• Welcome to New Hampshire Underground.
 

News:

Please log in on the special "login" page, not on any of these normal pages. Thank you, The Procrastinating Management

"Let them march all they want, as long as they pay their taxes."  --Alexander Haig

Main Menu

Michael Hampton / error / Beavis getting hassled?

Started by Barterer, September 05, 2007, 01:53 PM NHFT

Previous topic - Next topic

ArcRiley

Quote from: CNHT on September 05, 2007, 03:26 PM NHFT
I can't think of anything Beavis did to warrant being raided

He doesn't need to do anything beyond someone posting some comment on a forum and the feds wanting the logs so they can track down who that person is.  They don't just copy the files, they don't just take the server in question, the guys who show up with guns and a warrant just take everything which could possibly be connected.  I've seen them take UPS's and ethernet switches which the servers happen to be connected to.

I used to maintain a server in Amsterdam just to impede this happening.  Still does, but at that point they had better have a damned good reason for the international stuff.

error

OK, here's the preliminary stuff that I have been able to determine so far:

Around 6:30 am EDT someone apparently launched a denial of service attack which continued throughout the morning. Around 1:45 pm the server finally stopped responding. I was alerted via text message to my wireless phone that the server was down, and brought it back up at about 3:35 pm. At present there's no sign of a DoS attack in progress.

On an unrelated note, several people have complained to me that they haven't been able to send me e-mail for at least a week now. I don't know why this is; I'm still getting all my spam, and every time I send a test message from outside, it comes through.

ArcRiley

Quote from: error on September 05, 2007, 05:26 PM NHFT
On an unrelated note, several people have complained to me that they haven't been able to send me e-mail for at least a week now. I don't know why this is; I'm still getting all my spam, and every time I send a test message from outside, it comes through.

I can confirm, and it's still going on now:

Quote
   ----- The following addresses had permanent fatal errors -----
<freestateproject@homelandstupidity.us>
   (reason: 599 5.1.1 Error: Invalid recipient: freestateproject)
   (expanded from: <freestateproject@homelandstupidity.us>)

  ----- Transcript of session follows -----
.. while talking to mail.ioerror.us.:
>>> DATA
<<< 599 5.1.1 Error: Invalid recipient: freestateproject
554 5.0.0 Service unavailable
<<< 503 5.5.1 Need RCPT command first.

Final-Recipient: RFC822; freestateproject@homelandstupidity.us
X-Actual-Recipient: RFC822; freestateproject@mail.ioerror.us
Action: failed
Status: 5.1.1
Remote-MTA: DNS; mail.ioerror.us
Diagnostic-Code: SMTP; 599 5.1.1 Error: Invalid recipient: freestateproject
Last-Attempt-Date: Wed, 5 Sep 2007 22:42:55 GMT


---------- Forwarded message ----------
From: "Arc Riley" <arcriley@gmail.com>
To: freestateproject@homelandstupidity.us
Date: Wed, 5 Sep 2007 22:42:27 +0000
Subject: VoIP service; third time's the charm?

(message content not quoted)
.

Barterer

#18
Quote from: error on September 05, 2007, 05:26 PM NHFT
Around 6:30 am EDT someone apparently launched a denial of service attack which continued throughout the morning. Around 1:45 pm the server finally stopped responding. I was alerted via text message to my wireless phone that the server was down, and brought it back up at about 3:35 pm. At present there's no sign of a DoS attack in progress.
Wow.  Assuming that was not a distributed attack, I guess you'll have to start throttling services to abusive IPs.  Do you use iptables?


# pings down to 1 per second
iptables -A INPUT -p icmp --icmp-type echo-request \
         -m limit --limit 1/s -i eth0 -j ACCEPT

# neuter SYN flood attacks, whatever the hell those are
iptables -A INPUT -p tcp --syn -m limit --limit 5/s -i eth0 -j ACCEPT


..or modify for the attack-packets du jour. 

I sent a test message to the same address ArcRiley did, and 5 minutes later it has not bounced.. weird.

EDIT:  It bounced a couple hours later.  Same errors as ArcRiley's.


toowm

This was posted on another board:

QuoteNot sure of all the implications or ramifications (other than apparently
now clearly being on leviathan's radar), but I have it on good authority
that the FSP (and sympathizers) was placed on Homeland Security's
"Domestic Terrorist Watch List" some time last week, largely on urging
from the Marshals Service, and in good measure in response to the "Ed
Brown" situation. There may also be prosecutions imminent (yes, I'm
aware they've been rattling sabers already). Forewarned is forearmed. So
to speak...

Friday

Quote from: toowm on September 05, 2007, 08:40 PM NHFT
This was posted on another board:

QuoteNot sure of all the implications or ramifications (other than apparently
now clearly being on leviathan's radar), but I have it on good authority
that the FSP (and sympathizers) was placed on Homeland Security's
"Domestic Terrorist Watch List" some time last week, largely on urging
from the Marshals Service, and in good measure in response to the "Ed
Brown" situation. There may also be prosecutions imminent (yes, I'm
aware they've been rattling sabers already). Forewarned is forearmed. So
to speak...

:o  toowm, could you let us know WHICH board?  And do you have any knowledge of the reliability of the individual who posted that?

Raineyrocks

It's really good that you guys/gals watch each other's backs! :)

I don't understand any of this but from what I'm guessing is that Error was posting so he's okay, right?

Barterer

Yeah, he's probably making his server more bulletproof as we speak.  Definitely qualifies as a back-watcher too.   8)

error

Quote from: toowm on September 05, 2007, 08:40 PM NHFT
This was posted on another board:

QuoteNot sure of all the implications or ramifications (other than apparently
now clearly being on leviathan's radar), but I have it on good authority
that the FSP (and sympathizers) was placed on Homeland Security's
"Domestic Terrorist Watch List" some time last week, largely on urging
from the Marshals Service, and in good measure in response to the "Ed
Brown" situation. There may also be prosecutions imminent (yes, I'm
aware they've been rattling sabers already). Forewarned is forearmed. So
to speak...

Yeah, let's have a source, so I can find out whether it's actually true, or at least evaluate the reliability of the information.

Speaking of which:

Quote from: Barterer on September 05, 2007, 10:13 PM NHFT
Yeah, he's probably making his server more bulletproof as we speak.  Definitely qualifies as a back-watcher too.   8)

Thanks to you all for watching my back.

ArcRiley

#24
Quote
It's really good that you guys/gals watch each other's backs!  :)
This has been a "test" of the emergency solidarity system.  Had this been an actual federal raid you would see instructions on where to go or ways to help.  If this movement is going to succeed we have to stand together against illegal government coercion and theft.

By looking back over the past 40 years, and specifically over the past 5, we can see how the federal government is likely to behave as their power is threatened.  Nothing about this is tin-foil hats.  From Cointelpro to Dept. of Homeland Security enough people have been arrested and detained without charge or due-process, communications lines illegally tapped, property destroyed or stolen..

C'mon.  Thousands of activists are moving to a single state in order to reduce government and get their freedoms back.  It's a direct threat to their power structure.  You don't think they're going to react?  Hell the FBI follows activists around in Ithaca, NY who've never committed a crime or or even own a gun.  Compare a bunch of old people holding "Impeach Bush" signs out in public to what the Free State Project proposes.  This isn't paranoia, it's logic.

Quote
Yeah, he's probably making his server more bulletproof as we speak.  8)
Not much can be done about DDOS attacks, if that's what it was.  Once your uplink is swamped no local firewall will do any good.

CNHT

Quote from: toowm on September 05, 2007, 08:40 PM NHFT
This was posted on another board:

QuoteNot sure of all the implications or ramifications (other than apparently
now clearly being on leviathan's radar), but I have it on good authority
that the FSP (and sympathizers) was placed on Homeland Security's
"Domestic Terrorist Watch List" some time last week, largely on urging
from the Marshals Service, and in good measure in response to the "Ed
Brown" situation. There may also be prosecutions imminent (yes, I'm
aware they've been rattling sabers already). Forewarned is forearmed. So
to speak...

Prosecutions for what? Discussing the subject?


error

I was told the message was posted to a Yeehaw! group, but I can't find it on any of the known Yeehaw! groups having anything to do with the FSP. If you've seen this message, please speak up.

As for my personal situation, they would be utterly stupid to even think about violating my rights. Something to keep in mind if you're a federal bureaucrat wanting to cause me trouble: I can bring it back tenfold. There are armies of lawyers out there who would love to take a bite out of the government on a case like this. Not to mention the individual civil and criminal liability the bureaucrats involved might face.

Nicholas Gilman

#27
    I know a few people who would love to initiate an inquiry
if said statement could be validated regarding DHS.
Not that it would make a difference either way for me,
and would only validate what I have been preaching
since 1992.

ArcRiley

Quote from: error on September 06, 2007, 01:08 AM NHFT
As for my personal situation, they would be utterly stupid to even think about violating my rights.

Between the PAT RIOT Act of 2001 and Homeland Security Act of 2002 they have all the legal weapons they need.

I'm not telling them anything they don't already know.  They can come into your home without a warrant, take your computers, and it's perfectly legal if they say it's in investigation of terrorism.  The only proof they need for this is someone making some comment on a forum or blog, which an IP address or other non-public data is stored on the computer, they could have even been the ones to anonymously post the comment.

I have some experience with groups prone to having servers stolen by feds.  Trust me - don't log IP addresses.  Anyone who cares about real anonymity should be using Tor anyways, and abusers can use any number of proxies to hide their IPs, but the logs provide an excuse to steal your servers as "evidence".

If you feel they're watching you and monitoring your site this would be an excellent measure to take if you have not done so already.  That's not to say "delete them", you surely know data can be forensically restored even after 20 overwrites and doing so could be construed as destroying evidence, but to not store them in the first place is your right.  So far there is no law requiring you record such data.

Still won't stop them, but having to come up with an excuse to keep a computer as "evidence" when everything on it could be obtained through the web is much more difficult.