banane

Tech Post #6: Defensive Learning

Back in college, I got to know UNIX better because someone changed my “.profile” to 1-800-hot-sex. So when you log onto the system and type “who” to see who else is online, on the list of users is a girl named “1-800-HOT-SEX”. Hilarious!

Needless to say, in the span of a day I learned how to use vi, I learned about dot files, I learned to finger, I learned about environment variables- basic UNIX stuff, sure, but why learn it? Ah, those geeky boys really know how to make friends fast.

Well, it’s happened again- yet this time I’m going on the offensive. I’ve been getting some strangely anonymous and malicious comments on a multi-user blog I sometimes write for: sf.metblogs.com. I don’t think it’s my friend- who has a very derisive form of humor- but I’m not ruling him out.

In trying to identify this “anonymous”- is anyone really anonymous on the internet?- commenter, I’ve learned in more detail about nslookoup, whois, and traceroute. Sure, I’ve used those before but now I have far more of a purpose. And, it really helps the research for various espionage fiction projects, too.

Who writes anonymous emails? Those that think their opinion is important without context- that they contribute something with the vitriol of the invisible blanket, but without the confidence of standing behind their words. I hear a DJ say recently- “I come on the air every day and state my opinions, and that’s a lot harder than all those anonymous commenters out there.” I have to say he’s right- it’s like the reason to pick a pen name or not- it’s a lot harder to stand behind your history of bad writing and stupid opinions.

Back to sleuthing- my first method was to cross-check this person’s IP against the weblogs on both systems. Then, I did the whois/traceroute/nslookup- thanks to nameless Geek #1. Then, I figured out a few things, generally. It’s like CSI_ ascii style.

Last bout of lookup involved diving even deeper- thanks to anonymous Geek #2. There are basically a lot of things you can do given an IP. And, turns out, it’s a static IP.

Did you understand anything in this post so far? Then if you are, you’re a validated geek, and, for some of you, you get a glyph, like Lauren: “==”.

Share and Enjoy:

This entry was posted on Friday, January 12th, 2007 at 5:11 pm and is filed under about writing, technology. You can follow any responses to this entry through the RSS 2.0 feed. View blog reactions Stumble it! You can leave a response, or trackback from your own site.

Nancy

good sleuthing. now, are you going to 'out' them?

Mr. Reginald Expression

You may enjoy:
http://xkcd.com/c208.html

BTW dig >> nslookup.

>in the span of a day I learned how to
>use vi
>
that is pretty funny. especially if you
imagine keanu reeves saying it... "whoa,
i *know* vi."

Claude Monet

What does a .profile have to do with
the "who" command?

For a good discussion of anonymity on
the internet, you may wish to read
about "the nymity slider" [this is
the horse's mouth version:
http://www.cypherpunks.ca/~iang/thesis.html]
but there are no doubt shorter versions
around somewhere.]

In addition to Ian Goldberg's work, you
can also look up "TOR router" or "onion
routing" for more discussion about
anonymity on the internet.

You know your derisive friend actually
works at the lab traceroute [and quite
a few other "internet tracing and
measurement tools"] came from.

You might also want to read about NAT. Especially before going wild with nmap.
And pointing nmap to random sites is
usually considered kind of obnoxious.

>From:enge@almaden.ibm.com/To:firewalls@greatcircle.com
>Just because my house is on a public street, it doesnt
>mean you try my windows looking for an open one. In my
>personal opinion, probing a piece of the network where
>you aren't invited is certainly bad etiquette.