If you’re a Windows user, fire up an MS-DOS command prompt. Now type tracert followed by the domain name of the website, e-mail host, VoIP switch, or whatever destination you’re interested in. Watch as the program spits out your route, line by line.
C:\tracert nsa.gov 1 2 ms 2 ms 2 ms 12.110.110.204 [...] 7 11 ms 14 ms 10 ms as-0-0.bbr2.SanJose1.Level3.net [64.159.0.218] 8 13 12 19 ms ae-23-56.car3.SanJose1.Level3.net [4.68.123.173] 9 18 ms 16 ms 16 ms 192.205.33.17 10 88 ms 92 ms 91 ms tbr2-p012201.sffca.ip.att.net [12.123.13.186] 11 88 ms 90 ms 88 ms tbr1-cl2.sl9mo.ip.att.net [12.122.10.41] 12 89 ms 97 ms 89 ms tbr1-cl4.wswdc.ip.att.net [12.122.10.29] 13 89 ms 88 ms 88 ms ar2-a3120s6.wswdc.ip.att.net [12.123.8.65] 14 102 ms 93 ms 112 ms 12.127.209.214 15 94 ms 94 ms 93 ms 12.110.110.13 16 * * * 17 * * * 18 * *
In the above example provided by Wired News, traffic is jumping from Level 3 Communications to AT&T’s network in San Francisco, presumably over the OC-48 circuit that AT&T tapped on February 20th, 2003, according to the Klein docs.
The magic string you’re looking for is sffca.ip.att.net. If it’s present immediately above or below a non-att.net entry, then — by Klein’s allegations — your packets are being copied into room 641A, and from there, illegally, to the NSA.
Welcome to my weBlog
20Jun06For those of you who are unfamiliar with the origin of the word “blog”, I find it appropriate to borrow this quote from Wikipedia,
For the time being, my blog will function as a log of interesting information and personal experiences. My postings will be mostly inspired from social media outlets, such as Digg.com and del.icio.us.