[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Tormail?
On 10.11.2011 20:45, rwd@xxxxxxxxxxx wrote:
>> On 09/11/11 15:29, Rock Neurotiko wrote:
>>
>>> Tormail have his own Webmail.
>>> And respect the security, C&P fron the TorMail web:
>>> #
>>> No emails or logs or anything important are stored on those servers,
>>> thus it doesn't matter if they are seized or shut down.
>>> We are prepared to quickly replace any relay that is taken offline for
>>> any reason.
>>> #
>>
>> This is also exactly what somebody would say if they were running the
>> service as a honeypot. If TorMail is run by anonymous operators, then we
>> don't even have their reputations to rely on.
>>
>> Are the operators really anonymous though? If you send an email from
>> TorMail to a GMail account for example, then it will contain the real
>> Internet IP address of a server which TorMail routes out from... Given
>> the IP address, it should be possible to discover the operator(s).
>>
>> --
>> Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc
>> Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell
>> PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
>>
>> __
>
>
> Here's some information about Tormail.net (which does lead to an onion
> address).
>
> 02/28/2012
> Admin email address: whois@xxxxxxxxxxx
> Registrar: MONIKER ONLINE SERVICES, INC.
> Status: active
> Locked: Y
> Raw whois output:
>
> Whois Server Version 2.0
>
> Domain names in the .com and .net domains can now be registered
> with many different competing registrars. Go to http://www.internic.net
> for detailed information.
>
> Domain Name: TORMAIL.NET
> Registrar: MONIKER ONLINE SERVICES, INC.
> Whois Server: whois.moniker.com
> Referral URL: http://www.moniker.com
> Name Server: NS1.TORMAIL.NET
> Name Server: NS2.TORMAIL.NET
> Status: clientDeleteProhibited
> Status: clientTransferProhibited
> Status: clientUpdateProhibited
> Updated Date: 27-jul-2011
> Creation Date: 28-feb-2011
> Expiration Date: 28-feb-2012
>
>>>> Last update of whois database: Thu, 10 Nov 2011 20:38:06 UTC <<<
>
>
>
> Domain Name: TORMAIL.NET
> Registrar: MONIKER
>
> Registrant [3576098]:
> Akim Japera whois@xxxxxxxxxxx
> TorMail Webmail Service
> P.O. Box 5870
> Hargeisa
> Somaliland
>
> SO
>
>
> Administrative Contact [3576098]:
> Akim Japera whois@xxxxxxxxxxx
> TorMail Webmail Service
> P.O. Box 5870
> Hargeisa
> Somaliland
>
> SO
> Phone: +252.20025181
>
>
> Billing Contact [3576098]:
> Akim Japera whois@xxxxxxxxxxx
> TorMail Webmail Service
> P.O. Box 5870
> Hargeisa
> Somaliland
>
> SO
> Phone: +252.20025181
>
>
> Technical Contact [3576098]:
> Akim Japera whois@xxxxxxxxxxx
> TorMail Webmail Service
> P.O. Box 5870
> Hargeisa
> Somaliland
>
> SO
> Phone: +252.20025181
>
>
> Domain servers in listed order:
>
> NS1.TORMAIL.NET 79.124.90.226
> NS2.TORMAIL.NET 95.211.130.26
>
> Record created on: 2011-02-28 11:56:38.0
> Database last updated on: 2011-07-27 23:35:34.61
> Domain Expires on: 2012-02-28 11:56:38.0
>
>
>
>
>
>
>
> _____________________________________________
>> tor-talk mailing list
>> tor-talk@xxxxxxxxxxxxxxxxxxxx
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>
>
>
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '95.211.127.0 - 95.211.136.159'
inetnum: 95.211.127.0 - 95.211.136.159
netname: LEASEWEB
descr: LeaseWeb
descr: P.O. Box 93054
descr: 1090BB AMSTERDAM
descr: Netherlands
descr: www.leaseweb.com
remarks: Please send email to "abuse@xxxxxxxxxxxx" for complaints
remarks: regarding portscans, DoS attacks and spam.
country: NL
admin-c: LSW1-RIPE
tech-c: LSW1-RIPE
status: ASSIGNED PA
mnt-by: OCOM-MNT
source: RIPE # Filtered
person: RIP Mean
address: P.O. Box 93054
address: 1090BB AMSTERDAM
address: Netherlands
phone: +31 20 3162880
fax-no: +31 20 3162890
abuse-mailbox: abuse@xxxxxxxxxxxx
nic-hdl: LSW1-RIPE
mnt-by: OCOM-MNT
source: RIPE # Filtered
% Information related to '95.211.0.0/16AS16265'
route: 95.211.0.0/16
descr: LEASEWEB
origin: AS16265
remarks: LeaseWeb
mnt-by: OCOM-MNT
source: RIPE # Filtered
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '79.124.64.0 - 79.124.95.255'
inetnum: 79.124.64.0 - 79.124.95.255
netname: AIRBITESBG
mnt-routes: MNT-POWERNET
mnt-by: MNT-POWERNET
descr: Powernet Ltd Assigned address space
country: BG
admin-c: PM9957-RIPE
tech-c: PM9957-RIPE
status: ASSIGNED PA
mnt-domains: MNT-POWERNET
source: RIPE # Filtered
person: Plamen Milanov
address: 122 Ovche Pole Street, floor 3
address: BG-1362
address: Sofia
address: Bulgaria
phone: +359 2 490 1919 577
fax-no: +359 2 490 1919 4
e-mail: ripe@xxxxxxxxxxx
nic-hdl: PM9957-RIPE
mnt-by: MNT-POWERNET
source: RIPE # Filtered
% Information related to '79.124.64.0/19AS8877'
route: 79.124.64.0/19
descr: Powernet Ltd Assigned address space
origin: AS8877
mnt-by: MNT-POWERNET
source: RIPE # Filtered
% Information related to '79.124.90.0/24AS13147'
route: 79.124.90.0/24
descr: Powernet Ltd Assigned address space
origin: AS13147
mnt-by: MNT-POWERNET
source: RIPE # Filtered
dig tormail.net
; <<>> DiG 9.7.3 <<>> tormail.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3663
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;tormail.net. IN A
;; ANSWER SECTION:
tormail.net. 3600 IN A 94.249.139.7
;; Query time: 868 msec
;; SERVER: 192.168.1.102#53(192.168.1.102)
;; WHEN: Fri Nov 11 09:06:02 2011
;; MSG SIZE rcvd: 45
$ whois 94.249.139.7
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '94.249.128.0 - 94.249.255.255'
inetnum: 94.249.128.0 - 94.249.255.255
netname: DE-GHOSTNET-20080918
descr: GHOSTnet GmbH
org: ORG-GG3-RIPE
country: DE
admin-c: GN-RIPE
tech-c: GN-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: GHOSTNET-MNT
mnt-routes: GHOSTNET-MNT
source: RIPE # Filtered
organisation: ORG-GG3-RIPE
org-name: GHOSTnet GmbH
org-type: LIR
address: Kaiser-Friedrich-Promenade 65
address: 61348
address: Bad Homburg
address: Germany
phone: +49 6172 185025
phone: +49 177 2681530
fax-no: +49 6172 185029
e-mail: ripe@xxxxxxxxxxx
mnt-ref: GHOSTNET-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
admin-c: GN-RIPE
admin-c: GNSG-RIPE
admin-c: GNSM-RIPE
admin-c: GNLW-RIPE
source: RIPE # Filtered
role: GHOSTnet GmbH
admin-c: GN-RIPE
tech-c: GNSM-RIPE
tech-c: GNSG-RIPE
address: Kaiser-Friedrich-Promenade 65
address: 61348 Bad Homburg
address: Deutschland
phone: +49 6172 185025
fax-no: +49 6172 185029
e-mail: noc@xxxxxxxxxxx
nic-hdl: GN-RIPE
mnt-by: GHOSTNET-MNT
source: RIPE # Filtered
% Information related to '94.249.128.0/17AS12586'
route: 94.249.128.0/17
descr: GHOSTnet GmbH IP Space
origin: AS12586
mnt-by: GHOSTNET-MNT
source: RIPE # Filtered
% Information related to '94.249.128.0/19AS12586'
route: 94.249.128.0/19
descr: GHOSTnet GmbH IP Space (FRA01)
origin: AS12586
mnt-by: GHOSTNET-MNT
source: RIPE # Filtered
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk