Donate for the Cryptome archive of files from June 1996 to the present

16 March 2014

NSA Zologize

A sends:

Thank you for exposing so much information and specifically the NSA affiliated IP tables.

Here is my story regarding the IP tables and some European opinion in general.

I run a server and encountered early January 2014 an worldwide attack wave of "/phpTest/zologize/axa.php". I could not detect a point of origin other than it was submitted from most countries of the world possibly indicating a bot-net. The attack frequency has been dropped to one or two request per day at this time and it seems to me that the bot-net owner was just test driving.

I use IP table’s that has been provided by the common security community to tag IP addresses. The more tags an IP has the more change it has that it will be subject of investigation.

Among these IP tables is one I found on Cryptome which is already 7 years old and may not represent an actual situation on the internet. This table contains NSA affiliated IP blocks. Some critics say that this table is a fake and of course, If you can’t expose your contact that provided the table to cryptome it is a little hard to validate this specific IP table.

However, I validated this table by working with it. In the spirit of big-data I do collect the IP tables from many sources just for the tagging purpose. The firewall will decide if the tagging score has reached the threshold for an IP or network to be blocked.

It has come to my attention that whenever “zologize” (meaning to collect critters) came by, an NSA affiliation tag was added by the early warning system of my server no matter from what country / net operator it came from.

Over 90% of the “zologize” requests had been NSA tagged (by querying the cryptome table) where others had no or just a small NSA score and considering the way the NSA is naming their covert projects I would say with some certainty (but not ruling out Heisenberg’s uncertainty) that “zologize” is originating from NSA controlled or affiliated networks. It looks like the NSA is starting up their cyberwar machine to be just a click away from total digital devastation. The USA has recently gave up to be preferred one to manage the dns root systems (ICANN/NTIA) and all moves together does not predict a peaceful and transparent future for the internet.

The United States may spread the prophecy of net transparency but their acts cause the worldwide internet community to filter out complete organizations or even countries. For example, Any request from the United States, South America’s, UK, Balkan, Middle East, Russia, Asia and Australia are already blocked on my server because most critter-crap is originating from there.

By limiting services on a geographical scale the internet isn’t the world wide web anymore as we had in mind in the eighties. In my case it’s becoming more and more an European wide network effectively killing worldwide services. Many European site operators are already blocking on geographical scale and I really don’t mind if Europe is cut off from the WWW since it is already happening and maybe it’s time to setup a European Wide Web alongside the WWW that will be protected by EU law. Of course we could use Onion, but hey, We have the right to oppose so why going underground?

You may consider the EU as a potential enemy like the NSA is doing, You can even say “Fuck Europe”, You can threat that you will send in the marines when we arrested an American NSA official breaking the law over here, Snoop in on the German prime minister’s phone calls, Hack a complete cellular network in Belgium or even insult the Dutch saying that they all are pot-smoking-junkies but we do not forget. We do not forget how much damage already has been caused by the NSA and its affiliated parties or generally spoken, the USA, UK and Australia.

I doesn’t make sense to yell that we’re not the enemy while under siege.

Keep it up! & kind regards,

p.s. Publishing OK, Leave out the email address. Thanks.