scottcsmith
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sun Nov-23-03 04:17 PM
Original message |
Any TCP/IP experts out there? |
|
I have a thread going about how someone posted a veiled threat to me and my family on a Usenet newsgroup. Can we gleem any useful data from the header information? Here's the message:
Path: attbi_s51!attbi_slave52!attbi_master51!attbi_feed3!attbi.com!204.127.161.156!wn12feed!worldnet.att.net!205.188.226.97!ngpeer.news.aol.com!feed1.newsreader.com!newsreader.com!zeus.visi.com!priapus.visi.com!news-out.visi.com!petbe.visi.com!newsfeed2.dallas1.level3.net!news.level3.com!crtntx1-snh1.gtei.net!news.gtei.net!newsfeed1.easynews.com!easynews.com!easynews!elnk-pas-nf1!newsfeed.earthlink.net!cyclone.socal.rr.com!cyclone2.kc.rr.com!news2.kc.rr.com!twister.rdc-kc.rr.com.POSTED!53ab2750!not-for-mail Message-ID: <3FBEB908.253571DE@yahoo.com> From: "COL. BILL KILGORE" <bilkil@yahoo.com> X-Mailer: Mozilla 4.7 (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 Newsgroups: alt.radio.talk.dr-laura Subject: New Info on Scott C. Smith Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Lines: 17 Date: Sat, 22 Nov 2003 01:13:06 GMT NNTP-Posting-Host: 24.211.23.211 X-Complaints-To: abuse@rr.com X-Trace: twister.rdc-kc.rr.com 1069463586 24.211.23.211 (Fri, 21 Nov 2003 19:13:06 CST) NNTP-Posting-Date: Fri, 21 Nov 2003 19:13:06 CST Organization: RoadRunner Xref: attbi_master51 alt.radio.talk.dr-laura:102815 X-Received-Date: Sat, 22 Nov 2003 01:18:06 GMT (attbi_s51)
In reality, there is none. He is the same lying coward and un-American sloth he was prior to his promised departure from Usenet (a promise since broken). However, for those interested (and I doubt that there are many) Scott is being attacked with increasing frequency on his so-called web page. It seems several military vets (real vets) have taken issue with the treasonous tripe he has been posting there. He has condemned these attacks as "hate mail", and has set up a special link on his site just for these letters of condemnation that have been sent to him. His past is catching up with him, and he is angering more military vets on a daily basis. The Colonel will be monitoring his site for further developments. In an upcoming post, The Colonel will be providing Scott's actual mailing address so that the real vets he trashes on his web page can personally get in touch with him to address their concerns.
|
Deja Q
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sun Nov-23-03 04:24 PM
Response to Original message |
1. McAfee visualtrace or similar program to find out a person's info |
|
Edited on Sun Nov-23-03 04:27 PM by HypnoToad
Or any IP tracing program. Input the IP address (24.211.23.111) to find out the ISP. Contact that ISP to get this bozo's name and address. Assuming they comply, send all info to the police. If they don't comply, go to the police with what you have. http://www.mailingequipment.net/print2mail/issues.asp (scroll to the middle) Hope this helps!
|
Pale_Rider
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sun Nov-23-03 04:29 PM
Response to Reply #1 |
2. For 24.211.23.111 .... |
|
Road Runner HoldCo, LLC (RR6-DOM) 13241 Woodland Park Rd Herndon, VA 20171 US
Domain Name: RR.COM
Administrative Contact, Technical Contact: Road Runner HoldCo LLC (XGUKSSRMIO) abuse@RR.COM 13241 Woodland Park Rd Herndon, VA 20171 US 703-345-3416 fax: 703-345-3607
Record expires on 30-Sep-2010. Record created on 01-Oct-1996. Database last updated on 23-Nov-2003 16:29:09 EST.
Domain servers in listed order:
DNS1.RR.COM 24.30.200.3 DNS2.RR.COM 24.30.201.3 DNS3.RR.COM 24.30.199.7 DNS4.RR.COM 65.24.0.172
|
scottcsmith
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sun Nov-23-03 06:06 PM
Response to Reply #2 |
8. Tracert on 24.211.23.111 |
|
When doing a Tracert on 24.211.23.111 this is the first bit of data to appear:
Tracing route to CPE-24-211-23-111.wi.rr.com
Would that indicate Wisconsin?
I've been in contact with others who were stalked by this guy and they said he lived in either Milwaukie or Greendale.
One of the hops does reference Milwaukie (although it doesn't spell it right):
rr-milwaukee.atdn.net <66.185.148.78>
ATDN.NET is the AOL Transit Data Network.
|
eileen_d
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sun Nov-23-03 04:30 PM
Response to Reply #1 |
3. I am not sure that is the correct IP to check |
|
Edited on Sun Nov-23-03 04:34 PM by eileen_d
It may be the IP of the Usenet news server.
I think the post may be coming from a ComCast (formerly AT&T Broadband?) user
This is the beginning of the path: attbi_s51!attbi_slave52!attbi_master51!attbi_feed3!attbi.com
Administrative Contact: Comcast Domain Admin 183 Inverness Drive West Englewood, CO 80112 US Phone: 1-888-565-4329 Fax..: 720-267-2802 Email: abuse@ATTBI.COM
I would e-mail abuse@attbi.com
|
scottcsmith
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sun Nov-23-03 05:39 PM
Response to Reply #3 |
5. I'm a Comcast subscriber |
|
Would the Comcast header info be my info, as I'm a Comcast subscriber?
I know the stalker uses Time Warner's Road Runner ISP.
|
eileen_d
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sun Nov-23-03 05:58 PM
Response to Reply #5 |
|
Then it would be abuse@rr.com that you should contact.
Sorry for the mixup. I wasn't sure of the "order" of hosts in the header, but you just confirmed it for me. Definitely contact them, by e-mail, phone, letter, and everything else! (Candygram?)
|
Rabrrrrrr
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sun Nov-23-03 04:34 PM
Response to Original message |
4. You can also contact yahoo, since you have his yahoo email |
|
address (assuming it's valid).
|
Nlighten1
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sun Nov-23-03 05:52 PM
Response to Original message |
6. Contact the local branch of your FBI |
|
I think they will have some information for you since this threat involves interstate data communication.
|
DU
AdBot (1000+ posts) |
Tue Apr 23rd 2024, 07:40 AM
Response to Original message |