LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
Search this Thread
Old 10-11-2004, 01:51 AM   #1
DrNeil
Member
 
Registered: Aug 2004
Location: Scotland
Distribution: Debian, Suse, Knoppix, Dyna:bolic, Mandrake [couple of years ago], Slackware [1993 or so]
Posts: 150

Rep: Reputation: 15
Homeland Defense ... or whatever


My logfiles are tainted by endless requests on an ex global warming site by:

WCS1-MOFFETT.NIPR.MIL
WCS2-MCPHERSON.NIPR.MIL

332 hits in one day, wow are we interested are we?

They hit all my ex sub-directories within 3 seconds. It is impossible for human beings to do that. This is not a human browsing pattern. Apparently they are harvesting something.

fighting the terrorists on Glocal Warming eh.

Nipr.mil, as Francisco suspected, is not a single domain a but a hush-hush web proxy that acts as a gateway for hundreds of U.S. military domains in order to hide their identities. It was established by the Defense Information Systems Agency (DISA) in response to a memorandum (CM-5 1099, INFOCOM) issued in March 1999 by the Chairman of the Joint Chiefs of Staff, calling for "actions to be taken to increase the readiness posture for Information Warfare." "Uncontrolled Internet connections," the document says, "pose a significant and unacceptable threat to all Department of Defense information systems and operations."


http://home.eol.ca/~dord/nipr.html

bb is watching

Last edited by DrNeil; 10-11-2004 at 02:01 AM.
 
Old 10-11-2004, 09:36 AM   #2
joe83
Member
 
Registered: Sep 2003
Location: Kennesaw GA
Distribution: Slackware-current , Slack81Zip, Smoothwall v2
Posts: 427

Rep: Reputation: 30
Thumbs down

Scary stuff. I read on /. last night that some Indy Media sites had their servers confiscated by a joint UK / Italian taskforce with FBI assistance. Wonder if there's a connection

 
Old 10-11-2004, 09:49 AM   #3
philipbrown9
LQ Newbie
 
Registered: Oct 2004
Location: Arkansas, United States
Distribution: suse pro 9.1 64bit
Posts: 13

Rep: Reputation: 0
Do you feel more secure since HomeLand Security ?
 
Old 10-11-2004, 10:10 AM   #4
joe83
Member
 
Registered: Sep 2003
Location: Kennesaw GA
Distribution: Slackware-current , Slack81Zip, Smoothwall v2
Posts: 427

Rep: Reputation: 30
"Those who would trade freedom for security deserve neither"
This quote pretty well sums up my feelings on the whole "security" issue.

I'm leaving this thread now, it has too much potential to become a political flamewar, and I have no interest in engaging in one on this site.

 
Old 10-11-2004, 11:06 AM   #5
DrNeil
Member
 
Registered: Aug 2004
Location: Scotland
Distribution: Debian, Suse, Knoppix, Dyna:bolic, Mandrake [couple of years ago], Slackware [1993 or so]
Posts: 150

Original Poster
Rep: Reputation: 15
The site had just some info about scottish related global warming incidents with a Greenpeace RSS Feed and some Weather data.

I changed it 1 week before to a plone test site.

Military personell can browse too but not so fast and excessive.

We don't do MP3/porn/anti-US etc ..

We only have additional a customer in Germany that got the German "Distinguished Cross" (Bundesverdienstkreuz) holder for services to the Environment.

Maybe the Greenpeace RSS feed triggered this :|
 
Old 10-11-2004, 09:32 PM   #6
philipbrown9
LQ Newbie
 
Registered: Oct 2004
Location: Arkansas, United States
Distribution: suse pro 9.1 64bit
Posts: 13

Rep: Reputation: 0
Could be the GreenPeace connection. I'm sure most large groups are being watched.
 
Old 10-12-2004, 04:17 AM   #7
bigjohn
Senior Member
 
Registered: Jun 2002
Location: UK - South Coast.
Distribution: Ubuntu (usually the latest....)
Posts: 2,672
Blog Entries: 9

Rep: Reputation: 45
Well I don't think that I'd worry too much DrNeil afterall, your locations says Scotland.

And while I think that Scotlands a hotbed of subversives I doubt that you'll be joining Abu Hamza in HMP Bellmarsh in the near future (unless of course, you're caught in possession of a pair of St Andrews cross under pants, posters of Alex Salmond and an SNP rosette).

I'd imagine that the spooks are just being paranoid and checking anything with possible "subversive" terminology, but trying not to leave too much of a trail (and doing a crap job of it).

Let's face it, you have to have a "bit more promise" for them to bother you.

Like given the recent anniversary of the 84 Brighton bombing. I know someone who got visited, apparently by "Special Branch", as he was one of the first photographers on the scene (he'd been doing a "Miss Wet T-shirt" comp at a club round the corner). His greatest misfortune is that he happens to be glaswegian!

So I don't think you should be too upset by "their" visit to your logfiles.

Besides, how can BB be watching from the

WCS1-MOFFETT.NIPR.MIL
WCS2-MCPHERSON.NIPR.MIL

locations ? Everyone, but everyone knows that George Orwell was a Brit, and as "WE BRITS" get all the bad guy/black hat roles in Hollywood these day's, I think I'd be more curious to learn whats going on if they ended in ".gov.uk" (maybe something like SPOOKS1-GCHQ.GOV.UK ???).

Salaams

John

Last edited by bigjohn; 10-12-2004 at 04:19 AM.
 
Old 10-12-2004, 05:34 AM   #8
TKS
Member
 
Registered: Dec 2003
Location: NC, USA
Distribution: Slackware, VectorLinux, Smoothwall, and PCLinuxOS
Posts: 40

Rep: Reputation: 15
NIPR is not hush hush foo


It is the proxy and dns service for EVERY single military base stateside. Once you go overseas it becomes SIPR which is their version of secure.

IF you have anything external to your LAN...i.e. FTP, P2P, webserver, etc....then this 'scanning' simply that. Someone from a .mil domain has visited you. With over 5000 computers on the base I'm stationed at alone (a small base) you have 5000 chances of this happening each day. The minute a .mil domain connects to another computer, they scan what that person is looking at. Being in the military means that the person surfing or connecting AGREES to monitoring. That means that the NOC for military on the base of the person is actively scanning what said person is checking out or downloading or whatever.

This is done by automated scripts through proxying dns caches and other sources (even remote desktop connection).

You're not being watched...I am. Put your conspiracy to bed in this instance. BB is watching me, not you.


TKS
 
Old 10-12-2004, 07:39 AM   #9
DrNeil
Member
 
Registered: Aug 2004
Location: Scotland
Distribution: Debian, Suse, Knoppix, Dyna:bolic, Mandrake [couple of years ago], Slackware [1993 or so]
Posts: 150

Original Poster
Rep: Reputation: 15
Hey thanks for that clarification . I was more amused than worried.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
best defense a good offense? af_dave Linux - Security 33 09-25-2004 03:35 AM
Homeland Security -- you gotta see this Patbuzz86 General 29 04-08-2004 04:44 PM
In defense of Linux haters chris26 General 156 11-13-2003 08:39 PM
Homeland Security Act bans model rockets carrja99 General 6 02-22-2003 11:15 PM
X-Com UFO defense Ric_doamaro General 6 02-21-2002 07:18 PM


All times are GMT -5. The time now is 11:47 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration