Part 2, the stoiry continues ------- Forwarded message follows ------- From: "Jerry Keller - K3BZ" <[EMAIL PROTECTED]> To: "\(Reflector\) DX-NEWS" <dx-news@njdxa.org> Subject: [DX-NEWS] Packet Cluster Problems: K1TTT's Response Date sent: Tue, 15 Nov 2005 10:05:56 -0500
The other source of #cqdx spots are from dxsummit (see http://oh2aq.kolumbus.com/dxs/) and I think a couple other web cluster sources (mostly for vhf spots I think). Again, n6rt's software grabs those spots and puts them into the #cqdx irc channel, at this point they are identified by the -@ ssid which you will see on the dxsummit site for spots put in from the web interface. Unfortunately some cluster nodes don't like this ssid so it has to be stripped before those spots are put into the normal cluster network, this is done in the ar-cluster software. Ar-cluster also contains it's own dxsummit spot collector, this is delayed even more and only checks the site every couple of minutes so those collected spots are usually blocked as dupes from other sources. However at times when #cqdx is down or there are other connection problems those may be seen on the backbone as coming from nodes like 'web/xxxxxx'. Now that you know where the spots come from and how they are identified, on to the next step... tracking them. This is something that I have published after every major contest for the last couple of years on cq-contest where mal frequently complains about packet use in contests. When dxsummit started it was pretty much stand alone, then came the #cqdx and ar-cluster and other user logging programs that accessed it and allowed automatic posting of spots there. Then some of the troublemakers who for obvious reasons like to stay anonymous found out that they could post comments there that couldn't be traced. While the admins there did lock out some calls and added some filters, that would not stop determined disrupters... it never has and never will, lock someone out of the cluster system or filter their favorite words and they will find another way to get in, and they have taught email spammers some lessons on how to change spelling just enough to bypass filters, witness how many ways you see c.i,al,i.s spelled in your spam filtered mail every day! Those are the types we are up against... the anonymous cluster spammers. Enough of that, back to the story... Remember that call from the secret service? Well, the source of the threats they were tracking was from dxsummit and that the only way to track them was to get the server logs from there. Well, best I can tell some administrators of dxsummit must have had some calls from someone who got a call from someone who must have gotten a call from the secret service... a few days later an ip tracking page showed up on dxsummit. You can see it at: http://oh2aq.kolumbus.com/dxs/dxsinput.html As soon as this page showed up and got some press coverage in the contest community there was a rapid drop in abuses during contests where contest cheaters were spotting themselves using bogus calls. The history of this is available in the archives of the cq-contest reflector... that mal knows well I'm sure. Now, as mal has noted, there was a sudden surge in bogus stuff from there a while ago... this happened after the dxsummit site suffered a server crash. There was a month or so when it was down completely, then when it came back they must have gone back to older software and the ip page wasn't working. It took about 6 months of communications with various contacts in Europe to get them to put the page back and it is just starting to take hold again I think. Unfortunately there will always be some miscreants who will use cheap internet accounts or other methods to avoid being identified just to cause trouble. There is no way to stop them, block them in one place and they show up somewhere else with fresh attacks. The best thing that can be done is to ignore them, don't respond and they eventually get bored and fade away. Respond to them, make threats that you will track them down, and they just keep going. This is an unfortunate trait of some people that shows itself whenever there is a method of hiding your identity from the masses... some people will take advantage of that anonymity to stir the pot, make personal attacks, or just otherwise disrupt society. Now, how does this help? Well, it lets you know that mal is trying to just inflame the situation by spreading partial truths and leaving out information that he should be well aware of. You are invited to review recent discussions (most recently starting after cqww ssb) on the cq-contest reflector to see his comments, including a call for a complete shutdown of the spotting network, and the responses to it on there. Oh, and the next step??? Well unfortunately in most cases even with the ip address of a miscreant either from dxsummit or a 'normal' cluster log there is very little that can be done. Ip addresses can be tracked as far as an isp in most cases, but only rarely to a specific computer. The analysis I do from contest logs uses pattern analysis to show that it is likely that there is something untoward going on, it is then up to the contest sponsors to compare the spotting data with participants logs to take any action they may feel is appropriate. I have had many queries from people who have been attacked by some of these miscreants via dxsummit and have provided them with the ip address, isp abuse contacts, etc... all of which is public record. but have not heard of any of them getting satisfaction from an isp in fingering an abuser or getting them cut off. As I understand it the EU privacy statutes make it all but impossible to get any user information, and when it crosses country lines its probably even worse. In the states it would take something like an order from a federal judge to get isp's to release records, and then its only likely under some kind of national security investigation... so don't threaten terrorism or a federal official and you are home free... attack me and all I can do is watch it scroll by on my screen. Unless of course its hidden in some reflector that I don't subscribe to by someone who doesn't want the full truth out there. <snip further hate mongering, calls for immediate action, baseless statements, calls for lynchings, etc> David Robbins K1TTT e-mail: mailto:[EMAIL PROTECTED] web: http://www.k1ttt.net AR-Cluster node: 145.69MHz or telnet://dxc.k1ttt.net" ---------------------------------------------------------- Archives http://www.mail-archive.com/dx-news@njdxa.org THE DXR is sponsored by the North Jersey DX Association. Please visit our website: http://www.njdxa.org/index.php scroll to bottom for subscribe/unsubscribe options ---------------------------------------------------------- ------- End of forwarded message ------- Subscribe/unsubscribe, feedback, FAQ, problems http://njdxa.org/dx-chat To post a message, DX related items only, dx-chat@njdxa.org This is the DX-CHAT reflector sponsored by the NJDXA http://njdxa.org