Anonymous Sender
2007-12-24 15:00:03 UTC
THIS UNWANTED GARBAGE ORIGINATED FROM AND BROUGHT TO YOU COURTESY OF:
PATRICK PARIS -- I RUB MY COCK IN YOUR FACE
PATRICK PARIS -- FAILED HUMAN BEING
PATRICK PARIS -- SYPHILITIC PERVERT
PATRICK PARIS -- MORALLY BANKRUPT
Subject: Re: Reliable, JBN & Quicksilver in Linux
Sarge, yet has Reliable operating. Perhaps he'd be could elaborate on that
and if Reliable or JBN is running on linux, he could tell how he's done it.
<<==========>>
Subject: Re: Twistycreek re-mailer open to public
the static IP on the WAN side of the router? If so, no 10.x.x.x
traffic should be coming in to your network (the router should
be able to stop it and the ISP shouldn't be routing it to you in
the first place).
Anyway, block ports 135-139 and 445 at the router. All virus
stuff.
I have everything blocked except port 25 which is forwarded.
I have a static IP. The new modem is a combination modem/router. You are
correct, the static IP is on the WAN side. I have 4 other computers
connected to it. 1 laptop by wireless so I have a wireless router plugged
in to one of the ports. The 3 others are direct connected to the router.
The re-mailer has a fixed IP while I let the other 2 receive their addesses
by DHCP. The wireless laptop receives a 192.168.0.2 address from the
wireless router. The others all have 10.1.10.xxx IPs.
To access the router, I have to type in 10.1.10.1 which brings up the login
page for the router. The re-mailer PC is at a fixed IP of 10.1.10.xxx. (in
case they read this, they'll have to guess what xxx is) The router itself
has a built in firewall which I enabled. Then each computer has a McAffee
virus/securitycenter/firewall combination on it.
The only one that gets pinged is this one, the re-mailer. Things slowed
down since I blocked everything including the router. I am surprised it
still works at all.
I just don't know how I can get pinged or whatever from the same address as
my router. I thought a real Domain IP should show up. Again, I am far from
the expert so would really like to know how this can be done. Seems pretty
tricky. I just don't like the name Blackhole. Gives me the shudders. I sure
know what a "blacklist" is and blackhole and blacklist are somewhat
synonymous.
I picked out 3 out of about 12.
Here they are.
2005/10/15 10:06:26 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0 ICMP
Ping
2005/10/15 10:12:35 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0 ICMP
Ping
2005/10/15 16:26:11 10.1.10.95:68 (ANONYMOUS) 255.255.255.255:67 Bootstrap
Protocol Server
ICMP type 0 is ping reply (pong) isn't it? Sure you're not
pinging or tracerouting mail.brainbinder.com at the time?
Which it won't, because it's not on the internet. Unless you set
one up locally.
You're not being pinged or attacked from outside your network.
Don't worry about the name blackhole - that's been assigned by
IANA!
going anywhere. Besides which, your router shouldn't be routing
those addresses inbound so it's almost certainly coming from
within your network.
PATRICK PARIS -- I RUB MY COCK IN YOUR FACE
PATRICK PARIS -- FAILED HUMAN BEING
PATRICK PARIS -- SYPHILITIC PERVERT
PATRICK PARIS -- MORALLY BANKRUPT
-----BEGIN PGP SIGNED MESSAGE-----
Yeah, I was. Who else would post this. Or it is
a new h2o based abomination in training
Well said. Very amusing.It is better to not filter and lose all remailers than it is to have all
remailers filter (and be flooded if they don't)
It is bad enough that we have Eelbash and had Frog do this, we don't
need any other water fauna poluting our network
You're aware that it is Eelbash that you are replying to right?remailers filter (and be flooded if they don't)
It is bad enough that we have Eelbash and had Frog do this, we don't
need any other water fauna poluting our network
a new h2o based abomination in training
by either Frog-Admin or
Eelbash Admin. <sarcasm> Can't wait for all the fun that will create for
me and this group </sarcasm>
btw, he probably also knows it is me replying and he probably hates me
just as much as Frog-Admin did.
Kind Regards,
Thomas
- --
Gothika: "How can you trust someone who thinks you are crazy" -----BEGIN
PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iQB5AwUBQ2Jz8gEP2l8iXKAJAQGldQMfTcsRngyOoLA6OciDI1zxnCYU4caDHsoi
y/g0Yd+qpG8AoVk6HNEOklBq4Lrj6yf7E/4TonE8WhxOLy3b7Qz25iFKVZuTyMtL
zLVQjEjGc5g2JJ4E7wqiIllp22BHuBYZn8AoBA== =78lX -----END PGP SIGNATURE-----
<<==========>>Eelbash Admin. <sarcasm> Can't wait for all the fun that will create for
me and this group </sarcasm>
btw, he probably also knows it is me replying and he probably hates me
just as much as Frog-Admin did.
Kind Regards,
Thomas
- --
Gothika: "How can you trust someone who thinks you are crazy" -----BEGIN
PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iQB5AwUBQ2Jz8gEP2l8iXKAJAQGldQMfTcsRngyOoLA6OciDI1zxnCYU4caDHsoi
y/g0Yd+qpG8AoVk6HNEOklBq4Lrj6yf7E/4TonE8WhxOLy3b7Qz25iFKVZuTyMtL
zLVQjEjGc5g2JJ4E7wqiIllp22BHuBYZn8AoBA== =78lX -----END PGP SIGNATURE-----
Subject: Re: Reliable, JBN & Quicksilver in Linux
Reliable would be lame in a *nix environment as there are plenty of
other choices.
I tried to get JBN running in Linux under both Wine and Crossover
Office, but it refused to install. No data here about Quicksilver.
Mixmaster meets all my needs.
Still, I'm curious. Unless I'm mistaken, Panta-Admin is running Debianother choices.
I tried to get JBN running in Linux under both Wine and Crossover
Office, but it refused to install. No data here about Quicksilver.
Mixmaster meets all my needs.
Sarge, yet has Reliable operating. Perhaps he'd be could elaborate on that
and if Reliable or JBN is running on linux, he could tell how he's done it.
<<==========>>
Subject: Re: Twistycreek re-mailer open to public
I have been consistantly pinged by BLACKHOLE-1.IANA.ORG from ANONYMOUS and
mail.brianbinder.com. A tad annoying when mine is a static commercial
account.
Odd that they could ping me from 10.1.10.1 which is the same address as my
new modem/router. They also tried to connect to port 137.
I had to use the internal firewall to block all the connections they use.
Now I can't access my modem/router from this PC. A never ending battle. :)
I thought you had a static IP now, not some 10.x.x.x crap? Or ismail.brianbinder.com. A tad annoying when mine is a static commercial
account.
Odd that they could ping me from 10.1.10.1 which is the same address as my
new modem/router. They also tried to connect to port 137.
I had to use the internal firewall to block all the connections they use.
Now I can't access my modem/router from this PC. A never ending battle. :)
the static IP on the WAN side of the router? If so, no 10.x.x.x
traffic should be coming in to your network (the router should
be able to stop it and the ISP shouldn't be routing it to you in
the first place).
Anyway, block ports 135-139 and 445 at the router. All virus
stuff.
I have a static IP. The new modem is a combination modem/router. You are
correct, the static IP is on the WAN side. I have 4 other computers
connected to it. 1 laptop by wireless so I have a wireless router plugged
in to one of the ports. The 3 others are direct connected to the router.
The re-mailer has a fixed IP while I let the other 2 receive their addesses
by DHCP. The wireless laptop receives a 192.168.0.2 address from the
wireless router. The others all have 10.1.10.xxx IPs.
To access the router, I have to type in 10.1.10.1 which brings up the login
page for the router. The re-mailer PC is at a fixed IP of 10.1.10.xxx. (in
case they read this, they'll have to guess what xxx is) The router itself
has a built in firewall which I enabled. Then each computer has a McAffee
virus/securitycenter/firewall combination on it.
The only one that gets pinged is this one, the re-mailer. Things slowed
down since I blocked everything including the router. I am surprised it
still works at all.
I just don't know how I can get pinged or whatever from the same address as
my router. I thought a real Domain IP should show up. Again, I am far from
the expert so would really like to know how this can be done. Seems pretty
tricky. I just don't like the name Blackhole. Gives me the shudders. I sure
know what a "blacklist" is and blackhole and blacklist are somewhat
synonymous.
I picked out 3 out of about 12.
Here they are.
2005/10/15 10:06:26 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0 ICMP
Ping
2005/10/15 10:12:35 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0 ICMP
Ping
2005/10/15 16:26:11 10.1.10.95:68 (ANONYMOUS) 255.255.255.255:67 Bootstrap
Protocol Server
pinging or tracerouting mail.brainbinder.com at the time?
Maybe this is all OK and they just happened to pick bad names for their
servers. Blackhole? Yuuch!!!
Sender ANONYMOUS? Why not a real name?
Because 10.1.10.95 doesn't have a valid reverse DNS record.servers. Blackhole? Yuuch!!!
Sender ANONYMOUS? Why not a real name?
Which it won't, because it's not on the internet. Unless you set
one up locally.
Reminds me of Carnivore. Some stealth project :) A bad pick for a name at
any case.
OrgName: Internet Assigned Numbers Authority
OrgID: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US
NetRange: 10.0.0.0 - 10.255.255.255
CIDR: 10.0.0.0/8
NetName: RESERVED-10
NetHandle: NET-10-0-0-0-1
NetType: IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment: This block is reserved for special purposes.
Comment: Please see RFC 1918 for additional information.
Updated: 2002-09-12
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone: +1-310-301-5820
OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
Special-Use Addresses
Several address ranges are reserved for "Special Use". These addresses all
have restrictions of some sort placed on their use, and in general should
not appear in normal use on the public Internet. The following briefly
documents these addresses in general they are used in specialized
technical contexts. They are described in more detail in RFC 3330.
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
The above address blocks are reserved for use on private networks, and
should never appear in the public Internet. There are hundreds of thousands
That's right.any case.
OrgName: Internet Assigned Numbers Authority
OrgID: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US
NetRange: 10.0.0.0 - 10.255.255.255
CIDR: 10.0.0.0/8
NetName: RESERVED-10
NetHandle: NET-10-0-0-0-1
NetType: IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment: This block is reserved for special purposes.
Comment: Please see RFC 1918 for additional information.
Updated: 2002-09-12
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone: +1-310-301-5820
OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
Special-Use Addresses
Several address ranges are reserved for "Special Use". These addresses all
have restrictions of some sort placed on their use, and in general should
not appear in normal use on the public Internet. The following briefly
documents these addresses in general they are used in specialized
technical contexts. They are described in more detail in RFC 3330.
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
The above address blocks are reserved for use on private networks, and
should never appear in the public Internet. There are hundreds of thousands
You're not being pinged or attacked from outside your network.
Don't worry about the name blackhole - that's been assigned by
IANA!
So, in the end, am I getting spoofed by a hacker, or by my own
cablemodem/router?
If it's a spoof (and I very much doubt it), the reply isn'tcablemodem/router?
going anywhere. Besides which, your router shouldn't be routing
those addresses inbound so it's almost certainly coming from
within your network.