[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Newbie comments. (fwd)
Forwarded message:
> From [email protected] Tue Feb 23 15:40:37 1993
> From: J. Michael Diehl <[email protected]>
> Message-Id: <[email protected]>
> Subject: Newbie comments.
> To: [email protected]
> Date: Tue, 23 Feb 93 16:26:08 MST
> X-Also-Known-As: Thunder
> X-Goal-In-Life: To make a lot of money -- Wanna make a donation?
> X-Mailer: ELM [version 2.3 PL8]
>
> I've been listening to this list quietly for about 2 weeks. Althought the
> signal to noize ration as been a bit low lately, ;^) it's been very interesting.
>
> I like the idea of alt.whistle.blowers, and support anything that promotes
> privacy, and Constitutional rights.
>
> But I have a (newbie?) question. Isn't it true that, at the network level, it
> is still possible to tell where a message came from and where it's going. That
> is, given the proper motivation, couldn't "and entity" sniff out all of this
> information and find out which machine a particular message came from. And
> from logs at that machine, which The Entity naturally has access to, It could
> find out who send the message. Just wondering.....
Hi there,
well acutally at the network interface level all sorts of tricks are
available... for example at the smtp daemon level all
a snooper has to do is the following
telnet toad.com smtp
when the sendmail banner is seen then
type
VRFY cypherpunks
That will yeild yet another line referring to cypherpunks-real
which verifying will obtain ALL the mail addresses on this cypherpunks mailing
list... I have a small fragment of perl which does the same
trick recursively for every address on the cypherpunks mail list...
why did I write such a thing... well I am writing a mail list to PGP
key server extractor so I can automatically extract keys for members of
cypherpunks-real... I didnt think of the privacy issue until
some moments after I debugged the perl script and got it working...
Similiar open holes exist at EVERY level of the Network and associated
daemons and software, Johh and I have discussed this earlier via email
and he as well as I dont feel its a REAL exposure as the means to
protect yourself is well at hand...
AND yes ALL network traffic can theoretically be traced thats
when crackers and security admins start playing games with
connection laundries and firewall as well as early warning systems...
there are constraints to real world tracing... the Firewalls mailing
list at [email protected] discusses these and other
issues having to do with security at the network interface level
>
> Major suggestion: We need a FAQ!
>
> Well, that's about it. I'm still trying to get up to speed with pgp.
>
> +----------------------+----------------------------------------------------+
> | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. |
> | +----------------------------------------------------+
> | [email protected]| "I'm just looking for the opportunity to be |
> | Thunder@forum | Politically Incorrect! |
> | (505) 299-2282 | <me> |
> +----------------------+----------------------------------------------------+
>
cheers
kelly
--