22 October 2001

See previous reports by SC:

http://cryptome.org/safeweb-anongo.htm

Comments welcome; send to: jya@pipeline.com


From: SC
To: <jya@pipeline.com>
Subject: privasec: spawn of safeweb
Date: Mon, 22 Oct 2001 03:04:28 -0400

Interesting that anongo.com is now redirecting to an xo.net/com property called www.privasec.com which is starting up a for pay anonymizing service. I note that xo.com appears in your RDBA query listings. They appear to be setting up for secure payment as the page presents a Verisign cert, registered to the xo.net property secure.cnchost.com, but they are not selling their service yet.  We know this URL was redirecting to Safeweb about 3 days ago; Privasec says on their demoinfo.htm page that they use proxying technology from Safeweb, "whose own secure surfing system is considered to be the best in the world." Privasec has an amusingly military style logo.

With respect to the assurances of our learned friend Mr. Hsu of Safeweb, it should be pointed out that this individual would be bound by numerous non-disclosure agreements with U.S. intelligence. He, like all who sign them, is compelled to go into auto-response mode when an opportunity arises. Time to kill, press release to fill. We will never know what he knows by listening to the words he generates. He's not allowed to say anything real, like any good corporate spokesthing. He's actually supposed to lie, because he'd be breaking the law if he told the truth. That's a nice thing to know, and truth be told it holds for your White House press secretaries to your corporate talking heads.

Here is the RADB query for the VIENNA 215.104.228.114 box. It looks like it's a router for the DoD. It's doing a lot less than it was a few days ago, so it's not proxying anymore.

admin-c:       Jim Cassell - JC536
admin-c:       Jim Cassell - JC536
tech-c:        See MAINT-AS568
tech-c:        See MAINT-AS568
notify:        jcassell@crcc.disa.mil
mnt-by:        MAINT-AS568
changed:       jcassell@crcc.disa.mil 19981127
changed:       jcassell@crcc.disa.mil 19981127
source:        RADB

admin-c:       DoD, Hostmaster 
tech-c:        Network Operation Center, Columbus 
notify:        asnreg@nic.mil
mnt-by:        MAINT-AS568
changed:       asnreg@nic.mil 20000717
source:        DoDNIC

Cryptome: From here www.anongo.com redirects to Safeweb, but as SC notes, http://anongo.com redirects to Privasec.


Following by Cryptome:


aut-num: AS2828 as-name: ASN-CONCENTRIC descr: XO Communications, Inc. Former names: NextLink Communications, Concentric Network Corp., InterNex Information Services, Delta Internet Services, AnaServe, 9Net Avenue, ... 1400 Parkmoor Avenue San Jose, CA 95126-3429 FOR ABUSE OR SPAM COMPLAINTS EMAIL - abuse@xo.com +1 314 506-3330 NOC/NCC 24x7 +1 408 817-2488 OpsDesk 24x7 +1 408 817-2800 Main admin-c: Network Operations tech-c: Internet Engineering
From: http://www.nic.mil/dodnic/ Query: AS568 aut-num: AS568 as-name: UNSPECIFIED descr: JIS (Joint Interconnection Service) import: from AS1 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS174 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS297 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS293 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS668 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS690 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS1239 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS1673 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS1740 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS1746 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS1800 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS2041 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS2548 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS2551 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS2914 action pref=150; accept AS-WNA import: from AS3257 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS3561 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS3720 action pref=150; accept AS-MAINSTREET AND NOT {0.0.0.0/0} import: from AS3847 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS3932 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS3951 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS3967 action pref=150; accept AS-EXODUS import: from AS4000 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS4006 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS4058 action pref=150; accept AS-LINKAGE import: from AS4565 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS5000 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS5390 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS5409 action pref=150; accept AS-IPF import: from AS5683 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS5669 action pref=150; accept AS-UNET import: from AS5693 action pref=150; accept AS-INTELENET import: from AS5696 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS5784 action pref=150; accept AS-GETNET import: from AS6113 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS6259 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS6461 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS6939 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS7922 action pref=150; accept AS-MEDIAONE import: from AS8218 action pref=150; accept ANY AND NOT {0.0.0.0/0} export: to AS1 announce AS-NIPRNET export: to AS174 announce AS-NIPRNET export: to AS293 announce AS-NIPRNET export: to AS297 announce AS-NIPRNET export: to AS668 announce AS-NIPRNET export: to AS690 announce AS-NIPRNET export: to AS1239 announce AS-NIPRNET export: to AS1673 announce AS-NIPRNET export: to AS1740 announce AS-NIPRNET export: to AS1746 announce AS-NIPRNET export: to AS1800 announce AS-NIPRNET export: to AS2041 announce AS-NIPRNET export: to AS2548 announce AS-NIPRNET export: to AS2551 announce AS-NIPRNET export: to AS2914 announce AS-NIPRNET export: to AS3257 announce AS-NIPRNET export: to AS3561 announce AS-NIPRNET export: to AS3720 announce AS-NIPRNET export: to AS3847 announce AS-NIPRNET export: to AS3932 announce AS-NIPRNET export: to AS3951 announce AS-NIPRNET export: to AS3967 announce AS-NIPRNET export: to AS4000 announce AS-NIPRNET export: to AS4006 announce AS-NIPRNET export: to AS4058 announce AS-NIPRNET export: to AS4565 announce AS-NIPRNET export: to AS5000 announce AS-NIPRNET export: to AS5390 announce AS-NIPRNET export: to AS5409 announce AS-NIPRNET export: to AS5683 announce AS-NIPRNET export: to AS5669 announce AS-NIPRNET export: to AS5693 announce AS-NIPRNET export: to AS5696 announce AS-NIPRNET export: to AS5784 announce AS-NIPRNET export: to AS6113 announce AS-NIPRNET export: to AS6259 announce AS-NIPRNET export: to AS6461 announce AS-NIPRNET export: to AS6939 announce AS-NIPRNET export: to AS7922 announce AS-NIPRNET export: to AS8218 announce AS-NIPRNET admin-c: Jim Cassell - JC536 admin-c: Jim Cassell - JC536 tech-c: See MAINT-AS568 tech-c: See MAINT-AS568 notify: jcassell@crcc.disa.mil mnt-by: MAINT-AS568 changed: jcassell@crcc.disa.mil 19981127 changed: jcassell@crcc.disa.mil 19981127 source: RADB aut-num: AS568 as-name: SUMNET-AS descr: DISO-UNRRA import: from AS8218 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS7922 action pref=150; accept AS-MEDIAONE import: from AS6939 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS6461 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS6259 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS6113 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS5784 action pref=150; accept AS-GETNET import: from AS5696 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS5693 action pref=150; accept AS-INTELENET import: from AS5669 action pref=150; accept AS-UNET import: from AS5683 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS5409 action pref=150; accept AS-IPF import: from AS5390 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS5000 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS4565 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS4058 action pref=150; accept AS-LINKAGE import: from AS4006 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS4000 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS3967 action pref=150; accept AS-EXODUS import: from AS3951 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS3932 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS3847 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS3720 action pref=150; accept AS-MAINSTREET AND NOT {0.0.0.0/0} import: from AS3561 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS3257 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS2914 action pref=150; accept AS-WNA import: from AS2551 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS2548 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS2041 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS1800 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS1746 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS1740 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS1673 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS1239 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS690 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS668 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS293 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS297 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS174 action pref=150; accept ANY AND NOT {0.0.0.0/0} import: from AS1 action pref=150; accept ANY AND NOT {0.0.0.0/0} export: to AS8218 announce AS-NIPRNET export: to AS7922 announce AS-NIPRNET export: to AS6939 announce AS-NIPRNET export: to AS6461 announce AS-NIPRNET export: to AS6259 announce AS-NIPRNET export: to AS6113 announce AS-NIPRNET export: to AS5784 announce AS-NIPRNET export: to AS5696 announce AS-NIPRNET export: to AS5693 announce AS-NIPRNET export: to AS5669 announce AS-NIPRNET export: to AS5683 announce AS-NIPRNET export: to AS5409 announce AS-NIPRNET export: to AS5390 announce AS-NIPRNET export: to AS5000 announce AS-NIPRNET export: to AS4565 announce AS-NIPRNET export: to AS4058 announce AS-NIPRNET export: to AS4006 announce AS-NIPRNET export: to AS4000 announce AS-NIPRNET export: to AS3967 announce AS-NIPRNET export: to AS3951 announce AS-NIPRNET export: to AS3932 announce AS-NIPRNET export: to AS3847 announce AS-NIPRNET export: to AS3720 announce AS-NIPRNET export: to AS3561 announce AS-NIPRNET export: to AS3257 announce AS-NIPRNET export: to AS2914 announce AS-NIPRNET export: to AS2551 announce AS-NIPRNET export: to AS2548 announce AS-NIPRNET export: to AS2041 announce AS-NIPRNET export: to AS1800 announce AS-NIPRNET export: to AS1746 announce AS-NIPRNET export: to AS1740 announce AS-NIPRNET export: to AS1673 announce AS-NIPRNET export: to AS1239 announce AS-NIPRNET export: to AS690 announce AS-NIPRNET export: to AS668 announce AS-NIPRNET export: to AS297 announce AS-NIPRNET export: to AS293 announce AS-NIPRNET export: to AS174 announce AS-NIPRNET export: to AS1 announce AS-NIPRNET admin-c: HOSTMASTER-PER tech-c: NOC-C-PER notify: asnreg@nic.mil mnt-by: MAINT-AS568 changed: asnreg@nic.mil 20000717 source: DoDNIC person: DoD, Hostmaster address: 7990 Science Applications Court address: MS CV-50 phone: (800) 365-3642 e-mail: HOSTMASTER@NIC.MIL nic-hdl: HOSTMASTER-PER changed: hostmaster@nic.mil 20011010 source: DoDNIC person: Network Operation Center, Columbus address: 3990 East Broad Street phone: (800) 554-3476 e-mail: HBRADY@CRCC.DISA.MIL nic-hdl: NOC-C-PER changed: hostmaster@nic.mil 20000714 source: DoDNIC
================================================== === VisualRoute report on 22-Oct-01 9:00:08 AM === ================================================== Report for www.privasec.com [207.155.248.12] Analysis: 'www.privasec.com' [devonshire.concentric.net] was found in 15 hops (TTL=242). It is a HTTP server (running ConcentricHost-Ashurbanipal/1.7 (XO(TM) Web Site Hosting)). ----------------------------------------------------------------------------------------------------------------------------------------------------------- | Hop | %Loss | IP Address | Node Name | Location | Tzone | ms | Graph | Network | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | 1 | | 206.115.154.3 | tnt3.nyc3.da.uu.net | New York, NY, USA | -05:00 | 124 | x- | UUNET Dial-Up Networks | | 2 | | 206.115.244.1 | - | ?Fairfax, VA 22031 | | 147 | -x---- | UUNET Dial Access Network | | 3 | | 152.63.23.178 | 229.at-2-0-0.HR1.NYC9.ALTER.NET | New York, NY, USA | -05:00 | 156 | -x--- | UUNET Technologies, Inc. | | 4 | | 152.63.15.150 | 0.so-1-3-0.XL2.NYC9.ALTER.NET | New York, NY, USA | -05:00 | 163 | -x----- | UUNET Technologies, Inc. | | 5 | | 152.63.24.101 | POS7-0.BR3.NYC9.ALTER.NET | New York, NY, USA | -05:00 | 172 | -x------ | UUNET Technologies, Inc. | | 6 | | 204.255.168.94 | - | ?Fairfax, VA 22031 | | 161 | -x--- | UUNET Technologies, Inc. | | 7 | | 64.220.3.81 | ge6-0.dist1.hud-ny.us.xo.net | ?--- | | 123 | x-- | Concentric Network Corporation | | 8 | | 64.220.3.94 | - | ?San Jose, CA 95126-3429 | | 116 | x | Concentric Network Corporation | | 9 | | 64.220.0.241 | ge9-0.tran1.nyc-ny.us.xo.net | New York, NY, USA | -05:00 | 111 | x | Concentric Network Corporation | | 10 | | 64.0.0.50 | p0-0.tran1.nwk-nj.us.xo.net | Newark, NJ, USA | -05:00 | 112 | x- | Concentric Network Corporation | | 11 | | 64.0.0.45 | p0-0.tran2.chi-il.us.xo.net | Chicago, IL, USA | -06:00 | 137 | x- | Concentric Network Corporation | | 12 | | 64.220.0.177 | ge9-0.tran1.chi-il.us.xo.net | Chicago, IL, USA | -06:00 | 129 | x | Concentric Network Corporation | | 13 | | 64.0.0.17 | p0-0.tran2.scl-ca.us.xo.net | Santa Clara, CA, USA | -08:00 | 181 | x- | Concentric Network Corporation | | 14 | | 64.0.0.130 | p1-0.web1.sjc-ca.us.xo.net | San Jose, CA, USA | -08:00 | 186 | -x | Concentric Network Corporation | | 15 | | 207.155.248.12 | www.privasec.com | - | | 181 | x- | Concentric Network Corporation | ----------------------------------------------------------------------------------------------------------------------------------------------------------- Roundtrip time to www.privasec.com, average = 181ms, min = 176ms, max = 187ms -- 22-Oct-01 9:00:08 AM
================================================== === VisualRoute report on 22-Oct-01 9:01:58 AM === ================================================== Report for 207.155.248.12 [devonshire.concentric.net] Analysis: '207.155.248.12' [devonshire.concentric.net] was found in 15 hops (TTL=242). ----------------------------------------------------------------------------------------------------------------------------------------------------------- | Hop | %Loss | IP Address | Node Name | Location | Tzone | ms | Graph | Network | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | 1 | | 206.115.154.3 | tnt3.nyc3.da.uu.net | New York, NY, USA | -05:00 | 107 | x- | UUNET Dial-Up Networks | | 2 | | 206.115.244.1 | - | ?Fairfax, VA 22031 | | 111 | -x | UUNET Dial Access Network | | 3 | | 152.63.23.178 | 229.at-2-0-0.HR1.NYC9.ALTER.NET | New York, NY, USA | -05:00 | 123 | -x-- | UUNET Technologies, Inc. | | 4 | | 152.63.15.150 | 0.so-1-3-0.XL2.NYC9.ALTER.NET | New York, NY, USA | -05:00 | 123 | -x-- | UUNET Technologies, Inc. | | 5 | | 152.63.24.101 | POS7-0.BR3.NYC9.ALTER.NET | New York, NY, USA | -05:00 | 113 | -x | UUNET Technologies, Inc. | | 6 | | 204.255.168.94 | - | ?Fairfax, VA 22031 | | 107 | x- | UUNET Technologies, Inc. | | 7 | | 64.220.3.81 | ge6-0.dist1.hud-ny.us.xo.net | ?--- | | 106 | x- | Concentric Network Corporation | | 8 | | 64.220.3.94 | - | ?San Jose, CA 95126-3429 | | 106 | x- | Concentric Network Corporation | | 9 | | 64.220.0.241 | ge9-0.tran1.nyc-ny.us.xo.net | New York, NY, USA | -05:00 | 107 | x- | Concentric Network Corporation | | 10 | | 64.0.0.50 | p0-0.tran1.nwk-nj.us.xo.net | Newark, NJ, USA | -05:00 | 106 | x- | Concentric Network Corporation | | 11 | | 64.0.0.45 | p0-0.tran2.chi-il.us.xo.net | Chicago, IL, USA | -06:00 | 126 | x- | Concentric Network Corporation | | 12 | | 64.220.0.177 | ge9-0.tran1.chi-il.us.xo.net | Chicago, IL, USA | -06:00 | 126 | x- | Concentric Network Corporation | | 13 | | 64.0.0.17 | p0-0.tran2.scl-ca.us.xo.net | Santa Clara, CA, USA | -08:00 | 177 | x | Concentric Network Corporation | | 14 | | 64.0.0.130 | p1-0.web1.sjc-ca.us.xo.net | San Jose, CA, USA | -08:00 | 176 | x | Concentric Network Corporation | | 15 | | 207.155.248.12 | devonshire.concentric.net | - | | 179 | x- | Concentric Network Corporation | ----------------------------------------------------------------------------------------------------------------------------------------------------------- Roundtrip time to 207.155.248.12, average = 179ms, min = 177ms, max = 197ms -- 22-Oct-01 9:01:58 AM
From: http://www.netsol.com/cgi-bin/whois/whois privasec.com: Organization: Riggs & Co. Geoffrey Riggs 11929 Kiowa Ave., Ste. 6 Los Angeles, CA 90049 US Phone: 310-826-1730 Fax..: 310-826-3589 Email: riggsmail@yahoo.com Registrar Name....: Register.com Registrar Whois...: whois.register.com Registrar Homepage: http://www.register.com Domain Name: PRIVASEC.COM Created on..............: Sun, Mar 18, 2001 Expires on..............: Mon, Mar 18, 2002 Record last updated on..: Tue, Aug 07, 2001 Administrative Contact: Riggs & Co. Geoffrey Riggs 11929 Kiowa Ave., Ste. 6 Los Angeles, CA 90049 US Phone: 310-826-1730 Fax..: 310-826-3589 Email: riggsmail@yahoo.com Technical Contact, Zone Contact: Register.Com Domain Registrar 575 8th Avenue - 11th Floor New York, NY 10018 US Phone: 212-798-9200 Fax..: 212-629-9305 Email: domain-registrar@register.com Domain servers in listed order: NS1.CNCHOST.COM 207.155.248.5 NS2.CNCHOST.COM 207.155.252.5