On 10.11.2011 20:45, [email protected] wrote: >> On 09/11/11 15:29, Rock Neurotiko wrote: >> >>> Tormail have his own Webmail. >>> And respect the security, C&P fron the TorMail web: >>> # >>> No emails or logs or anything important are stored on those servers, >>> thus it doesn't matter if they are seized or shut down. >>> We are prepared to quickly replace any relay that is taken offline for >>> any reason. >>> # >> >> This is also exactly what somebody would say if they were running the >> service as a honeypot. If TorMail is run by anonymous operators, then we >> don't even have their reputations to rely on. >> >> Are the operators really anonymous though? If you send an email from >> TorMail to a GMail account for example, then it will contain the real >> Internet IP address of a server which TorMail routes out from... Given >> the IP address, it should be possible to discover the operator(s). >> >> -- >> Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc >> Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell >> PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F >> >> __ > > > Here's some information about Tormail.net (which does lead to an onion > address). > > 02/28/2012 > Admin email address: [email protected] > Registrar: MONIKER ONLINE SERVICES, INC. > Status: active > Locked: Y > Raw whois output: > > Whois Server Version 2.0 > > Domain names in the .com and .net domains can now be registered > with many different competing registrars. Go to http://www.internic.net > for detailed information. > > Domain Name: TORMAIL.NET > Registrar: MONIKER ONLINE SERVICES, INC. > Whois Server: whois.moniker.com > Referral URL: http://www.moniker.com > Name Server: NS1.TORMAIL.NET > Name Server: NS2.TORMAIL.NET > Status: clientDeleteProhibited > Status: clientTransferProhibited > Status: clientUpdateProhibited > Updated Date: 27-jul-2011 > Creation Date: 28-feb-2011 > Expiration Date: 28-feb-2012 > >>>> Last update of whois database: Thu, 10 Nov 2011 20:38:06 UTC <<< > > > > Domain Name: TORMAIL.NET > Registrar: MONIKER > > Registrant [3576098]: > Akim Japera [email protected] > TorMail Webmail Service > P.O. Box 5870 > Hargeisa > Somaliland > > SO > > > Administrative Contact [3576098]: > Akim Japera [email protected] > TorMail Webmail Service > P.O. Box 5870 > Hargeisa > Somaliland > > SO > Phone: +252.20025181 > > > Billing Contact [3576098]: > Akim Japera [email protected] > TorMail Webmail Service > P.O. Box 5870 > Hargeisa > Somaliland > > SO > Phone: +252.20025181 > > > Technical Contact [3576098]: > Akim Japera [email protected] > TorMail Webmail Service > P.O. Box 5870 > Hargeisa > Somaliland > > SO > Phone: +252.20025181 > > > Domain servers in listed order: > > NS1.TORMAIL.NET 79.124.90.226 > NS2.TORMAIL.NET 95.211.130.26 > > Record created on: 2011-02-28 11:56:38.0 > Database last updated on: 2011-07-27 23:35:34.61 > Domain Expires on: 2012-02-28 11:56:38.0 > > > > > > > > _____________________________________________ >> tor-talk mailing list >> [email protected] >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> > > > _______________________________________________ > tor-talk mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >
% This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '95.211.127.0 - 95.211.136.159' inetnum: 95.211.127.0 - 95.211.136.159 netname: LEASEWEB descr: LeaseWeb descr: P.O. Box 93054 descr: 1090BB AMSTERDAM descr: Netherlands descr: www.leaseweb.com remarks: Please send email to "[email protected]" for complaints remarks: regarding portscans, DoS attacks and spam. country: NL admin-c: LSW1-RIPE tech-c: LSW1-RIPE status: ASSIGNED PA mnt-by: OCOM-MNT source: RIPE # Filtered person: RIP Mean address: P.O. Box 93054 address: 1090BB AMSTERDAM address: Netherlands phone: +31 20 3162880 fax-no: +31 20 3162890 abuse-mailbox: [email protected] nic-hdl: LSW1-RIPE mnt-by: OCOM-MNT source: RIPE # Filtered % Information related to '95.211.0.0/16AS16265' route: 95.211.0.0/16 descr: LEASEWEB origin: AS16265 remarks: LeaseWeb mnt-by: OCOM-MNT source: RIPE # Filtered % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '79.124.64.0 - 79.124.95.255' inetnum: 79.124.64.0 - 79.124.95.255 netname: AIRBITESBG mnt-routes: MNT-POWERNET mnt-by: MNT-POWERNET descr: Powernet Ltd Assigned address space country: BG admin-c: PM9957-RIPE tech-c: PM9957-RIPE status: ASSIGNED PA mnt-domains: MNT-POWERNET source: RIPE # Filtered person: Plamen Milanov address: 122 Ovche Pole Street, floor 3 address: BG-1362 address: Sofia address: Bulgaria phone: +359 2 490 1919 577 fax-no: +359 2 490 1919 4 e-mail: [email protected] nic-hdl: PM9957-RIPE mnt-by: MNT-POWERNET source: RIPE # Filtered % Information related to '79.124.64.0/19AS8877' route: 79.124.64.0/19 descr: Powernet Ltd Assigned address space origin: AS8877 mnt-by: MNT-POWERNET source: RIPE # Filtered % Information related to '79.124.90.0/24AS13147' route: 79.124.90.0/24 descr: Powernet Ltd Assigned address space origin: AS13147 mnt-by: MNT-POWERNET source: RIPE # Filtered dig tormail.net ; <<>> DiG 9.7.3 <<>> tormail.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3663 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;tormail.net. IN A ;; ANSWER SECTION: tormail.net. 3600 IN A 94.249.139.7 ;; Query time: 868 msec ;; SERVER: 192.168.1.102#53(192.168.1.102) ;; WHEN: Fri Nov 11 09:06:02 2011 ;; MSG SIZE rcvd: 45 $ whois 94.249.139.7 % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '94.249.128.0 - 94.249.255.255' inetnum: 94.249.128.0 - 94.249.255.255 netname: DE-GHOSTNET-20080918 descr: GHOSTnet GmbH org: ORG-GG3-RIPE country: DE admin-c: GN-RIPE tech-c: GN-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-lower: GHOSTNET-MNT mnt-routes: GHOSTNET-MNT source: RIPE # Filtered organisation: ORG-GG3-RIPE org-name: GHOSTnet GmbH org-type: LIR address: Kaiser-Friedrich-Promenade 65 address: 61348 address: Bad Homburg address: Germany phone: +49 6172 185025 phone: +49 177 2681530 fax-no: +49 6172 185029 e-mail: [email protected] mnt-ref: GHOSTNET-MNT mnt-ref: RIPE-NCC-HM-MNT mnt-by: RIPE-NCC-HM-MNT admin-c: GN-RIPE admin-c: GNSG-RIPE admin-c: GNSM-RIPE admin-c: GNLW-RIPE source: RIPE # Filtered role: GHOSTnet GmbH admin-c: GN-RIPE tech-c: GNSM-RIPE tech-c: GNSG-RIPE address: Kaiser-Friedrich-Promenade 65 address: 61348 Bad Homburg address: Deutschland phone: +49 6172 185025 fax-no: +49 6172 185029 e-mail: [email protected] nic-hdl: GN-RIPE mnt-by: GHOSTNET-MNT source: RIPE # Filtered % Information related to '94.249.128.0/17AS12586' route: 94.249.128.0/17 descr: GHOSTnet GmbH IP Space origin: AS12586 mnt-by: GHOSTNET-MNT source: RIPE # Filtered % Information related to '94.249.128.0/19AS12586' route: 94.249.128.0/19 descr: GHOSTnet GmbH IP Space (FRA01) origin: AS12586 mnt-by: GHOSTNET-MNT source: RIPE # Filtered _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
