Read: another map

From - Sat May 21 19:22:18 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs251361qah; Thu, 12 May 2011 15:08:02 -0700 (PDT) Received: by 10.68.6.229 with SMTP id e5mr186500pba.21.1305238081384; Thu, 12 May 2011 15:08:01 -0700 (PDT) Return-Path: Received: from maila-ab.linkedin.com (maila-ab.linkedin.com [69.28.147.141]) by mx.google.com with ESMTP id h2si4364114pbe.234.2011.05.12.15.08.00; Thu, 12 May 2011 15:08:01 -0700 (PDT) Received-SPF: pass (google.com: domain of m-dO98ogxIz99Omgl7vlldVodUIr7o8gYiD50V@bounce.linkedin.com designates 69.28.147.141 as permitted sender) client-ip=69.28.147.141; Authentication-Results: mx.google.com; spf=pass (google.com: domain of m-dO98ogxIz99Omgl7vlldVodUIr7o8gYiD50V@bounce.linkedin.com designates 69.28.147.141 as permitted sender) smtp.mail=m-dO98ogxIz99Omgl7vlldVodUIr7o8gYiD50V@bounce.linkedin.com; dkim=pass header.i=@linkedin.com DomainKey-Signature: q=dns; a=rsa-sha1; c=nofws; s=prod; d=linkedin.com; h=DKIM-Signature:Sender:Date:From:To:Message-ID:Subject:MIME-Version:Content-Type:X-LinkedIn-Template:X-LinkedIn-Class:X-LinkedIn-fbl; b=Vz5T0eDAApSOGoAYs9dELDWrYjm4N0cw4z6Dr1XTYzcAwNgeoreU3Lxn8l6lSyNa HtB9Ci0wSqfHLD1SSEAzIsQk4q/YPyKXs5eiWV3ZkbDjltqkz7W6+8DWm866gev3 DKIM-Signature: v=1; a=rsa-sha1; d=linkedin.com; s=proddkim; c=relaxed/relaxed; q=dns/txt; i=@linkedin.com; t=1305238080; h=From:Subject:Date:To:MIME-Version:Content-Type; bh=ouKtKSk6kMEt+uQAL60EWQ2hgas=; b=rlUr5+KHuQtcvjf2R6jSeADuyFnvLyGbnr2Y8CDKUAMdutq0QcS/94F729hZVzlA My/jYoFcQgrlR/SdVMP0DqBFMBeGcOqZMYven2kdj/sIMXeZpAqUzt5qxW/u+2NF; Sender: messages-noreply@bounce.linkedin.com Date: Thu, 12 May 2011 22:08:00 +0000 (UTC) From: LinkedIn Connections To: Karim Hijazi Message-ID: <923339623.5956092.1305238080709.JavaMail.app@ela4-bed37.prod> Subject: See what Kin has been up to... MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_5956091_1419998162.1305238080705" X-LinkedIn-Template: accept_invite_snacked_C_01 X-LinkedIn-Class: INVITE-ACCEPT X-LinkedIn-fbl: m-dO98ogxIz99Omgl7vlldVodUIr7o8gYiD50V ------=_Part_5956091_1419998162.1305238080705 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Karim, Congratulations! You and Kin are now connected. Kin Mitra General Manager at AlgoSec Greater Atlanta Area Computer Networking Industry kin.mitra@gmail.com To view Kin Mitra's profile, go to http://www.linkedin.com/e/pyok5x-gnm91wox-2c/fpf/322756/EML-inv-acc-prof/ ---------------------------------------------- (c) 2011, LinkedIn Corporation ------=_Part_5956091_1419998162.1305238080705 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Karim, Congratulations!

You and Kin are now connected.

Kin Mitra

General Manager at AlgoSec

View Kin's Profile

Greater Atlanta Area
Computer Networking Industry
kin.mitra@gmail.com

Kin's Connections (500+)		See All »
	Steve Laskowski , VP Sales at Immunity Inc Connect	Scott Ryan , Co-founder & CEO, Asankya Connect
	Palaniswamy Rajan , Serial Entrepreneur, CEO, Angel Investor Connect	Glenn Esposito , VP of Sales, Strategic Accounts at Barracuda Networks Connect

Companies in Kin's Network:
	AlgoSec Kin works here Follow Company	Aladdin Kin worked here Follow Company
	Check Point Software Technologies Kin worked here Follow Company	SynOptics Communications Kin worked here Follow Company

------=_Part_5956091_1419998162.1305238080705-- From - Sat May 21 19:22:18 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs251610qah; Thu, 12 May 2011 15:17:38 -0700 (PDT) Received: by 10.150.143.14 with SMTP id q14mr769947ybd.69.1305238658624; Thu, 12 May 2011 15:17:38 -0700 (PDT) Return-Path: Received: from amrmr1003.accenture.com (amrmr1003.accenture.com [170.252.248.72]) by mx.google.com with ESMTPS id q3si58665ybe.67.2011.05.12.15.17.37 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 12 May 2011 15:17:37 -0700 (PDT) Received-SPF: pass (google.com: domain of joanne.king@accenture.com designates 170.252.248.72 as permitted sender) client-ip=170.252.248.72; Authentication-Results: mx.google.com; spf=pass (google.com: domain of joanne.king@accenture.com designates 170.252.248.72 as permitted sender) smtp.mail=joanne.king@accenture.com Received: from amrxe3001.dir.svc.accenture.com (amrxe3001.dir.svc.accenture.com [10.63.35.201]) by amrmr1003.accenture.com (8.13.8/8.13.8) with ESMTP id p4CMIuGW009295 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=FAIL) for ; Thu, 12 May 2011 17:18:58 -0500 (CDT) Received: from AMRXH3005.dir.svc.accenture.com (10.63.34.49) by amrxe3001.dir.svc.accenture.com (10.63.35.201) with Microsoft SMTP Server (TLS) id 8.3.106.1; Thu, 12 May 2011 18:17:36 -0400 Received: from AMRXM3131.dir.svc.accenture.com ([10.63.34.17]) by AMRXH3005.dir.svc.accenture.com ([10.63.34.49]) with mapi; Thu, 12 May 2011 18:17:35 -0400 From: To: Date: Thu, 12 May 2011 18:17:36 -0400 Subject: Read: Re: Confirming receipt of invoice Thread-Topic: Confirming receipt of invoice Thread-Index: AcwQ8JF/3igP+nJsS0a2QyOsPJMpFgAAdRDO Message-ID: <25476684CE4AC84B8B485FB36672B4EC1611C1073E@AMRXM3131.dir.svc.accenture.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US x-ems-proccessed: vrAiQuOOcsXVFhS7ec6D4A== x-ems-stamp: xaGIcvvfrhBLP9H5aL1WoQ== Content-Type: multipart/report; boundary="_000_25476684CE4AC84B8B485FB36672B4EC1611C1073EAMRXM3131dirs_"; report-type=disposition-notification MIME-Version: 1.0 --_000_25476684CE4AC84B8B485FB36672B4EC1611C1073EAMRXM3131dirs_ Content-Type: multipart/alternative; boundary="_002_25476684CE4AC84B8B485FB36672B4EC1611C1073EAMRXM3131dirs_" --_002_25476684CE4AC84B8B485FB36672B4EC1611C1073EAMRXM3131dirs_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Your message was read on Thursday, May 12, 2011 10:17:36 PM UTC. --_002_25476684CE4AC84B8B485FB36672B4EC1611C1073EAMRXM3131dirs_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Your message was read on Thursday= , May 12, 2011 10:17:36 PM UTC.

--_002_25476684CE4AC84B8B485FB36672B4EC1611C1073EAMRXM3131dirs_-- --_000_25476684CE4AC84B8B485FB36672B4EC1611C1073EAMRXM3131dirs_ Content-Type: message/disposition-notification Final-recipient: RFC822; joanne.king@accenture.com Disposition: automatic-action/MDN-sent-automatically; displayed X-MSExch-Correlation-Key: zcp6koYqvkqm9BKxFPOjFQ== Original-Message-ID: <4DCC5969.2000907@unveillance.com> X-Display-Name: King, Joanne --_000_25476684CE4AC84B8B485FB36672B4EC1611C1073EAMRXM3131dirs_-- From - Sat May 21 19:22:18 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs251716qah; Thu, 12 May 2011 15:20:13 -0700 (PDT) Received: by 10.68.40.165 with SMTP id y5mr1027825pbk.338.1305238812775; Thu, 12 May 2011 15:20:12 -0700 (PDT) Return-Path: Received: from smtpauth13.prod.mesa1.secureserver.net (smtpauth13.prod.mesa1.secureserver.net [64.202.165.37]) by mx.google.com with SMTP id g4si4387885pbm.69.2011.05.12.15.20.11; Thu, 12 May 2011 15:20:11 -0700 (PDT) Received-SPF: neutral (google.com: 64.202.165.37 is neither permitted nor denied by best guess record for domain of roger@americansecuritychallenge.com) client-ip=64.202.165.37; Authentication-Results: mx.google.com; spf=neutral (google.com: 64.202.165.37 is neither permitted nor denied by best guess record for domain of roger@americansecuritychallenge.com) smtp.mail=roger@americansecuritychallenge.com Received: (qmail 20786 invoked from network); 12 May 2011 22:20:10 -0000 Received: from unknown (174.255.21.106) by smtpauth13.prod.mesa1.secureserver.net (64.202.165.37) with ESMTP; 12 May 2011 22:20:10 -0000 References: <014101cc10b3$0d9e72a0$28db57e0$@com> <4DCC4EF3.7020207@unveillance.com> <009c01cc10ed$57324e70$0596eb50$@com> <4DCC5539.1060502@unveillance.com> In-Reply-To: <4DCC5539.1060502@unveillance.com> Mime-Version: 1.0 (iPhone Mail 8E401) Content-Type: text/plain; charset=us-ascii Message-Id: Content-Transfer-Encoding: quoted-printable X-Mailer: iPhone Mail (8E401) From: Roger London Subject: Re: another map Date: Thu, 12 May 2011 18:20:07 -0400 To: "khijazi@unveillance.com" No. Thanks for heads up. Let me know how it goes w irv and aegon Roger Sent from my iPhone On May 12, 2011, at 17:46, Karim Hijazi Unveillance Email wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 >=20 > Roger, >=20 > I forgot to mention, since I added it today, the system has to sync this > evening to pull all orgs added today into their respective locations. >=20 > Sorry about that; it will be visible in your watch list tomorrow. >=20 > Do you need anything urgently? I can force a sync now if there is > something pressing. >=20 > KH >=20 >=20 >=20 > On 5/12/2011 4:41 PM, Roger wrote: >> ?? >>=20 >> I don't see LSI on my watchlist? >>=20 >> - Roger >> 410-340-5335 >> Roger@AmericanSecurityChallenge.com >>=20 >>=20 >>=20 >> -----Original Message----- >> From: Karim Hijazi Unveillance Email [mailto:khijazi@unveillance.com]=20 >> Sent: Thursday, May 12, 2011 5:20 PM >> To: Roger >> Subject: Re: another map >>=20 >> Hi Roger, >>=20 >> Mapped and and in your client watch list when you log in. Super-tiny >> network from what we could find so don't imagine we will see much action >> there but you never know. >>=20 >> If you know who to speak to regarding their network size, let me know so >> we are not missing anything. All we have found so far is: >> 209.150.212.112/29 >>=20 >> Could be it but rather be thorough. >>=20 >> Thanks, >>=20 >> Karim >>=20 >> On 5/12/2011 9:44 AM, Roger wrote: >>> Karim- can you map LSI?s network (see info below). They might be an ASC >>> client andI?d if they have any holes show them to help close the deal >>> (and get you a customer too!) >>=20 >>> LSI Business Development >>=20 >>> 1530 N. Layton Hills Parkway, Suite 201, Layton, UT 84041 >>> t_801.776.0062/ c_ 801.698.6577 >>=20 >>> - Roger >>=20 >>> *******Roger London* >>=20 >>> President >>=20 >>> National Security Initiative >>=20 >>> 6031 University Blvd. Suite 180 >>=20 >>> Ellicott City, Maryland 21043 >>=20 >>> _____Google map to >>=20 >> office_> versity+Blvd.+Suite+180+Ellicott+City+21043&sll=3D37.0625,-95.677068&sspn= =3D50.9 >> 10968,62.314453&ie=3DUTF8&hq=3D&hnear=3D6031+University+Blvd+%23180,+Elli= cott+City >> ,+Howard,+Maryland+21043&t=3Dh&z=3D16&iw> >>=20 >>> Host of the American Security Challenge >>=20 >>=20 >> _____www.AmericanSecurityChallenge.com_> /Home_Page.html> >>=20 >>> 410-340-5335 >>=20 >>> _____LinkedIn Public >>> Profile_ >>=20 >>=20 >=20 > - --=20 > All the best, >=20 > Karim Hijazi > CEO | President > Unveillance > O. (800) 540-8478 > M. (561) 542-5704 > www.unveillance.com > khijazi@unveillance.com >=20 > ******************************************** > CONFIDENTIAL & PRIVILEGED COMMUNICATION This message is for the named > person's use only. The information contained in this communication is > confidential and/or privileged, proprietary information that is > transmitted solely for the purpose of the intended recipient(s). No > confidentiality or privilege is waived or lost by any mistransmission. > If you receive this message in error, please immediately delete it and > all copies of it from your system, destroy any hard copies of it and > notify the sender. You must not, directly or indirectly, use, disclose, > distribute, print, or copy any part of this message if you are not the > intended recipient. The sender or any of its subsidiaries each reserve > the right to monitor all e-mail communications through its networks. > ******************************************** > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (MingW32) >=20 > iQEcBAEBAgAGBQJNzFU5AAoJEIk0Dw4U/G3l11UH/ioBXqBajVmNFcFoQedzIfjW > zyLOfe/UcuSb8F3L/Bz/ACC/oLivJuPb8ExclOwonhH82ev68tuTgds9zNFH3PZG > XlU4QzdFbiZyrVlyA6kA9Oqe+5JnvdOpBFMPLHlC3BhYBMZpGOw6trSN8CUMvxLP > gMVNUhwZWWwVAFUm9r4W9Dmc9gi5iL6hKFfb9f8wlh55ysTlHthJ8ZBf2XHZrH8S > cJ3mHdwQJdkjfdMUYY9waTd8wRcmJzt/RPbL5xoK4TDrdfyDqGAYr72rUHQCBb7Q > ZpjrfeXCisK+lidlXAe2hoRta35Of+tCuUcuej4XKMcCejsNvg9V2OqlazbBrkw=3D > =3D2PCK > -----END PGP SIGNATURE----- From - Sat May 21 19:22:18 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs249422qah; Thu, 12 May 2011 13:59:17 -0700 (PDT) Received: by 10.68.36.199 with SMTP id s7mr951672pbj.131.1305233956507; Thu, 12 May 2011 13:59:16 -0700 (PDT) Return-Path: Received: from maila-aa.linkedin.com (maila-aa.linkedin.com [69.28.147.140]) by mx.google.com with ESMTP id w29si4793818wfd.120.2011.05.12.13.59.16; Thu, 12 May 2011 13:59:16 -0700 (PDT) Received-SPF: pass (google.com: domain of m-dO98ogxIz99Omgl7vlldVodUIr7o8gYiD50V@bounce.linkedin.com designates 69.28.147.140 as permitted sender) client-ip=69.28.147.140; Authentication-Results: mx.google.com; spf=pass (google.com: domain of m-dO98ogxIz99Omgl7vlldVodUIr7o8gYiD50V@bounce.linkedin.com designates 69.28.147.140 as permitted sender) smtp.mail=m-dO98ogxIz99Omgl7vlldVodUIr7o8gYiD50V@bounce.linkedin.com; dkim=pass header.i=@linkedin.com DomainKey-Signature: q=dns; a=rsa-sha1; c=nofws; s=prod; d=linkedin.com; h=DKIM-Signature:Sender:Date:From:To:Message-ID:Subject:MIME-Version:Content-Type:X-LinkedIn-Template:X-LinkedIn-Class:X-LinkedIn-fbl; b=cSOYDSekpSvAiReFCUuVv7UTmn+YzGZ1GkS+QcE1EveIbBBoOtU46ScAXoLb25gX bwP/1tfIcX8WDHuwseuXUnRJo9gaJkmat8Z5LJKpIADq3CtAOXIrN1crUj/RMLap DKIM-Signature: v=1; a=rsa-sha1; d=linkedin.com; s=proddkim; c=relaxed/relaxed; q=dns/txt; i=@linkedin.com; t=1305233955; h=From:Subject:Date:To:MIME-Version:Content-Type; bh=cJTnJArHB8zk0sd9Rl/UruFIyEc=; b=C6FbVgaWPWJdcaPR/7RZmKJaw3JohhRQzE+5pk7qCdDIC2qeecCnOPGJUqEHRc0L CNxuUBJLXCjUSC36LYH2+WN11w3F1ZFUlpMFISb/e4T4uHyIDNtawsNqAGxBI64H; Sender: messages-noreply@bounce.linkedin.com Date: Thu, 12 May 2011 20:59:15 +0000 (UTC) From: LinkedIn Connections To: Karim Hijazi Message-ID: <1887307910.5760568.1305233955660.JavaMail.app@ela4-bed81.prod> Subject: See what Eric has been up to... MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_5760567_803549978.1305233955658" X-LinkedIn-Template: accept_invite_snacked_C_01 X-LinkedIn-Class: INVITE-ACCEPT X-LinkedIn-fbl: m-dO98ogxIz99Omgl7vlldVodUIr7o8gYiD50V ------=_Part_5760567_803549978.1305233955658 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Karim, Congratulations! You and Eric are now connected. Eric Jackson Director, Product Management at Arbor Networks Greater Detroit Area Computer & Network Security Industry shinobi@MONKEY.ORG To view Eric Jackson's profile, go to http://www.linkedin.com/e/pyok5x-gnm6lhs9-39/fpf/11082320/EML-inv-acc-prof/ ---------------------------------------------- (c) 2011, LinkedIn Corporation ------=_Part_5760567_803549978.1305233955658 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Karim, Congratulations!

You and Eric are now connected.

Eric Jackson

Director, Product Management at Arbor Networks

View Eric's Profile

Greater Detroit Area
Computer & Network Security Industry
shinobi@MONKEY.ORG

Eric's Connections (286)		See All »
	Ted Julian , Seasoned market maker, analyst, entrepreneur, and marketer Connect	Peter Tosto , Manager, Security Portfolio Strategy at IBM Internet Security Systems Connect
	Kate Munro , Vice President of Marketing, Bit9, Inc. Connect	Smith Jeff , Director Security Solutions - IPD at Alcatel-Lucent Connect

Companies in Eric's Network:
	Arbor Networks Eric works here Follow Company	Duo Security Eric follows this company Follow Company
	OpenBSD Eric worked here Follow Company	Ohio Department of Administrative Services Eric worked here Follow Company

------=_Part_5760567_803549978.1305233955658-- From - Sat May 21 19:22:18 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs249654qah; Thu, 12 May 2011 14:05:22 -0700 (PDT) Received: by 10.224.183.133 with SMTP id cg5mr600526qab.58.1305234322092; Thu, 12 May 2011 14:05:22 -0700 (PDT) Return-Path: Received: from blu0-omc3-s36.blu0.hotmail.com (blu0-omc3-s36.blu0.hotmail.com [65.55.116.111]) by mx.google.com with ESMTP id m20si3304921qck.57.2011.05.12.14.05.22; Thu, 12 May 2011 14:05:22 -0700 (PDT) Received-SPF: pass (google.com: domain of jsbardin@hotmail.com designates 65.55.116.111 as permitted sender) client-ip=65.55.116.111; Authentication-Results: mx.google.com; spf=pass (google.com: domain of jsbardin@hotmail.com designates 65.55.116.111 as permitted sender) smtp.mail=jsbardin@hotmail.com Received: from BLU0-SMTP178 ([65.55.116.72]) by blu0-omc3-s36.blu0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 12 May 2011 14:05:21 -0700 X-Originating-IP: [66.168.112.216] X-Originating-Email: [jsbardin@hotmail.com] Message-ID: Return-Path: jsbardin@hotmail.com Received: from [192.168.0.193] ([66.168.112.216]) by BLU0-SMTP178.phx.gbl over TLS secured channel with Microsoft SMTPSVC(6.0.3790.4675); Thu, 12 May 2011 14:05:20 -0700 Subject: Re: Life is good - baby is happy - Arbor wants to play with Unveillance. References: <4DCC02BE.70402@unveillance.com> From: Jeff Bardin Content-Type: text/plain; charset="us-ascii" X-Mailer: iPhone Mail (8J2) In-Reply-To: <4DCC02BE.70402@unveillance.com> Date: Thu, 12 May 2011 17:05:16 -0400 To: "khijazi@unveillance.com" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 (iPhone Mail 8J2) X-OriginalArrivalTime: 12 May 2011 21:05:20.0347 (UTC) FILETIME=[4D5F9AB0:01CC10E8] How does 6pm EST sound? The information in this electronic mail message is confidential and may be l= egally privileged. It is intended solely for the addressee. Access to this= Internet electronic mail message by anyone else is unauthorized. If you ar= e not the intended recipient, any disclosure, copying, distribution or any a= ction taken or omitted to be taken in reliance on it is prohibited and may b= e unlawful. On May 12, 2011, at 11:54, Karim Hijazi Unveillance Email wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 >=20 > Jeff, >=20 > Hope you are well my friend. Let's chat later today if you have some > time. I am happy. >=20 > - --=20 > All the best, >=20 > Karim Hijazi > CEO | President > Unveillance > O. (800) 540-8478 > M. (561) 542-5704 > www.unveillance.com > khijazi@unveillance.com >=20 > ******************************************** > CONFIDENTIAL & PRIVILEGED COMMUNICATION This message is for the named > person's use only. The information contained in this communication is > confidential and/or privileged, proprietary information that is > transmitted solely for the purpose of the intended recipient(s). No > confidentiality or privilege is waived or lost by any mistransmission. > If you receive this message in error, please immediately delete it and > all copies of it from your system, destroy any hard copies of it and > notify the sender. You must not, directly or indirectly, use, disclose, > distribute, print, or copy any part of this message if you are not the > intended recipient. The sender or any of its subsidiaries each reserve > the right to monitor all e-mail communications through its networks. > ******************************************** > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (MingW32) >=20 > iQEcBAEBAgAGBQJNzAK+AAoJEIk0Dw4U/G3lB0wH/juuaOsc7baHCrVePHMaJu6J > 8P/N6sL3n02yaqNGdTjrxxKemwWG63mOfdzT3ANfW+8OCOb6shkXVIUPsRCYy+vQ > XwQ64T6NE4UE3Qg+1mpSiBCh5TRw0Yt8XmjBQhz8Fo2yEzdqWPMIEsF+I9OdLnn/ > A9VIiL5hFui8+B3JEgIeNc+2laVyEAEl9riDy8honEM250h8NqZ3jNWBn7KQG4jl > G0rwPmgHVfy+14+VzlW3pysDigjlFtCBXEI3LN81nHN5VKlKFovWsF9zXLdDNGXa > 7vf1v8Nyaogtm8cMItGVog7/JBEG2it43+twsY7zIdLecwD7UUdbSMIYdI+ekrk=3D > =3DwrxP > -----END PGP SIGNATURE----- >=20 From - Sat May 21 19:22:18 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs249680qah; Thu, 12 May 2011 14:06:18 -0700 (PDT) Received: by 10.42.147.68 with SMTP id m4mr832482icv.529.1305234377990; Thu, 12 May 2011 14:06:17 -0700 (PDT) Return-Path: Received: from smtpauth15.prod.mesa1.secureserver.net (smtpauth15.prod.mesa1.secureserver.net [64.202.165.26]) by mx.google.com with SMTP id n5si3823214icy.93.2011.05.12.14.06.16; Thu, 12 May 2011 14:06:16 -0700 (PDT) Received-SPF: neutral (google.com: 64.202.165.26 is neither permitted nor denied by best guess record for domain of robertcbass@ciog.us) client-ip=64.202.165.26; Authentication-Results: mx.google.com; spf=neutral (google.com: 64.202.165.26 is neither permitted nor denied by best guess record for domain of robertcbass@ciog.us) smtp.mail=robertcbass@ciog.us Received: (qmail 13688 invoked from network); 12 May 2011 21:06:16 -0000 Received: from unknown (75.11.191.193) by smtpauth15.prod.mesa1.secureserver.net (64.202.165.26) with ESMTP; 12 May 2011 21:06:15 -0000 Message-ID: <4DCC4BC4.3020605@ciog.us> Date: Thu, 12 May 2011 14:06:12 -0700 From: Robert C Bass Organization: Counterintelligence Operations Group User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.17) Gecko/20110414 Lightning/1.0b2 Thunderbird/3.1.10 MIME-Version: 1.0 To: Karim Hijazi Subject: WTH? Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Did you know Mike Bagley started a new intelligence group called, Jellyfish Intelligence? http://www.sacbee.com/2011/05/10/3616263/operation-jellyfish-takes-intelligence.html -- "Where Secrecy or Mystery Begins, Vice or Roguery Are not Afar!" - Samuel Johnson From - Sat May 21 19:22:18 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Return-Path: Received: from [192.168.1.107] (c-76-31-218-178.hsd1.tx.comcast.net [76.31.218.178]) by mx.google.com with ESMTPS id d37sm1084903ano.21.2011.05.12.14.19.46 (version=SSLv3 cipher=OTHER); Thu, 12 May 2011 14:19:46 -0700 (PDT) Message-ID: <4DCC4EF3.7020207@unveillance.com> Disposition-Notification-To: Karim Hijazi Unveillance Email Date: Thu, 12 May 2011 16:19:47 -0500 From: Karim Hijazi Unveillance Email Reply-To: khijazi@unveillance.com Organization: Unveillance User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.17) Gecko/20110414 Lightning/1.0b2 Thunderbird/3.1.10 MIME-Version: 1.0 To: Roger Subject: Re: another map References: <014101cc10b3$0d9e72a0$28db57e0$@com> In-Reply-To: <014101cc10b3$0d9e72a0$28db57e0$@com> X-Enigmail-Version: 1.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Roger, Mapped and and in your client watch list when you log in. Super-tiny network from what we could find so don't imagine we will see much action there but you never know. If you know who to speak to regarding their network size, let me know so we are not missing anything. All we have found so far is: 209.150.212.112/29 Could be it but rather be thorough. Thanks, Karim On 5/12/2011 9:44 AM, Roger wrote: > Karim- can you map LSI?s network (see info below). They might be an ASC > client andI?d if they have any holes show them to help close the deal > (and get you a customer too!) > > LSI Business Development > > 1530 N. Layton Hills Parkway, Suite 201, Layton, UT 84041 > t_801.776.0062/ c_ 801.698.6577 > > - Roger > > *******Roger London* > > President > > National Security Initiative > > 6031 University Blvd. Suite 180 > > Ellicott City, Maryland 21043 > > _____Google map to > office_ > > Host of the American Security Challenge > > _____www.AmericanSecurityChallenge.com_ > > 410-340-5335 > > _____LinkedIn Public > Profile_ > - -- All the best, Karim Hijazi CEO | President Unveillance O. (800) 540-8478 M. (561) 542-5704 www.unveillance.com khijazi@unveillance.com ******************************************** CONFIDENTIAL & PRIVILEGED COMMUNICATION This message is for the named person's use only. The information contained in this communication is confidential and/or privileged, proprietary information that is transmitted solely for the purpose of the intended recipient(s). No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender or any of its subsidiaries each reserve the right to monitor all e-mail communications through its networks. ******************************************** -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) iQEcBAEBAgAGBQJNzE7zAAoJEIk0Dw4U/G3l198H/1j8FP1c/jgF8aSPh5vhh9ap pwv/UCSQgkduXA1Lfhwy6DzQyzLBdlbfDkmoxI28vjiPfLmymFpKxD3XtyPGI6eT Z4GuxavBr4w2Als+RI5RHTDkS3gM/A4o47ey5SA82STy0DJy79JFgEZ/r8PDWEoR GYiefDdMr5o0vemXT1MAOKCy3xE2vFgrMiQQzJlwT3svuf8qxzl4GhG+tHZ8ZR/l LyxFIjFYQq0RM8FgJiRfgC6KKABIEVtX2s1kfx7ST/TTbOAxbpjP/PRJjydcD9N2 PzS99ckc5Ki3M4Tnl83fhZJ/22mILtMtTyW+voYMFm0TKBtVSMho4J7xxwuEfk0= =S8iw -----END PGP SIGNATURE----- From - Sat May 21 19:22:18 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs250300qah; Thu, 12 May 2011 14:25:03 -0700 (PDT) Received: by 10.231.48.208 with SMTP id s16mr591278ibf.82.1305235503111; Thu, 12 May 2011 14:25:03 -0700 (PDT) Return-Path: Received: from p3plsmtpa01-05.prod.phx3.secureserver.net (p3plsmtpa01-05.prod.phx3.secureserver.net [72.167.82.85]) by mx.google.com with SMTP id t14si3885878ibm.71.2011.05.12.14.25.01; Thu, 12 May 2011 14:25:01 -0700 (PDT) Received-SPF: neutral (google.com: 72.167.82.85 is neither permitted nor denied by best guess record for domain of roger@americansecuritychallenge.com) client-ip=72.167.82.85; Authentication-Results: mx.google.com; spf=neutral (google.com: 72.167.82.85 is neither permitted nor denied by best guess record for domain of roger@americansecuritychallenge.com) smtp.mail=roger@americansecuritychallenge.com Received: (qmail 2062 invoked from network); 12 May 2011 21:24:58 -0000 Received: from unknown (69.143.82.173) by p3plsmtpa01-05.prod.phx3.secureserver.net (72.167.82.85) with ESMTP; 12 May 2011 21:24:57 -0000 From: "Roger" To: "'Karim Hijazi Unveillance Email'" In-Reply-To: <4DCC4EF3.7020207@unveillance.com> Subject: Read: another map Date: Thu, 12 May 2011 17:26:49 -0400 Message-ID: <009201cc10eb$4e77ba10$eb672e30$@com> MIME-Version: 1.0 Content-Type: multipart/report; report-type=disposition-notification; boundary="----=_NextPart_000_0093_01CC10C9.C7661A10" X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AcwQ6lKIRFdly3RLR0ayUDPyvV4o5wAAOvJI This is a multi-part message in MIME format. ------=_NextPart_000_0093_01CC10C9.C7661A10 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0094_01CC10C9.C7661A10" ------=_NextPart_001_0094_01CC10C9.C7661A10 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Your message To: Roger Subject: Re: another map Sent: 5/12/2011 5:19 PM was read on 5/12/2011 5:26 PM. ------=_NextPart_001_0094_01CC10C9.C7661A10 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Read: another map

Your message

    To: Roger
    Subject: Re: another map
    Sent: 5/12/2011 5:19 PM

was read on 5/12/2011 5:26 PM.

------=_NextPart_001_0094_01CC10C9.C7661A10-- ------=_NextPart_000_0093_01CC10C9.C7661A10 Content-Type: message/disposition-notification Content-Transfer-Encoding: 7bit Reporting-UA: americansecuritychallenge.com; Microsoft Office Outlook 12.0 Final-Recipient: rfc822;roger@americansecuritychallenge.com Original-Message-ID: <4DCC4EF3.7020207@unveillance.com> Disposition: manual-action/MDN-sent-automatically; displayed ------=_NextPart_000_0093_01CC10C9.C7661A10-- From - Sat May 21 19:22:18 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs250484qah; Thu, 12 May 2011 14:32:08 -0700 (PDT) Received: by 10.224.176.67 with SMTP id bd3mr663354qab.36.1305235927908; Thu, 12 May 2011 14:32:07 -0700 (PDT) Return-Path: Received: from mail-qw0-f45.google.com (mail-qw0-f45.google.com [209.85.216.45]) by mx.google.com with ESMTPS id t16si3329538qco.110.2011.05.12.14.32.06 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 12 May 2011 14:32:06 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.216.45 is neither permitted nor denied by best guess record for domain of htubbs@unveillance.com) client-ip=209.85.216.45; Authentication-Results: mx.google.com; spf=neutral (google.com: 209.85.216.45 is neither permitted nor denied by best guess record for domain of htubbs@unveillance.com) smtp.mail=htubbs@unveillance.com Received: by qwj8 with SMTP id 8so1177520qwj.4 for ; Thu, 12 May 2011 14:32:06 -0700 (PDT) MIME-Version: 1.0 Received: by 10.224.27.67 with SMTP id h3mr654277qac.39.1305235926461; Thu, 12 May 2011 14:32:06 -0700 (PDT) Received: by 10.229.48.19 with HTTP; Thu, 12 May 2011 14:32:06 -0700 (PDT) In-Reply-To: <4DAF9C97.2050801@unveillance.com> References: <4DAA14B4.4060509@unveillance.com> <4DAF9C97.2050801@unveillance.com> Date: Thu, 12 May 2011 17:32:06 -0400 Message-ID: Subject: Re: Press Release From: Heather Tubbs To: khijazi@unveillance.com Content-Type: multipart/alternative; boundary=bcaec51ba3d1beadca04a31aeb5a --bcaec51ba3d1beadca04a31aeb5a Content-Type: text/plain; charset=ISO-8859-1 Work Visa Forms When you have a chance please send them. I have just dropped an email to my friend to get her phone numbers so we can get rolling with this. Thanks H --bcaec51ba3d1beadca04a31aeb5a Content-Type: text/html; charset=ISO-8859-1 Work Visa Forms

When you have a chance please send them.

I have just dropped an email to my friend to get her phone numbers so we can get rolling with this.

Thanks
H
--bcaec51ba3d1beadca04a31aeb5a-- From - Sat May 21 19:22:18 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Return-Path: Received: from [192.168.1.107] (c-76-31-218-178.hsd1.tx.comcast.net [76.31.218.178]) by mx.google.com with ESMTPS id v1sm1097710anh.25.2011.05.12.14.40.10 (version=SSLv3 cipher=OTHER); Thu, 12 May 2011 14:40:10 -0700 (PDT) Message-ID: <4DCC53BB.2080905@unveillance.com> Disposition-Notification-To: Karim Hijazi Unveillance Email Date: Thu, 12 May 2011 16:40:11 -0500 From: Karim Hijazi Unveillance Email Reply-To: khijazi@unveillance.com Organization: Unveillance User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.17) Gecko/20110414 Lightning/1.0b2 Thunderbird/3.1.10 MIME-Version: 1.0 To: jaroslav.vorlicek@accenture.com CC: jtubbs@unveillance.com, jason.lewkowicz@accenture.com, carlo.farinella@accenture.com, mmolloy@unveillance.com, mthompson@unveillance.com, adam.sindelar@accenture.com Subject: Re: reg. unclassified drone from 170.252.160.1 References: <4F2F24C83AFEAE42B94895F1028061990125F20B0401@EMEXM3133.dir.svc.accenture.com> <3EE6B64B-BB37-44D8-B630-68CD3EF691EB@unveillance.com> <4F2F24C83AFEAE42B94895F1028061990125F2103BE1@EMEXM3133.dir.svc.accenture.com> <4DCC3117.7020804@unveillance.com> In-Reply-To: X-Enigmail-Version: 1.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Jerry, Okay, I understand a bit better now. Let me do some digging and I will get back to you with some findings if any. Thanks again for the clarification and hope to speak with you soon. Best, Karim On 5/12/2011 3:42 PM, jaroslav.vorlicek@accenture.com wrote: > Hi Karim, > That's not exactly what we're trying to accomplish. The issue we're facing is that our proxy misfires when trying to upgrade cache and we're getting re-occurring incidents for benign traffic. As of now we don't know what exactly has been captured by your sinkhole therefore we can't find it in proxy logs. If you have additional information that might help us identifying the originating device in logs - domain/part of URL, user agent or something else we might be able to find a root cause. > > What's your opinion? > > Jerry > > ISIRT > Information Technology Risk > Accenture > Prague (Czech Republic) > > Office Phone: +420.225.07.7756 > e-mail: jaroslav.vorlicek@accenture.com > OCS: jaroslav.vorlicek@accenture.com > > ------------------------------------------------------------------------- > Accenture Confidential > This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. > > > -----Original Message----- > From: Karim Hijazi Unveillance Email [mailto:khijazi@unveillance.com] > Sent: Thursday, May 12, 2011 9:12 PM > To: Sindelar, Adam > Cc: jtubbs@unveillance.com; Vorlicek, Jaroslav; Lewkowicz, Jason; Farinella, Carlo; Meaghan Molloy; Matt Thompson > Subject: Re: reg. unclassified drone from 170.252.160.1 > > Hello Adam, > > Thank you for your verification of the traffic. > > I understand your interest in using the destination information that we provided to block access to our sinkhole to "quiet" some of the nominal/innocuous issues that we are currently detecting. I can imagine this can cause you to spend cycles on already known issues. This however, would impact our ability to see truly malicious threats such as ZeuS, Artro and many others, as they too use port 80/tcp. > > Please note that we are very careful with handing out the destination ranges for the very reason above. We know that this information aids in the effort to locate the infected host(s), but can also blind us (the good guys) should you decide to use it to block access to our sinkhole. > The unfortunate result of this is that malicious traffic will continue to egress your network to the bad guys unbeknownst to us and potentially you. > > Ultimately it is your choice but I recommend you do not block access. > > I have a suggestion: > > We have in our work flow (as discussed during our three month review) a plan to develop an ability for you as a legitimate user of the system, to "toggle" a view of a given IP that you have formerly identified. > This way, issues that are still current, but not important, can be moved to another location in the dashboard potentially. This will result in leaving you with a view of the IPs that you consider most relevant but at the same time will keep a record of all traffic that beacons to to our sinkhole. > > This will provide you the ability to customize your view in such a way that you can prioritize issues/IPs accordingly. > > Let me know your thoughts on this plan. > > Thanks, > > Karim > > On 5/12/2011 11:08 AM, adam.sindelar@accenture.com wrote: >> Hi Jerry, > > > >> Thanks for the information. I have verified that the traffic you saw >> was generated by our proxies' automatic behavior and not by a computer >> in our network. > > > >> Since this is not the first time we have had this problem with our >> proxies we are considering blocking access to the sinkhole from our >> proxies only and only over port 80/tcp. I wonder if, in your opinion, >> this would decrease your ability to detect real threats in our >> network, or whether HTTP traffic is not currently an important >> indicator. (If you were to later add a component to your sinkholes >> that does work with HTTP traffic, we could always unblock.) > > > >> Thank you and regards, > >> Adam > > > >> *Adam Sindelar* > >> * * > >> *ISIRT* > >> *Information Technology Risk >> Accenture * > >> * * > >> *Office: +420.225.07.7758* > >> *OC: +420.910.90.1152* > > > >> *adam.sindelar@accenture.com * > >> * * > >> *Prague, Czech Republic* > > > > > >> *From:*J. Tubbs [mailto:jtubbs@unveillance.com] >> *Sent:* Tuesday, May 10, 2011 10:05 AM >> *To:* Sindelar, Adam >> *Cc:* khijazi@unveillance.com; Vorlicek, Jaroslav; Lewkowicz, Jason >> *Subject:* Re: reg. unclassified drone from 170.252.160.1 > > > >> Mr. Sindelar, > >> That is an event from theDefence Intelligence sinkhole environment >> that we were not 100% sure about and are awaiting further details from >> the Defintel folks. Thus, this is why we have it as an unclassified >> drone/zombie and scored quite low. > > > >> Since this is from the Defintel environment, the destination host >> would be within 67.210.170.0/24. > > > >> J. "oday" Tubbs > >> CTO >> Unveillance, LLC >> www.unveillance.com > >> _jtubbs@unveillance.com _ > >> ******************************************** >> CONFIDENTIAL & PRIVILEGED COMMUNICATION This message is for the named >> person's use only. The information contained in this communication is >> confidential and/or privileged, proprietary information that is >> transmitted solely for the purpose of the intended recipient(s). No >> confidentiality or privilege is waived or lost by any mistransmission. >> If you receive this message in error, please immediately delete it and >> all copies of it from your system, destroy any hard copies of it and >> notify the sender. You must not, directly or indirectly, use, >> disclose, distribute, print, or copy any part of this message if you >> are not the intended recipient. The sender or any of its subsidiaries >> each reserve the right to monitor all e-mail communications through its networks. >> ******************************************** > > > >> On May 10, 2011, at 3:57 AM, > > wrote: > > > >> Hi Jerry, > > > >> This morning I noticed an Unclassified Drone incident on the portal, >> raised for our IP 170.252.160.1. I can see that the communication >> happened over port 80/tcp - do you think you could please also share >> the destination IP range so that we can isolate the device making >> those connections from inside the network? > > > >> Thank you and regards, > >> Adam > > > >> *Adam Sindelar* > >> * * > >> *ISIRT* > >> *Information Technology Risk >> Accenture* > >> * * > >> *Office: +420.225.07.7758* > >> *OC: +420.910.90.1152* > > > >> *adam.sindelar@accenture.com * > >> * * > >> *Prague, Czech Republic* > > > > > > > >> ---------------------------------------------------------------------- >> -- > >> This message is for the designated recipient only and may contain >> privileged, proprietary, or otherwise private information. If you have >> received it in error, please notify the sender immediately and delete >> the original. Any other use of the email by you is prohibited. > > > > - -- All the best, Karim Hijazi CEO | President Unveillance O. (800) 540-8478 M. (561) 542-5704 www.unveillance.com khijazi@unveillance.com ******************************************** CONFIDENTIAL & PRIVILEGED COMMUNICATION This message is for the named person's use only. The information contained in this communication is confidential and/or privileged, proprietary information that is transmitted solely for the purpose of the intended recipient(s). No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender or any of its subsidiaries each reserve the right to monitor all e-mail communications through its networks. ******************************************** -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) iQEcBAEBAgAGBQJNzFO6AAoJEIk0Dw4U/G3lb+cIAOSWqyu4EQYmuK9+UJjV7ZUm V2ZmA4HRwwC3wZOXSgBhTK3f3iYUI1eVyXhvSwcNb/tAN06VuNYTz+eGGJXh5/Zr Nj60AmEVp6UN7SatDCdES7TQnPx8gLKpaf8H7mKxxmIf6q5EXp+Tv6lHoiSDNuHj E8+ftK8yRIDg2ImdiwCqC7IMLWnsx5M2fkNTasj8rXzuCgEEIInNKPiueICV0x89 lsSjDhqKu8MuUfKtbW7aeV30COACsMydqCRnx7YsHjMLjcC/R3ciym14scHmD0as Wm9/LL7BeZFpkc+hdt9GabCJx3+4ntk7SBCFSsUz5vPWKzBclR7Km/Ge+ixNfio= =/Inh -----END PGP SIGNATURE-----