-----BEGIN PGP SIGNED MESSAGE----- I wrote earlier that I thought the penet attack was a forked strategy intended to out anon users and flood anon.penet.fi. Now I'm not so sure it was forked. I remember trying an experiment a while back, where I posted a message to alt.test and saved all the replies. There were less than a dozen. misc.test provides much better response. That lessens the probable impact of the return traffic to a rough multiplier of 10. And given the time spread (my experiment yielded replies over 4 days), I don't know if this can be counted on to yield a denial-of-service attack. (I suppose it's possible the perp might be trying to spam penet in the original sense, by trying to overrun arbitrary limits in the server) That leaves outing as the motive. Now I'm wondering if the idea is to out as many people as possible, or if the perp is searching for a particular party or parties. The formation of the messages (from reports... I don't get alt.test locally) appears tailored for some kind of automated data collection. - -- Roy M. Silvernail [ ] roy@sendai.cybrspc.mn.org PGP public key available by mail echo /get /pub/pubkey.asc | mail file-request@cybrspc.mn.org These are, of course, my opinions (and my machines) -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLjh9+hvikii9febJAQFMqwP7B1fmRFT2BHSh1N4PseiexsxZOcQ4xxJz HzddvlkcditxGjdOUMD3HAzosIKr1IBj0mk1N9bnE2L6nBR4L6583wF551CTOEVD h9SvPp10N+FDT34DmYsb9yGoL7OXMK5Bov76++liE16NEaIdI5YvspCZ1hdcjzH0 Zhq2tV+Vhhw= =Frx+ -----END PGP SIGNATURE-----