From: nobody@REPLAY.COM (Anonymous)
To: cypherpunks@toad.com
Message Hash: 5a7505156f4ad7c9b906ebce82db60ebb13160d6a9d779726bea7b09de38f4b4
Message ID: <199511050620.HAA14046@utopia.hacktic.nl>
Reply To: N/A
UTC Datetime: 1995-11-05 06:27:17 UTC
Raw Date: Sun, 5 Nov 1995 14:27:17 +0800
From: nobody@REPLAY.COM (Anonymous)
Date: Sun, 5 Nov 1995 14:27:17 +0800
To: cypherpunks@toad.com
Subject: lp (134.222.35.2)?
Message-ID: <199511050620.HAA14046@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain
I'm sure some of you will have seen this, so sorry to toss logs on the
listburn fire; still, it seemed worth reposting to CP--no, it's not
entirely crypto-related, but nor is it a completely vague allegation.
>From GovAccess.183.snoops:
> The following is the transcript of an actual communications trace that a
> friend ran, while I was sitting next to him, watching -- reprinted here
> with his permission.
>
> He did a "traceroute" of two messages that he sent from his machine in
> Switzerland (he'd telneted into it while we were at a computer conference
> in California).
>
> Traceroute automatically reports each Internet node through which a message
> passes, as it proceeds from origin to destination.
>
> He did two traceroutes. The first was from Switzerland to an addressee at
> Netcom in San Jose, California. The second was from Switzerland to an
> addressee in Israel.
>
>
> Date: Fri, 21 Apr 95 02:54:58 +0200
> From: kelvin@fourmilab.ch (John Walker)
> To: jwarren@well.com
> Subject: Traceroute
>
> > /usr2/kelvin> traceroute netcom11.netcom.com
> traceroute to netcom11.netcom.com (192.100.81.121), 30 hops max, 40
byte packets
> 1 eunet-router (193.8.230.64) 2 ms 2 ms 2 ms
> 2 146.228.231.1 (146.228.231.1) 326 ms 345 ms 307 ms
> 3 Bern5.CH.EU.NET (146.228.14.5) 447 ms 408 ms 364 ms
> 4 146.228.107.1 (146.228.107.1) 127 ms 37 ms 36 ms
> 5 Zuerich1.CH.EU.NET (146.228.10.80) 37 ms 38 ms 175 ms
> 6 (134.222.9.1) 65 ms 109 ms 252 ms
> 7 lp (134.222.35.2) 196 ms 179 ms 405 ms
> 8 Vienna1.VA.ALTER.NET (137.39.11.1) 191 ms 179 ms 313 ms
> 9 fddi.mae-east.netcom.net (192.41.177.210) 336 ms 204 ms 303 ms
> 10 t3-2.dc-gw4-2.netcom.net (163.179.220.181) 182 ms 251 ms 187 ms
> 11 t3-2.chw-il-gw1.netcom.net (163.179.220.186) 305 ms 586 ms 518 ms
> 12 t3-2.scl-gw1.netcom.net (163.179.220.190) 537 ms 693 ms 797 ms
> 13 t3-1.netcomgw.netcom.net (163.179.220.193) 698 ms 549 ms 754 ms
> 14 netcom11.netcom.com (192.100.81.121) 890 ms 1922 ms 1696 ms
>
> > /usr2/kelvin> traceroute jerusalem1.datasrv.co.il
> traceroute to jerusalem1.datasrv.co.il (192.114.21.101), 30 hops max, 40
> byte packets
> 1 eunet-router (193.8.230.64) 2 ms 3 ms 2 ms
> 2 146.228.231.1 (146.228.231.1) 933 ms 853 ms 874 ms
> 3 Bern5.CH.EU.NET (146.228.14.5) 1040 ms 450 ms 525 ms
> 4 146.228.107.1 (146.228.107.1) 453 ms 424 ms 188 ms
> 5 Zuerich1.CH.EU.NET (146.228.10.80) 64 ms 61 ms 47 ms
> 6 (134.222.9.1) 80 ms 312 ms 84 ms
> 7 lp (134.222.35.2) 270 ms 400 ms 216 ms
> 8 Vienna2.VA.ALTER.NET (137.39.11.2) 660 ms 1509 ms 886 ms
> 9 dataserv-gw.ALTER.NET (137.39.155.38) 1829 ms 1094 ms 1306 ms
> 10 orion.datasrv.co.il (192.114.20.22) 1756 ms 1280 ms 1309 ms
> 11 ...
>
>
> Notice that both messages went through an unnamed site -- 134.222.9.1 and
> then a strangely-named site, "lp (134.222.35.2)" -- then through the same
> Vienna, Virginia (USA) site ... and thereafter, on to their destination.
> I.e., the second message went through Virginia to get from Switzerland to
> Israel.
>
> The whois servers at the InterNIC and at nic.ddn.mil for MILNET Information
> report, ``No match for "134.222.9.1". '' and `` No match for
> "134.222.35.2".''
>
> Now let me see ... which spy agencies are located in or near Virginia?
>
> --jim
Return to November 1995
Return to “Simon Spero <ses@tipper.oit.unc.edu>”