Check if NSA warrantless surveillance is looking at your IP traffic

Originally posted by Vekar
Relax?

Jeez, you need to go back over the original posts. This is a theory I had because some people were not showing NSA monitoring while others did. So I was wondering if it was a result of selective WEBSITE monitoring or do they pick and choose who to monitor. That was the theory, and yes they do monitor people.

Lastly: I ran tracerts (I posted them) that ARE being sent to the NSA, so yes I AM being monitored. Thank you and goodnight.
Lastly: I do not really care that they are monitoring me, just wondering how long, because if it only started recently they are mighty slow.

Jesus Christ. Just because it does or doesn't go through an AT&T server doesn't mean ANYTHING.

You obviousely are not paying any attention at all, so your not worth the effort after I state this part:
We are looking for one SPECIFIC squence of digits and letters, those specific ones are the exact ones that are sent to the NSA. Souljah at the start of this thread had links about it you can read over.

So once AGAIN: we are looking for a specific sequence that is used for monitoring people, it goes back the the AT&T legality issue of them turning people into the NSA for visitings certain websites. You can get the EXACT sequence off of one of the links Souljah put up.

Originally posted by Johnmike
Jesus Christ. Just because it does or doesn't go through an AT&T server doesn't mean ANYTHING.

Maybe if you would not have preconceived notions about what people are talking about, this would get into your head.


We aren't highlighting the fact that it's going through AT&T servers.


The main server we are worried about is "sffca.ip.att.net" This is the server that, and Souljah has already pointed this out in many other posts that you should have read before saying anything, AT&T copies our outgoing packets, and then sends the data illegally to the NSA for surveillance.

Sure, but the problem is the wild assumptions made about what this means. Do we have any updates on this case? The articles that were posted originally are quite out of date; something must have happened by now.

I don't think that there would be something that logs EVERY bit of traffic. That would have to be...immense, to say the least. And I don't mean that lightly. Correct me if I'm wrong, but I'd imagine that it'd have to be some selective logging. Perhaps they could do it by protocol or by origin/destination IP?

Either way, I want to know how the case progressed.

Dont get me wrong Vekar, I dont doubt the NSA montior internet traffic for a single moment, I'm sure they do monitor a fair bit...I mean, look at what Echelon does when it comes to email, phone and so on

However, determining whether particular traces happen to run thru an ATT server which has supposedly been backdoored by the NSA indicate evidence this is indeed whats happening requires a couple of things...

Firstly, we need a fair bit more evidence than the the J.Scott Marcus document to indicate that is indeed what is happening with this particular router...

Secondly, it has been brought to our attention a number of websites which people have reasonably noted (aljazeera.net and so on) the NSA might want keep an eye on the IP addresses of people visiting the said sites. One thing that I would point out is, if you did traces to hundreds and hundreds of not so "suspicious" sites, wouldnt they still route thru the same ATT router ?

In order to understand this kinda stuff, you need knowledge of routing tables and BGP and how routes are actually determined...

So, in light of what I said above, I'm not entirely convinced that accessing "suspicious" websites take a route thru is particular ATT router much of the time, and if that doesn happen, it has a lot more to do with the mechanics of routing and not with the NSA spying on people...

Mind you, as I said earlier on, I dont doubt for a second they do monitor general internet traffic, but as its likely to be very widespread because a single router isnt going to give them a hell of a lot of information, i dont think tracing to any site on the net and seeing it go thru this router is any cause for alarm or indeed proof the NSA have backdoored the router...

If this were the case, I would have thought the MAJORITY of the queries to the suspect sites, no matter where the queries originated from, would route thru this router, not just a few...

Cheers ears

a disturbing trend that continues to pop up on my traces, that i am not seeing in this thread, is:

7 9 ms 7ms 8ms gar8.cgcil.ip.att.net [12.122.79.85]
8 31ms 32ms 32ms tbr1.cgcil.ip.att.net [12.122.85.98]
9 30ms 30ms 30 ms tbr1.n54ny.ip.att.net [12.122.10.1]
10 28ms 28ms 29ms gbr6.n54ny.ip.att.net [12.122.11.14]
11 29ms 29ms 29ms ar4.n54ny.ip.att.net [12.123.214.61]


i live in chicago and am very curious of this "n54ny.ip" i keep getting. any ideas? this was the tracert nsa.gov search.

Well to where are you tracing?

Originally posted by Johnmike
Well to where are you tracing?

i am tracing from my home here in illinois.

and i am tracing "nsa.gov"

[edit on 13-6-2007 by LooseLipsSinkShips]

The NSA's server seems to be in D.C., or at least in the vicinity. I don't see what's so suspicious about it going through a server in NY.

I guess there are no network engineers here. There's no reason most of you would see the link in question in your traceroute results. That is, unless data packets leaving your computer are directed across its path as a result normal routing protocols, like BGP.

Also, do you folks think this room/hop is the only one that contains NSA monitoring equipment. Many of you who have done the tracert/traceroute and think you are safe may have your data being sent through other NSA filters that simply aren't publicly known about.

Originally posted by Johnmike
The NSA's server seems to be in D.C., or at least in the vicinity. I don't see what's so suspicious about it going through a server in NY.

The NSA's server? lol...The have underground datacenters the size of football fields at Ft. Meade in Maryland. We're talking thousands, and thousands and thousands of servers...and that's only one of their locations.

Originally posted by LooseLipsSinkShips
a disturbing trend that continues to pop up on my traces, that i am not seeing in this thread, is:

7 9 ms 7ms 8ms gar8.cgcil.ip.att.net [12.122.79.85]
8 31ms 32ms 32ms tbr1.cgcil.ip.att.net [12.122.85.98]
9 30ms 30ms 30 ms tbr1.n54ny.ip.att.net [12.122.10.1]
10 28ms 28ms 29ms gbr6.n54ny.ip.att.net [12.122.11.14]
11 29ms 29ms 29ms ar4.n54ny.ip.att.net [12.123.214.61]


i live in chicago and am very curious of this "n54ny.ip" i keep getting. any ideas? this was the tracert nsa.gov search.

n54ny.ip is just part of the hostname, the entire gbr6.n54ny.ip.att.net is the hostname for a single device. each of those lines in your traceroute represents a server/router/switch/etc. What you should really be focusing on is the tbr1, gbr6 and ar4, those are the actual machine names.

Originally posted by CyberSEAL
I guess there are no network engineers here. There's no reason most of you would see the link in question in your traceroute results. That is, unless data packets leaving your computer are directed across its path as a result normal routing protocols, like BGP.

That's what I was saying, though I'm not a "network engineer" (I've never heard that title used before, but it works).

Originally posted by CyberSEAL
The NSA's server? lol...The have underground datacenters the size of football fields at Ft. Meade in Maryland. We're talking thousands, and thousands and thousands of servers...and that's only one of their locations.

Whichever nsa.gov uses, I did a trace on it. So by "the NSA's server," since we were talking about the website the entire time, I'm talking about the server that is hosting their web site.

I tried this, but it won't work on my computer for some reason. I type in the site and the dialog box just dissappears. What's up w/ that?

How are you doing it? You should go to "start", "run", then type in "cmd" and press enter. After that you can do the "tracert nsa.gov" (or replace "nsa.gov" with the web site of your choice) and press enter.

[edit on 15-6-2007 by Johnmike]

Oh, I just didn't put in the cmd part. It works now. Thanks!

I wish I would of ran across this thread when it first started. The "sffca.ip.att.net" shows up in my 7th hop. I could of done a comparison from the time this was first posted to today when I noticed this thread. Oh well. Come and get me.

Those dirty cia-illuminazi rats!

Oops we just got served.

Any one use PeerGuardian2, my Government list is empty.

Are we supposed to fill it out, I suspect a hook by Layered Technologies and
want a patch.


I found a gov list here.

Happy peer blocking to ya'all.

actually........

this test isn't fool proof because you take the 'shortest path' to the destination IP determined by routers. Routers can also save packet data and monitor your activity. Your not alone ANYWHERE on the internet, its just whether or not your posting private data, and whether or not people can access your PC data.

Peerguardian wouldn't do anything to bypass this. Freenet, on the other hand, might. freenetproject.org...

I haven't personally used this, though I've been watching it's development for a couple years. It seems great, but could cause your internet to go considerably more slowly. Might be worth a try if you're interested. Basically, it encrypts your data through a network of Freenet nodes (these "nodes" are user PCs) before connecting to the destination. I haven't tried it because that sounds like it would cause a lot of latency, and that wouldn't go too well with internet gaming.