forging headers
Adam Shostack
adam at lighthouse.homeport.org
Tue Nov 7 06:38:58 PST 1995
You need to send the entire headers, including such things as recieved
lines. Looking over those lines carefully will probably provide some
clues.
eg:
>From owner-cypherpunks at toad.com Sun Sep 24 20:14:32 1995
>Return-Path: owner-cypherpunks at toad.com
>Received: from relay3.UU.NET (relay3.UU.NET [192.48.96.8]) by
>homeport.org (8.6.9/8.6.9) with ESMTP id UAA18842 for
><adam at homeport.org>; Sun, 24 Sep 1995 20:14:30 -0400
>Received: from toad.com by relay3.UU.NET with SMTP
> id QQziqi14036; Sun, 24 Sep 1995 20:10:07 -0400
>Received: by toad.com id AA02191; Sun, 24 Sep 95 17:05:32 PDT
>Received: from crypto.com by toad.com id AA02182; Sun, 24 Sep 95
>17:05:26 PDT
>Received: from tpc.crypto.com by crypto.com Sun, 24 Sep 1995 20:16:16
>-0400
>Message-Id: <199509250016.UAA19204 at crypto.com>
| So I got this message. How would someone identify the sender of this
| message? I'm writing an article on anonymity, with some discussion of
| remailers, and want to argue that forging already permits people to raise
| the costs of tracing significantly, anonymous remailers or no.
|
| Lee
|
| >From: freeh at fbi.gov
| >Date: Tue, 24 Oct 95 16:07:08 -0400
| >Apparently-To: tien at well.sf.ca.us
| >X-UIDL: 814570964.056
| >
| >> How difficult is it to forge headers? How difficult is it to trace a
| >> message to the actual sender if the header is forged?
| >
| >Not very difficult at all (to forge, that is). This is a quick and dirty
| >example that should be somewhat traceable. If you want pointers on how to
| >trace it, post the whole thing, including headers, to cypherpunks.
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
More information about the cypherpunks-legacy
mailing list