[gloworange]IP TAP[/gloworange] There is an private IP (wire tap) that appeared recently in the connection BETWEEN my computer/hub and my ISP's DNS servers. The IP is 10.zzz.zzz.zzz. It had never been there and I know it does not belong there. This is called an IP TAP.

Normally my trace from home goes...
xxx.xxx.xxx.xxx Hosting Service Name
yyy.yyy.yyy.yyy Hosting Service Name

Now it goes....
xxx.xxx.xxx.xxx Hosting Service Name
10.zzz.zzz.zzz (private use)
yyy.yyy.yyy.yyy Hosting Service Name

That PRIVATE USE label IP does not belong there; it is a PASS THROUGH SERVER also called a "Black Box" by most. My firewall is quite secure, and I sweep daily for any form of "spyware" or virus that may be on my computer; this IP TAP is a threat to our First & Fourth Amendment Rights.

The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets:

10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

We will refer to the first block as "24-bit block", the second as "20-bit block", and to the third as "16-bit" block. Note that (in pre-CIDR notation) the first block is nothing but a single class A network number, while the second block is a set of 16 contiguous class B network numbers, and third block is a set of 256 contiguous class C network numbers.

Anyone that decides to use any IP addresses out of the address space defined above "can do
so without any coordination with IANA or an Internet registry". The address space can thus
be used by many enterprises and law enforcement agencies. Addresses within this private
address space will only be unique within the enterprise, or the set of enterprises which
choose to cooperate over this space so they may communicate with each other in their own
private internet. This allows the law enforcement agency that created the IP TAP to scan the
data stream for keywords or IP addresses and access that data from remote or centralized
locations.

ANY IP NUMBER FROM THE SEGMENTS LISTED ABOVE IS TO BE CONSIDERED COMPLETELY SUSPECT unless you actually know what the numeric IP address you are accessing or originating from/thru is a private one and should be listed that way.

HOW DO YOU DETECT SUCH TAPS?
What you do is simply get a program like the VisualRoute Trace program from visualware (at
http://www.visualware.com/visualroute/index.html) then you learn what is normal between you and your DNS servers. If one of the groupings above shows, then you have been tapped whether legally or illegally. Once it appears whatever you have been sending and receiving has already been recorded from the instant it became active.

=====
If this is in the wrong forum, please move it to where it needs to be in order to be seen; this is my first post on this site as I normally prefer to remain silent. AW