General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
10-11-2004, 01:51 AM
|
#1
|
Member
Registered: Aug 2004
Location: Scotland
Distribution: Debian, Suse, Knoppix, Dyna:bolic, Mandrake [couple of years ago], Slackware [1993 or so]
Posts: 150
Rep:
|
Homeland Defense ... or whatever
My logfiles are tainted by endless requests on an ex global warming site by:
WCS1-MOFFETT.NIPR.MIL
WCS2-MCPHERSON.NIPR.MIL
332 hits in one day, wow are we interested are we?
They hit all my ex sub-directories within 3 seconds. It is impossible for human beings to do that. This is not a human browsing pattern. Apparently they are harvesting something.
fighting the terrorists on Glocal Warming eh.
Nipr.mil, as Francisco suspected, is not a single domain a but a hush-hush web proxy that acts as a gateway for hundreds of U.S. military domains in order to hide their identities. It was established by the Defense Information Systems Agency (DISA) in response to a memorandum (CM-5 1099, INFOCOM) issued in March 1999 by the Chairman of the Joint Chiefs of Staff, calling for "actions to be taken to increase the readiness posture for Information Warfare." "Uncontrolled Internet connections," the document says, "pose a significant and unacceptable threat to all Department of Defense information systems and operations."
http://home.eol.ca/~dord/nipr.html
bb is watching
Last edited by DrNeil; 10-11-2004 at 02:01 AM.
|
|
|
10-11-2004, 09:36 AM
|
#2
|
Member
Registered: Sep 2003
Location: Kennesaw GA
Distribution: Slackware-current , Slack81Zip, Smoothwall v2
Posts: 427
Rep:
|
Scary stuff. I read on /. last night that some Indy Media sites had their servers confiscated by a joint UK / Italian taskforce with FBI assistance. Wonder if there's a connection
|
|
|
10-11-2004, 09:49 AM
|
#3
|
LQ Newbie
Registered: Oct 2004
Location: Arkansas, United States
Distribution: suse pro 9.1 64bit
Posts: 13
Rep:
|
Do you feel more secure since HomeLand Security ?
|
|
|
10-11-2004, 10:10 AM
|
#4
|
Member
Registered: Sep 2003
Location: Kennesaw GA
Distribution: Slackware-current , Slack81Zip, Smoothwall v2
Posts: 427
Rep:
|
"Those who would trade freedom for security deserve neither"
This quote pretty well sums up my feelings on the whole "security" issue.
I'm leaving this thread now, it has too much potential to become a political flamewar, and I have no interest in engaging in one on this site.
|
|
|
10-11-2004, 11:06 AM
|
#5
|
Member
Registered: Aug 2004
Location: Scotland
Distribution: Debian, Suse, Knoppix, Dyna:bolic, Mandrake [couple of years ago], Slackware [1993 or so]
Posts: 150
Original Poster
Rep:
|
The site had just some info about scottish related global warming incidents with a Greenpeace RSS Feed and some Weather data.
I changed it 1 week before to a plone test site.
Military personell can browse too but not so fast and excessive.
We don't do MP3/porn/anti-US etc ..
We only have additional a customer in Germany that got the German "Distinguished Cross" (Bundesverdienstkreuz) holder for services to the Environment.
Maybe the Greenpeace RSS feed triggered this :|
|
|
|
10-11-2004, 09:32 PM
|
#6
|
LQ Newbie
Registered: Oct 2004
Location: Arkansas, United States
Distribution: suse pro 9.1 64bit
Posts: 13
Rep:
|
Could be the GreenPeace connection. I'm sure most large groups are being watched.
|
|
|
10-12-2004, 04:17 AM
|
#7
|
Senior Member
Registered: Jun 2002
Location: UK .
Distribution: *buntu (usually Kubuntu)
Posts: 2,692
Rep:
|
Well I don't think that I'd worry too much DrNeil afterall, your locations says Scotland.
And while I think that Scotlands a hotbed of subversives I doubt that you'll be joining Abu Hamza in HMP Bellmarsh in the near future (unless of course, you're caught in possession of a pair of St Andrews cross under pants, posters of Alex Salmond and an SNP rosette).
I'd imagine that the spooks are just being paranoid and checking anything with possible "subversive" terminology, but trying not to leave too much of a trail (and doing a crap job of it).
Let's face it, you have to have a "bit more promise" for them to bother you.
Like given the recent anniversary of the 84 Brighton bombing. I know someone who got visited, apparently by "Special Branch", as he was one of the first photographers on the scene (he'd been doing a "Miss Wet T-shirt" comp at a club round the corner). His greatest misfortune is that he happens to be glaswegian!
So I don't think you should be too upset by "their" visit to your logfiles.
Besides, how can BB be watching from the
WCS1-MOFFETT.NIPR.MIL
WCS2-MCPHERSON.NIPR.MIL
locations ? Everyone, but everyone knows that George Orwell was a Brit, and as "WE BRITS" get all the bad guy/black hat roles in Hollywood these day's, I think I'd be more curious to learn whats going on if they ended in ".gov.uk" (maybe something like SPOOKS1-GCHQ.GOV.UK ???).
Salaams
John
Last edited by bigjohn; 10-12-2004 at 04:19 AM.
|
|
|
10-12-2004, 05:34 AM
|
#8
|
Member
Registered: Dec 2003
Location: NC, USA
Distribution: Slackware, VectorLinux, Smoothwall, and PCLinuxOS
Posts: 40
Rep:
|
NIPR is not hush hush foo
It is the proxy and dns service for EVERY single military base stateside. Once you go overseas it becomes SIPR which is their version of secure.
IF you have anything external to your LAN...i.e. FTP, P2P, webserver, etc....then this 'scanning' simply that. Someone from a .mil domain has visited you. With over 5000 computers on the base I'm stationed at alone (a small base) you have 5000 chances of this happening each day. The minute a .mil domain connects to another computer, they scan what that person is looking at. Being in the military means that the person surfing or connecting AGREES to monitoring. That means that the NOC for military on the base of the person is actively scanning what said person is checking out or downloading or whatever.
This is done by automated scripts through proxying dns caches and other sources (even remote desktop connection).
You're not being watched...I am. Put your conspiracy to bed in this instance. BB is watching me, not you.
TKS
|
|
|
10-12-2004, 07:39 AM
|
#9
|
Member
Registered: Aug 2004
Location: Scotland
Distribution: Debian, Suse, Knoppix, Dyna:bolic, Mandrake [couple of years ago], Slackware [1993 or so]
Posts: 150
Original Poster
Rep:
|
Hey thanks for that clarification . I was more amused than worried.
|
|
|
All times are GMT -5. The time now is 08:14 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|