[186937] in North American Network Operators' Group
Re: Anonymous Threats
daemon@ATHENA.MIT.EDU (Josh Reynolds)
Sun Jan 10 18:12:44 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <C820E8FCB95D264B9F200903B532BD2402733F67@equinox.precisionds.com>
Date: Sun, 10 Jan 2016 17:12:40 -0600
From: Josh Reynolds <josh@kyneticwifi.com>
To: Eric Rogers <ecrogers@precisionds.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
Even if you find somebody running TOR, you can't see inside it. They also
could simply be running an exit node, or $reason.
On Jan 10, 2016 5:02 PM, "Eric Rogers" <ecrogers@precisionds.com> wrote:
> Our local community has recently had threats where the user has a
> FaceBook profile and is threatening the schools, and several surrounding
> schools, saying he is going to shoot everyone and blow them up... This
> is an investigation, but it is getting out of hand. Several police/FBI
> raids, but yielded no results, and/or did not catch the right person.
> He/she is taunting them, local and federal.
>
>
>
> I would ASSUME he is using some sort of proxy/anonymizer such as TOR or
> something similar. Is there any way to sniff for that type of traffic
> on my network? I want to make sure that they are not using us as the
> source.
>
>
>
> Any thoughts on how to catch this person? Even if it isn't us, and it
> is somewhere else I would like to put a stop to it. Preferably off-list
> if you do respond...
>
>
>
> Thanks in advance.
>
>
>
> Eric Rogers
>
>
>
>
>
> www.pdsconnect.me
>
> (317) 831-3000 x200
>
>
>
>
