I recently moved, back to the city where I work. I use the term “moved” somewhat loosely, however. 90% of my belongings are still at my home, but for the last two and a half months, I’ve spent the night there perhaps five times. The rest of the time I’ve been staying at my girlfriend’s. At the beginning of this month, we made it “official” that I’m “living here” (again).

As an I.T. professional, I need a high-speed broadband connection wherever I’m at. At my home, I had the best connection available, which was only 768/128 DSL. Prior to a few weeks ago, I would just move to a certain corner of my girlfriend’s house and connect up to an open access point if I needed to get online for a moment.

When it became “official” that I was going to be living here, I called up the cable company and placed an order for their high-speed Internet service. I did so at just the perfect time, right as they’re upgrading to 10 Mbit/s downstream (and 1 Mbit/s upstream). Anyways, I’m one of the first here to have an Internet connection at 10 Mbit/s (the fastest currently available within a 50-mile or so radius, I might add).

I don’t have all of my “geek gear” here as of yet, but I do have the new Gentoo box and my (XP) laptop. I also dug out some of my Cisco gear, which I haven’t really used in a year or two, and brought it up here as well.

Anyways, I now have a 10 Mbit/s Internet connection, with all of my packets travelling through my 100% “Cisco-powered network”. Not a big deal, I know, but I feel like a bit more of a geek when I can say that. =)

First, a bit of background…

Last Tuesday evening (a week ago), I was playing around on MySpace when a friend of mine (who we’ll call “Betty Lou”) sent me a message. After a number of messages back and forth, I sent her a final message telling her that I was leaving (and on my way to her house). It was right about 8pm when I got there and probably between 9.15 and 9.30pm when I left to come back home.

At 1.27am, Betty Lou sent me a message saying “so i just got word that u were sending $idiot a mssg that said uwere on ur way to my house …..well, that was earlier supposedly. true or not? AND DONT LIE!!!!!!!”

Okay, couple of things…

First, $idiot is a friend of Betty Lou’s and doesn’t like me. Boo fuckin’ hoo, get over it. Second, there were exactly two people that knew that I went to her house that night: her and I. 1.27am is when she sent me that message, I have no idea when it was that $idiot talked to her and said I told him I was coming. Something was up…

Last Thursday afternoon, Betty Lou stopped by my office at work. While we’re talking, she mentions that she thinks that someone is reading her MySpace mail. Now, for those of you who don’t use MySpace, your messages have a “status” similar to standard e-mail (”unread”, “read”, “replied”, etc.). The main difference is that once a message is “read”, you can’t make it “unread” anymore. Betty Lou said that she would log in to check her mail and see “read” messages that she had never read.

So, a red flag goes up in my head and $idiot immediately comes to mind. It’s time for a trap.

With MySpace, you can enter certain HTML tags in your messages. <img src …> is one such tag. A plan quickly formulated in my head. Enter Google.

One Google image search later and I’m staring at an image of George W. Bush flippin’ the bird. Perfect! I upload it to my web server and pull it up in Firefox to make sure it’s accessible. It is.

As Betty Lou stands and watches, I send her a message (click here to see it) on MySpace with a subject line of “your nudie pics” Surely someone who was reading her mail would read this one, right? devious grin. I instruct her that she is NOT to open it. She agrees. We talk, she leaves, life goes on…

By the way, $idiot goes to Indiana State University, which is about an hour away…

So, later that night, we end up hanging out and I leave her house around 9.30pm to come home. At 11.50pm, Betty Lou sends me a message saying, in part, “someone read that mssg. and it wasnt me.” I was in bed then, however, and she called me a bit later. She told me on the phone that the message had been read.

I felt around for the laptop and booted up. I SSH into the server running Apache and head for the logfiles. A quick grep for the filename of the image I specified in the <img src…> tag turns up two hits:

x.x.x.x - - [28/Sep/2006:17:33:52 -0400] “GET /images/bushmiddlefinger.png HTTP/1.1″ 200 90003 www.jeremygaddis.com “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7) Gecko/20060909 Firefox/1.5.0.7″ “y.y.y.y”

…and…

139.102.249.199 - - [28/Sep/2006:21:42:30 -0400] “GET /images/bushmiddlefinger.png HTTP/1.1″ 200 90003 www.jeremygaddis.com “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)” “-”

The first hit, represented by IP address “x.x.x.x” was me. “x.x.x.x” is my proxy server at work (”y.y.y.y” is the IP address of my XP workstation, if you’re wondering).

The second IP address, 139.102.249.199, wasn’t me. It’s also not in any of the netblocks that would’ve showed up had Betty Lou accessed it Since I didn’t leave her place until around 9.30pm anyways, and it would’ve been physically impossible for her to make it to ISU in 10 minutes, it couldn’t have been her anyways… hmm, wonder who it belongs to then:

[jlgaddis@apollo ~]$ whois 139.102.249.199 [Querying whois.arin.net] [whois.arin.net]

OrgName: Indiana State University OrgID: ISU-1 Address: Office of Information Technology Address: Rankin Hall Address: 218 N 7th St. City: Terre Haute StateProv: IN PostalCode: 47809 Country: US

NetRange: 139.102.0.0 - 139.102.255.255 CIDR: 139.102.0.0/16 NetName: INDSTATE NetHandle: NET-139-102-0-0-1 Parent: NET-139-0-0-0-0 NetType: Direct Assignment NameServer: GATE.INDSTATE.EDU NameServer: CCTS.INDSTATE.EDU NameServer: WASHINGTON.IND.NET Comment: RegDate: 1990-02-25 Updated: 2003-09-24

RTechHandle: CE56-ARIN RTechName: Edwards, Champe RTechPhone: +1-812-237-2961 RTechEmail: cchampe@isugw.indstate.edu

OrgTechHandle: CE56-ARIN OrgTechName: Edwards, Champe OrgTechPhone: +1-812-237-2961 OrgTechEmail: cchampe@isugw.indstate.edu

ARIN WHOIS database, last updated 2006-10-04 19:10

Enter ? for additional hints on searching ARIN’s WHOIS database.

[jlgaddis@apollo ~]$

I’ll be damned, it’s allocated to Indiana State University, the same school that $idiot goes to. Coincidentally enough, it’s only an hour away from the .edu that I work at, and I know some people in I.T. there…

dials phone

So, to skip the details of a phone conversation and avoid incriminating anyone in the OoIT at ISU, I now know 100% without a doubt who that IP is assigned to. Yep, $idiot.

I sent him a few MySpace messages after that, but he never answered. Weird.

Ironically enough, apparently Betty Lou had mentioned to $idiot that she thought someone was reading her messages and he, of course, acted dumb and innocent. He also told her something to the effect of “…why don’t you get your computer geek friend to find out who it was?”

And she did. Isn’t that beautiful? =)

Oh, and in case you’re wondering who $idiot is… feel free to check his MySpace profile or Facebook profile.

Damn I’m good. ;)

By Michael Hampton:

A well coordinated attack against multiple critical infrastructure points launched via the Internet could overwhelm the federal governmentâ’s ability to respond, according to a report released by the Department of Homeland Security last week on the Cyber Storm exercise conducted in February.

Conducted from Feb. 6-10, 2006, Cyber Storm was an exercise in coordinating public and private sector response to a series of simulated terrorist attacks on Internet-connected critical infrastructure, such as the electrical power grid and air traffic control, as well as general attacks on the integrity of the Internet as a whole, conducted by fake left-leaning groups for political purposes. My favorite part was when the hackers disabled the heating systems in government buildings.

[ Read More… ]

One other thing that I’m going to do now that I’m back in Mitchell is to “relaunch” my consulting business, LinuxWiz Consulting. I stopped taking new clients and finished up my active projects months ago because a certain somebody complained that it took up too much of my time. That won’t be an issue anymore, so I’m going to start it back up. There’s some legal paperwork I’ll have to take care to operate in this county again, but nothing major. Hopefully within the next 30 days or so, LinuxWiz Consulting will be back in full-swing!

Okay, it’s official… I’m moving from WordPress to Drupal. I haven’t had any luck finding any good scripts to migrate all the content for me, so I may just give up on it.

In the meantime, all of my “old” content will remain on the WordPress site at www.jeremygaddis.com. Everything new will be posted to blog.jeremygaddis.com until I figure out exactly what I’m doing here…

For those of you who “read me” via RSS, please update the URL for your feed. The new URL for my RSS feed is http://blog.jeremygaddis.com/rss.xml. Sweet!

Choose no life. Choose no career. Choose no family. Choose fucking big routers. Choose switches big as trucks, modem racks, bridges and repeaters, coffee makers, all networked. Choose no sleep, lots of caffeine and no time off. Choose no friends. Choose black clothing and long hair. Choose tons of mail and wondering why the fuck you’re logged on on a Sunday afternoon. Choose sitting in a swivel chair looking at mind-numbing network maps and galloping counters, stuffing junk food into your mouth while trying to solve someone else’s problem. Choose having ‘IOS’ tattooed on your wrist.

Choose your future.

Choose internetworking.

In regards to H.R. 5252, the “Net Neutrality” bill, who voted for what? Take a look at the official results and see. I’ve already wrote to Congressman Mike Sodrel, my representation, to let him know how disappointed I am. (Note that I’m a democrat and disappointed in most everything he does, anyways. He probably has me on his spam filter already.)

well i finally got around to creating an account over on del.icio.us. you can check out the list of sites i’ve added on my del.icio.us or just subscribe to my del.icio.us rss feed.

First, let me say that I am, and have been for years, a member of the Electronic Frontier Foundation. I encourage everyone who values their “Internet rights” to become the same. Here’s the latest e-mail I’ve received from them:

—–Original Message—– From: Electronic Frontier Foundation [mailto:membership@eff.org] Sent: Friday, May 12, 2006 5:10 PM To: Gaddis, Jeremy L. Subject: Donate to EFF and Stop the Illegal Spying!

Your World. Delivered. To the NSA.

Recent news reports have revealed that AT&T, Verizon, and BellSouth are violating the law and the privacy of millions of ordinary Americans by secretly giving the NSA information about your telephone calls without a court order.

In January, EFF filed a lawsuit against AT&T for collaborating with the NSA. This case is the best way for us to uncover and shut down the government’s secret spying program and to hold AT&T accountable.

Stand up for your rights by supporting EFF and our case against AT&T. And please forward this message and spread the word to your friends and family members.

Join EFF today! http://secure.eff.org/att More info about the case: http://www.eff.org/legal/cases/att/

“How do you know if you’re already addicted or rapidly tumbling toward trouble? Everyone’s situation is different, and it’s not simply a matter of time spent on-line. Some people indicate they are addicted with only twenty hours of Internet use, while others who spent forty hours on-line insist it is not a problem to them. It’s more important to measure the damage your Internet use causes in your life. What conflicts have emerged in family, relationships, work, or school?”

[ Read more… ]

Take the test and let me know what your score was… I got a 58.