red
DejaNews cracking
They track us, therefore we crack them

DejaNews is a scary subject, as we have seen in my redanonymity page and in my redcounter measures page. They keep track of all usenet entries. This allows to trace the profile of anybody that has contributed (non anonymously) to a newsgroup. It seems to me therefore all too correct to snoop a little on these guys...
When printing from "deja news" on the web you may notice that before printing Netscape throws up a little box saying it was contacting "Globaltrak.net" Is somebody keeping track of what people print on their news searches?
Yes! At the very least they are keeping track of how many people see their ugly advertisements. But I fear Globaltrak is doing a bit more. Check your cookies.txt file in your Netscape directory. You may very well have an entry from Globaltrak in there (that is... you'll have it only if you do not have already created a directory with the name "cookies.txt" inside your Netscape directory, as I would advice you to do, in order to eliminate once for all every cookie they would like to throw at you :-)

Let's find out who these globaltrack guys are... trying to go to www.globaltrak.com doesn't get you anywhere. A search on the web and through usenet news doesn't reveal anything about Globaltrak. Looks like somebody is trying to hide something. Let's see who Globaltrak is.
 

 host:~> whois globaltrak.net

 Globaltrak (GLOBALTRAK2-DOM)

    1504 Carriage Hills Trail

    Cedar Park, Texas 78613

    USA

 

    Domain Name: GLOBALTRAK.NET

 

    Administrative Contact, Technical Contact, Zone Contact, Billing Contact:

       Knight, Stephanie  (SK1019)  knights@GLOBALTRAK.NET

       (512) 292-5593

 

    Record last updated on 30-May-96.

    Record created on 30-May-96.

 

    Domain servers in listed order:

 

    NS.REALTIME.NET              205.238.128.39

    NS2.REALTIME.NET             205.238.128.42

We have a name now. Let's see what we can find from that.
 

 

   host:~> finger knights@GLOBALTRAK.NET

   unknown host: GLOBALTRAK.NET

Hmm. "unknown host" Well let see where the mail for Globaltrak goes. 

 host:~> dig mx globaltrak.net

 

 ; > mx globaltrak.net

 ;; ->>HEADER






 Ok.  Mail for Globaltrak goes to bga.com.  Let's see if we can find are person there.








 host:~> finger knights@bga.com

 [bga.com]









 

 Hmm.  Looks like they don't give out finger information.  Maybe they're

 concerned about their privacy.  Let's see who bga.com is.


 



 host:~> whois bga.com

 Bob Gustwick & Associates, Inc. (BGA-DOM)

    822 Brentwood

    Austin, TX 78757-3031

 

    Domain Name: BGA.COM

 

    Administrative Contact, Technical Contact, Zone Contact, Billing Contact:

       DNS Administrator, Real/Time  (RD182)  rt_tech@REALTIME.NET

       +1 512 451 0046 (FAX) +1 512 459 3858

 

    Record last updated on 27-Jun-96.

    Record created on 08-Feb-93.

 

    Domain servers in listed order:

 

    NS.REALTIME.NET              205.238.128.39

    NS2.REALTIME.NET             205.238.128.42

    NS1.SPRINTLINK.NET           204.117.214.10

    NS2.SPRINTLINK.NET           199.2.252.10

    NS3.SPRINTLINK.NET           204.97.212.10







 

 That's interesting.  So bga is Bob Gustwick & Associates.  Let's see what bga has at their web site.






 host:~> lynx www.BGA.COM

 

                              Real/Time Communications Local Home Page

 

                                   [INLINE]

                           Real/Time Communications

 

 Real/Time Communications?  That's odd.  Let's do a little more digging.

 

 host:~> traceroute vern.bga.com

 traceroute to vern.bga.com (205.238.128.38), 30 hops max, 40 byte packets

 ...

  8  sl-bobgust-1-S1-T1.sprintlink.net (144.228.12.2)  222 ms  103 ms  103 ms

  9  vern.realtime.net (205.238.128.38)  103 ms  102 ms  107 ms

 

 host:~> traceroute vern.realtime.net

 traceroute to vern.realtime.net (205.238.128.38), 30 hops max, 40 byte packets

 ...

  8  sl-bobgust-1-S1-T1.sprintlink.net (144.228.12.2)  105 ms  107 ms  103 ms

  9  vern.realtime.net (205.238.128.38)  103 ms  102 ms  102 ms






 


 Looks like Real/Time Communications and Bob Gustwick & Associates are one in the same.  Let's see if we can get to Globaltrak at all.






 host:~> ping www.globaltrak.net

 PING www.globaltrak.net (205.238.128.205): 56 data bytes

 ^C

 

 ----www.globaltrak.net PING Statistics----

 11 packets transmitted, 0 packets received, 100% packet loss

 







 Well that doesn't work.  Looks like they doen't want to acknowledge they exist.  Let's try another way.






 host:~> traceroute www.globaltrak.net

 traceroute to www.globaltrak.net (205.238.128.205), 30 hops max, 40 byte packets

 ...

  4  sl-chi-15-H3/0-T3.sprintlink.net (144.228.10.62)  40 ms  41 ms  40 ms

  5  sl-kc-2-H3/0-T3.sprintlink.net (144.228.10.70)  52 ms  51 ms  52 ms

  6  sl-fw-5-H3/0-T3.sprintlink.net (144.228.10.78)  91 ms  91 ms  93 ms

  7  sl-fw-13-F0/0.sprintlink.net (144.228.30.13)  92 ms  91 ms  98 ms

  8  sl-bobgust-1-S1-T1.sprintlink.net (144.228.12.2)  185 ms  192 ms  202 ms

  9  sl-bobgust-1-S1-T1.sprintlink.net (144.228.12.2)  164 ms * *

 10  * * *

 11  * * *

 12  * * *





 

 Well that didn't get there, but it tells us something interesting: "sl-bobgust-1-S1-T1.sprintlink.net"  or just "bobgust".  Looks like this Bob Gustwick guy is some major player in Globaltrak.



 

 A search of usenet shows that this guy is hiring a lot of people in the Austin area of Texas.  And a search on the web shows this.






 Name

      Bob Gustwick Associates, Inc.

 Location

      Travis county

 Postal Address

      8760A Research Blvd. Suite 152

      Austin, Tx 78758

 Phone Number

      +1 512 451-0046

 Description

      A supplier of Unix consulting services and Internet services.

 







 The web search also provided this little nugget.
 

 Case in point: DejaNews, a searcher that digs through Usenet posts. It doesn't carry every newsgroup, but it's fast, and for the moment it's free. Internic has them registered as being Bob Gustwick Associates of Austin, Texas. They're coy about their future plans: "we may eventually need to charge for some queries. We will try to avoid this but we can not rule it out." Draw your own conclusions.



 Hmm.  Dejanews is part of Bob Gustwick Associates?



 

 host:~> whois dejanews.com

 Deja News, Inc. (DEJANEWS2-DOM)

    5407-B Clay Avenue

    Austin, TX 78756

 

    Domain Name: DEJANEWS.COM

 

    Administrative Contact:

       Madere, Steve  (SM1488)  madere@DEJANEWS.COM

       1-512-451-0433

    Technical Contact, Zone Contact:

       DNS Administrator  (DA389-ORG)  dntech@DEJANEWS.COM

       1-512-451-0433

    Billing Contact:

       Accounts Payable, Deja News  (DNA8)  accounting@DEJANEWS.COM

       1-512-451-0433

 

    Record last updated on 23-Oct-96.

    Record created on 19-Mar-96.

 

    Domain servers in listed order:

 

    NS.DEJANEWS.COM              205.238.157.74

    NS.REALTIME.NET              205.238.128.39

    NS2.REALTIME.NET             205.238.128.42

 



 Yep.  Looks like Dejanews and Real/Time Communications are all part of Bob Gustwick Associates. That's as much as I could find at the moment.  You might try and contact Globaltrak (512) 292-5593 and ask them what they're doing.  You might also contact Bob Gustwick Associates (512) 451-0046 and ask if they are related to Globaltrak or just providing their Internet connection.








redhomepage

redlinks

red+ORC

redstudents' essays

redacademy database




redtools

redanonymity

redantismut

redcounter measures

redcocktails

redsearch_forms

redmail_fravia


redIs reverse engineering legal?









(c) fravia May 1997. All rights reserved