FW: [Shotimes] I, too: Cheated by Al Fitz, SHO parts dealer

Noah South III RaggTopp@comcast.net
Sat, 18 Dec 2004 18:14:45 -0500


Ok, so this is what we have with regards to someone spoofing other peoples
"send" addresses.  Note, they only spoofed the "from:" field, all the rest
is where it REALLY came from.

They all came from the same IP:

207.44.232.22

And their message ID's are all part of the same domain, knph.com which has
the IP of:

216.40.213.204

Both of these point at:

Everyones Internet, Inc.
2600 Southwest Freeway / Suite 500
Houston, TX 77098
(713)400-5400

(as a side note, I hope I'm not the only person that caught the relevance of
the street address) <G>

Their Nameservers are all EV1.net servers too, which are the nameservers
that indiahits.com and knph.com are associated with

Now, I WOULD forward these messages along with headers to their abuse
department if it wasn't for ONE thing.......

I did a search for Everyones Internet, Inc. on google and came up with this.

http://alsaha.com

Apparently this site has a Forum for Al Qaeda supporters; I can't verify
that myself because I can't read anything on the site other than to say that
it is not in English. <G>

So if they happily host a site that supports terrorism I have a feeling they
could give a llama's ass about someone using their service to spoof
information.  Not to mention they don't even HAVE their own website, which
flags them as an unscrupulous host INSTANTLY.

This is what I CAN tell you though.  The person responsible for this has
access to the indiahits.com account, and is using the mail server associated
with that account to make posts to this list.

If Everyones Internet was a legitimate host, they could check their logs and
tell you exactly what IP address sent those e-mails by the unique message ID
on each of them, and that in turn will point to the specific computer used
to do all of this.

You want more information you're going to have to get it out of THEM, but
like I said, I don't think they'll be helpful.  In fact I'd be surprised if
they even returned an e-mail.

If anyone wants to go through the effort the abuse address is abuse@ev1.net

-Noah "Geek? Nah, not me." South III




-----Original Message-----
From: shotimes-admin@autox.team.net [mailto:shotimes-admin@autox.team.net]
On Behalf Of Shylo McKinsey
Sent: Saturday, December 18, 2004 12:10 AM
To: Jim Steffl
Cc: TaurusSHO
Subject: Re: FW: [Shotimes] I, too: Cheated by Al Fitz, SHO parts dealer

"Any way someone can track this punk down?"

I played with some "software" I have this
morning...but to no avail. Worked all afternoon, will
play with it some more tonight. But I think there are
some people on here who are much more "computer-code
and other stuff" savy then I.

Shylo McKinsey