The DoD scanned my ports yesterday

Hey, nazi: the only thing I did in my life was to rescue two kids from drowning at once, so... GET OFF MY BACK YOU F**KIN' NAZI S**T!

WHOIS:
rgName: DoD Network Information Center
OrgID: DNIC
Address: 3990 E. Broad Street
City: Columbus
StateProv: OH
PostalCode: 43218
Country: US

NetRange: 55.0.0.0 - 55.255.255.255
CIDR: 55.0.0.0/8
NetName: RCAS
NetHandle: NET-55-0-0-0-1
Parent:
NetType: Direct Allocation
NameServer: NS01.ARMY.MIL
NameServer: NS02.ARMY.MIL
NameServer: NS03.ARMY.MIL
Comment: Army National Guard Bureau
Comment: NGB-RC-SDE
Comment: Newington, VA 22020-8510 US
RegDate: 1996-10-26
Updated: 2004-05-03

RTechHandle: NGBNO-ARIN
RTechName: NGB NOC
RTechPhone: ************
RTechEmail: ************

OrgTechHandle: **************
OrgTechName: Network DoD
OrgTechPhone: ****************
OrgTechEmail: ***************

# ARIN WHOIS database, last updated 2005-12-27 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.


Why waste taxpayers money spying on moi?
Get the criminals in the WH who R destroying the US instead! :shrug:

to plant a worm that will report back?

:eyes:

Where do you look? At the stuff a firewall would report? Or? :shrug:

:-)

you do a whois lookup here...
http://www.whois.sc
or here...
http://www.betterwhois.com

plug in any domain name and see the results =)

peace

to make the process a little easier for people -- I don't have time to go through the logs every day, that's for sure.

Thank you, bpilgrim.

Speaking from a very elementary level here.

tab.

http://www.google.com/search?hl=en&lr=&safe=off&q=%22OrgTechName%3A+Network+DoD&btnG=Search


See:
http://www.darkgovernment.com/board3/viewthread.php?tid=2281

http://www.bigbruin.com/forum/post-41276.html

http://www.abovetopsecret.com/forum/thread67496/pg6

Army National Guard is checking up on you....on us?

So.. it's the DoD in Ohio, that accessed my computer (I'm not sure if my firewall blocked it, or if they got through), have to check the archive again.

I'm sorry... can anyone answer us about WHY we'd be spyed upon by the Dept. of Defense? The "whois" for my scan is as follows:
OrgName: DoD Network Information Center
OrgID: DNIC
City: Columbus
StateProv: OH
PostalCode: 43218
Country: US

Hmmmm. I'm not of Selective Service age or sex. I have never been in the military. I have never attempted to join the military. I support the troops. I knit hats for babies of poor families, I am the completely and absolutely law-abiding and model citizen, I help elderly ladies with their packages when I go to the post office.... so WHY WHY WHY are they scanning MY computer??????????????? :grr:

What do they want? Does signing up for John Kerry for Prez, or Dean for America, or MoveOn, or DU, cause them to spy on us??? Is this America or Russia? Or China? I'm so sad... :-( What has happened to our beautiful country?

This is not a scam, it's the real deal. I found a numerical "handle" on my firewall archive and looked it up.

ON EDIT: Then, I think.. in my optimistic fashion, that maybe this was from an attempt to put pop ups or other ads for recruiting purposes on our computers... could it be as innocent as that??? I just hate to think my government has really gone all Stalin on us.

. . . Lord knows what they've got on some of us. But . . . hang in there, friend. We will overcome these Nazi thugs. The tide is going to turn.

:thumbsup:

However, it's usually considered bad form to nmap ("scan") someone who hasn't first probed you.

stock of the world. I want him to spend sleepless nights on end. I want junior to have stomach problems to the point he can't eat. I want junior to have the worse case of hemorrhoids ever known to man. I want junior to go into seclusion and afraid to make a press conference, for fear of hearing laughter & chortling & and loud giggles, afraid he'll hear his mother (Barbara) break out in an ear splitting horse laugh

I want junior arrested for war crimes and hauled off to the Hague.

I want the GOP to cringe every time his name is mentioned.

Impeachment would be to good for this asshole.

Hauled off to the Hague,

and totally humiliated in front of the whole world

People need to wake up and see how we have been lied to from everything from 9/11 to Katrina to the widespread satellite surveillance they are engaging in now.

n/t

I just assume now that when I make an innocent phone call, or write an email, I am not alone anymore. We all have a 'minder' it seems.

The reports I have read say that every International call has been monitored. That means my very own personal Bush spy knows what my friend's family had for dinner on Christmas Day. He also the very important information on all the children's birthday parties, who gave them what for Christmas, what the weather was like, who won the last soccer game etc. I know this is 'for our safety' although for the life of me, I'm just too ignorant to figure out what all this has to do with 'the war on terror'!!

I don't have a firewall, but I assume they are spying on everyone now. If they are not, then Bush won't mind releasing all the records on just who they targeted. I believe he said recently that they only listened in on 'groups that bomb weddings, buildings etc.' So where are those terrorists? And does this mean that Quakers have been bombing weddings all this time and no one told us? Or that Catholic group who feed the poor? Hans Blix was bombing weddings?

But this is all to preserve our 'freedoms', right? :sarcasm:

The spooks are just as capable of registering anonymous space as anyone else.

If I was a spook and wanted to infiltrate your network, I would do it from space registred to John Doe.

Far more likely its either spoofed, or an infected machine on that network.

1. They only scan after coming to this site or a simular politically inclined one.
2. I work in a corp that is international - It takes our IT TEN minutes to find the workstation with an infection. An that's on the long side.
3. Change your ip dynamically, then watch your logs before and after go to a democratic site.
4. Think about this. --And yes I'm certain they are using other names as well... But I belong to a group that watches their firewalls and adds to a list of repeat offenders.
5. Spoofers don't care what political side you are on.

If they are relegated to being script kiddies.

IT departments vary wiidly in their capabilities. In my experience government IT departments are some of the most inept.

I hear what you are saying, Im just saying that the real spooks are far sneakier, more aggressive and more insidious.

It seems that would be a good research project here at DU versus, say, 1)Disney.com, 2) Free Republic, 3) DNC, and 4) RNC.

Can you send a request to Skinner with a complete How-To so we can try this and publish the results?

How do you dynamically change your IP?

I use McAffee and I am sure that they would create software what would allow them in... FOr some reason, I do not trust my firewall maker

it's entirely possible that some idiot over there got his computer infected with a virus and it's just trying to get to whatever computers it can find. :)
There are plenty of people out there who don't know a virus scan from a firewall.
Speaking of which... I need to update my virus definitions...

had PC's infected by Trojans and worms, etc.

A few articles:

"DOD operates 3.5 million PCs and 100,000 local-area networks at 1,500 sites in 65 countries, and it runs thousands of applications on 35, major voice, video and data networks, including the Non-Classified IP Router Network, which is connected to the Internet and the Secret IP Router Network, which is not.

The networks provide combat information to civilians, warfighters and analysts in support or warfare roles, but the networks represent a key vulnerability.

DOD networks were hacked 294 times in 2003, said retired Air Force Lt. Gen. Harry Raduege during an industry luncheon briefing in December 2004. He is the former commander of the Joint Task Force for Global Network Operations (JTF-GNO), the organization that operates and defends DOD networks." http://www.fcw.com/article90262-08-22-05-Print (Usually organizations and businesses that rely on secure systems protecting confidential data don't like to admit when they've been successfully hit and compromised. So I wonder about that 294 number.)

"MAY 12, 2005 (IDG NEWS SERVICE) - A 21-year old Indiana resident was slapped with a 21-month jail sentence for his role in a hacking attack that compromised computers at the U.S. Department of Defense, according to law enforcement officials." http://www.computerworld.com/securitytopics/security/hacking/story/0,10801,101670,00.html

And my personal favorite:

"In 2002, the Department of Justice indicted (in absentia) a resident of the UK, Gary McKinnon, of hacking into DOD and NASA computers and causing almost a million dollars worth of damages. Yesterday, they got around to trying to extradite him for trial.

McKinnon, a self described UFO fan, was apparently searching for files labeled "Area 51" or other evidence that the US is concealing all it knows about extraterrestrial life. McKinnon says that any damage was accidental, when he tried to cover his tracks by erasing data. He must have been disappointed, as he found nothing about UFOs." http://www.defensetech.org/archives/001710.html

Somebody who works there in a non-computer security related position but still has a desktop computer that he uses to type up reports and look at porn during work breaks? Quite possible.

earlier this year or maybe lasst year, too.

Can't recall who it was though.
Maybe an announcement to see how many others of our gang have had this happen?

Can you help me find out if they were messing in my business? Please?

The log on my computer is showing sites that have only numbers listed. How do I track them?
One, for instance, is;
189.125.83.217
I tried Google and got nowhere.

go to www.whois.sc and paste or type the number into "search Name Spinner"

:hi:

189.125.83.217

Blacklist Status: Clear
Cached Whois: Cached today
Record Type: IP Address
IP Location: Uruguay Uruguay - Lacnic
Reverse IP: No websites hosted using this IP address
Reverse DNS: not set

carry messenger spam or other stuff often from "owned" PC's scanning for unfirewalled PC's. To determine that one needs to see the ports involved, type of scan, etc., detailed info one gets from a firewall log. Not just running a whois to see what domain comes up. But apparently many folks don't want to hear that based on earlier threads on the subject here.

I have spent some considerable time watching this. Feel free to do your own studies, mine is limited I will admit, but it never failed after visiting a political site.

without your knowledge, seems kinda sloppy to leave big old footprints like that, slamming against firewalls. If your firewall "stealths" your PC it wouldn't respond to a scan anyway.

But again, it takes more detailed info than just a resolved domain name to tell whether the IP is likely spoofed, it's messenger spam, misconfigured internal LAN IP's broadcasting on the net, infected machines scanning for vulnerable PC's (yeah sometimes even DOD PC's are vulnerable), etc.

I previously posted threads from BBR Security forum in another thread. Here's one example. http://www.broadbandreports.com/forum/remark,6746075?hilite=dod+scans

But if you really want someone to look and analyze it, go there and post (don't have to register to post) http://www.broadbandreports.com/forum/security

Seriously though:

What information should people look for to tell if they're possibly being scanned by "the real deal" or not.

I also heard somewhere the the government has a program routinely scans random nodes looking for open ports to assess vulnerabilities-- presumably to make us safer.

Peerguardian prevents major corporations, music and movie companies, government agencies (both local and national) around the world, known spyware, hijacked ip's, frequent port scanners and P2P monitoring agencies from connecting to your computer. I highly recommend everyone use it, it's free and open source.

http://phoenixlabs.org/

and provides nothing more than a false sense of security.

All you have to do is use an unblacklisted or dynamic IP to defeat the program. The other features can be found in a firewall and spyware defeated by tweaking and patching your system along with common sense.

The DOD hit was most likely some military guy either using a filesharing application the OP was connected to or cruising the OP's webpage. As was mentioned before, if a goverment entity wants to spy on you, then you in all likelihood would never know.

I'm sorry but it does. Seeing as I have no filesharing programs on board, why does the DoD sniff after visits to dem sites?

I'm serious, those of you who are on dynamic attachments -- Do some testing.

--All you have to do is use an unblacklisted or dynamic IP to defeat the program. The other features can be found in a firewall and spyware defeated by tweaking and patching your system along with common sense.

--Their blacklisting is based on ranges that have been purchased by different entities. So dynamic will not help them. Also, they check all new sniffs and add them to the list weekly.

If you are looking for 100% protection you will never find it. By your definition anti-virus software is junk because it doesn't protect against viruses is doesn't have definitions for, anti-virus software can be "defeated" but that doesn't mean don't use it. You would be surprised what I have logged on peerguardian being blocked from connecting.

"The other features can be found in a firewall and spyware defeated by tweaking and patching your system along with common sense."

Try blocking 75% of all ip addresses in existence on your firewall, just watch the cpu usage go to 99%. Unlike peerguardian, firewalls are not about who connects to you computer but about what is connected to.

Thanks.

tonight. I'll give it some more time, but something that crashes that much isn't worth messing with.

Is there one for people who don't have a Mac?

Tammy

If someone reads Spanish, please tell me what this site is about. Thanks.

http://news.yahoo.com/s/ap/20051228/ap_on_hi_te/spy_agency_privacy I found this apropos to our discussion. Within that article, there is an interesting tidbit that it is illegal for a govt agency to use anything more than a "temporary cookie". Read it... and let's all figure out why the DoD is scanning us?

If the DoD can scan my computer, the computer of a suburban soccer mom, then you can just imagine who else they're spying on. Now.. to my firewall's credit, it rejected their attempts.. but there were numerous.

those who may not be familiar with him he was what some might call a pioneering privacy advocate on the net. His site: http://www.computerbytesman.com/

And, btw, apparent DOD scanning isn't "spying" on your computer. You've got a firewall blocking scans. If it's "stealth" it doesn't even respond to the scans. And if it does respond (like ident) it just tells them the IP is online, not what you're doing. The majority of exploits that compromise PCs with firewalls are done the old fashioned way using behavioral pyschology, people open attachments, downloads something from the net, IM and such. Scanning a firewalled PC basically doesn't do shit.

Rather than get concerned about persistent cookies and firewall logs of blocked scans, folks should focus on this simple fact:

If the gov't really wants to know what you're doing, they plug in at the pipe and capture everything you do online, without you being any the wiser. And that's precisely what all the uproar about is about: the NSA's been scooping up communications via the telecommunication pipes. And when they do this they don't bother to leave their calling cards on your firewall logs.

And I just checked my my Log Viewer and the DoD hasn't been snooping on my computer (but I'm at home on Winter Break...I still have to check my computer in my dorm).

But I seem to be getting a lot of blocked attacks from China for some reason 0_o

eom

if Dems of course. Maybe try contacting a TV news station of local news paper. You could also send it to Randi, Mike Malloy or any other progressive talkers. The ACLU may also be interested. Make some waves with this, I would!! With all the domestic spying in the news someone may pick up on this.

If you can post this info, it would be a great help in determining what is happening. You can probably see this in your firewall log file. Just look for that 55.x.x.x address and see what tcp and udp ports are being hit. Thanks.

parked across the street (even if I observe all laws, contrary to some whose middle name begins with W.). I read the story of Hope here a coupleof days back, about how they 'illegaly' almost 'kidnapped' her without even bothering to read her her rights first.

I really don't want to get 'dissapeared' into the night with no traces left behind... and get "flown" to Poland to be tortured for I don't know what reason these criminal dominionist MANIACS might get their selfish 'fun' from...

Anyway: I withheld a few information in my OP (if "they" do 'it' again...)

Here is what my sygate log reported about the port numbers:

Somebody is scanning your computer.
Your computer's UDP ports:
1028, 1029, 1025, and 1027 have been scanned from 55.138.107.151..

:wtf:

Does anyone know what the eff this is all about? I think this is creepy...we all know the Chinese, Russians etc. are constantly on the internet scanning and pinging computers, but the DOD? :eyes:

Whoa....

running XP. I have never had a firewall before because I thought I couldn't have one using a networked cable router. I know, I don't know everything about computers so sometimes I assume wrong.

Anyway, what kind of firewall should I be installing on this new computer to watch out for things like this?

over. I can't find it (the free version) on their site now (and I don't have time to search for it right now b/c I'm working, sorry for that)

http://www.sygate.com/

There are alternatives DU'ers wrote about in this thread,
maybe you could try one of 'em.

Side note:

Sygate just 'logged' another 'scan' today...

Not from inside the US but 'passed by' a 'suspicious' route: (?)

warw1br1-2-0-1.war.uk.ip.att.net

Could be kids playin' useless tricks (?)

or .this illegal spying scandal. (???)

Suspicious, nonetheless... :scared:

using the DoD name?

:shrug:

It's scary, nonetheless.

a supply site for the DOD.

I'd like to ban them from access to my various websites, mainly out of spite, but I also don't like having my free speech monitored.