Anonymous Threats
Scott Fisher
littlefishguy at gmail.com
Mon Jan 11 01:30:29 UTC 2016
Report it to the authorities and trust that they can handle it,..no matter
how difficult that is. Remember your place that you are just the
admin/operator and not the hero. If they need your help, law enforcement
will ask for it.
Sucks but what would you do if you found his IP address? Go to his house?
No matter what, law enforcement needs to own the problem.
Thanks,
Scott
On Sunday, January 10, 2016, Notmatt Pleaseignore <networkhood at gmail.com>
wrote:
> I think if the FBI wants your help, they'll let you know.
>
> In the meantime, I would probably avoid anything that looked like you are
> spying on your customers, especially if you are explicitly targeting
> customers who are attempting to anonymize their traffic (for whatever
> reason). No matter how well intentioned. I can see a number of downsides...
>
> But in simple terms, if its Facebook, its HTTPS, and seems you are
> basically done there. Regardless what anonymous transport they use, you
> wouldn't be able to see what they are up to...
> On Jan 10, 2016 6:14 PM, "Josh Reynolds" <josh at kyneticwifi.com
> <javascript:;>> wrote:
>
> > Even if you find somebody running TOR, you can't see inside it. They also
> > could simply be running an exit node, or $reason.
> > On Jan 10, 2016 5:02 PM, "Eric Rogers" <ecrogers at precisionds.com
> <javascript:;>> wrote:
> >
> > > Our local community has recently had threats where the user has a
> > > FaceBook profile and is threatening the schools, and several
> surrounding
> > > schools, saying he is going to shoot everyone and blow them up... This
> > > is an investigation, but it is getting out of hand. Several police/FBI
> > > raids, but yielded no results, and/or did not catch the right person.
> > > He/she is taunting them, local and federal.
> > >
> > >
> > >
> > > I would ASSUME he is using some sort of proxy/anonymizer such as TOR or
> > > something similar. Is there any way to sniff for that type of traffic
> > > on my network? I want to make sure that they are not using us as the
> > > source.
> > >
> > >
> > >
> > > Any thoughts on how to catch this person? Even if it isn't us, and it
> > > is somewhere else I would like to put a stop to it. Preferably
> off-list
> > > if you do respond...
> > >
> > >
> > >
> > > Thanks in advance.
> > >
> > >
> > >
> > > Eric Rogers
> > >
> > >
> > >
> > >
> > >
> > > www.pdsconnect.me
> > >
> > > (317) 831-3000 x200
> > >
> > >
> > >
> > >
> >
>
--
Scott
More information about the NANOG
mailing list