On Oct 8, 3:50 pm, Mike Murray wrote:
On Mon, 08 Oct 2007 13:42:20 -0700, Rob wrote:
As you know we are talking about dynamically forging a specific IP and
User Agent on Usenet. Since I understand you are far more experienced
than a technical kid, can you show us or provide us with information
on how this can be done? Also feel free to email me privately with the
information.
Regards,

USCF google group has just such a posting. It is even a video.

http://groups.google.com/group/USCF-Chess
Rob

It's not that simple, Rob. From a post Brian M made on Chess Ninja:

...the Fake Sam Sloan posts were almost all injected using Google's
news server which, as you know, provides a web-based interface. This
does not let you specify the NNTP-Posting_Host. Google probably gets
the posting host IP from the HTTP connection of the poster, which...
is "hard" (I would have said virtually impossible) to spoof. So your
IP spoofing strategies are not applicable in this case.

Besides the fact that nobody can explain how the Fake Sam Sloan could
have spoofed IP addresses in his Usenet posts through the Google news
server, it also hasn't been explained how the Fake Sam Sloan poster
found out which IP addresses to spoof.

This problem of finding out what to spoof applies also to the User
Agent strings, which also match. Those are pretty easy to spoof,
unlike IP addresses, but as with the IP addresses you still have to
know what user agent strings to spoof.

Indeed, the alleged "spoofer" had to be able to learn what IP
addresses and user agent strings to spoof regularly and at will over
the course of 18 months. And, when the person he was framing switched
computers or internet connections, he had to know when to switch to
different user agent strings and IP addresses, so that the ones he was
spoofing would continue to match.

If they were posted via email injection it isnt the same as direct
posting. Could not the IP address be modified through your "fake"
email account?