A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows 8 » Windows 8 Help Forum
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

How to interprete newsgroup headers



 
 
Thread Tools Rate Thread Display Modes
  #1  
Old February 26th 16, 02:06 PM posted to alt.comp.os.windows-8
Arthur McLain
external usenet poster
 
Posts: 2
Default How to interprete newsgroup headers

Below are some typical headers. I'm just wondering what each group of characters means. Some change during use, some change when the power is turned off. Others stay the same. Just curious.

If there is a newsgroups specific to headers, I would ask someone to pls let me know.

Thanks in advance.

Art

Typical examples... I added the spaces to separate the groups...

Day 1
news:rJr dn YhJkuryj T G RhD5iwII3- Ru r ...
news:scD dn EfUhIKWU 1 G RhD5iwII3- fH r
...
news:yuN dn TsDf7ttH l G RhD5iwII3- a2 r
...

Computer off

Day 2
news:PRA dn S9Fj_Dz6 S 3 RhD5iwII3- bF J


Ads
  #2  
Old February 26th 16, 02:15 PM posted to alt.comp.os.windows-8
Arthur McLain
external usenet poster
 
Posts: 2
Default How to interprete newsgroup headers

PS - It's easier to see the character grouping with a fixed font.

"Arthur McLain" wrote in message ...
Below are some typical headers. I'm just wondering what each group of characters means. Some change during use, some change when the power is turned off. Others stay the same. Just curious.

If there is a newsgroups specific to headers, I would ask someone to pls let me know.

Thanks in advance.

Art

Typical examples... I added the spaces to separate the groups...

Day 1
news:rJr dn YhJkuryj T G RhD5iwII3- Ru r ...
news:scD dn EfUhIKWU 1 G RhD5iwII3- fH r
...
news:yuN dn TsDf7ttH l G RhD5iwII3- a2 r
...

Computer off

Day 2
news:PRA dn S9Fj_Dz6 S 3 RhD5iwII3- bF J


  #3  
Old February 26th 16, 03:38 PM posted to alt.comp.os.windows-8
Paul
external usenet poster
 
Posts: 18,275
Default How to interprete newsgroup headers

Arthur McLain wrote:
Below are some typical headers. I'm just wondering what each group of characters means. Some change during use, some change when the power is turned off. Others stay the same. Just curious.

If there is a newsgroups specific to headers, I would ask someone to pls let me know.

Thanks in advance.

Art

Typical examples... I added the spaces to separate the groups...

Day 1
news:rJr dn YhJkuryj T G RhD5iwII3- Ru r ...
news:scD dn EfUhIKWU 1 G RhD5iwII3- fH r
...
news:yuN dn TsDf7ttH l G RhD5iwII3- a2 r
...

Computer off

Day 2
news:PRA dn S9Fj_Dz6 S 3 RhD5iwII3- bF J



Let's look at the message you sent.

http://al.howardknight.net/msgid.cgi...rthlink.com%3E

The Message-ID or MID, must be guaranteed to not collide
with the MID of any other message. If your NNTP client
software accepts the "suggested" MID value coming from the
server, then it's up to earthlink in this case, to use
a pseudo-random number generator, to generate a MID.
Such a MID, makes it hard for someone to predict that
the next value might be, and forge one or otherwise
cause to be produced, a conflicting number.

Message-ID:

The next suggested MID from that server, does not end in "e" :-)

But the news client software, is also allowed to generate its
own MID. For example, there is a dude who wrote his own news
client software, and his MID is client-generated. The server does
not "override" this practice, and so the vanity MID travels
through the system just fine. In fact, I found this dude
in Google Groups first, then looked up the message on
Howard, to make a web link for it.

http://al.howardknight.net/msgid.cgi?STYPE=msgid&A=0&MSGI=%3CJeff-Relf.Me%40Nov.27{6.59P.Seattle.2015}%3E

Message-ID: }

If Jeff sent two messages within the same 60 second
interval, there is a chance his scheme would conflict
and two messages would have the same MID. So at least
in terms of the method used to generate that MID, on the
surface this method it's flawed. (Of course, his software
could always modify the scheme slightly, or even keep track
of all the messages sent, as a means to guarantee uniqueness.)

If the time stamp had a "seconds" field, then the message
would have a greater chance of being unique. If every
USENET user in the world with a name of Jeff Relf started
doing it this way, you can again see the limitations
of systematic or vanity MID methods. Using server generated
numbers is a cleaner approach.

Other fields in the header, include things like X-Trace or
Cancel-Lock, where the details of the user are hashed together
to make a unique identifier. Such numbers will also include
other elements, in order to prevent other users from
decoding the strings. But even with that protection, some
server admins design their tracing methods, so a hashed client
IP address field is present. This allows other users,
to tell when some user has socked up and used a fake name,
or frogged someone. In fact, for the more dedicated mental
cases, quite a lot of information can be extracted from
the publicly accessible info provided by server admins. For
example, one news server provided a "web log" of traffic, from
which a great deal of (correlative) tracing was possible.

Paul
  #4  
Old February 26th 16, 04:45 PM posted to alt.comp.os.windows-8
Char Jackson
external usenet poster
 
Posts: 10,449
Default How to interprete newsgroup headers

On Fri, 26 Feb 2016 09:38:43 -0500, Paul wrote:

The Message-ID or MID, must be guaranteed to not collide
with the MID of any other message. If your NNTP client
software accepts the "suggested" MID value coming from the
server, then it's up to earthlink in this case, to use
a pseudo-random number generator, to generate a MID.


My understanding, and I could well be wrong, is that NNTP clients are
allowed to generate a MID. If they do, then the server *may* honor it, or
the server may replace it with a server-generated MID. If the client does
not generate a MID, then the server *must* do so.

I don't think there's a scenario where the server "suggests" a MID back to
the client. The mechanism is simpler than that. The server has no idea that
you're creating a new message until you actually submit it. By that point,
either the client generated a MID or it didn't, and the server simply reacts
to that, on the server itself and not by engaging the client in any way,
before completing its processing of the message.

But the news client software, is also allowed to generate its
own MID.


By default, messages created with Forte Agent use the 4ax.com domain, for
example, but in the Agent newsgroup I've seen methods posted where the user
can change it to anything they want. While they're at it, they can change
most of the other headers, as well, creating their own custom formats and
text strings.

  #5  
Old February 26th 16, 10:03 PM posted to alt.comp.os.windows-8
Paul
external usenet poster
 
Posts: 18,275
Default How to interprete newsgroup headers

Char Jackson wrote:
On Fri, 26 Feb 2016 09:38:43 -0500, Paul wrote:

The Message-ID or MID, must be guaranteed to not collide
with the MID of any other message. If your NNTP client
software accepts the "suggested" MID value coming from the
server, then it's up to earthlink in this case, to use
a pseudo-random number generator, to generate a MID.


My understanding, and I could well be wrong, is that NNTP clients are
allowed to generate a MID. If they do, then the server *may* honor it, or
the server may replace it with a server-generated MID. If the client does
not generate a MID, then the server *must* do so.

I don't think there's a scenario where the server "suggests" a MID back to
the client. The mechanism is simpler than that. The server has no idea that
you're creating a new message until you actually submit it. By that point,
either the client generated a MID or it didn't, and the server simply reacts
to that, on the server itself and not by engaging the client in any way,
before completing its processing of the message.

But the news client software, is also allowed to generate its
own MID.


By default, messages created with Forte Agent use the 4ax.com domain, for
example, but in the Agent newsgroup I've seen methods posted where the user
can change it to anything they want. While they're at it, they can change
most of the other headers, as well, creating their own custom formats and
text strings.


From a Wireshark trace.

192.168.22.33 news.eternal-september.org POST

news.eternal-september.org 192.168.22.33 Response: 340 Ok,
recommended message-ID

192.168.22.33 news.eternal-september.org Request:
Date: Fri, 26 Feb 2016 15:41:39 -0500\r\n
From: Paul \r\n
User-Agent: Ratcatcher/2.0.0.25 (Windows/20130802)\r\n
MIME-Version: 1.0\r\n
Newsgroups: alt.test\r\n
Subject: protocol check\r\n
Content-Type: text/plain; charset=ISO-8859-1; format=flowed\r\n
Content-Transfer-Encoding: 7bit\r\n
...
.\r\n

news.eternal-september.org 192.168.22.33 Response: 240
Article received

It would appear, my client did not send a MID, so the server
used the MID it had already recommended. I would need to
test Forte Agent, to see whether it sends a MID field
under those circumstances. As that would show a second
case, where the client isn't using the recommended value.

The server wouldn't send a recommended value, unless
there were two potential protocol paths.

Paul
 




Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off






All times are GMT +1. The time now is 06:35 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.