Tuesday, June 21, 2011
Subscribe to:
Post Comments (Atom)
Notes from the Resistance...
My New Digs
Who?
Get Updates
Contact Form
From the Jaws of Victory
The Men Behind the Curtain
Face Value
@dcodrea
In the News
On the Tube
Gun Rights News
2A Columns
GunTruths
Correcting the Record
Daily Caller
TTAG
KABA Archive
CTD
OK by Me
Never Again
Have Gun - Will Travel
Rights Watch
The Complete Guide to Project Gunwalker
My Challenge
Many Hands
My Tribe
The Vault
- ► 2021 (5549)
- ► 2020 (5909)
- ► 2019 (5075)
- ► 2018 (5005)
- ► 2017 (4297)
- ► 2016 (3708)
- ► 2015 (3630)
- ► 2014 (4421)
- ► 2013 (4465)
- ► 2012 (3337)
- ▼ 2011 (2233)
- ► 2010 (3302)
- ► 2009 (3107)
- ► 2008 (3777)
- ► 2007 (2387)
- ► 2006 (1817)
Advertising Disclosure
This is a placeholder for now because I have not had ads on this blog for years. In case I ever start up again, this will be the policy in effect:
The FTC has some fool nonsense rules about ads on blogs or some such and presumes authority over the First Amendment to compel the unfunded mandate that we who earn ad revenues make some kind of disclosure so you don't think we're getting paid to say nice things about people or God knows what, meaning they must think you're stupid, too. I have had a few ads on this site in the past and may do so again if I think it's worth a try. Combined, I probably couldn't buy a box of good cigars each year, let alone a bottle of George T. Stagg, and that is somehow supposed to compromise my morality to force me to say nice things about products and services I don't mean simply in exchange for filthy lucre. If you believe that, leave now--you're not smart enough to be here. Bottom line, aside from welcoming a sponsor, I will do no posts related to their products or services, or reviews of what they offer.
About "The Only Ones"
The purpose of this feature has never been to bash cops. The only reason I do this is to amass a credible body of evidence to present when those who would deny our right to keep and bear arms use the argument that only government enforcers are professional and trained enough to do so safely and responsibly. And it's also used to illustrate when those of official status, rank or privilege, both in law enforcement and in some other government position, get special breaks not available to we commoners, particularly (but not exclusively) when they're involved in gun-related incidents.
Comment House Rules
Keep them on topic. No spam. No threats against anyone except me. Do not feed trolls--I'll take out the trash. Try to keep it clean. I'm the final arbiter. If you don't like the rules, start your own damn blog.
Link Policy
WarOnGuns reciprocates links with liberty-oriented sites promoting the right to keep and bear arms for all peaceable individuals. If you have linked to me and don't see your site below, it's probably just because I haven't noticed it yet. Shoot me an email via the "Contact Form" (see above in this sidebar) if you want to fix that.
As a general rule I remove links for blogs that have been inactive for over one year.
WoG Roll
75 Million PO'd Patriots
American Gun Owners Alliance
Ammo.com:People of the Gun
Armed and Safe
Art in ArmsPress
Blog O'Stuff
Brian's Meandering Mind
Cap'n Bob & the Damsel
Captain's Journal
Common Cents
Crime, Guns & Videotape
Days of Our Trailers
Dissident Thoughts
Every Blade of Grass
Four Right Wing Wackos
Fourth Grade
From the Barrel of a Gun
Geek with Guns
Georgia Carry
GunBloggers
Gun Blog Black List
GunShowOnTheNet
GunTruths' Remains
Jeffersonian
John Jacob H
JPFO
Kate Krueger's Thoughts
The Last Tradition
LiveFromAlamoCity
Lurking Rhythmically
Maddened Fowl
Matthew Bracken
McWopski's Place
Minuteman.News
More than Just Surviving
My Daily Kona
NC Renegades
New Jovian Thunderbolt
NFA Gun Trust Lawyer
Normal American
Old-Yankee
Ordnancecorner
Plucking the Yew
Price of Liberty
Publicola
Pursuit of Patriotism
Ramblings from Oz
Rem870.com
Rico's Rants
SandCastle Scrolls
Say Uncle
Shooting with Hobie
Shooting the Messenger
Sipsey Street Irregulars
Small Holding
Smallest Minority
Standing By
Talk Radio Blogger
The Next Chapter
The Silicon Graybeard
The South Texas Pistolero
Traction Control
Thoughts From Behind Enemy Lines
US vs Fincher
View from the Porch
Virginia Shooting Sports Association
Wayback Machine
WesternRifleShootersAssc
What McAuliffe Said
Zelman Partisans
American Gun Owners Alliance
Ammo.com:People of the Gun
Armed and Safe
Art in ArmsPress
Blog O'Stuff
Brian's Meandering Mind
Cap'n Bob & the Damsel
Captain's Journal
Common Cents
Crime, Guns & Videotape
Days of Our Trailers
Dissident Thoughts
Every Blade of Grass
Four Right Wing Wackos
Fourth Grade
From the Barrel of a Gun
Geek with Guns
Georgia Carry
GunBloggers
Gun Blog Black List
GunShowOnTheNet
GunTruths' Remains
Jeffersonian
John Jacob H
JPFO
Kate Krueger's Thoughts
The Last Tradition
LiveFromAlamoCity
Lurking Rhythmically
Maddened Fowl
Matthew Bracken
McWopski's Place
Minuteman.News
More than Just Surviving
My Daily Kona
NC Renegades
New Jovian Thunderbolt
NFA Gun Trust Lawyer
Normal American
Old-Yankee
Ordnancecorner
Plucking the Yew
Price of Liberty
Publicola
Pursuit of Patriotism
Ramblings from Oz
Rem870.com
Rico's Rants
SandCastle Scrolls
Say Uncle
Shooting with Hobie
Shooting the Messenger
Sipsey Street Irregulars
Small Holding
Smallest Minority
Standing By
Talk Radio Blogger
The Next Chapter
The Silicon Graybeard
The South Texas Pistolero
Traction Control
Thoughts From Behind Enemy Lines
US vs Fincher
View from the Porch
Virginia Shooting Sports Association
Wayback Machine
WesternRifleShootersAssc
What McAuliffe Said
Zelman Partisans
Leaders
I'd Like to Thank the Academy
4 comments:
the log doesn't necessarily suggest anything about an email. the host/ip fields mean that that is the client machine making the request to the webserver.
now it is extremely uncommon for a mail server to up and make an HTTP request while providing a "firefox" user-agent. suspicious, yes.
it is even more uncommon for a mail server to be running windows xp. doubly suspicious, yes.
the person or organization that owns belong2.com may have an actual mailserver there (i don't want to risk anything by checking to see) which has been compromised and is being used as an HTTP proxy. nobody can find out who that is without their permission; they are protected by godaddy and DBP.
it might be a legitimate proxy; a machine doing multiple duties that simply happens to use the typical hostname of a mailserver. that does happen. however, these usually identify themselves as such, not as firefox on winxp -- although this is configurable.
the use of tinyurl is insignificant. it simply shortens the URL to facilitate automatic links in richtext or similar window contexts. it hides nothing about any part of the process.
the referer URL content obviously does not have a tinyurl.com URL anywhere in it; so the referer is manufactured or, again, a product of an HTTP proxy (misbehaving, it would appear). it may be that someone chose or procured an intentionally broken HTTP proxy.
specifically, the intent there is to make the log entry look unimportant; referer-less hits are always interesting, because 90% of those come from someone clicking a link in an email or typing/pasting the URL into their browser right in front of them. the rest come from search engines and other automated systems. all other referers are usually hunted and picked at, for example, "show me everything from .gov that has hit my webserver in the past week."
this would never have been found.
to follow up: what does it mean for blackrock?
well i sure as heck wouldn't want that to be my mail server. you don't just up and launch an HTTP proxy on someone else's mailserver without privileged access. meaning, yes, you can probably read all their email, too. and capture the passwords they use to send/receive it.
could be a very bad day for multiple people.
one last thing i should add is that nobody should get the idea they ought to step in and do what i won't. do not scan that host. hosts often look precisely this suspicious, in order to entice penetration testers into looking into them, usually turning them into felons.
after all, why would the feds hire and salary college grads? you can just lean on some ambitious kid you've entrapped to do all sorts of unethical things.
jon,
The TinyURL's were created by me due to the fact that Blogger would not take the long ixquick proxy URL's. I used ixquick to find out who and what vocuspr is and that is the PRSoftware firm. Further, I used ixquick to find out what belong2 DOT com is too. From that search, I found a robotex page showing that the Black Rock Group is on the same E-mail server as belong2.
Each TINY url is listed below:
1. ixquick proxy Vocuspr
2. Robotex direct
3. ixquick proxy Black Rock
4. ixquick secure Wiki Entry on Black Rock
Whoever it was that came from Vocuspr received an E-mail suggesting my blog entry from yesterday. Vocuspr is a software that is for automated PR and had never heard of them until I noticed that unusual entry in the visitor logs.
I am going to add this to an addendum so there is no confusion.
Post a Comment