Can't post to usenet except through two maybe three remailers???

95% of posts are not making it through.

This has been going on for over a week.

Does anyone know what's going on???

[ Post a follow-up to this message ]

In article <8CX8F5OY38307.7360416667@anonymous.poster>
nobody@See.Comments.Header (Italy Anonymous Remailer) wrote:
>
> Can't post to usenet except through two maybe three remailers???
>
> 95% of posts are not making it through.
>
> This has been going on for over a week.
>
> Does anyone know what's going on???

Problems with the mail2news gateways. Just avoid them and use
Anon-Post-To:


--
Love and Best Wishes
Tripper

[ Post a follow-up to this message ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi !

>Does anyone know what's going on???

Because there is no challenge-response in the mixmaster dest-block feature
someone is using it to block all mail2news.
I guess this will be fixed very soon.

For now, just use a Reliable remailer as exit node:

thrasher, bigapple, dingo, hastio, italy, senshi or panta (panta requires
hashcash!).

Reliable does not have that feature, so it cant be abused.
I have built automatic dest-blocking in my reliable mod running at panta
and thrasher, but it uses challenge response.

Hope this helps,
Cheers,
panta-admin

-----BEGIN PGP SIGNATURE-----
Version: N/A

iQA/ AwUBQZqVRx2e88Id2BOOEQLcrQCfaWV2tWK4oyni
Y8kIh4zS/br6Rf0AoP6Z
xJBKbah50Lr9slmMKioD0TyJ
=pOzq
-----END PGP SIGNATURE-----
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown.  Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.dyndns.org
for abuse and hashcash info.

[ Post a follow-up to this message ]

In article <86H6N33X38308.4866203704@anonymous.poster>
panta-admin <anonymous@panta-rhei.dyndns.org> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi !
> 
>
> Because there is no challenge-response in the mixmaster dest-block feature
> someone is using it to block all mail2news.
> I guess this will be fixed very soon.
>
> For now, just use a Reliable remailer as exit node:
>
> thrasher, bigapple, dingo, hastio, italy, senshi or panta (panta requires
> hashcash!).
>
> Reliable does not have that feature, so it cant be abused.
> I have built automatic dest-blocking in my reliable mod running at panta
> and thrasher, but it uses challenge response.

This is obviously the work of cybercriminal Patrick Paris.

-=-
This message was posted via two or more anonymous remailing services.

[ Post a follow-up to this message ]

In article <CY9MSG0838308.6446064815@anonymous>
Anonymous <BigappleRemailer@Optonline.Net> wrote:
>
> In article <86H6N33X38308.4866203704@anonymous.poster>
> panta-admin <anonymous@panta-rhei.dyndns.org> wrote: 
>
> This is obviously the work of cybercriminal Patrick Paris.

Actually that is not obvious at all.

Does ANYONE find it at least a little bit suspisious that within days of Asm
odeus returning that this dest-block abuse starts happening?

I think that asmodeus is responsible, and that instead of simply begging peo
ple to use his remailer as exit, he's tryng to force the issue by attempting
 to DOS the other exit points that people normally use.

the problem is that he screwed this up too by not remembering that Reliable 
based M2N's are immune to the dest-block weakness.


Thanks asmodeus, you've once again proven you're a TLA plant.


GFY

~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown.  Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.dyndns.org
for abuse and hashcash info.

[ Post a follow-up to this message ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 17 Nov 2004 11:40:44 -0000, panta-admin wrote in
Message-Id: <86H6N33X38308.4866203704@anonymous.poster>:

> Because there is no challenge-response in the mixmaster dest-block feature
> someone is using it to block all mail2news.
> I guess this will be fixed very soon.

I doubt there will be a proper fix for quite some time.  This weakness
has been known about for a long time but the number of people with
skills to fix it properly is pretty limited.

For the time being, for those remops who use procmail, this will solve
the immediate issue.

:0 B
* DESTINATION-BLOCK.*mail2news
{
LOG="Destination Block Trapped "
:0
/dev/null
}

:0
* ^Subject:.*DESTINATION-BLOCK.*mail2news
{
LOG="Destination Block Trapped "
:0
/dev/null
}

:0
| /home/mix3/Mix/mixmaster -RM


Of course, turning off the auto-block is another quick fix.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

 iD8DBQFBnRI4lKZ6CY7Vd0MRAk8WAKCSslLUXOjo
KqjpmgnDplFYGK0VjACeON/D
mAlGFyK7Tf61kAeFk0sTWl0=
=uj7W
-----END PGP SIGNATURE-----

--
pub  1024D/8ED57743 2003-07-08 Bananasplit Operator
Key fingerprint = 796F 67E0 E890 A0BB BDAE  EBB4 94A6 7A09 8ED5 7743
uid                            Admin <admin.bananasplit.info>

[ Post a follow-up to this message ]

In article <cnj3no$l4d$1@bananasplit.info>
Zax <fleegle@bananasplit.info> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 17 Nov 2004 11:40:44 -0000, panta-admin wrote in
> Message-Id: <86H6N33X38308.4866203704@anonymous.poster>:
> 
>
> I doubt there will be a proper fix for quite some time.  This weakness
> has been known about for a long time but the number of people with
> skills to fix it properly is pretty limited.
>

It is hard to believe that unix or linux or whatever it is, is
so lacking in flexibility that the operator can't control
something like this.  But if you say thats how it is, I have to
believe you.

If I have it right, the only remailers immune to this problem
are the ones running Reliable, and those are:
panta, bigapple, asmodeus, thrasher, dingo, italy, hastio, and
senshi

[ Post a follow-up to this message ]

-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 18 Nov 2004, Zax wrote:
>On 17 Nov 2004 11:40:44 -0000, panta-admin wrote:
> 
>
>I doubt there will be a proper fix for quite some time.
>This weakness has been known about for a long time but the number of
>people with skills to fix it properly is pretty limited.
>
>
>For the time being, for those remops who use procmail, this will solve
>the immediate issue.
>
>:0 B
>* DESTINATION-BLOCK.*mail2news
>{
>    LOG="Destination Block Trapped "
>    :0
>    /dev/null
>}
>
>:0
>* ^Subject:.*DESTINATION-BLOCK.*mail2news
>{
>    LOG="Destination Block Trapped "
>    :0
>    /dev/null
>}
>
>:0
>| /home/mix3/Mix/mixmaster -RM
>
>
>Of course, turning off the auto-block is another quick fix.
>

While not addressing the lack of challenge-response issue, it would
seem to easy to modify the Mixmaster code in order to eliminate a
malicious dest-block against mail2news gateways and nymservers.

Some slight modification based upon the code already in place to eliminate
dest-block attempts against active Type I, Type II and the Remailer itself.


BiKiKii

/*

Reference Mixmaster code:

rem.c


}
/* Check whether somebody wants us to block ourselves */
buf_set(copy_addr, addr);
buf_sets(remailer_addr, REMAILERADDR);
if (doblock(remailer_addr, copy_addr, 1)) {
errlog(LOG, "Ignoring blocking request for %b from %b.\n", addr, from);
request = 2;
goto end;
}
/* Check if some evil person tries to block a known type II remailer */
num = mix2_rlist(remailer, NULL);
for (i = 0; i < num; i++) {
buf_sets(remailer_addr, remailer[i].addr);
if (doblock(remailer_addr, copy_addr, 1)) {
errlog(LOG, "Ignoring blocking request for %b from %b.\n", addr, from);
request = 2;
goto end;
}
}
/* Check if some evil person tries to block a known type I remailer */
num = t1_rlist(remailer, NULL);
for (i = 0; i < num; i++) {
buf_sets(remailer_addr, remailer[i].addr);
if (doblock(remailer_addr, copy_addr, 1)) {
errlog(LOG, "Ignoring blocking request for %b from %b.\n", addr, from);
request = 2;
goto end;
}


-----BEGIN PGP SIGNATURE-----
Version: N/A

iQEVAwUBQZ5z+vRwi/QFFzi5AQEFMwf/aQ3arKbSgncrIlX6WHJ6ESwbvtdLFrTm
 t11u3CnTimtuWJZ34E3jpIdQowQGhkB5CcH4W8AW
sUqBWg/tXKUkOZGBNqnh6uCK
 kzhZ9zbb9Cd6mZk6tG0wkLep5kRd3vvz30IRkxuy
Tg6Lxc5H+BKBQbxmYHLxR16M
HpzgJ47XIYOH/ A23hiwduU9ba6PgHpfBbXNRoY1lgSqUKMN2mlOop
LlFZvcTITpk
 nABXd+L5gCmJDmwHPzc1mGNX9E8UMtiyR6afX89q
uVjPrklFDWWTc4w3lqOEhUKQ
1fPNODK6/ U3cVmw+Tg6Y+VNNg8oPTJG1MqIylJpbQC090PBZF
/tIdQ==
=cnxM
-----END PGP SIGNATURE-----

[ Post a follow-up to this message ]

-----BEGIN PGP SIGNED MESSAGE-----

Anonymous wrote:
| In article <86H6N33X38308.4866203704@anonymous.poster>
| panta-admin <anonymous@panta-rhei.dyndns.org> wrote:
|
|>-----BEGIN PGP SIGNED MESSAGE-----
|>Hash: SHA1
|>
|>Hi !
|>
|>
|>>Does anyone know what's going on???
|>
|>Because there is no challenge-response in the mixmaster dest-block feature
|>someone is using it to block all mail2news.
|>I guess this will be fixed very soon.
|>
|>For now, just use a Reliable remailer as exit node:
|>
|>thrasher, bigapple, dingo, hastio, italy, senshi or panta (panta requires
|>hashcash!).
|>
|>Reliable does not have that feature, so it cant be abused.
|>I have built automatic dest-blocking in my reliable mod running at panta
|>and thrasher, but it uses challenge response.
|
|
| This is obviously the work of cybercriminal Patrick Paris.

Seems to have a remop signature anyways, someone who knows what he is doing!

I want to thank him or her anyways. It is a good vulnerability that
he/she has found and by exploiting it the mixmaster maintainers won't be
able to ignore it. I think a mix204b47 will see the surface soon :-)

Thomas
- --
The Thraddash: "So, what's this? SNORT! An unknown alien species?"
"How wonderful! Someone new to fight!"
Full Game Win/Mac/Linux: <http://sc2.sourceforge.net>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

 iQB5AwUBQZ8+nAEP2l8iXKAJAQFRkwMeJmgFkp8K
JhkfigMMSgY5GP7cJ0xADyNG
f3ONCigZ8HWKqUo2HgMCJtwPa0g9OQbv7TKwy/M4ql97Azg7IlJjfcSkFNu7HXeA
vpPx/Jzbm1eChsaoemGkChIOsgU1UvYDshAV0A==
=g2GT
-----END PGP SIGNATURE-----

[ Post a follow-up to this message ]

In article <419f4334$0$155$3a628fcd@reader2.nntp.hccnet.nl>
"Thomas J. Boschloo" <nospam@hccnet.nl.invalid> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Anonymous wrote:
> | In article <86H6N33X38308.4866203704@anonymous.poster>
> | panta-admin <anonymous@panta-rhei.dyndns.org> wrote:
> |
> |>Hi !
> |>
> |>>Does anyone know what's going on???
> |>
> |>Because there is no challenge-response in the mixmaster dest-block featu
re
> |>someone is using it to block all mail2news.
> |>I guess this will be fixed very soon.
> |>
> |>For now, just use a Reliable remailer as exit node:
> |>
> |>thrasher, bigapple, dingo, hastio, italy, senshi or panta (panta require
s
> |>hashcash!).
> |>
> |>Reliable does not have that feature, so it cant be abused.
> |>I have built automatic dest-blocking in my reliable mod running at panta
> |>and thrasher, but it uses challenge response.
> |
> | This is obviously the work of cybercriminal Patrick Paris.
>
> Seems to have a remop signature anyways, someone who knows what he is doin
g!
>
> I want to thank him or her anyways. It is a good vulnerability that
> he/she has found and by exploiting it the mixmaster maintainers won't be
> able to ignore it. I think a mix204b47 will see the surface soon :-)
>
> Thomas

Why doesn't he take a look at the goons from AUK, some of whom possibly migh
t
have been upset by your big buddy Doctor Who's comments about Cotse?

Why blame FA by default eh?

Now that *is* paranoia.

The Pink Panther

[ Post a follow-up to this message ]