Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 3 Jul 1998 09:10:20 +0200 (SAST)
From:      Patrick Hyland <pbh@iafrica.com>
To:        freebsd-newbies@FreeBSD.ORG
Subject:   Fake mail recieved from some idiot claiming to be Tim Gerchmez
Message-ID:  <Pine.BSF.3.96.980703085320.20245A-100000@paradox.cpt.tech.iafrica.com>
In-Reply-To: <19980702192159356.AAA254.306@www.crapdomain.com.sex>
next in thread | previous in thread | raw e-mail | index | archive | help 

Some moron sent me some fake mail under the impression he couldnt be traced.
Little does he know that his mail contains a time stamp and a dynamic ip
assigned by a terminal server belonging to a UK ISP called "Net Direct".

If I wanted to I could forward this mail to abuse@ndirect.co.uk and they
could easilly trace the user. Grow up son - email isnt as anonymous as you
seem to think.

; <<>> DiG 2.2 <<>> any ndirect.co.uk 
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd ra; Ques: 1, Ans: 2, Auth: 2, Addit: 2
;; QUESTIONS:
;;	ndirect.co.uk, type = ANY, class = IN

;; ANSWERS:
ndirect.co.uk.	3631	NS	ns1.ndirect.co.uk.
ndirect.co.uk.	3631	NS	ns2.ndirect.co.uk.

;; AUTHORITY RECORDS:
ndirect.co.uk.	3631	NS	ns1.ndirect.co.uk.
ndirect.co.uk.	3631	NS	ns2.ndirect.co.uk.

;; ADDITIONAL RECORDS:
ns1.ndirect.co.uk.	13966	A	194.74.254.2
ns2.ndirect.co.uk.	3173	A	195.7.224.12

;; Total query time: 6 msec
;; FROM: paradox.cpt.tech.iafrica.com to SERVER: default -- 196.7.0.138
;; WHEN: Fri Jul  3 09:05:15 1998
;; MSG SIZE  sent: 31  rcvd: 127

Server:  cache01.ns.iafrica.com
Address:  196.7.0.138

Name:    th-pm02-23.ndirect.co.uk
Address:  195.7.225.215

This appears to be a dynamically assigned ip on a livingstone portmaster :
th-pm02.netdirect.net.uk

[pbh@paradox] ~ $ telnet th-pm02.ndirect.co.uk
Trying 195.7.224.14...
Connected to th-pm02.netdirect.net.uk.
Escape character is '^]'.


ComOS - Livingston PortMaster

login: 


Guess I ate you ?

Patrick

On Thu, 2 Jul 1998 fewtch@serv.net wrote:

> Received: from relay01.iafrica.com (relay01.iafrica.com [196.7.0.160])
> 	by paradox.cpt.tech.iafrica.com (8.8.8/8.8.8) with SMTP id BAA19015
> 	for <pbh@paradox.cpt.tech.iafrica.com>; Fri, 3 Jul 1998 01:02:50 +0200 (SAST)
> 	(envelope-from owner-freebsd-newbies@freebsd.org)
> Received: from (hub.freebsd.org) [204.216.27.18] 
> 	by relay01.iafrica.com with esmtp (Exim 1.82 #1)
> 	id 0yrsNL-0001PC-00; Fri, 3 Jul 1998 01:02:48 +0200
> Received: from localhost (daemon@localhost)
>           by hub.freebsd.org (8.8.8/8.8.8) with SMTP id MAA22502;
>           Thu, 2 Jul 1998 12:24:49 -0700 (PDT)
>           (envelope-from owner-freebsd-newbies)
> Received: by hub.freebsd.org (bulk_mailer v1.6); Thu, 2 Jul 1998 12:24:40 -0700
> Received: (from majordom@localhost)
>           by hub.freebsd.org (8.8.8/8.8.8) id MAA22467
>           for freebsd-newbies-outgoing; Thu, 2 Jul 1998 12:24:40 -0700 (PDT)
>           (envelope-from owner-freebsd-newbies@FreeBSD.ORG)
> Received: from digital.horizons.net (digital.horizons.net [208.197.220.2])
>           by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA22462
>           for <freebsd-newbies@freebsd.org>; Thu, 2 Jul 1998 12:24:37 -0700 (PDT)
>           (envelope-from fewtch@serv.net)
> From: fewtch@serv.net
> Received: from www.crapdomain.com.sex ([195.7.225.215])
>           by digital.horizons.net (Netscape Messaging Server 3.5)
>            with ESMTP id 306 for <freebsd-newbies@freebsd.org>;
>           Thu, 2 Jul 1998 15:24:09 -0400
> Date: Thu, 2 Jul 1998 15:24:09 -0400
> Message-ID: <19980702192159356.AAA254.306@www.crapdomain.com.sex>
> To: undisclosed-recipients:;
> Sender: owner-freebsd-newbies@freebsd.org
> X-Loop: FreeBSD.org
> 
> Hi, I'm tTim, or atleast you think I am Tim..... I am really the bunghole king......
> eat me if you can...
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-newbies" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-newbies" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980703085320.20245A-100000>