After reading Bendovers thread about who was watching him.[url]http://www.ar15.com/forums/topic.html?id=126331[/url] I also did a traceroute but I did it on ar15.com The results are eye-opening to me.




1]12.124.87.233?Middletown,NJ,AT&T,ITS
2]12.123.200.106,gbr1-p51.ormfl.ip.att.net,Orlando,FL,AT&T,ITS
3]12.122.5.125,gbr4-p70.ormfl.ip.att.net,Orlando,FL,AT&T,ITS
4]12.122.2.129,gbr3-p10.attga.ip.att.net,Atlanta,GA,AT&T,ITS
5]12.122.1.142,gbr4-p60.attga.ip.att.net,Atlanta,GA,AT&T,ITS
6]12.122.2.178,gbr4-p80.wswdc.ip.att.net,Washington,DC,AT&T,ITS
7]12.123.9.53,ggr1-p370.wswdc.ip.att.netWashington,DC,AT&T,ITS
8]208.51.74.181,so2-1-0-622M.br1.WDC2.gblx.netWashington,DC,GCInternal
9]208.178.174.53,pos2-0-155M.cr1.WDC2.gblx.netWashington,DC,GCInternalDepartment
10]206.132.249.253,pos4-0-622M.cr2.BOS1.gblx.netBoston,MA,GlobalCrossing
11]206.132.247.74,so7-0-0-622m.ar2.BOS1.gblx.netBoston,MA,GlobalCrossing
12]64.215.248.2,Choice-One.s0-1-3-0.ar2.BOS1.gblx.netBoston,MA???????
13]64.65.210.162,tr-5-1004-roch-shasta.choiceone.net?Rochester,NY,ChoiceOneCommunications



     I deleted a few hops in the beginning and the end for mine and ar15.coms privacy. All other entries are true and can be found by anyone with a wish to find such info. This was a traceroute from my computer to ar15.com                      

Whats you're point? If I did a tracroute frommy comp to a website or server I could get close to the same results. Now the question : Is Big Bro watchin this site? Most likely.

Would you be if you were pulling the strings on Big Bro?

It is a damn good thing they are watching this site too. There are more than just a few disloyalists on here who, by questioning the actions of the President, are threats to the freedoms of this great democracy.

The only thing traceroute tell you is the path taken to connect to another computer.

For example which gateways/routers/switches connected your computer to the computer(s) at AR15.com

This may change at any moment, depending upon the amount of traffic, as this is dynamic. The routers & switches typically will route your packets (data) to the network with the least amount of traffic.

    The point is I find it educational to find out where the internet process takes me. In my above tracer route it is obvious it pinged around Washington DC more than a few times like it did every other relay state.

        Maybe this is the tinfoil hat disease I hear discussed ocassionally. I guess that is why my firewall picks up so many port probes from Herndon, Va. Isn't that the area where  alot of gov't and DOD software is managed and developed? After doing a little more research into Herndon, Va. I think it calls for re-formatting the old hard-drive and maybe making a trip to Circuit City for a new hard drive. I should probably stop on the way and pump about 5 12ga #8's into the old hard drive.......... Any brand tinfoil will do right?

I don't see anything to worry about.

AT&T is a major network provider. The traffic from your machine to AR15.com is bouncing around in the att.net network, from Orlando to Georgia to DC. Lots of telecom providers have offices in DC, so there are interconnects there. At DC it switches to a different ISP, gblx.net,aka Global Crossing (a major backbone provider), where it goes to Boston. It looks like it gets handed off to ChoiceOne communications at Rochester. Probably that's the ISP directly serving AR15.com.

Traceroutes from my own machine show no traffic to DC, just a hop to Global Crossing in Boston then to ChoiceOne. So it looks like Global Crossing is the backbone provider to the ISP ChoiceOne.

If they wanted to tap the traffic it would make a lot more sense to do it at the ChoiceOne or Global Crossing sites.

Is Big Bro watching AR15.com??
Is the Pope Polish???

    I got guns...guns don't hurt anybody! It's those damn bullets that cause all the damage......

Is Big Bro watching AR15.com??
Does a fat baby fart???

 

Shit no more freedom of speech? When and how did this happen.[}:D]

If Big Brother is really watching, you won't see it in a traceroute.  The way a sniffer is put in-line to capture traffic is transparent if done properly.

Remember the Alamo, and God Bless Texas...

Hell yes they are.  Where do you think they go to get the answers to question about all those gun laws?? [;)]

      [b]Originally posted by Doublefeed[/b]
      [b]It's a damn good thing none of the people here have guns.[/b]

If we ever get to vote on the funniest and smarta#$ posts to the site, you'll get my vote!!

      [b]Originally posted by misterhemi[/b]
      [b]For example which gateways/routers/switches connected your computer to the computer(s) at AR15.com

This may change at any moment, depending upon the amount of traffic, as this is dynamic. The routers & switches typically will route your packets (data) to the network with the least amount of traffic.[/b]

This is exactly right, since I do this for a living, I can tell you that they can remote span any port on a router on the internet, and catch and view all, or any specific traffic passing that port (depending on how they set the filter), and we will never know through honest means.

Anyone with access to the router that is spanned could tell if the port is spanned, but since I don't have access (user id or passwords) to internet routers, I couldn't tell ya'.

Also, don't think that you are safe using secure websites for purchases or anything else.  Any decent hacker can get in on just about any server.

Some advice to protect yourself!!

I use a $300 limit on my card that I do use over the internet.  This way if someone does get my CC # they won't get much.  Any amount larger I call in the order.


[shock]

Pray tell, How do they do this?  If this were true, anyone with the right software could do what you have described.

entropy,

Yes, that is 100% correct.  Anyone with the right software and access to the routers and switches on the internet can do this.

The sniffer is a great troubleshooting tool for my job.  It is also a great spy program/device if anyone wants to use it that way.

I do not have access to the internet routers and switches, but they are for the most part all CISCO products.  

The network that we maintain is also mainly CISCO, and I do have admin access to all the routers and switches, and we remote span ports, filter and catch traffic all the time, for troubleshooting reasons.

It is really easier than you would think.

starsil9

[50]


[shock]

Hell yes they are watching, when the SHTF they need to know who to contact to pull there asses out of the fire. for in America, there is no single , civilian (mostly) fighting force more prepaired to fight off the evil forces of communism and camel ridin than the fine members of AR15.com......haleluya

[:)>]

entropy,

To give you a few details on how this could be done on say - uh, ar15.com, or any other site.

The trace route on the post shows you all the hops traffic takes from one point to the next across the network.  If some of the hops were not deleted, you would be able to tell from the trace route the IP address of the router closest to the ar15.com server.

Telnet into the router, and show the ports, and routing table, and you can see which port the ar15 website uses to access the internet.  The sniffer would then be connected to another port on a router or switch at your location.  A simple remote span command to tell the port that the sniffer is hooked up to, to monitor the desired port, and you are ready to go.  

Open up your sniffer program, and you can define filters for any IP address that is either sending or receiving traffic, or both, and start the capture.

The sniffer program we have will decode the hex for you, and in a column to the right, you can read line by line everything that is being sent.  If it is encrypted you would need a de-encryption program, but that's another story.

BTW the sniffer program we use costs $75K.

Believe me, it is easy to do!!!

starsil9

[sex]

Yes, but that assumes that you have password access to the routers, right?  Do you think Sprint/ATT et all, give the feds this access to their routers?

Yes, that is assuming you have access to the routers and switches.

But come on, do you think that the feds really need to ask AT&T, Sprint, MCI etc. for those passwords.  They can be easily hacked out of the router or switch if necessary.  Being CISCO certified, we are taught how to hack into a router or switch if we loose the password, or the security file becomes corrupt.

The feds employ better techs than me, do you honestly think that anytime they want access they have to ask?

The misinformation here is starting to get a bit out of hand.
First of all, The feds can, at their will obtain any data they deem necessary right up to your actual bitstream.
Second, you don't "span" a router. That command- and the function of port mirroring is performed at switch level.
Third, switches do not show up in a trace route! There could be a hundred switches in the systems interconnecting the routers/router interfaces you do see.
Fourth, only an idiot would assume that what you state on a message board would need sophisticated protocol decoder software to be read- they could simply READ THE BOARD!!
And finally, you could never obtain my Router or switch passwords from an externally connected device, or hack into a service provider network- many have tried, all day everyday, and fail. Its not that simple. So relax, your data is safe, and its what you write that you should review, and not worry about someone spending precious resources trying to "decode" your Public posts!

[-=(_)=-]

We, er I mean Big Brother mirrors this site using freeware. We, er I mean big Brother then cross references for common illegal behaviors and indications of gun caches. We, er I mean government agents know that it will only take a small split in the support of the present GOP government and voila it will be President Clinton again. Hee haw! We, er I mean the BATF will be hiring 100,000 gangbangers to collect guns from uppity Republicans who actually believe they have rights. Hahahaha. I, er I mean BATF agents will be prepared for all this new power including new offices towers instead of sharing buildings with those other agencies, and never having to drive myself; er I mean the evil BATF will have new agents to chauffeur them and we will have POWER...  

This is a certainty because of the short memories of the common American and because Americans really don't WANT the burden of freedom and responsibilities for their own actions. Imbroglio is a good example as he offers no leadership, only doubt, and encourages armed insurrection in an unorganized manner, rather than recognize that there are leaders in power that can make difference if they are supported now. The future President Clinton is actually a big fan of Imbroglio...

Any slip I made in reference to me being a agent is due to a hangover and you all don't actually read past the eighth word anyways...HAHAHAHAHA

[b][size=6]ATTENTION BIG BRO WATCHING AR15.COM[/b][/size=6]

I would like a massive raise in my pathetic NYPD salary, that's all I ask. Have a nice day!

-----BEGIN PGP MESSAGE-----
Version: PGPfreeware 6.5.3 for non-commercial use

hQEMA6vmghQ49JJHAQf+KiuLLAceUT3UNBqKpW5A2H/QDBW0
RwMWW7gSWRTyPW/wJiBG30l/hE+61M7wrW1txhxwVRs7xMR3
eUqNzbOYgxJn5luyFGcY0KL4kPssdOusKrbkVCrvUtoeXONV
rlv1CJ//eXkEUK9B+dNDM9rlaqacz3yASp7hDikVp2MYanT6
Dog6B8nAlLtYj0aFQcX+1g8nGo8qWfTFv+ILNmmyeFUjUG1k
Y0CbYIUeMDhzbPqsUPgDB4Kqp2yvpl4SuUnv4WzXfnFysRcK
PyhnZiA8tMwmWfxmzT6YjyjM8zmyQYoeqYDlUGcMANJre0Tf
-----END PGP MESSAGE-----

[}:D]

You forgot Booty.

Sgtar15

You can span a port remotely via configuration, but you still have to put a monitoring device on the spanned port to get anything.  So the government can't just do it as they please.  Equipment must be deployed at the minimum.  Some vendors support remote spanning, but it is only supported in higher end equipment.



Yes, and no.  While the connection between you and the server can be made safe, provided the encryption keys are made long enough and a secure algorithm is used, it's generally the back end where your credit card or other information is stored that is poorly protected.  But not all of them.  It's analogous to the "weakest link" theory.  Much like a chain is only as strong as it's weakest link, a network is only as secure as it's least secure host.  Most IT people don't get this.

So, yes, they go after the host, which is generally wide open, as opposed to trying to intercept the encrypted session.



I just cancelled another credit card and soon won't have any.  It's far too easy to track my spending habits with a credit card, plus credit is a suckers game.  Only the credit card company wins when you use plastic.  If I can't buy it with cash, I don't buy it at all.  The only exceptions to that are our house and cars, which are financed.

Remember the Alamo, and God Bless Texas.

Indeed, though with the increasing speed of backbone traffic it's more advantageous to obtain the data as close to the edges of the connection as possible, which tend to be slower in speed.



Bingo!  Also, remote port spanning, where all traffic from multiple switches can be forwarded to a remote location, at least in the Cisco world, is only available on the Catalyst 6500 and up unless that's changed recently.



That's not entirely true.  Switches that perform load balancing are aware of Layer 3-Layer 7, and some even act as routers.  Cisco Catalyst swtiches with the routing modules will show up in a traceroute since they effectively route packets as well as just switch them, but it could be argued that the addition of the routing module turns them from a switch, which is traditionally a layer 2 device, into a layer 3 device.  Either way, it's picking nits.



Exactly.  This is a public board.  If Big Brother wants the info, he just puts some trained monkeys on here to read it daily.  It's no harder than that.  He only has to remove stuff from the bitstream if he wants to see where certain individuals are coming from.



As someone who worked for a service provider network doing network security, I can state that hacking in can be done.  I've seen people take control of the actual devices themselves by flaws in the security implementation, generally where something is simply misconfigured or isn't secured at all.  Nothing like finding out that all those SOP docs on security are ignored by field engineers because they have got a piece of equipment in that will only be there for a month "so there's no reason to secure it."  The problem, ultimately, is people.

Remember the Alamo, and God Bless Texas...

So what if they are?  I don't think there are any whacked out bad guys hanging out here, well except that Blazin Saddles Glory guy or something like that.  I shoot with a bunch of Gun Nut feds and Cops.  They think the gun laws are silly. Offically they enforce them and it's just a job.

Big Beat, explain? what was that?  Echelon keywords:?? what the heck are you talkin about?

i am the government hacker bent on taking away your guns. step away from the computer with your hands up.


seriously, if they want to know what is being said, wouldn't they just read the post?


[whacko]

trace routes can change each time you run them. I just did it and all the ops appeared to be in NY except for the last 1 or 2 which didn't have anything in the name indictating the location (the other ones were stuff like rochester.  syracuse.  albany.  ) it makes sense that person in florida connecting to a site that (I assume) is hosted in NY would go through DC.
I'm sure the alphabet agencies come here, but it wouldn't be detected by a trace route, they'd just have a bot download all the text just like a webbrowser does and then do keyword searches on it. the easiest way to detect it would be to check the server logs and see if any of IP addresses that connected matched gov't owned networks

Hi Feds [img]http://www.stopstart.fsnet.co.uk/smilie/wavey.gif[/img]

I think you're confusing SSH (Secure Shell, an encrypted remote access protocol similar to telnet) and SSL (secure socket layer, which is what's used to encrpyt web sessions among others).  SSH protocol 1 has been broken several times in the past because of a failure in the implementation of certain encryption algorithms.  SSH protocol 1.5 and 2 are much better.

As far as SSL being broken, SSL has been broken on several occasions, the first time I know of being in 1995 with the RC4-128-Export-40 algorithm.  128bit RC4 can be brute forced for a very modest investment in hardware in less than 24 hours.  And both SSL and SSH are succeptable to "man in the middle" attacks.  The key is fooling the client that the server certificates or keys have changed legitimately, which is not hard to do with your average internet user.

Remember the Alamo, and God Bless Texas...

I had a friend who did some research back in 1996 on analyzing text from e-mails, IRC, and USENET.  He was able to analyze text from these various messages and was actually able to find the identities of several people who posted under different names and aliases with amazing results based on common phrases, misspelled words, etc.  If some caffeined out security geek like my friend can do it on his own with modest resourcse in 1996, I have no delusions about the government not being able to do the same thing on a much larger scale.

Remember the Alamo, and God Bless Texas.

Lotboy, that is WAY too funny!!!

ROFLMAO!!!

Um, excuse me, but the only reason the government will EVER contact civilians who own guns would be to remove them from the civilians.

There is NO outside threat other than terrorism, which will only be controlled by PROFILING "radical" Islamists...But, since that is "racism" we cannot do it well. I knew that Islam was going to be a problem in the United States ever since Louis Farakhan raised his ugly little head. I gaurantee you tenfold that he will be behind a future act of terrorism.

I digress...

Of course the Feds are reading darn near every post on here. They are looking for signs of unrest and possible regrouping of militae.

I think you should check to see if you're sense of humor is enabled.  I would have thought protecting us from "communism and camel ridin" would have been a giveaway.  That, and the [b]SMILEY[/b]! [}:D]

Remember the Alamo, and God Bless Texas...

MY BAD!!!

[:D]

I honestly don't think anyone here (well, maybe all but a couple) has anything to be worried about if you are watched! Most people here aren't nuts hell bent on killing people and burning stuff. If that was the kind of people that hang out, I for one would not be here. Taking this a step farther, I would bet we have BATF, FBI, US Marshals, etc here anyway...not as spies but as regular posters! Heck, these people are just people like anyone else and probably enjoy firearms on average more than the average civilian.

I generally post about these things: firearm related stuff (the meaty details about what makes a particular gun tick), self defense stuff such as what is the best gun for this or that and ammo related stuff, the latest news about the terrorism threat and the war which is fighting it, and accessories. Most other people talk about this stuff as well and a few get into political discussions. It isn't any crime to say you are a conservative/libertarian and support those views. There are countless political ideaology websites out there. Are all these people being monitored? No way! All of this is just conversation and in no way constitutes a threat to anyone. If people were here posting stuff about how to make explosives and crap like that, then yes, their actions would probably put them under the microscope. As it should.

Again, this is a public website and can be accessed by anyone. I know that. I also do not worry about my posts because I don't talk about or have any interest in the type of stuff that would naturally draw attention. Not once have I ever read anything here that would point toward an AR-15.com member constituting a threat to anyone......everything related to firearms and shootings is geared toward self defense. Some people discuss SHTF scenarios, but if you will look all of these refer to terrorism, natural disasters or some type of riot or something. SHTF isn't used as something related to fighting off the government and stuff. Merely "how do I defend myself and family" type stuff. I'm sure the federal agents themselves value info such as that, afterall they have loved ones to worry about and care for themselves.

All of that being said, I will continue to post on the topics I mentioned which interest me. It isn't illegal or radical. And as I have said, nearly everyone here posts stuff that is also harmless..except maybe to a home invader who breaks down your door at 3 am and wants to take your life as well as your tv set! So what's to worry about? Afterall, this isn't Assweb here! If you aren't doing or discussing something that's illegal, then stop worrying! Some people are becoming so paranoid that they actually think of themselves as criminals or something. Lighten up! There are millions of gun owners across America just like you. That isn't anything to be ashamed or fearful of. If it is then rush and cancel your subscription to Guns And Ammo, Guns, American Handgunner and burn your NRA membership card, as these things will identify you as a lunatic, radical, rightwing extremist! See my point? LOL. Relax!

Unless you're doing something wrong, i can't imagine how it matters, but then again, I through my foil hat away when I started posting my name here!  I guess my belief in the constitution and its amendments gives me faith that nothing unjust will happen to myself or my family. Then again, if things unjust started happening, it wouldn't make a goddamn difference if they knew my name or not, they'd have to FIND me first!  
(I do keep a tinfoil hat for my cell phone though.)