Anonymous Threats

Notmatt Pleaseignore networkhood at gmail.com
Sun Jan 10 23:31:00 UTC 2016


I think if the FBI wants your help, they'll let you know.

In the meantime, I would probably avoid anything that looked like you are
spying on your customers, especially if you are explicitly targeting
customers who are attempting to anonymize their traffic (for whatever
reason). No matter how well intentioned. I can see a number of downsides...

But in simple terms, if its Facebook, its HTTPS, and seems you are
basically done there. Regardless what anonymous transport they use, you
wouldn't be able to see what they are up to...
On Jan 10, 2016 6:14 PM, "Josh Reynolds" <josh at kyneticwifi.com> wrote:

> Even if you find somebody running TOR, you can't see inside it. They also
> could simply be running an exit node, or $reason.
> On Jan 10, 2016 5:02 PM, "Eric Rogers" <ecrogers at precisionds.com> wrote:
>
> > Our local community has recently had threats where the user has a
> > FaceBook profile and is threatening the schools, and several surrounding
> > schools, saying he is going to shoot everyone and blow them up... This
> > is an investigation, but it is getting out of hand.  Several police/FBI
> > raids, but yielded no results, and/or did not catch the right person.
> > He/she is taunting them, local and federal.
> >
> >
> >
> > I would ASSUME he is using some sort of proxy/anonymizer such as TOR or
> > something similar.  Is there any way to sniff for that type of traffic
> > on my network?  I want to make sure that they are not using us as the
> > source.
> >
> >
> >
> > Any thoughts on how to catch this person?  Even if it isn't us, and it
> > is somewhere else I would like to put a stop to it.  Preferably off-list
> > if you do respond...
> >
> >
> >
> > Thanks in advance.
> >
> >
> >
> > Eric Rogers
> >
> >
> >
> >
> >
> > www.pdsconnect.me
> >
> > (317) 831-3000 x200
> >
> >
> >
> >
>



More information about the NANOG mailing list