I am staying calm.
I recently received a perfectly nice and polite note from Geoffrey, who runs Dog Snot Diaries. I spent several minutes perusing his blog, which is pretty nice. I suggest you check it out. Besides, he's a Rachel Lucas fan, so that makes him cool. Anyway, Geoffrey's nice letter (I'm still calm) was expressing confusion over some odd comments I had recently left on his terrific blog on Thursday.
Problem. Until I got his note on Friday, I had never heard of Geoffrey, or his fine blog. I left three short comments today, trying to stay calm.
Geoffrey tells me that this person is posting from IP Address 213.133.123.131. The... person... is using my name and this web site's URL--plus an email address I never use in comments, but that points to this domain--to leave comments.
I am not hyperventilating. Nor am I reaching for my shotgun just yet. Because I realize that anyone can do this at any time. A friend might even do it to me as a little joke. And if that's all it is, a friend playing a little joke, I won't get mad.
But, friend or foe: I would like it to stop, please. Immediately, please.
By the way, my Reverse-DNS lookup can't resolve 213.133.123.131 or 132. However, a lookup on 213.133.123.130 resolves to hosting.2spirits.net, and a WHOIS on 2spirits.net shows me it belongs to someone in Germany (.de or Deutscheland). A Reverse-DNS lookup on 213.133.123.133 resolves to netweb-concept.de, which would also be in Germany, so I'd say odds are good that the .131 address is also somewhere in Germany, and tracerts seem to take us through Amsterdam before ending in Germany.
Anyone who knows me can vouch that I live in Michigan, which is kind of a long drive from the .de domain.
Anyone got better WHOIS or Reverse-DNS than I do? Sounds like this may be some American on a military base, although that's obviously not a given.
I am staying calm. But I'd like anyone who thinks they've seen comments which seem out of character for me to let me know (you either know me or you don't, but one hint is that when I get upset, I usually try to come back and apologize later. Also, in general I don't call people names unless I'm really, really, really mad, and even then you'll usually get an email from me later attempting to apologize.)
I am not upset, but I do want anyone who's doing this to me to please stop immediately.
I now return you to Justene, because I intend to go to bed and sleep soundly, knowing that this is not something to get too upset about.
I sent you an email letting you know what my suspicions were, and why.
It's hard to tell a person's location just from their IP, though. Normally, people log into your site from their home PC. However, if you wish to mask your IP, there are several ways to do this. One is by logging onto a server somewhere else, and then launching to a site from there. That displays the server IP, not your home.
Sorry, me again.
The comments he's referring to are here, if you're interested. http://geoffrey-allen.com/mt/archives/000202.html I don't have linking to comments enabled, so his above link doesn't work.
And stop telling people I was polite, you are ruining my image.
Well then let me be clear to everyone that Geoffrey is a big fat jerk and truly disgusting to boot, even though he stepped out of character to send me a nice note.
:-)
Fat? FAT!
Now it's on!
Masquerading as Dean Esmay sure is easy!
Yes, masquerading as anyone is easy on the net. My kids tried it once when they 9 and got caught and lectured to within an inch of their lives. Face it. We're all working on the basis of trust. When the trust breaks down, bad things happen. As I said on my blog, this is the Wild West and there's no marshall.
That is so low!
pssst, Dean.. it's a secret that Geoffrey, is in reality, a sweetheart. He looks good in a kilt too -- but I don't think that's a secret :)
Yikes! That is totally creepy.
How you people have been sheltered....
Not so long ago a slightly deranged person on an email list responded to advice she recieved from me (she had solicited advice, but had not stated she wanted only advice she agreed with) by linking to an old page of a friend's website, with remarks that were unflattering. We dealt with that by changing the page to include an apology, from "her", with a promise that she would never sit up all night drinking bourbon and google searching for people she didn't agree with.
heh. now she's really pissed that her link turned out to be something quite different than she intended.
malicious linkers, let that be a warning to you.
As Justene said, it is easy to masquerade as someone else on the net. As Geoffrey said, it's also easy to mask your IP (if you know how).
I could pretend to be you, with a bit of research, more convincingly. All I need to do is find out your general area (all I can recall right now is that you were somewhere in the blackout) and use a proxy that is in that area.
A Euro address just isn't convincing — unless I adjust the tinfoil hat and assume you used a German proxy to hide the fact that it really was you. ;)
As Justene said, we're all working on the basis of trust here. I'll stick with trusting you until further notice.
(But you aren't welcome. You weren't there then.)
I meant "aren't thanked". Sigh. Sorry, but I'm one of those that your "you're welcome" just hit the wrong way.
The German ISP Hetzner Online, located in Gunzenhausen, operates the range 213.133.96.0 to 213.133.127.255, though NetGeo says all 213.x.x.x IPs are actually out of Amsterdam. Tracert, from where I am, ends at 213.133.96.58 before coming up with two routes that lack reverse-DNS entries, and that IP is listed as one of Hetzner's.
Geoffrey's explanation seems as good as any to me.
With the help of a buddy, and the use of some great tools available these days, I've learned that a determined person with an understanding of the internet can find out just about anything from anyone, regardless of the steps he takes to hide his identity.
I'm one of those that your "you're welcome" just hit the wrong way.
Those who actually wanted to have a civil disagreement over that did a very nice job, I thought, in this thread. You're welcome to participate.
The German ISP Hetzner Online, located in Gunzenhausen, operates the range 213.133.96.0 to 213.133.127.255, though NetGeo says all 213.x.x.x IPs are actually out of Amsterdam.
If I see a repeat of this incident I'll file a network abuse complaint with them. If it never happens again, then I won't worry about it. Thanks Charles!
Thsi should looki like it come from you but is in reality coming from me, Jim. MT is only going to pickup the IP and validate the email address as a real one at best.
Now, that we have established that anyone can leave a comment in MovType (probably in the others also) that only checks the validity, or "realness" of the email address and grabs the IP address then we know anyone can do this. The sender either originates in Germany or uses a redirect to appear he is in Germany. I would focus on the content and look for any clues there since anyone casn do this.
Check the IP address on this post and compare it to the 2 previous posts. They should be different. I am doing this through an Anonymizer account.
Jim, interesting... Dean, you'll notice my IP address on this post is also from Germany-- University of Dresden. In fact, since I'm operating through an encrypted connection, my own ISP can't tell what I'm up to. And thanks to a mix cascade with Chaum packet mixing, even the operators of the proxy service can't separate my data packets out from those of other users.
I've also taken the precaution of disabling Java, javascript, and referrer logging on my end, as well as altering my browser ID string.
No doubt the Three-Letter Agencies could read me like a book. But for better or for worse, a relatively high degree of anonymity is possible on the Internet. Which can lead to mischief and worse.
That's true, paul. However, with the right tools the average layman can find you too.
It only took me a couple of days to track him down.