How to set Reverse IP Lookup to anything that you like (or dislike, should I say, in this case)… including a NewsFutures server that does not exist in reality…!!!…

No Gravatar

Dear readers,

Now is time to give you some background information about last week&#8217-s incident. As you all know, somebody was irked by what I said about the EPM software vendors and set up, not one, but two websites denigrating moi.

#1. I don&#8217-t care if someone makes a fool of moi. I am fair game. Plus, it gives a laughing opportunity to the Chief Economist of Midas Oracle, because it is revenge for my making fool of him when he is so wrong about the article in The Economist or else (follow the HubDub link given by Mike Linksvayer).

#2. My big concern with that attack is that it might well come from somebody I know &#8212-and who has always had the kindest words for me (including last week). So, that person might well be a hypocrite, and my trust in him (and his prediction market company, if any) will be wiped out, if my suspicion is confirmed.

#3. My secondary concern is that that attacker (who might well be a prediction market software vendor or a disgruntled employee) tried to put the blame on NewsFutures (both a prediction market software vendor and a public prediction exchange) for the 2 websites (&#8221-Chris F. Masse is a Fraud&#8221-, and &#8220-Overcoming Midas&#8221-). Just after that the 2 websites were discovered (by one innocent reader, who simply followed the web link posted by a commenter, &#8220-The Colonel&#8221-), many people e-mailed me to tell that I should do a &#8220-reverse IP lookup&#8220- to find out who is behind&#8230- I did&#8230- The result was &#8220-dev24.newsfutures.com&#8221-. I was very surprised to see NewsFutures involved in this attack, and I sent the link to Emile Servan-Schreiber, who, first, expressed astonishment, and then forwarded the link to his CTO (Maurice Balick, some of you know him very well), who is a computer whiz and a master of &#8220-The Internets&#8221- &#8212-as would say former president George W. Bush. :-D

It turned out that:

– NewsFutures sent a &#8220-cease and desist&#8221- letter to the webhost of these 2 websites. Here is a very short excerpt of the NewsFutures letter:

That IP address provides a Reverse-ARP record containing dev24.newsfutures.com. However, we own the domain newsfutures.com and we have never authorized anyone to setup this fake RARP record.

– In the meantime, following the brouhaha made on Midas Oracle when the IP address of The Colonel was revealed, the attacker cleared the RARP record during the night so that it no longer pointed to NewsFutures (the non-existent dev24.newsfutures.com address).

– There are other technical and legal developments to this case, but I am not at liberty to talk further.

– However, I would like to explain to you how it was possible to put the blame on NewsFutures&#8230- even though Emile and his team had nothing to do with this attack.

The Reverse IP Lookup is so easy to fudge that it&#8217-s totally meaningless. It&#8217-s something that prediction market people should know about, so that, in the future, they would not be fooled into drawing conclusions from this kind of &#8220-evidence&#8221-.

To understand how one could fraudulently make a reverse IP lookup point to a newsfutures.com domain, Emile and Maurice bought a $20 slice on the webhost where the chrismasse.com and overcomingmidas.com websites were hosted. The hosting service then lets you set the &#8220-reverse DNS&#8221- to any URL that you like, and within a few seconds the Reverse IP Lookup tool on iWebTools will point to the URL that you chose. As an example (and as a blink-blink sign to Mike Giberson and Mike Linksvayer), Emile and Maurice made the IP point to &#8220-dev24.midasoracle.org&#8221-.

Try it: http://www.iwebtool.com/reverse_ip?domain=67.23.8.251

midas-oracle-defamer

CONCLUSION: Someone tried to incriminate NewsFutures (and fuck with our readers&#8217- mind) by setting up these agressive websites and having the Reverse IP Lookup point to a fake NewsFutures URL.

UPDATE:

Did the attacker try to pin it on, not just one, but *two* prediction market software vendors?
http://www.midasoracle.org/2009/03/13/did-the-attacker-try-to-pin-it-on-not-just-one-but-two-prediction-market-software-vendors/

Leave a Reply

Your email address will not be published. Required fields are marked *