Previous by Date | Next by Date | Date Index
Previous by Thread | Next by Thread
| Thread Index
| LM_NET
Archive
| |
The plot thickens. I spoke today with the principal and an administrator from the school the nastygram apparently came from, and they were quite cooperative, particularly as I emphasized I wasn't really sure where the email originated; we had a beneficial discussion about Netscape and other security issues. However, they didn't know any more than I did, and though they were fairly new to security issues (REALLY new, actually) the more we talked the less it sounded as if their server was the source. I turned back to the IP address reported at the bottom of the original message. I had trouble identifying the address I had with the lookup tools I'm familiar with--nslookup, traceroute, ping, host--so I asked Chris Peckham for assistance; he works for Intac, my local Internet Service Provider. I still don't know if Chris used these tools more effectively than I did , if he was able to peel more information from the header of the original nastygram, or if he has yet more tricks up his sleeve. [Last minute update: he used a tool called "whois" with a couple of switches I wasn't familiar with.] At any rate, Chris found the host site and emailed me with the name of the (apparent) originating machine, aas well as the maintainer of this site and the maintainer's email address AND real phone number! Get down, Chris! So I have now emailed the site Chris located. Below I've included my message to this site, with incriminating info X'ed out. I'll keep you all posted. Again, I'm not pro-censorship--I'm pro-accountability and responsibility. I plan to find out who did this and make sure they don't do it again if I have to track that message to Timbuktoo. I believe in free will but I also believe in the Fall. ;-) >Date: Tue, 2 May 1995 19:47:53 -0500 >To:X >From:kgs@intac.com (Karen G. Schneider) >Subject:Re: help/2232: can you help me trace this? >Cc:X > >Mr. X: > >I received an email yesterday that apparently came from a machine on your >network. It was "spoofed" to look as if it came from a school in X,X, and I >had a little trouble using the lookup tools with the IP #, which is >XXXXXXXXXXXX, but with my provider's help we have identified what appears to >be the origin. I would appreciate your prompt response on this issue. You >may reach me by email or voice (XXXXXXXXX). The email and my provider's >research follows my signature file. I have also carboned in the administrator >of the site whose URL was implicated in the email. I will also be contacting >your site by phone. > [sig file and earlier messages were attached] ============================================================= Karen G. Schneider, Blue Highways Internet Services kgs@intac.com Cybrarian/Internet Trainer "Have Powerbook, Will Travel!" Need a NJ provider? Free referrals. Visit Karen's Kitchen at http://www.intac.com/~kgs/ =============================================================