From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 5 Nov 1995 14:27:17 +0800
To: cypherpunks@toad.com
Subject: lp (134.222.35.2)?
Message-ID: <199511050620.HAA14046@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


I'm sure some of you will have seen this, so sorry to toss logs on the
listburn fire; still, it seemed worth reposting to CP--no, it's not
entirely crypto-related, but nor is it a completely vague allegation.

>From GovAccess.183.snoops:

>  The following is the transcript of an actual communications trace that a
>  friend ran, while I was sitting next to him, watching -- reprinted here
>  with his permission.
>  
>  He did a "traceroute" of two messages that he sent from his machine in
>  Switzerland (he'd telneted into it while we were at a computer conference
>  in California).
>  
>  Traceroute automatically reports each Internet node through which a message
>  passes, as it proceeds from origin to destination.
>  
>  He did two traceroutes.  The first was from Switzerland to an addressee at
>  Netcom in San Jose, California.  The second was from Switzerland to an
>  addressee in Israel.
>  
>  
>  Date: Fri, 21 Apr 95 02:54:58 +0200
>  From: kelvin@fourmilab.ch (John Walker)
>  To: jwarren@well.com
>  Subject: Traceroute
>  
>  > /usr2/kelvin> traceroute netcom11.netcom.com
>  traceroute to netcom11.netcom.com (192.100.81.121), 30 hops max, 40
byte packets
>   1  eunet-router (193.8.230.64)  2 ms  2 ms  2 ms
>   2  146.228.231.1 (146.228.231.1)  326 ms  345 ms  307 ms
>   3  Bern5.CH.EU.NET (146.228.14.5)  447 ms  408 ms  364 ms
>   4  146.228.107.1 (146.228.107.1)  127 ms  37 ms  36 ms
>   5  Zuerich1.CH.EU.NET (146.228.10.80)  37 ms  38 ms  175 ms
>   6   (134.222.9.1)  65 ms  109 ms  252 ms
>   7  lp (134.222.35.2)  196 ms  179 ms  405 ms
>   8  Vienna1.VA.ALTER.NET (137.39.11.1)  191 ms  179 ms  313 ms
>   9  fddi.mae-east.netcom.net (192.41.177.210)  336 ms  204 ms  303 ms
>  10  t3-2.dc-gw4-2.netcom.net (163.179.220.181)  182 ms  251 ms  187 ms
>  11  t3-2.chw-il-gw1.netcom.net (163.179.220.186)  305 ms  586 ms  518 ms
>  12  t3-2.scl-gw1.netcom.net (163.179.220.190)  537 ms  693 ms  797 ms
>  13  t3-1.netcomgw.netcom.net (163.179.220.193)  698 ms  549 ms  754 ms
>  14  netcom11.netcom.com (192.100.81.121)  890 ms  1922 ms  1696 ms
>  
>  > /usr2/kelvin> traceroute jerusalem1.datasrv.co.il
>  traceroute to jerusalem1.datasrv.co.il (192.114.21.101), 30 hops max, 40
>  byte packets
>   1  eunet-router (193.8.230.64)  2 ms  3 ms  2 ms
>   2  146.228.231.1 (146.228.231.1)  933 ms  853 ms  874 ms
>   3  Bern5.CH.EU.NET (146.228.14.5)  1040 ms  450 ms  525 ms
>   4  146.228.107.1 (146.228.107.1)  453 ms  424 ms  188 ms
>   5  Zuerich1.CH.EU.NET (146.228.10.80)  64 ms  61 ms  47 ms
>   6   (134.222.9.1)  80 ms  312 ms  84 ms
>   7  lp (134.222.35.2)  270 ms  400 ms  216 ms
>   8  Vienna2.VA.ALTER.NET (137.39.11.2)  660 ms  1509 ms  886 ms
>   9  dataserv-gw.ALTER.NET (137.39.155.38)  1829 ms  1094 ms  1306 ms
>  10  orion.datasrv.co.il (192.114.20.22)  1756 ms  1280 ms  1309 ms
>  11  ...
>  
>  
>  Notice that both messages went through an unnamed site -- 134.222.9.1 and
>  then a strangely-named site, "lp (134.222.35.2)" -- then through the same
>  Vienna, Virginia (USA) site ... and thereafter, on to their destination.
>  I.e., the second message went through Virginia to get from Switzerland to
>  Israel.
>  
>  The whois servers at the InterNIC and at nic.ddn.mil for MILNET Information
>  report, ``No match for "134.222.9.1". '' and `` No match for
>  "134.222.35.2".''
>  
>  Now let me see ... which spy agencies are located in or near Virginia?
>  
>  --jim