From: Stephen Whitaker <whitaker@sover.net>
To: cypherpunks@toad.com
Message Hash: e74c68b41c0d8a054e511c13679bebe99fac54ed7da56726ff1f526172617827
Message ID: <199511052119.QAA28698@maple.sover.net>
Reply To: N/A
UTC Datetime: 1995-11-05 21:28:19 UTC
Raw Date: Mon, 6 Nov 1995 05:28:19 +0800
From: Stephen Whitaker <whitaker@sover.net>
Date: Mon, 6 Nov 1995 05:28:19 +0800
To: cypherpunks@toad.com
Subject: whose watchin the watchers
Message-ID: <199511052119.QAA28698@maple.sover.net>
MIME-Version: 1.0
Content-Type: text/plain
The following is an exerpt is from Jim Warren's listserv, GovAccess 183.
Are there folks on this list who have insights or definitive information on
this topic?
Are there ways for someone with access to modify router tables to constantly
create alternate paths at other routers which would serve to end-around any
such snoops?
***********begin_included_text*************************
&&&&&&&&&&&&&&&&&&&&
Is Someone Already Watching All International Net Traffic?
The following is the transcript of an actual communications trace that a
friend ran, while I was sitting next to him, watching -- reprinted here
with his permission.
He did a "traceroute" of two messages that he sent from his machine in
Switzerland (he'd telneted into it while we were at a computer conference
in California).
Traceroute automatically reports each Internet node through which a message
passes, as it proceeds from origin to destination.
He did two traceroutes. The first was from Switzerland to an addressee at
Netcom in San Jose, California. The second was from Switzerland to an
addressee in Israel.
Date: Fri, 21 Apr 95 02:54:58 +0200
From: kelvin@fourmilab.ch (John Walker)
To: jwarren@well.com
Subject: Traceroute
> /usr2/kelvin> traceroute netcom11.netcom.com
traceroute to netcom11.netcom.com (192.100.81.121), 30 hops max, 40 byte packets
1 eunet-router (193.8.230.64) 2 ms 2 ms 2 ms
2 146.228.231.1 (146.228.231.1) 326 ms 345 ms 307 ms
3 Bern5.CH.EU.NET (146.228.14.5) 447 ms 408 ms 364 ms
4 146.228.107.1 (146.228.107.1) 127 ms 37 ms 36 ms
5 Zuerich1.CH.EU.NET (146.228.10.80) 37 ms 38 ms 175 ms
6 (134.222.9.1) 65 ms 109 ms 252 ms
7 lp (134.222.35.2) 196 ms 179 ms 405 ms
8 Vienna1.VA.ALTER.NET (137.39.11.1) 191 ms 179 ms 313 ms
9 fddi.mae-east.netcom.net (192.41.177.210) 336 ms 204 ms 303 ms
10 t3-2.dc-gw4-2.netcom.net (163.179.220.181) 182 ms 251 ms 187 ms
11 t3-2.chw-il-gw1.netcom.net (163.179.220.186) 305 ms 586 ms 518 ms
12 t3-2.scl-gw1.netcom.net (163.179.220.190) 537 ms 693 ms 797 ms
13 t3-1.netcomgw.netcom.net (163.179.220.193) 698 ms 549 ms 754 ms
14 netcom11.netcom.com (192.100.81.121) 890 ms 1922 ms 1696 ms
> /usr2/kelvin> traceroute jerusalem1.datasrv.co.il
traceroute to jerusalem1.datasrv.co.il (192.114.21.101), 30 hops max, 40
byte packets
1 eunet-router (193.8.230.64) 2 ms 3 ms 2 ms
2 146.228.231.1 (146.228.231.1) 933 ms 853 ms 874 ms
3 Bern5.CH.EU.NET (146.228.14.5) 1040 ms 450 ms 525 ms
4 146.228.107.1 (146.228.107.1) 453 ms 424 ms 188 ms
5 Zuerich1.CH.EU.NET (146.228.10.80) 64 ms 61 ms 47 ms
6 (134.222.9.1) 80 ms 312 ms 84 ms
7 lp (134.222.35.2) 270 ms 400 ms 216 ms
8 Vienna2.VA.ALTER.NET (137.39.11.2) 660 ms 1509 ms 886 ms
9 dataserv-gw.ALTER.NET (137.39.155.38) 1829 ms 1094 ms 1306 ms
10 orion.datasrv.co.il (192.114.20.22) 1756 ms 1280 ms 1309 ms
11 ...
Notice that both messages went through an unnamed site -- 134.222.9.1 and
then a strangely-named site, "lp (134.222.35.2)" -- then through the same
Vienna, Virginia (USA) site ... and thereafter, on to their destination.
I.e., the second message went through Virginia to get from Switzerland to
Israel.
The whois servers at the InterNIC and at nic.ddn.mil for MILNET Information
report, ``No match for "134.222.9.1". '' and `` No match for
"134.222.35.2".''
Now let me see ... which spy agencies are located in or near Virginia?
--jim
&&&&&&&&&&&&&&&&&&&&
***********end_included_text*************************
Return to November 1995
Return to “Stephen Whitaker <whitaker@sover.net>”
1995-11-05 (Mon, 6 Nov 1995 05:28:19 +0800) - whose watchin the watchers - Stephen Whitaker <whitaker@sover.net>