Comments on: ISP bringdown

ISP bringdown

arse_hat — Sat, 21 Feb 2004 00:17:21 -0800

Creative Internet Techniques a large Ohio ISP was shut down by the FBI for "IRC network" violations. If you need to get at your hosted data "please contact the Bureau via email to rwhite3@leo.gov. Make sure to include in your email your name, mailing address, and telephone number with area code."

Does anyone still use IRC? Does anyone intend to "please contact the Bureau via email to rwhite3@leo.gov. Make sure to include in your email your name, mailing address, and telephone number with area code". Does anyone have any ideas what this is REALLY about?

By: quonsar

quonsar — Sat, 21 Feb 2004 00:33:30 -0800

Does anyone still use IRC? no, IRC is so 2003...

By: stavrosthewonderchicken

stavrosthewonderchicken — Sat, 21 Feb 2004 00:40:44 -0800

IRC is much used for filetrading these days. That's probably what this is about.

By: Trik

Trik — Sat, 21 Feb 2004 00:56:24 -0800

I wonder if this could have something to do with tracking the stolen microsoft code.

By: juliebug

juliebug — Sat, 21 Feb 2004 01:02:12 -0800

I run a small IRC server and we host with a provider that hosts with CIT/Foonet. Frankly, the inability to access the services databases (chanserv/nickserv/etc) has left me waiting to see what transpires with CIT. As I'm not a direct CIT customer, I have not contacted the agent, but my provider has. In short, I don't have a lot of choice without my data. I can spend money and I can spend time to set up a fresh server from scratch at a new host, losing all registered nicknames and channels, or I can continue into day seven without an IRC server and pray my users understand that there's nothing I can do. And yes, people do still use IRC, although more new chatters tend to use the messenger programs that are available than IRC. But it's still a very popular medium, apart from the filesharing aspect that is rapidly getting out of control. As the page linked to states, this isn't about filesharing, but it looks more like DDoS attacks.

By: TreeHugger

TreeHugger — Sat, 21 Feb 2004 01:33:35 -0800

IRC is much used for filetrading these days. That's probably what this is about. That's a scary prospect. Shutting down ISPs to track down shit for Microsoft? Hopefully not true.

By: Goofyy

Goofyy — Sat, 21 Feb 2004 01:52:30 -0800

So, they took the servers and ALL the data. Exactly how is the privacy of those users not accused of any crimes being protected? Who is representing their rights? What is the law in such cases?

By: nads

nads — Sat, 21 Feb 2004 01:53:21 -0800

I had an account at foonet back when I was in highschool. Memories ... eggdrops! The FBI closing down a provider cause of an eggddrop gone awry.

By: konolia

konolia — Sat, 21 Feb 2004 04:40:06 -0800

What's an eggdrop?

By: thebabelfish

thebabelfish — Sat, 21 Feb 2004 05:17:30 -0800

IRC bot.

By: sailoreagle

sailoreagle — Sat, 21 Feb 2004 05:38:43 -0800

Yes, people do still use IRC :P I help run a smallish IRC network. We've not been affected by this, luckily, as we had no servers with CIT/Foonet, but my sympathies go towards anybody who's been caught up in this and is now stuck without a server. The filesharing aspect is getting out of control on some networks, but several have decided to not allow warez/filesharing (pretty much a "cover your ass" move, just in case the RIAA / copyright demons decide to go after filesharing on IRC networks. That, and warez tends to bring along scriptkiddies and those are a pain in the butt to deal with...) This seems to be because of a DDOS, though, which is far more serious. According to a message on this thread that discusses the whole thing, though, "everything is "under seal", meaning a federal judge has disallowed any information from being released on the reasoning behind this matter" (direct quote), so not much but speculation can really be done.

By: PigAlien

PigAlien — Sat, 21 Feb 2004 05:50:10 -0800

As for the privacy issues, I have to say that (as the staunchest defender of a person's right to privacy) IRC is effectively a public forum. A good comparison might be a privately owned conference center where different groups rent rooms knowing that everything they say is going to be recorded. Ostensibly the owners of the conference center have the right to cooperate with the FBI and hand over all records when asked, unless they have an explicit privacy agreement with their customers where they promise not to do so. Even in the event of such a policy, the FBI would still be able to seize such records in a criminal investigation with a proper warrant. The lesson here would be, EVERYTHING ON THE INTERNET IS RECORDED! So if you think you have privacy you're in for a big shock. The only way to protect yourself on the internet is very strong encryption, obfuscation and obscurity. The question in my mind is, did they execute this search under the Patriot Act?

By: tommasz

tommasz — Sat, 21 Feb 2004 06:21:21 -0800

I still use IRC, on two different networks. One of them Dalnet, took a lot of heat when they eliminated filesharing channels. I'm surprised it's still possible to send and receive files on it at all. The other network is new and has never allowed filesharing (and probably never will).

By: the fire you left me

the fire you left me — Sat, 21 Feb 2004 06:55:56 -0800

IRC can be excellent. I'm often on freenode. If you share files, Peer Guardian from Methlabs is recommended.

By: dglynn

dglynn — Sat, 21 Feb 2004 06:59:15 -0800

A good argument for off site-backups and a rebuild system plan that can use generic hardware, no? We've always been trying to create and maintain a setup that can be rebuilt from stored data and plain old boxes if need be. As long as you have a router and connectivity then rebuild, restore, and restart. Hope not to need it, but when the attached building two doors down burned in a three alarm fire that called in crews from 20 miles around, well, we were theoretically ready. Not as much fun as trying to get the local volunteer fire department to not just hose out the inside of the CO behind us when the water heater inside became a smoldering smoke machine("seriously, guys, water in those switches means no phones or internet for at least a week. Put on a mask and check the thermal cam before soaking down the entire building, please."), but still interesting.

By: y6y6y6

y6y6y6 — Sat, 21 Feb 2004 08:34:38 -0800

"Exactly how is the privacy of those users not accused of any crimes being protected?" Welcome to Bush's America. One of the best things about America used to be the right to be free from unreasonable search and seizure. No longer. The expectation now is that everything will be recorded and placed in a secret database which will be used against us at some future date. Now behave and conform or the FBI will kick your fucking door down.

By: tingley

tingley — Sat, 21 Feb 2004 08:56:38 -0800

IRC is still used a fair amount in both open source software development and some gaming communities.

By: mrbill

mrbill — Sat, 21 Feb 2004 10:46:05 -0800

If you share files, Peer Guardian from Methlabs is recommended. No software you run on your machine is going to "hide" your IP address from another system you're connected to. A "netstat" command (most commonly found on UNIX-based operating systems) will show me the IP addresses of machines with active TCP connections to my machine(s). There's no way to "hide" if you're peering with other systems and transferring data back and forth.

By: squirrel

squirrel — Sat, 21 Feb 2004 11:56:50 -0800

This sucks. Hopefully it will provide a test case for server privacy. I'm sure that there were more services running on that server, such as at least HTTP, FTP and shells. Does an investigation of a suspected IRC violation give prosecutors the right to investigate everything on the server or only those portions related to IRC? I suspect that they would argue for the former, using as a precedent those cases of people pulled over for a turn-signal violation resulting in a serendipitous discovery of contraband in the glove compartment. This kind of greasy loophole is ripe for prosecutorial abuse. The RIAA has already begun a racket shaking down people for thens of thousands in settlements, without a trial, strictly on the basis of an IP number. To recap: this sucks.

By: Latitude11

Latitude11 — Sat, 21 Feb 2004 15:22:53 -0800

Does anyone still use IRC? I think so.

By: scarabic

scarabic — Sat, 21 Feb 2004 15:51:19 -0800

WTF is an "IRC Network Violation" anyway? Are we talking about using the wrong smileys? Discussing a presidential assassination? Someone trading copyrighted files? Since when does the FBI do housecleaning for the RIAA? Yes, tons of people use IRC. God forbid the G-men should hit a Usenet provider and scour out those logs. It's probably in the pipe, though.

By: sailoreagle

sailoreagle — Sat, 21 Feb 2004 18:36:45 -0800

scarabic: first of all, keep in mind that this is only really IRC-related because that ISP hosted (among other things) IRC servers. There's nothing that's known for sure about the reasons for the shutdown of the ISP, it could just as well not be IRC-related (I dunno, scriptkiddies using shells hosted on there to DDOS somewhere, or what have you). If the FBI got involved, I'm assuming/guessing it's something quite big. As for 'WTF is an "IRC Network Violation'" (in general, not related to this specific case), well, consider this. You start an IRC server or network, spend money on the server(s) and time setting it all up and helping users out. Then a bunch of scriptkiddies come along, decide they don't like you, and proceed to try and DDOS your server(s) into oblivion. What would you do? Just shrug it off, or attempt to track down the ISPs and shells used by those who did it and get their access to them shut down? Most IRC users, frankly, have no clue of all the mess that goes on behind the scenes. It doesn't make it any less messy. And frankly, just because IRC is used to chat and have fun, it doesn't mean it isn't a serious problem or a violation (to use your term) when somebody DDOSses your servers (or floods them with bots, or keeps flooding channels, etcetera).

By: brantstrand

brantstrand — Sat, 21 Feb 2004 19:24:33 -0800

mrbill -- Peer Guardian is a special purpose firewall. It doesn't mask your address from the other end of a connection. Rather, it prevents the inbound connection from ever occuring *if* the source address is known to be used by "known P2P foes, such as the RIAA, MPAA, MediaForce, MediaDefender, BaySTP, Ranger, OverPeer, NetPD, and more." They purport to update the block list continuously. I'm not saying I'd rely on it, but it does make sense. By using it, a P2P user raises the bar for the enforcers attempting to identify him/her. It's not a perfect shield, but it's decent camouflage.

By: firestorm

firestorm — Sat, 21 Feb 2004 21:28:49 -0800

Explain your reasoning behind the question. IRC is still very big with gaming communities. REAL gaming as in computer not console XD

By: squirrel

squirrel — Sat, 21 Feb 2004 21:55:20 -0800

sailoreagle, in any case, you're going to solve the problem in-house. At most, you're going to find a private agency to help you with your hackers on a private level. Who in the world would voluntarily turn to the FBI to help them with their data parsing workload?

By: sailoreagle

sailoreagle — Sun, 22 Feb 2004 05:33:02 -0800

squirrel: of course. (I did say I was speaking in general, not related to this specific case.) Calling the FBI on some scriptkiddies who DDOS a single server is silly, just track them down and contact their ISP(s) with logs... We still don't know what exactly was done from that ISP's servers that the FBI felt they needed to get involved, though. I still think it's got very little to do with IRC, and it's just a coincidence that that ISP was hosting IRC servers also. For all we know, it's possible that some people were using accounts based on that ISP to, I dunno, try and DDOS several government sites, or what have you. To do something so big that the FBI needed to get involved, anyway. Until we know for sure all we can do is make guesses, though.

By: quonsar

quonsar — Sun, 22 Feb 2004 10:45:49 -0800

If you share files, Peer Guardian from Methlabs is recommended. No software you run on your machine is going to "hide" your IP address from another system you're connected to. precisely. but you obviously have no clue what peer guardian does. peer guardian ignores connection requests from certain known IP ranges. There's no way to "hide" if you're peering with other systems and transferring data back and forth. horse puckey. you are completely invisible to anything you simply ignore all traffic from.

By: mrbill

mrbill — Sun, 22 Feb 2004 19:53:16 -0800

quonsar: I don't put much faith in the fact that the "authorities" will stay behind certain netblocks when doing their searches for illegal/illicit materials on P2P networks. Anyone can call up and get a cable modem or DSL line nowdays.