MOSSAD's control over the Internet

Started by CrackSmokeRepublican, August 30, 2008, 02:50:55 AM

Previous topic - Next topic

CrackSmokeRepublican

MOSSAD's control over the Internet

(SITE: http://crashrecovery.org/internet/#jitter  -- is this a real site? )


The Mossad takeover of popular Webmail
MOSSAD takes over MOSNEWS.COM
Re: MOSSAD takes over MOSNEWS.COM
High Alert, good websites get taken down
Cloak and Dagger under blackbox routing attack
Compromised DNS backbone providers
Re: [IANA #91363] Compromised DNS backbone providers
Keyboard JitterBug eavesdropping
The Anti Spam Controversy
Downloads


The Mossad takeover of popular Webmail

------
Re: [IANA #91363] Compromised DNS backbone providers

Date: Sun, 15 Jul 2007 21:10:48 +0200 (CEST)
From: "Robert M. Stockmann" <stock@stokkie.net>
To: Kim Davies via RT <iana-questions@icann.org>
Subject: Re: [IANA #91363] Compromised DNS backbone providers
In-Reply-To: <rt-3.5.HEAD-12433-1184352479-730.91363-6-0@icann.org>
Message-ID: <Pine.LNX.4.44.0707152051450.25012-100000@hubble.stokkie.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Status: RO
X-Status:
X-Keywords:                

On Fri, 13 Jul 2007, Kim Davies via RT wrote:

> Date: Fri, 13 Jul 2007 11:48:00 -0700
> From: Kim Davies via RT <iana-questions@icann.org>
> To: www.healthfreedomusa.org resolves as an A record to 74.208.10.167
> * www.crystalinks.com resolves as an A record to 82.165.148.74
> * www.newworldorderchat.com resolves as an A record to 74.200.66.7
> * www.lp.org resolves as a CNAME record to lp.org

Ok, well there is indeed a weird thing going on with my own DNS servers :

  "[jackson:root]:(~)# nslookup
   > www.microsoft.com
   Server:         10.0.18.72
   Address:        10.0.18.72#53

   Non-authoritative answer:
   www.microsoft.com       canonical name = toggle.www.ms.akadns.net.
   toggle.www.ms.akadns.net        canonical name = g.www.ms.akadns.net.
   g.www.ms.akadns.net     canonical name = lb1.www.ms.akadns.net.
   Name:   lb1.www.ms.akadns.net
   Address: 207.46.19.190
   Name:   lb1.www.ms.akadns.net
   Address: 207.46.19.254
   Name:   lb1.www.ms.akadns.net
   Address: 207.46.192.254
   Name:   lb1.www.ms.akadns.net
   Address: 207.46.193.254
   > www.healthfreedomusa.org
   ;; Got SERVFAIL reply from 10.0.18.71, trying next server
   ;; Got SERVFAIL reply from 10.0.18.72, trying next server
   Server:         10.0.18.84
   Address:        10.0.18.84#53

   ** server can't find www.healthfreedomusa.org: SERVFAIL
   > www.crystalinks.com
   ;; Got SERVFAIL reply from 10.0.18.71, trying next server
   ;; Got SERVFAIL reply from 10.0.18.72, trying next server
   Server:         10.0.18.84
   Address:        10.0.18.84#53
   
   ** server can't find www.crystalinks.com: SERVFAIL
   > www.newworldorderchat.com
   ;; Got SERVFAIL reply from 10.0.18.71, trying next server
   ;; Got SERVFAIL reply from 10.0.18.72, trying next server
   Server:         10.0.18.84
   Address:        10.0.18.84#53
   
   ** server can't find www.newworldorderchat.com: SERVFAIL
   > www.lp.org
   ;; Got SERVFAIL reply from 10.0.18.71, trying next server
   ;; Got SERVFAIL reply from 10.0.18.72, trying next server
   Server:         10.0.18.84
   Address:        10.0.18.84#53
   
   ** server can't find www.lp.org: SERVFAIL
   >
   [jackson:root]:(~)# "

The above results are obtained, when my named.conf has no forwarder
nameservers active. If I activate the forwarders from my ISP inside
named.conf :

        // INTER.NL.NET
        forwarders { 217.149.196.6; 217.149.192.6; };

I get the following results :

  "[jackson:root]:(~)# nslookup
   > www.healthfreedomusa.org
   Server:         10.0.18.71
   Address:        10.0.18.71#53

   Non-authoritative answer:
   Name:   www.healthfreedomusa.org
   Address: 74.208.10.167
   > www.crystalinks.com
   Server:         10.0.18.71
   Address:        10.0.18.71#53
   
   Non-authoritative answer:
   Name:   www.crystalinks.com
   Address: 82.165.148.74
   > www.newworldorderchat.com
   Server:         10.0.18.71
   Address:        10.0.18.71#53
   
   Non-authoritative answer:
   Name:   www.newworldorderchat.com
   Address: 74.200.66.7
   > www.lp.org
   Server:         10.0.18.71
   Address:        10.0.18.71#53
   
   Non-authoritative answer:
   www.lp.org      canonical name = lp.org.
   Name:   lp.org
   Address: 74.53.96.35
   >
   [jackson:root]:(~)# "

After consulting with the tech support desk of my ISP, INTER.NL.NET
they assured me that the ip-number of my ADSL connection , 82.215.30.181 ,
has no restrictions imposed of any kind, like those needed
for a DNS name server. This means that higher upstream my ip-number
is somehow blocked from direct DNS access to certain backbone DNS
nameservers.

If you can find out how my ip-number is blocked, you may be able
to prevent future DNS blocking on other nameservers, which may have
a more drastic impact on blocking whole parts on the internet.

> The only address for which we could not resolve a DNS record for was
> www.mediabypass.com. This is due to SERVFAIL errors with the two
> authoritative  name servers for the domain, which is a problem with the
> name server operators  for the domain, not with any "DNS backbone".
>
> As to your list of WHOIS outputs, we do not see anything wrong with
> them. We note you have listed WHOIS records for 'host' objects like
> 'TUCOWS.COM.RESPECTED.BY.WWW.DNDIALOG.COM' as well as for 'domain'
> objects like 'TUCOWS.COM' -- perhaps that is causing you some
> confusion. The two are unrelated objects in the database.
>
> If you have evidence of actual problems with the Internet whereby
> there are security problems, or any erroneous data -- we will happily
> research them. However nothing you have provided shows any indication
> of such problems.
>
> With kindest regards,
>
> Kim Davies
> Internet Assigned Numbers Authority
>

I thank you for your response,
Best Regards,

Robert
--
Robert M. Stockmann - RHCE
Network Engineer - UNIX/Linux Specialist
crashrecovery.org  http://www.bind9.net/dnshealth

[2] "UPDATE: Lessons learned from Internet root server attack"
By Carolyn Duffy Marsan, Network World, 02/08/07
http://www.networkworld.com/news/2007/0 ... -hack.html
After the Revolution of 1905, the Czar had prudently prepared for further outbreaks by transferring some $400 million in cash to the New York banks, Chase, National City, Guaranty Trust, J.P.Morgan Co., and Hanover Trust. In 1914, these same banks bought the controlling number of shares in the newly organized Federal Reserve Bank of New York, paying for the stock with the Czar\'s sequestered funds. In November 1917,  Red Guards drove a truck to the Imperial Bank and removed the Romanoff gold and jewels. The gold was later shipped directly to Kuhn, Loeb Co. in New York.-- Curse of Canaan