GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Debian, Suse, Knoppix, Dyna:bolic, Mandrake [couple of years ago], Slackware [1993 or so]
Posts: 150
Rep:
Homeland Defense ... or whatever
My logfiles are tainted by endless requests on an ex global warming site by:
WCS1-MOFFETT.NIPR.MIL
WCS2-MCPHERSON.NIPR.MIL
332 hits in one day, wow are we interested are we?
They hit all my ex sub-directories within 3 seconds. It is impossible for human beings to do that. This is not a human browsing pattern. Apparently they are harvesting something.
fighting the terrorists on Glocal Warming eh.
Nipr.mil, as Francisco suspected, is not a single domain a but a hush-hush web proxy that acts as a gateway for hundreds of U.S. military domains in order to hide their identities. It was established by the Defense Information Systems Agency (DISA) in response to a memorandum (CM-5 1099, INFOCOM) issued in March 1999 by the Chairman of the Joint Chiefs of Staff, calling for "actions to be taken to increase the readiness posture for Information Warfare." "Uncontrolled Internet connections," the document says, "pose a significant and unacceptable threat to all Department of Defense information systems and operations."
Scary stuff. I read on /. last night that some Indy Media sites had their servers confiscated by a joint UK / Italian taskforce with FBI assistance. Wonder if there's a connection
Well I don't think that I'd worry too much DrNeil afterall, your locations says Scotland.
And while I think that Scotlands a hotbed of subversives I doubt that you'll be joining Abu Hamza in HMP Bellmarsh in the near future (unless of course, you're caught in possession of a pair of St Andrews cross under pants, posters of Alex Salmond and an SNP rosette).
I'd imagine that the spooks are just being paranoid and checking anything with possible "subversive" terminology, but trying not to leave too much of a trail (and doing a crap job of it).
Let's face it, you have to have a "bit more promise" for them to bother you.
Like given the recent anniversary of the 84 Brighton bombing. I know someone who got visited, apparently by "Special Branch", as he was one of the first photographers on the scene (he'd been doing a "Miss Wet T-shirt" comp at a club round the corner). His greatest misfortune is that he happens to be glaswegian!
So I don't think you should be too upset by "their" visit to your logfiles.
Besides, how can BB be watching from the
WCS1-MOFFETT.NIPR.MIL
WCS2-MCPHERSON.NIPR.MIL
locations ? Everyone, but everyone knows that George Orwell was a Brit, and as "WE BRITS" get all the bad guy/black hat roles in Hollywood these day's, I think I'd be more curious to learn whats going on if they ended in ".gov.uk" (maybe something like SPOOKS1-GCHQ.GOV.UK ???).
Distribution: Slackware, VectorLinux, Smoothwall, and PCLinuxOS
Posts: 40
Rep:
NIPR is not hush hush foo
It is the proxy and dns service for EVERY single military base stateside. Once you go overseas it becomes SIPR which is their version of secure.
IF you have anything external to your LAN...i.e. FTP, P2P, webserver, etc....then this 'scanning' simply that. Someone from a .mil domain has visited you. With over 5000 computers on the base I'm stationed at alone (a small base) you have 5000 chances of this happening each day. The minute a .mil domain connects to another computer, they scan what that person is looking at. Being in the military means that the person surfing or connecting AGREES to monitoring. That means that the NOC for military on the base of the person is actively scanning what said person is checking out or downloading or whatever.
This is done by automated scripts through proxying dns caches and other sources (even remote desktop connection).
You're not being watched...I am. Put your conspiracy to bed in this instance. BB is watching me, not you.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.