|
|
| Anonymous 2005-01-06, 5:45 pm |
| Is there a way to forge or conceal the NNTP-Posting-Host and
X-TRACE headers? The use of Proxys does not do the trick.
| |
| Juergen Nieveler 2005-01-06, 5:45 pm |
| Anonymous <Use-Author-Supplied-Address@[127.1]> wrote:
> Is there a way to forge or conceal the NNTP-Posting-Host and
> X-TRACE headers? The use of Proxys does not do the trick.
Hopefully not. While there are legitimate reasons for anonymity,
Hipcrime isn't one of them.
Juergen Nieveler
--
Sex is like air: no big thing, unless you aren't getting any
| |
| MikėCampbell 2005-01-06, 5:45 pm |
| Anonymous pretended :
> Is there a way to forge or conceal the NNTP-Posting-Host and
> X-TRACE headers? The use of Proxys does not do the trick.
It depend on what server you are using.Some accept changing them others
don't.
To answer your question it can be easily done.
--
Mike.
| |
| Anonymous 2005-01-06, 5:45 pm |
| Anonymous pretended :
[vbcol=seagreen]
> It depend on what server you are using.Some accept changing them
> others don't. To answer your question it can be easily done.
If you ever meet someone who actually knows how to do it, perhaps
you could ask them to let us know how?
| |
| emperor 2005-01-06, 5:45 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In article <M331IHVP38358.204375@anonymous.poster>
Anonymous <Use-Author-Supplied-Address@[127.1]> wrote:
>Is there a way to forge or conceal the NNTP-Posting-Host and
>X-TRACE headers? The use of Proxys does not do the trick.
Is this
"alt.support.hipcrime.because.im.too.cowardly.to.flood.under.my.own.nym"?
Now XXXX off, nitwit.
*** emperor
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQA/ AwUBQd1LtTk6FTOF+YXVEQK8HACg9RovhkLS1x1H
YMn7UFVA9HXa+A8AnArD
5nerCkipNP0Xr2ZoutcA2MVJ
=twsO
-----END PGP SIGNATURE-----
| |
| emperor 2005-01-06, 5:45 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In article <mn.33177d510932af6a.23442@msn.com>
MikėCampbell <mike.campbell.28nospam@msn.com> wrote:
[snip bollox from some coward]
>It depend on what server you are using.Some accept changing them others
>don't.
>To answer your question it can be easily done.
Like you did with your "Path:"-header?
Path: [...]!news.bananasplit.info!Mikes.news.com!not-for-mail
^^^^^^^^^^^^^^
Do you own or have permission to use the valid domain "news.com"?
*** emperor
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQA/ AwUBQd1LyDk6FTOF+YXVEQJmwgCfQCpkdiwLVzXh
WXY7e9gf6NCBelsAniVj
K5g/4ZVEuTqAmgYlpySeGZhw
=Uw5T
-----END PGP SIGNATURE-----
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 06 Jan 2005 13:11:45 GMT, MikėCampbell wrote in
Message-Id: <mn.33177d510932af6a.23442@msn.com>:
> It depend on what server you are using.Some accept changing them others
> don't.
> To answer your question it can be easily done.
NNTP-Posting-Host and X-Trace are added at the server, the user
generally has no control over them. You posted through Bananasplit
which deletes them from local postings using a PERL script. The Path
header is a different story; a poster can "pre-load" that with anything
they like. This can even be used to prevent propagation to specific
news services. Why anyone would want to do such a thing is a different
matter. 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFB3VEUlKZ6CY7Vd0MRAl9LAJ9pr2kiMSlz
2vRW3RVx5aTVzUvz1wCgiDkM
ksKJglr7daMEzTTaP5X0CpA=
=NPTL
-----END PGP SIGNATURE-----
--
pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
uid Admin <admin.bananasplit.info>
| |
| Nomen Nescio 2005-01-06, 5:45 pm |
| On 6 Jan 2005, Anonymous <Use-Author-Supplied-Address@[127.1]> wrote:
>Is there a way to forge or conceal the NNTP-Posting-Host and
>X-TRACE headers? The use of Proxys does not do the trick.
You could start by putting a gun to your head and pulling the trigger,
you spamming XXXX.
| |
| MikėCampbell 2005-01-06, 5:45 pm |
| emperor used his keyboard to write :
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> In article <mn.33177d510932af6a.23442@msn.com>
> MikėCampbell <mike.campbell.28nospam@msn.com> wrote:
>
> [snip bollox from some coward]
>
>
> Like you did with your "Path:"-header?
> Path: [...]!news.bananasplit.info!Mikes.news.com!not-for-mail
> ^^^^^^^^^^^^^^
>
> Do you own or have permission to use the valid domain "news.com"?
>
>
> *** emperor
>
> -----BEGIN PGP SIGNATURE-----
> Version: N/A
>
> iQA/ AwUBQd1LyDk6FTOF+YXVEQJmwgCfQCpkdiwLVzXh
WXY7e9gf6NCBelsAniVj
> K5g/4ZVEuTqAmgYlpySeGZhw
> =Uw5T
> -----END PGP SIGNATURE-----
It picks it up as from my own local server.Do i need permission to call
my own local server a name?
--
Mike.
| |
| Anonymous via Panta Rhei 2005-01-07, 2:45 am |
| In article < Xns95D67D32C2976juergennieveler@nieveler
.org>, Juergen Nieveler
wrote:
>Anonymous <Use-Author-Supplied-Address@[127.1]> wrote:
>
>
>Hopefully not. While there are legitimate reasons for anonymity,
>Hipcrime isn't one of them.
>
Time to show my ignorance:
What is "Hipcrime"?
Why is it a "Bad Thing"(tm) ?
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.dyndns.org
for abuse and hashcash info.
| |
| Juergen Nieveler 2005-01-07, 7:45 am |
| Anonymous via Panta Rhei <anonymous@panta-rhei.dyndns.org> wrote:
> Time to show my ignorance:
>
> What is "Hipcrime"?
>
> Why is it a "Bad Thing"(tm) ?
Hipcrime is a script-kiddie-tool to create fake
Usenet-control-messages (that let you create your own groups), and is
also heavily used to flood newsgroups with drivel to make them
unusable.
Recently, a script kiddie used it to flood all of Usenet with posts
that had a follow-up set to news.admin.net-abuse.email - you might
have seen some of them, they were all cannibal recipes.
The person Hipcrime (the one who wrote the tool) is about as bad as
trolls will ever get, and if he ever happens to fall into the hands
of a Usenet admin, he'll probably have a nasty accident or two before
being sent to southern Cuba:
http://www.killfile.org/dungeon/why/hipcrime.html
Juergen Nieveler
--
Wife who put husband in doghouse soon find him in cat house.
| |
| emperor 2005-01-07, 7:45 am |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In article <mn.34247d51b49877cf.23442@msn.com>
MikėCampbell <mike.campbell.28nospam@msn.com> wrote:
>emperor used his keyboard to write :
[snip]
>
>It picks it up as from my own local server.Do i need permission to call
>my own local server a name?
No, you don't. But using other peoples valid domains publicly w/o
permission constitutes net-abuse. Just pointing it out to you. ;o)
*** emperor
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQA/ AwUBQd5buTk6FTOF+YXVEQL0YQCffZsFU8SXl2eS
UC9IbRZ5bX3tfk8An192
T6TfJUPvpXzT8vnkJeju2Nvl
=m0/9
-----END PGP SIGNATURE-----
| |
| emperor 2005-01-07, 7:45 am |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In article <crjjbk$lbu$1@snorky.bananasplit.info>
Zax <fleegle@bananasplit.info> wrote:
[snip]
>The Path
>header is a different story; a poster can "pre-load" that with anything
>they like. This can even be used to prevent propagation to specific
>news services. Why anyone would want to do such a thing is a different
>matter.
Just for fun? :o)
*** emperor
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQA/ AwUBQd5b0Dk6FTOF+YXVEQLiUwCfYClfhV0NfCGI
x8miHJzPAh+IKoQAoIbh
mPmjhW4EpPrcW/k9Fr8Dpre8
=yW5b
-----END PGP SIGNATURE-----
| |
| MikėCampbell 2005-01-07, 5:45 pm |
|
emperor used his keyboard to write :
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> In article <mn.34247d51b49877cf.23442@msn.com>
> MikėCampbell <mike.campbell.28nospam@msn.com> wrote:
>
>
> No, you don't. But using other peoples valid domains publicly w/o
> permission constitutes net-abuse. Just pointing it out to you. ;o)
>
>
> *** emperor
I didn't realise that.Changed it now.Thanks.
--
Mike.
| |
| enigma 2005-01-07, 5:45 pm |
|
"Anonymous" <Use-Author-Supplied-Address@[127.1]> wrote in message
news:M331IHVP38358.204375@anonymous.poster...
> Is there a way to forge or conceal the NNTP-Posting-Host and
> X-TRACE headers? The use of Proxys does not do the trick.
>
Try the news service I'm using: www.meganetnews.com they offer no x-trace,
secure connection on port 563, secure web interface if you want it, and all
the active newsgroups. It's not free, starts at $6 per month for 5gigs. I
don't know of a free option that's reliable. Good privacy policy.
>
| |
| Juergen Nieveler 2005-01-07, 5:45 pm |
| "enigma" <nospam@nospam.org> wrote:
> Try the news service I'm using: www.meganetnews.com they offer no
> x-trace, secure connection on port 563, secure web interface if you
> want it, and all the active newsgroups. It's not free, starts at $6
> per month for 5gigs. I don't know of a free option that's reliable.
> Good privacy policy.
If he signs up with them and starts using Hipcrime, they'll keep the
money and close his account before he can say "usage policy violation",
privacy policy or not.
A commercial usenet service that gets caught harbouring a
hipcrime-kiddie faces instant UDP - the news.admin.net-abuse-people
will see to that :-)
Juergen Nieveler
--
"They misunderestimated me." George W. Bush --Bentonville, Ark., Nov. 6,
2000
| |
| enigma 2005-01-07, 5:45 pm |
|
"Anonymous" <Use-Author-Supplied-Address@[127.1]> wrote in message
news:M331IHVP38358.204375@anonymous.poster...
> Is there a way to forge or conceal the NNTP-Posting-Host and
> X-TRACE headers? The use of Proxys does not do the trick.
CREEP
>
>
| |
| enigma 2005-01-07, 5:45 pm |
|
"Juergen Nieveler" <juergen.nieveler.nospam@arcor.de> wrote in message
news:Xns95D7EDB6EC0E0juergennieveler@nie
veler.org...
> "enigma" <nospam@nospam.org> wrote:
>
>
> If he signs up with them and starts using Hipcrime, they'll keep the
> money and close his account before he can say "usage policy violation",
> privacy policy or not.
>
> A commercial usenet service that gets caught harbouring a
> hipcrime-kiddie faces instant UDP - the news.admin.net-abuse-people
> will see to that :-)
I didn't know what this site of his was, thanks for the info.
>
>
> Juergen Nieveler
> --
> "They misunderestimated me." George W. Bush --Bentonville, Ark., Nov. 6,
> 2000
| |
| Thomas J. Boschloo 2005-01-08, 7:45 am |
| -----BEGIN PGP SIGNED MESSAGE-----
Zax wrote:
| On Thu, 06 Jan 2005 13:11:45 GMT, MikėCampbell wrote in
| Message-Id: <mn.33177d510932af6a.23442@msn.com>:
|
|
|>>It depend on what server you are using.Some accept changing them others
|>>don't.
|>>To answer your question it can be easily done.
|
|
| NNTP-Posting-Host and X-Trace are added at the server, the user
| generally has no control over them. You posted through Bananasplit
| which deletes them from local postings using a PERL script. The Path
| header is a different story; a poster can "pre-load" that with anything
| they like. This can even be used to prevent propagation to specific
| news services. Why anyone would want to do such a thing is a different
| matter.
I did it once with Chris Drake <home.hccnet.nl/t.j.boschloo/netsafer> to
insure people could test my crack for his 'keylogger resistant' exe
wrapper without him coding a new version of netsafer again that the
crack didn't work for.
It worked, he gave up posting new versions to his site.
Thomas
- --
The Thraddash: "So, what's this? SNORT! An unknown alien species?"
"How wonderful! Someone new to fight!"
Full Game Win/Mac/Linux: <http://sc2.sourceforge.net>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iQB5AwUBQd/I9AEP2l8iXKAJAQG8tQMff+sMXe/dRXr6QJUnTIWyfnQC9YzSdGrw
/ l72X3m1bzY9mv9wgiISWG9ON2WhxXuO7tXuwo3p0
aokelYzgiAha7iwQIYQkfcK
7N6lKeSnfwkQ63ViwfO8hh+HVvEhmqgn1dsS7Q==
=g03x
-----END PGP SIGNATURE-----
| |
| Anonymous via Panta Rhei 2005-01-08, 5:45 pm |
| In article < Xns95D7644E655CAjuergennieveler@nieveler
.org>, Juergen Nieveler
wrote:
>Anonymous via Panta Rhei <anonymous@panta-rhei.dyndns.org> wrote:
>
>
>Hipcrime is a script-kiddie-tool to create fake
>Usenet-control-messages (that let you create your own groups), and is
>also heavily used to flood newsgroups with drivel to make them
>unusable.
>
>Recently, a script kiddie used it to flood all of Usenet with posts
>that had a follow-up set to news.admin.net-abuse.email - you might
>have seen some of them, they were all cannibal recipes.
>
>The person Hipcrime (the one who wrote the tool) is about as bad as
>trolls will ever get, and if he ever happens to fall into the hands
>of a Usenet admin, he'll probably have a nasty accident or two before
>being sent to southern Cuba:
>http://www.killfile.org/dungeon/why/hipcrime.html
>
Interesting. Where can I find a download of this?
(purely for educational use mind you)
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.dyndns.org
for abuse and hashcash info.
| |
| Nomen Nescio 2005-01-08, 5:45 pm |
| On Fri, 7 Jan 2005 15:00:23 "enigma" <nospam@nospam.org> wrote:
>
>
>CREEP
>
>
MORON/IDIOT/FUKKHED/LOSER
Flush
| |
|
|
"Nomen Nescio" <nobody@dizum.com> wrote in message
news:6f7b47178f58b9ba330eafad1d99d930@di
zum.com...
> On Fri, 7 Jan 2005 15:00:23 "enigma" <nospam@nospam.org> wrote:
>
>
> MORON/IDIOT/FUKKHED/LOSER
>
>
> Flush
FLUSH/FOAD/PERVERT/CREEP
>
| |
| MikėCampbell 2005-01-09, 5:45 pm |
| Anonymous was thinking very hard :
> Anonymous pretended :
>
>
>
> If you ever meet someone who actually knows how to do it, perhaps
> you could ask them to let us know how?
Practice your work on headers by trying to insert the reference and
message id you want to reply to so you can rejoin the thread you are in
without starting a new one with the same subject and then you will be
on the right road.
--
Mike.
|
|
|
|