to port 137.
> >>
> >> I had to use the internal firewall to block all the connections they use.
> >> Now I can't access my modem/router from this PC. A never ending battle. :)
> >
> >I thought you had a static IP now, not some 10.x.x.x crap? Or is
> >the static IP on the WAN side of the router? If so, no 10.x.x.x
> >traffic should be coming in to your network (the router should
> >be able to stop it and the ISP shouldn't be routing it to you in
> >the first place).
> >
> >Anyway, block ports 135-139 and 445 at the router. All virus
> >stuff.
>
> I have everything blocked except port 25 which is forwarded.
>
> I have a static IP. The new modem is a combination modem/router. You are
> correct, the static IP is on the WAN side. I have 4 other computers
> connected to it. 1 laptop by wireless so I have a wireless router plugged
> in to one of the ports. The 3 others are direct connected to the router.
> The re-mailer has a fixed IP while I let the other 2 receive their addesses
> by DHCP. The wireless laptop receives a 192.168.0.2 address from the
> wireless router. The others all have 10.1.10.xxx IPs.
>
> To access the router, I have to type in 10.1.10.1 which brings up the login
> page for the router. The re-mailer PC is at a fixed IP of 10.1.10.xxx. (in
> case they read this, they'll have to guess what xxx is) The router itself
> has a built in firewall which I enabled. Then each computer has a McAffee
> virus/securitycenter/firewall combination on it.
>
> The only one that gets pinged is this one, the re-mailer. Things slowed
> down since I blocked everything including the router. I am surprised it
> still works at all.
>
> I just don't know how I can get pinged or whatever from the same address as
> my router. I thought a real Domain IP should show up. Again, I am far from
> the expert so would really like to know how this can be done. Seems pretty
> tricky. I just don't like the name Blackhole. Gives me the shudders. I sure
> know what a "blacklist" is and blackhole and blacklist are somewhat
> synonymous.
>
> I picked out 3 out of about 12.
> Here they are.
>
> 2005/10/15 10:06:26 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0 ICMP
> Ping
> 2005/10/15 10:12:35 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0 ICMP
> Ping
> 2005/10/15 16:26:11 10.1.10.95:68 (ANONYMOUS) 255.255.255.255:67 Bootstrap
> Protocol Server

ICMP type 0 is ping reply (pong) isn't it? Sure you're not
pinging or tracerouting mail.brainbinder.com at the time?

> All traceroutes come back to this:
> Maybe this is all OK and they just happened to pick bad names for their
> servers. Blackhole? Yuuch!!!
>
> Sender ANONYMOUS? Why not a real name?

Because 10.1.10.95 doesn't have a valid reverse DNS record.
Which it won't, because it's not on the internet. Unless you set
one up locally.

> Reminds me of Carnivore. Some stealth project :) A bad pick for a name at
> any case.
>
> OrgName: Internet Assigned Numbers Authority
> OrgID: IANA
> Address: 4676 Admiralty Way, Suite 330
> City: Marina del Rey
> StateProv: CA
> PostalCode: 90292-6695
> Country: US
>
> NetRange: 10.0.0.0 - 10.255.255.255
> CIDR: 10.0.0.0/8
> NetName: RESERVED-10
> NetHandle: NET-10-0-0-0-1
> Parent:
> NetType: IANA Special Use
> NameServer: BLACKHOLE-1.IANA.ORG
> NameServer: BLACKHOLE-2.IANA.ORG
> Comment: This block is reserved for special purposes.
> Comment: Please see RFC 1918 for additional information.
> Comment:
> RegDate:
> Updated: 2002-09-12
>
> OrgAbuseHandle: IANA-IP-ARIN
> OrgAbuseName: Internet Corporation for Assigned Names and Number
> OrgAbusePhone: +1-310-301-5820
> OrgAbuseEmail: ab...@iana.org
>
> OrgTechHandle: IANA-IP-ARIN
> OrgTechName: Internet Corporation for Assigned Names and Number
> OrgTechPhone: +1-310-301-5820
> OrgTechEmail: ab...@iana.org
>
>
> The part that disturbs me is from their own website. It says:
>
> Special-Use Addresses
>
> Several address ranges are reserved for "Special Use". These addresses all
> have restrictions of some sort placed on their use, and in general should
> not appear in normal use on the public Internet. The following briefly
> documents these addresses – in general they are used in specialized
> technical contexts. They are described in more detail in RFC 3330.
> "Private Use" IP addresses:
> 10.0.0.0 - 10.255.255.255
> 172.16.0.0 - 172.31.255.255
> 192.168.0.0 - 192.168.255.255
>
> The above address blocks are reserved for use on private networks, and
> should never appear in the public Internet. There are hundreds of thousands

That's right.

You're not being pinged or attacked from outside your network.

Don't worry about the name blackhole - that's been assigned by
IANA!

> So, in the end, am I getting spoofed by a hacker, or by my own
> cablemodem/router?

If it's a spoof (and I very much doubt it), the reply isn't
going anywhere. Besides which, your router shouldn't be routing
those addresses inbound so it's almost certainly coming from
within your network.