Usenet Header Question - Mandrake

This is a discussion on Usenet Header Question - Mandrake ; Anyone know how to decipher this piece of info from a post made to me? If you understand whats going on here please explain this for me. X-Trace: DXC=79[NJSdE30R^aLO\TaP_G^OA8_@f\K_iRRPb [mF?JA\Ulc d\>a@KAenPPC3bF^QY ^Z?ONQl^Y -- "We are also brainwashing our children on ...

+ Reply to Thread
Results 1 to 11 of 11

Thread: Usenet Header Question

  1. Usenet Header Question

    Anyone know how to decipher this piece of info from
    a post made to me?

    If you understand whats going on here please explain this for me.


    X-Trace: DXC=79[NJSdE30R^aLO\TaP_G^OA8_@f\K_iRRPb
    [mF?JA\Ulcd\>a@KAenPPC3bF^QY^Z?ONQl^Y


    --
    "We are also brainwashing our children on the warming topic. We have no
    better example than Al Gore's alarmists and inaccurate movie which is being
    shown in our schools and being hawked by warming activists with little or
    no meteorological-climate background," Gray wrote.
    http://www.theaustralian.news.com.au...9-7583,00.html
    http://www.firesociety.com/article/24204/



  2. Re: Usenet Header Question

    On Tue, 29 Apr 2008 22:29:22 -1000, Lawrence wrote:
    > Anyone know how to decipher this piece of info from
    > a post made to me?


    I would like to know how myself.

    > If you understand whats going on here please explain this for me.
    > X-Trace: DXC=79[NJSdE30R^aLO\TaP_G^OA8_@f\K_iRRPb
    > [mF?JA\Ulcd\>a@KAenPPC3bF^QY^Z?ONQl^Y


    Most likely it is enough information for the abuse department at
    hawaiiantel.net to track you down to cancel your account, if anyone
    reports you for Usenet abuse.

  3. Re: Usenet Header Question

    On 2008-04-30, Lawrence wrote:
    > Anyone know how to decipher this piece of info from
    > a post made to me?


    Posts aren't made to individuals, they're made to the whole world.

    > If you understand whats going on here please explain this for me.
    >
    >
    > X-Trace: DXC=79[NJSdE30R^aLO\TaP_G^OA8_@f\K_iRRPb
    > [mF?JA\Ulcd\>a@KAenPPC3bF^QY^Z?ONQl^Y


    Such headers are inserted by the news-server to which the article was
    posted - and if they look 'encrypted' or indecipherable that's because the
    NSP concerned likes it that way. They probably want some way to help them
    trace the origin of a post if they get abuse reports (or secret police
    aproaches) without betraying anything to 'just anybody'.

    --
    -- ^^^^^^^^^^
    -- Whiskers
    -- ~~~~~~~~~~

  4. Re: Usenet Header Question

    Whiskers wrote:

    > On 2008-04-30, Lawrence wrote:
    >> Anyone know how to decipher this piece of info from
    >> a post made to me?

    >
    > Posts aren't made to individuals, they're made to the whole world.


    well, it was directed to me but technically you are correct.

    >
    >> If you understand whats going on here please explain this for me.
    >>
    >>
    >> X-Trace: DXC=79[NJSdE30R^aLO\TaP_G^OA8_@f\K_iRRPb
    >> [mF?JA\Ulcd\>a@KAenPPC3bF^QY^Z?ONQl^Y

    >
    > Such headers are inserted by the news-server to which the article was
    > posted - and if they look 'encrypted' or indecipherable that's because the
    > NSP concerned likes it that way. They probably want some way to help them
    > trace the origin of a post if they get abuse reports (or secret police
    > aproaches) without betraying anything to 'just anybody'.


    is there anyway to decipher that stuff?

    would be nice to know where the asswipe is posting from.

    >


    --
    "We are also brainwashing our children on the warming topic. We have no
    better example than Al Gore's alarmists and inaccurate movie which is being
    shown in our schools and being hawked by warming activists with little or
    no meteorological-climate background," Gray wrote.
    http://www.theaustralian.news.com.au...9-7583,00.html
    http://www.firesociety.com/article/24204/



  5. Re: Usenet Header Question

    On 2008-04-30, Lawrence wrote:

    > Path: uni-berlin.de!fu-berlin.de!

    postnews.google.com!news1.google.com!border1.nntp. dca.giganews.com!
    nntp.giganews.com!local02.nntp.dca.giganews.com!
    nntp.hawaiiantel.net!news.hawaiiantel.net.POSTED!n ot-for-mail
    [...]

    > Message-ID:


    [...]

    > X-Usenet-Provider: http://www.giganews.com
    > X-Complaints-To: abuse@hawaiiantel.net
    > X-DMCA-Complaints-To: abuse@hawaiiantel.net


    [...]

    > Whiskers wrote:
    >> On 2008-04-30, Lawrence wrote:


    [...]

    > is there anyway to decipher that stuff?
    >
    > would be nice to know where the asswipe is posting from.


    I've included the headers of your post (as I can see them) which give clues
    about which news-server you posted to. The most reliable, and the only
    one you can depend on to be present from that selection and to give any
    real clue, is the Path: header - which shows that you posted to
    "hawaiiantel.net". The server a person posts to should also insert a
    header giving the 'complaints' or 'abuse' or other contact information -
    in your NSP's case that is the X-Complaints-To: header.

    If you want to complain about a particular poster, contact the NSP [News
    Service Provider] they use.

    Sometimes an NSP inserts an NNTP-Posting-Host: header that contains the IP
    address of the internet connection from which the post was sent to them;
    from that you can find the identity of the 'owner' of that IP number -
    usually an ISP - which will give you the country or state from which the
    post found its way onto 'the internet', or in the case of a few small local
    ISPs a slightly less vague location, but these days with public internet
    access points and mobile phones and satellites and so on, that isn't a good
    indicator of the sender's home base or even their location when the message
    was sent. Many reputable NSPs don't insert that header anyway.

    If you want to know where someone lives, ask them )

    --
    -- ^^^^^^^^^^
    -- Whiskers
    -- ~~~~~~~~~~

  6. Re: Usenet Header Question

    Whiskers wrote:

    > On 2008-04-30, Lawrence wrote:
    >
    >> Path: uni-berlin.de!fu-berlin.de!

    >

    postnews.google.com!news1.google.com!border1.nntp. dca.giganews.com!
    > nntp.giganews.com!local02.nntp.dca.giganews.com!
    > nntp.hawaiiantel.net!news.hawaiiantel.net.POSTED!n ot-for-mail
    > [...]
    >
    >> Message-ID:

    >
    > [...]
    >
    >> X-Usenet-Provider: http://www.giganews.com
    >> X-Complaints-To: abuse@hawaiiantel.net
    >> X-DMCA-Complaints-To: abuse@hawaiiantel.net

    >
    > [...]
    >
    >> Whiskers wrote:
    >>> On 2008-04-30, Lawrence wrote:

    >
    > [...]
    >
    >> is there anyway to decipher that stuff?
    >>
    >> would be nice to know where the asswipe is posting from.

    >
    > I've included the headers of your post (as I can see them) which give
    > clues
    > about which news-server you posted to. The most reliable, and the only
    > one you can depend on to be present from that selection and to give any
    > real clue, is the Path: header - which shows that you posted to
    > "hawaiiantel.net". The server a person posts to should also insert a
    > header giving the 'complaints' or 'abuse' or other contact information -
    > in your NSP's case that is the X-Complaints-To: header.
    >
    > If you want to complain about a particular poster, contact the NSP [News
    > Service Provider] they use.
    >
    > Sometimes an NSP inserts an NNTP-Posting-Host: header that contains the IP
    > address of the internet connection from which the post was sent to them;
    > from that you can find the identity of the 'owner' of that IP number -
    > usually an ISP - which will give you the country or state from which the
    > post found its way onto 'the internet', or in the case of a few small
    > local ISPs a slightly less vague location, but these days with public
    > internet access points and mobile phones and satellites and so on, that
    > isn't a good indicator of the sender's home base or even their location
    > when the message
    > was sent. Many reputable NSPs don't insert that header anyway.
    >
    > If you want to know where someone lives, ask them )



    I understand, but the X-Trace info from my original post looks like its
    encrypted or something.

    X-Trace: * DXC=79[NJSdE30R^aLO\TaP_G^OA8_@f\K_iRRPb
    [mF?JA\Ulcd\>a@KAenPPC3bF^QY^Z?ONQl^Y

    any idea what this is or what it means?

    >


    --
    "We are also brainwashing our children on the warming topic. We have no
    better example than Al Gore's alarmists and inaccurate movie which is being
    shown in our schools and being hawked by warming activists with little or
    no meteorological-climate background," Gray wrote.
    http://www.theaustralian.news.com.au...9-7583,00.html
    http://www.firesociety.com/article/24204/



  7. Re: Usenet Header Question

    Lawrence wrote:

    > I understand, but the X-Trace info from my original post looks like its
    > encrypted or something.
    >
    > X-Trace: * DXC=79[NJSdE30R^aLO\TaP_G^OA8_@f\K_iRRPb
    > [mF?JA\Ulcd\>a@KAenPPC3bF^QY^Z?ONQl^Y
    >
    > any idea what this is or what it means?


    Just a wild guess, but it could be that it's a kind of signature - similar
    to PGP or GPG - inserted by the ISP running the SMTP server you are posting
    through, so that they can trace it to a particular IP address at a
    particular point in time.

    Perhaps your ISP's tech staff can corroborate this?

    --
    *Aragorn*
    (registered GNU/Linux user #223157)

  8. Re: Usenet Header Question

    On Wed, 30 Apr 2008 20:37:14 -1000, Lawrence wrote:

    > I understand, but the X-Trace info from my original post looks like its
    > encrypted or something.
    >

    That's because it is.

    > X-Trace: * DXC=79[NJSdE30R^aLO\TaP_G^OA8_@f\K_iRRPb
    > [mF?JA\Ulcd\>a@KAenPPC3bF^QY^Z?ONQl^Y
    >
    > any idea what this is or what it means?


    yes, Google x-trace.




    --
    Want the ultimate in free OTA SD/HDTV Recorder? http://mythtv.org
    My Tivo Experience http://wesnewell.no-ip.com/tivo.htm
    Tivo HD/S3 compared http://wesnewell.no-ip.com/mythtivo.htm
    AMD cpu help http://wesnewell.no-ip.com/cpu.php

  9. Re: Usenet Header Question

    On 2008-05-01, Lawrence wrote:
    > Whiskers wrote:
    >> On 2008-04-30, Lawrence wrote:


    [...]

    > I understand, but the X-Trace info from my original post looks like its
    > encrypted or something.
    >
    > X-Trace: * DXC=79[NJSdE30R^aLO\TaP_G^OA8_@f\K_iRRPb
    > [mF?JA\Ulcd\>a@KAenPPC3bF^QY^Z?ONQl^Y
    >
    > any idea what this is or what it means?


    I refer you to my earlier answer to this question, Message-ID:
    , where I wrote

    Such headers are inserted by the news-server to which the article was
    posted - and if they look 'encrypted' or indecipherable that's because
    the NSP concerned likes it that way. They probably want some way to
    help them trace the origin of a post if they get abuse reports (or
    secret police aproaches) without betraying anything to 'just anybody'.

    If you want such a header 'decrypted', ask whoever inserted it - but don't
    hold your breath waiting ) If an encrypted header could be decrypted
    by just anyone, there would be no point in encrypting it. Uvqvat fghss
    sbe gur sha bs vg orybatf va gur obql abg va gur urnqref.

    If you feel that you have a legitimate complaint or worry about a
    particular article or poster, contact the NSP they use. Otherwise just
    let it pass.

    If you're worried that the headers in your posts reveal anything about who
    or where you are, don't worry - they don't. All anyone (other than your
    NSP) can tell is that you used a particular NSP; you using Hawaiiantel
    doesn't even 'prove' that you're in Hawaii, any more than my using
    Individual.net 'proves' that I'm in Germany (which I'm not). (Although I'd
    guess that there aren't many people posting to your NSP who aren't at
    least domiciled in that part of the USA - but that's just a guess).

    --
    -- ^^^^^^^^^^
    -- Whiskers
    -- ~~~~~~~~~~

  10. Re: Usenet Header Question

    Aragorn wrote:

    > Lawrence wrote:
    >
    >> I understand, but the X-Trace info from my original post looks like its
    >> encrypted or something.
    >>
    >> X-Trace: * DXC=79[NJSdE30R^aLO\TaP_G^OA8_@f\K_iRRPb
    >> [mF?JA\Ulcd\>a@KAenPPC3bF^QY^Z?ONQl^Y
    >>
    >> any idea what this is or what it means?

    >
    > Just a wild guess, but it could be that it's a kind of signature - similar
    > to PGP or GPG - inserted by the ISP running the SMTP server you are
    > posting through, so that they can trace it to a particular IP address at a
    > particular point in time.
    >
    > Perhaps your ISP's tech staff can corroborate this?


    that's an interesting thought, I wonder though if the posters ISP would let
    me know whats up with this.

    Most x-trace lines are in plain english, this is why I asked, its obviously
    encrypted. Why hide the info though?



    >


    --
    "We are also brainwashing our children on the warming topic. We have no
    better example than Al Gore's alarmists and inaccurate movie which is being
    shown in our schools and being hawked by warming activists with little or
    no meteorological-climate background," Gray wrote.
    http://www.theaustralian.news.com.au...9-7583,00.html
    http://www.firesociety.com/article/24204/



  11. Re: Usenet Header Question

    Lawrence wrote:

    > Aragorn wrote:
    >
    >> Lawrence wrote:
    >>
    >>> I understand, but the X-Trace info from my original post looks like its
    >>> encrypted or something.
    >>>
    >>> X-Trace: * DXC=79[NJSdE30R^aLO\TaP_G^OA8_@f\K_iRRPb
    >>> [mF?JA\Ulcd\>a@KAenPPC3bF^QY^Z?ONQl^Y
    >>>
    >>> any idea what this is or what it means?

    >>
    >> Just a wild guess, but it could be that it's a kind of signature -
    >> similar to PGP or GPG - inserted by the ISP running the SMTP server you
    >> are posting through, so that they can trace it to a particular IP address
    >> at a particular point in time.
    >>
    >> Perhaps your ISP's tech staff can corroborate this?

    >
    > that's an interesting thought, I wonder though if the posters ISP would
    > let me know whats up with this.
    >
    > Most x-trace lines are in plain english, this is why I asked, its
    > obviously encrypted. Why hide the info though?


    I don't think it's as much a matter of hiding the info than it is a matter
    of making sure that the header is not falsified. It is probably created
    with reversible encryption, for which the creator of the string has the
    key.

    Changing one bit in the encrypted string would yield an entirely different
    unencrypted base string and would tell whoever put that string in place
    that the post's route had been spoofed.

    It's a little like e-mails or Usenet posts. Some send plain e-mails, others
    send e-mails signed with PGP/GPG. Similarly, I suspect that some of the
    organizations supplying an X-Trace header will use human-readable ones
    while others will use encryption.

    At least, that's my idea of it. I could of course be wrong. ;-)

    --
    *Aragorn*
    (registered GNU/Linux user #223157)

+ Reply to Thread