MY JUST DESSERTS

>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<

>>>>>>>>>><<<<<<<<<<

I have been very busy going to the VA for physical therapy, trying to regain a full range of motion and my strength, enough to walk and hopefully get back on my two wheeler. My therapist tells me I am making progress. But, that I have a long way to go. In my younger days, I spent a significant amount of time as a gym rat. As a matter of fact, my last duty assignment, I was the Command Fitness Coordinator and Gymnasium Manager at the Fleet Anti Submarine Warfare Training Center, in San Diego, California. Having this in my past, is helping me to recover, rather than discover my health.  rare word to the wise:

DO IT WHILE YOU'RE STILL YOUNG. 

OR AT LEAST START TODAY.

YOU NEVER KNOW WHAT OBSTACLES YOU'LL NEED TO OVERCOME IN YOUR FUTURE

I'll be blogging sporadically until I either get up and be gone like the breeze. or I come to the realization that what once was, will never be again. Once I reach that tipping point, I'll reconsider the direction of my life and my blog. But until then, THANK YOU, for your support, friendship and encouragement...

><{{{(°>><{{{(°>><{{{(°><°)}}}><<°)}}}><<°)}}}><

I hope you noticed the recent addition to my sidebar.

the advert for Roba Dolce Gelato.

In return for posting that advert for one month, the good people at Roba Dolce agreed to send me some samples of their products.

When I returned home from PT on Wednesday, there was a large frozen goods shipping container on the front porch, from Warwick, Rhode Island. 

I was expecting 1 or 2 single serving containers at best. This particular box was much too large for something so meager as a couple of 6 oz cups of ice cream Gelato.

The box contained four 6 oz cups of frozen confectionery. And five large 36 oz cartons of my JUST DESSERTS.

Flavors of the small containers were:

Raspberry, Almond Fudge

Lemon

Blood Orange

Mango

All four were delicious. The Raspberry, Almond Fudge was surprisingly, the best of the four. Despite my preferences for simple pleasures, I do have an educated epicurean palate. And in my world travels I have sampled foods of all sorts, flavors and descriptions. I have been to Valencia, Spain and have seen and eaten true Valencia Oranges. They are extremely sweet and the pulp and juice is "BLOOD RED" in color. 

The Roba Dolce Blood Orange Sorbeto was excellent, and placed a close 2nd behind the RAF.

Next in line of my favorites was the Lemon Sorbeto. Tart and tangy.

The Mango was good. But rather disappointing. Domestic Mangoes don not have the same level of flavor or sweetness as the ones found in Central and South America. And the mangoes from the Caribbean Island of St. Vincent are so sweet that when the juice dries on your hands, sugar remains.

The 5 large containers have the same 4 flavors, with the addition of CHOCOLATE CHUNK. But since I don't eat Chocolate, my review will be second hand.

A NEW AMENDMENT TO THE US CONSTITUTION

Governors of 35 states have filed suit against the Federal Government for imposing unlawful burdens upon them. It only takes 38 (of the 50) States to convene a Constitutional Convention.
This will take less than thirty seconds to read.

The new 28th Amendment is an idea that we should address.
For too long Americans have been too complacent about the workings of our Congress.  Many citizens have no idea that members of Congress can retire with the same pay, $165,200 per year, FOR LIFE, after only one term.

AND that they specifically exempted themselves from many of the laws they have passed (such as being exempt from any fear of prosecution for sexual harassment) while ordinary citizens must live under those laws. 

The latest corruption was to exempt themselves from the Healthcare Reform... in all of its forms. 

Somehow, that doesn't seem logical. We should not have an elite that is above and apart from the law. I truly don't care if they are Democrats, Republicans, Libertarians, Greens, Independents, Communists, Nazis or Whatever. This elitist self-serving above the law mentality must stop. And we can't expect them to impose this upon themselves. We must do it for them, and for us.

COPY the text of this post and email it to 20 people, or re-post it on your blog, in three weeks, most people in The United States of America will have the message. This is one proposal that really should be passed around.

Proposed 28th Amendment to the United States Constitution: 

 

 "Congress shall make no law that applies to the citizens of the United States that does not apply equally to the Senators and/or Representatives; and, Congress shall make no law that applies to the Senators and/or Representatives that does not apply equally to the citizens of the United States."

THE WARRIOR SONG

####################><####################

####################><####################

NOW, WHERE DID THAT COME FROM? PT2

In yesterday's example, I showed you how to trace an email back to it's point of origin. I made seem so easy, that the questions came in asking; "If it's that simple, Why can't you catch all those bad guys?" Well the example yesterday was a bit unusual. And was obviously written by someone who either was very inexperienced and unschooled as to the use of email headers, or she didn't care who found the pc that sent the message (It wasn't her computer to begin with).

A skilled email fraudster isn't so glib about loosing one of his OWNED systems. And generally uses a technique known as FORGED HEADERS to make source impossible to trace. 

Lets look at what a set of forged email headers might look like:

From collegebabe@aol.com  Mon Jun 7 16:54:12 2003
Return-Path: collegebabe@aol.com
Received: from trademeca.co.kr (unknown [211.219.20.86])
         by mail.someplace.com (Postfix) with SMTP id 2304964253A
         for ; Mon, 7 Jun 2004 16:54:10 -0500 (EST)
Received: from smtp0422.mail.yahoo.com (80.237.200.67)
         by trademeca.co.kr (211.219.20.86) with [Nmail V3.1 20010905(S)]
         for from ;
         Thu, 3 Jun 2004 15:55:00 +0900
Date: Thu, 3 Jun 2004 11:34:52 GMT
From: "Pamela" collegebabe@aol.com
Subject: Hey buddie! What's going on? 

The Received: headers tell the real story of this poor forgery, but you have to examine several of these to truly understand the details. This particular e-mail is identifiable because it doesn't make any sense for a person with an AOL account to use one of Yahoo's e-mail servers to relay e-mail through a server in the .kr top level domain, which is Korea.

Furthermore, a DNS lookup failed to find smtp0422.mail.yahoo.com, so this IP address doesn't exist. Even if it did, the IP address 80.237.200.67 belongs to a network in Germany, which I discovered by checking the online American Registry for Internet Numbers (ARIN) database. Chances are that collegebabe@aol.com had absolutely nothing to do with it. 

 

LET'S TRY ANOTHER

Delivered-To: NUNYA@gmail.com
Received: by 10.14.53.6 with SMTP id f6cs241029eec;
        Wed, 19 Jan 2011 17:25:50 -0800 (PST)
Return-Path:
Received-SPF: pass (google.com: domain of randomrights@gmail.com designates 10.150.54.8 as permitted sender) client-ip=10.150.54.8;
Authentication-Results: mr.google.com; spf=pass (google.com: domain of randomrights@gmail.com designates 10.150.54.8 as permitted sender) smtp.mail=randomrights@gmail.com; dkim=pass header.i=randomrights@gmail.com
Received: from mr.google.com ([10.150.54.8])
        by 10.150.54.8 with SMTP id c8mr1483694yba.350.1295486749756 (num_hops = 1);
        Wed, 19 Jan 2011 17:25:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:date:message-id:subject:from:to
         :content-type;
        bh=HaPN8FFW++8MwYEugOSew94FjrPmlsWKi1gG+mbcHxU=;
        b=Xtge1v5RQnC/y+CkvV/WLbXhqBoQp4xc1ozy+a0+qBjDcGDuqwkFrchmbs2UClLC3F
         RXsfyCTauaL5V5Zu+Q9VASqqKGFB9nan2/wqYGFS0WEHEfDKGsBIAO2oeb4/UkSOuJs1
         RikipehrxIS+Ep1yq0GwxqjAT/tr++wjXr8ww=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:date:message-id:subject:from:to:content-type;
        b=DA3UCn1lbPa8czDANmPYLwzAa/TKfWJGuYUfIOyP056BpoLhA2Kme3kYwNgAtdll46
         RU9sy/SR+bw9yctvG0ua0+qS6swO7HJ/5eqPAQboIWc6hYilCIxlenDFfnAxVfN3OjV2
         myseLjasj0Zml3IoFwy9gQiJ1iXbX9GNoAU7k=
MIME-Version: 1.0
Received: by 10.150.54.8 with SMTP id c8mr1483694yba.350.1295486749743; Wed,
 19 Jan 2011 17:25:49 -0800 (PST)
Received: by 10.147.125.13 with HTTP; Wed, 19 Jan 2011 17:25:49 -0800 (PST)
Date: Wed, 19 Jan 2011 20:25:49 -0500
Message-ID:
Subject: here goes.......
From: random
To: NUNYA@gmail.com
Content-Type: multipart/alternative; boundary=00151748df088799af049a3d036f

--00151748df088799af049a3d036f
Content-Type: text/plain; charset=ISO-8859-1

In this elaborately forged example, the person appears to be trying to put so much info, no one will want to drag through all of it to find the give away. However, with only a tertiary knowledge of  internet communication protocols, you will immediately notice the impossibility of this being a legitimate message.

1. There are several RECIEVED BY: 10.150.54.8 and 10.147.125.13 but they don't follow protocol, because they don't have a corresponding FROM: statement.


2. NOTICE THAT EVERY IP ADDRESS LISTED IS IN THE CLASS "A" ADDRESS AREA 10.0.0.0

10.14.53.6
10.150.54.8
10.147.125.13

Addresses in this range are reserved for a special purpose. And while it may be perfectly legitimate for the recipient's address to be in this range. In fact it's also possible for the sender to have a 10.0.0.0 address. Outside of your private network, a 10.0.0.0 address is not routable, and no legitimate SMTP SERVER will have a 10.0.0.0 address.

So, while these messages cannot be traced back to their source. At least you know that the message was sent by a person with intent to defraud you.

What's that you say? 

You don't have a degree in Computer Science? 

You have no idea what a CLASS "A" ADDRESS is? 

Before yesterday you never heard of EMAIL HEADERS?

Isn't there some little software program that will parse an email header for me?

Yes! you're in luck

DOWNLOAD SAM SPADE 1.14

click HERE

http://www.softpedia.com/get/Network-Tools/Network-Tools-Suites/Sam-Spade.shtml

BE SAFE OUT THERE. THE INTERNET HAS A DARKSIDE.

NOW, WHERE DID THAT COME FROM?

OR

HOW THE DETERMINE THE ORIGIN OF AN E-MAIL MESSAGE.

You just received an email message. 

It could be giving the good news, you had just one European Lotto. Or some long-lost relative died unexpectedly in Nigeria and left you $82 million. Or your friend was obtained by authorities in South Africa while attending the World Cup and then sent off an e-mail asking you to send them money.

Have you ever wondered where those messages come from? Wouldn't it be nice if there was some way to trace the message? Some record of where the message had been, since it was sent by someone, and all the little relays in between. 

What if I told you; just such a record exists, for every e-mail ever written? It's true! It's called the HEADERS. today I'm going to show you how to find and decipher an e-mail header.

LOTTO SCAM

Exhibit A

Looking at this message we can see 

tcspain-wcart@sbcglobal.net

sent this message to "UNDISCLOSED RECIPIENT"

This little trick is accomplished by tcspain-wcart@sbcglobal.net, sending this message to herself, and then BCC (Blind Carbon Copy) to you and everyone else on the sucker list. This is done to keep you from seeing that 500 other people won the same 750,000 British pounds. Which just might cause suspicion to the reader. And it prevents authorities from being able to locate and notify other persons on the sucker list. This is one bullet proof method to remove a record of all the BCC recipients. because no record is made. It was designed that way, in the RFCs.

(RFCs Concerning e-mail)

So what do we care about them? Nothing! Right now our main concern is to find out from whence this message came. In Microsoft Outlook 2007, the headers are found by clicking on

The headers are the text located in the window labeled "Internet headers" duh!

and they look like this:

The top shows it was delivered to krippledwarrior@Gmail.com. But we already know where it was delivered, we want to know where it came from? A header marks the newest information at the top of the list. So the information we want is down at the bottom. Where the message originated from?

Received: from [69.22.170.126] by web83406.mail.sp1.yahoo.com via HTTP; Thu, 16 Dec 2010 05:47:37 PST
X-Mailer: YahooMailClassic/11.4.20 YahooMailWebService/0.8.107.285259
Date: Thu, 16 Dec 2010 05:47:37 -0800 (PST)
From: tcspain-wcart@sbcglobal.net

All of that gobbledygook is computer-ese for the user named 

tcspain-wcart@sbcglobal.net, at the time and date indicated, uploaded a message for delivery from the Internet node identified by IP ADDRESS 69.22.170.126

Yea!BIG DEAL. How does this help us? you ask.

Exactly who is 69.22.170.126?

Lets ask google

type in:

whois 69.22.170.126

and you get

What are the odds that the SYS ADMIN for the European LOTTO lives in Chicago, Illinois? 

Not very!

But maybe the owner of the PC assigned IP ADDRESS 69.22.170.126 is completely unaware that her PC sent the message. She may have become the victim of any number of virus infections that actually load a Mail Server and send spam for fun and profit. Or she maybe a victim, forced to respond as part of a "bot" net (robot network). Which can be forced (without owners consent) to perform any number of illegal activities.

If you're feeling particularly civic minded, you may alert the authorities 

by clicking HERE

www.cybercrime.gov