In article <199511050620.HAA14046@utopia.hacktic.nl>, Anonymous <nobody@REPLAY.COM> wrote:
I'm sure some of you will have seen this, so sorry to toss logs on the listburn fire; still, it seemed worth reposting to CP--no, it's not entirely crypto-related, but nor is it a completely vague allegation.
It's specious.
Notice that both messages went through an unnamed site -- 134.222.9.1 and then a strangely-named site, "lp (134.222.35.2)"
Belonging to the EUnet backbone, apparently run by people who don't care much about DNS. Actually, I resolve 134.222.9.1 as `Amsterdam4.NL.EU.net'. I can ping it, but not 134.222.35.2. 134.222.35/24 also does not appear in the RIPE registry. I'm going to conclude that it was a temporary thing EUnet set up for some reason. It seems to have been replaced by amsterdam6, 134.222.228.13.
-- then through the same Vienna, Virginia (USA) site ...
...a major router at a major interconnect run by UUNET, a major provider. datasrv appaently contracted with UUNET for traffic. Naturally it would go through their network, which is centered in the US. Why isn't the NSA tapping biu.ac.il, a central Israeli news site? Routing from Net99 to them is through IBM.
The whois servers at the InterNIC and at nic.ddn.mil for MILNET Information report, ``No match for "134.222.9.1". '' and `` No match for "134.222.35.2".''
They are not comprehensive. You need to look up the network. This is silly. If the NSA were monitoring traffic with the consent of EUnet and UUNET (and note that EUnet is owned by UUNET rival PSI), they wouldn't need to play these routing games; they'd just eavesdrop at an interconnect or on the leased lines leading into it, run a rough filter over it to cut down volume, and tunnel the traffic home through other channels (probably satellite). And if they were monitoring without the consent of UUNET and EUnet, they still wouldn't play these games because the providers would be upset about the unexpected load on the expensive and overloaded transatlantic pipes. Finally, we all know how easy sniffing is at the local (LAN, ISP LAN, and especially telco) level. And we know that end-to-end encryption is the way to go. So what would we have learned if we knew the NSA was eavesdropping? Just *assume* the NSA is out to get you, design systems that resist attack, and then you can stop caring about whether you're the target. And tell your vendor you want Kerberos or IPSEC. -- Shields.