Re: Extremely odd thing with Giganews DMCA?
From: roadburner (roadburner^at^comcast^dot^net)
Date: Mon, 19 Sep 2005 17:10:08 -0400
On Mon, 19 Sep 2005 20:40:52 GMT, "David H. Lipman"
>From: "roadburner" <roadburner^at^comcast^dot^net>
>| I thought of that one to ask him. He will double check it. He thinks not
>| because only a very short time elapsed between him blocking and testing. The
>| site would had have to go offline for a bit to get assigned a new address.
>| I registered a new domain with DyDNS and subscribed to the service. Though my
>| IP has stayed fixed for the 1 1/2 years I have had cable, who knows. There was
>| nothing in writing that said I would have a fixed IP.
>| I should have added that I am a bit of a privacy buff. The new PC will be
>| dedicated to running a Tor node. Likewise, type 1 and 2 remailers. That was
>| why I was running Mercury. As I think about it more, I had port forwarded 25
>| for Mercury mail and 9001 and 9030 for the Tor node in the Netgear router.
>| I had the Tor node setup on my primary computer at 188.8.131.52. The primary
>| computer has a Symatecs firewall which only allowed connection through 9001
>| and 9030 to Tor at 184.108.40.206.
>| When I reconfigured the network, I set the new PC as 220.127.116.11, the primary
>| as 3, and the laptop as 4. I had not installed a software firewall yet.
>| Possible I could have left myself open for an attack through those ports. In
>| the little over a month I had been operating a Tor node, the firewall logs
>| showed the Tor ports came under attack. The firewall was configured to
>| automatically close connections on a persistent attack which the logs show it
>| did on 3 occasions. All Tor nodes, their IPs and their open Dirports and
>| Orports are shown at: http://tinyurl.com/898o9
>| Now I am wondering if I got "hacked" into. Possibility I guess.
>| Very nice of you to take the time to write the scanning tool. I'll put it to
>I looked at that log but I couldn't gleam anything from it.
>Posting the URL of that log in a FireWall News Group may be helpful.
It is not a log but a listing of active Tor nodes. For instance:
router rfc1149 18.104.22.168 9001 0 9030
Router name: rfc1149
IP address: 22.214.171.124
Open Tor ports: 9001 & 9030
Basically, when we run a Tor node, we tell the world our IPs and which ports
we have open for Tor connections. The rest are our keys, used by other nodes,
and what IP addresses and ports are open or blocked by our Exit Policies.
For instance if you were surfing the net through Tor and Privoxy, the IP
address that shows up at the site you visit would be one of ours. Tor was
first developed by the US Navy. Now it is sponsored by the EEF. The US
security agencies are known to use our network nodes to disguise their own IPs
when they visit certain questionable websites or chat in some chatroom.
Basically, it is a free privacy service with volunteer operators and open to
anyone. There are about 250 operators worldwide and an estimated 10,000 users
of the service.
I think what I'll do at this point is just reformat and reinstall the OS. It
will probably take less time. Like I mentioned, I only have a few programs on
it that can easily be re-installed. Since I won't be using that PC for
anything else, I'll lock it down tighter than a drum.
Fortunately, I had nothing on it yet, like my PGP Keyrings or Tor secret keys.
I was just in the process of setting it up so everything else resides on a USB
stick (in my shirt pocket) right now. Happy I didn't finish it without the
Because of the sensitive nature of encryption keys, I think I'll just be safe
rather than take a chance. I'll set it all up while disconnected from the
Thanks for everything, you have been most helpful.
My warmest regards,