Thread: Re: Firewall that blocks specified IP's
View Single Post
  #32 (permalink)  
Old 03-24-2008, 09:00 PM
hummingbird
Guest
  
Posts: n/a
Default Re: Firewall that blocks specified IP's

On Mon, 24 Mar 2008 20:53:04 +0100 'Sebastian G.'
wrote this on alt.comp.freeware:

>hummingbird wrote:
>> Suffice it for me to say that the contents of one's headers can be
>> used by stalkers and troublemakers against you.

>How so?

Well you'll just have to accept my word on that Sebastian because
I'm not going to post stuff here which is of use to the small group
of sick stalkers we have on <alt.comp.freeware>. These people only
have to find one header in several posts that match, to declare they
were posted by the same person. Now, you and I may think that is
ridiculous and is only trivial or circumstantial evidence, but on
ACF it's more than enough for the dorks to declare proven guilt and
to accuse that person of sockpuppeting or spoofing to smear their
name and discredit them.

Thus, it can be useful for a person to be able to deliberately
manipulate their headers to *deter* stalker attack and to retain
a level of anonymity.


>> It therefore makes
>> some sense to prevent them from doing that. I realised that many
>> years ago and took action to protect myself early on in Usenet.
>
>
>So that's why your headers are defective, as well as your mail address in
>the From header...

That's really a non-sequitur, but I'm not aware that my Headers and
From: field are defective. The only general rule I'm aware of is to
ensure a unique MID to avoid such things as hash collisions etc.
Otherwise if the news server accepts a post and propagates it, then
it's OK.


>>> Obviously "Microsoft Outlook Express 6.00.2900.3138" is not a random string,
>>> especially not if it's repeated among two postings.
>>
>> I meant that the other poster may insert a random news client string
>> into his header each time he posts (or whenever he wants to) to help
>> anonymise himself better.
>>
>> So today he might insert OE and tomorrow he might use Thunderbird.
>> The day after tomorrow he might insert some other news client.
>>
>> Get the picture?
>
>
>No. It leaves an obvious trace over the cause of one day.

Well, maybe a person will change his headers for each post. Bear in
mind, he's only protecting himself against a dork-stalk attack, not
NSA or CIA etc. That would require more sophisticated measures.

>Even further, drawing it from a limited set makes it pretty void.

I was only giving a simple example...in practice one might use a
more complex set of variants in the headers.

Reply With Quote