How to Check for NSA Wire Taps

29Jun06

If you're a Windows user, fire up an MS-DOS command prompt. Now type tracert followed by the domain name of the website, e-mail host, VoIP switch, or whatever destination you're interested in. Watch as the program spits out your route, line by line.

PLAIN TEXT
CODE:
  1. C:\> tracert nsa.gov
  2.  
  3. 1 2 ms 2 ms 2 ms 12.110.110.204
  4. [...]
  5. 7 11 ms 14 ms 10 ms as-0-0.bbr2.SanJose1.Level3.net [64.159.0.218]
  6. 8 13 12 19 ms ae-23-56.car3.SanJose1.Level3.net [4.68.123.173]
  7. 9 18 ms 16 ms 16 ms 192.205.33.17
  8. 10 88 ms 92 ms 91 ms tbr2-p012201.sffca.ip.att.net [12.123.13.186]
  9. 11 88 ms 90 ms 88 ms tbr1-cl2.sl9mo.ip.att.net [12.122.10.41]
  10. 12 89 ms 97 ms 89 ms tbr1-cl4.wswdc.ip.att.net [12.122.10.29]
  11. 13 89 ms 88 ms 88 ms ar2-a3120s6.wswdc.ip.att.net [12.123.8.65]
  12. 14 102 ms 93 ms 112 ms 12.127.209.214
  13. 15 94 ms 94 ms 93 ms 12.110.110.13
  14. 16 * * *
  15. 17 * * *
  16. 18 * *

In the above example provided by Wired News, traffic is jumping from Level 3 Communications to AT&T's network in San Francisco, presumably over the OC-48 circuit that AT&T tapped on February 20th, 2003, according to the Klein docs.

The magic string you're looking for is sffca.ip.att.net. If it's present immediately above or below a non-att.net entry, then -- by Klein's allegations -- your packets are being copied into room 641A, and from there, illegally, to the NSA.

Filed under: security   |  

No Responses to “How to Check for NSA Wire Taps”  

Feed for this Entry Trackback Address
  1. No Comments

Leave a Reply


Search

Social Bookmarking