106 lines
4.8 KiB
Markdown
106 lines
4.8 KiB
Markdown
|
---
|
||
|
title: "OSINT On Usenet"
|
||
|
date: 2022-11-17T21:37:55+01:00
|
||
|
draft: false
|
||
|
---
|
||
|
# OSINT on Usenet
|
||
|
|
||
|
This document is a work in progress.
|
||
|
|
||
|
## Introduction
|
||
|
|
||
|
The purpose of this guide is to give a general introduction to what is
|
||
|
Usenet, why is it important, and how to perform OSINT on it.
|
||
|
|
||
|
## What is Usenet?
|
||
|
|
||
|
Usenet is a decentralized, worldwide, peer-to-peer system for circulating messages between users.
|
||
|
|
||
|
### A little terminology:
|
||
|
|
||
|
* Usenet: A worldwide distributed discussion system that operates on a
|
||
|
purely peer-to-peer basis.
|
||
|
* Newsgroups: Discussions forums on Usenet. Newsgroups can either be
|
||
|
moderated or unmoderated. An example of a newsgroup would be the
|
||
|
alt.fan.usenetnewsgroup.
|
||
|
* Binary Newsgroups Many newsgroups in the alt.\* hierarchy are binary
|
||
|
groups and are very active for filesharing. In the past, this
|
||
|
caused a major disruption to Usenet as many providers dropped
|
||
|
Usenet as a service. Not onlywere copyrighted materials being
|
||
|
shared but so was child pornography. ManyUsenet servers will not
|
||
|
carry binary newsgroups, though most paid servicesstill do.
|
||
|
* Text Newsgroups The overwhelming majority of discussions take place
|
||
|
on text newsgroups. Text newsgroups are just plain text. If you
|
||
|
download a news article from a text newsgroup, it will only
|
||
|
contain plain text which makes it very useful for searching and
|
||
|
organizing.
|
||
|
* Articles: Messages or posts on newsgroups are known as articles.
|
||
|
* Hierarchies: Groups of newsgroups. These may be unmanaged such as
|
||
|
the alt.\* and free.\* hierarchies or they may be managed by
|
||
|
volunteer organizations. Many hierarchies are geographically
|
||
|
specific. In the past, many hierarchies were run by corporations
|
||
|
such as Microsoft and Novell, but those have become disused over
|
||
|
time.
|
||
|
* The Big-8: The Big-8 is a collection of hierarchies that are the
|
||
|
decedents of the original hierarchies that have been with Usenet
|
||
|
since the very beginning. Many newsgroups still have active
|
||
|
communities.
|
||
|
* Servers: Usenet servers are what make up the Usenet. They are run by
|
||
|
hobbyists and non-profit organizations or by companies that sell
|
||
|
access. Hobbyists and non-profits typically do not carry binary
|
||
|
newsgroups. While they do not outwardly advertise this fact,
|
||
|
Usenet access companies focus on providing access as a means for
|
||
|
filesharing.
|
||
|
|
||
|
## Why is Usenet Important?
|
||
|
|
||
|
While Usenet was originally developed in the late 1970s and early
|
||
|
1980s,it is still an active network with hundreds of servers worldwide
|
||
|
that operate in a purely peer-to-peer manner. Usenet does not have any
|
||
|
kind of top-down structure. Server administrators decide for
|
||
|
themselves what newsgroups they want to carry on their servers. Many
|
||
|
newsgroups and entire hierarchieshave been dormant for years. That
|
||
|
doesn't mean that there isn't any activity there, it
|
||
|
just means that it is far less than it was in its heyday.
|
||
|
|
||
|
One of the purposes of this guide is to demonstrate how to perform
|
||
|
historical research on Usenet. What was said 20 years ago on a Usenet
|
||
|
newsgroup may have real value to investigations today.
|
||
|
|
||
|
### A little history:
|
||
|
|
||
|
Usenet began as a project between the University of North Carolina and
|
||
|
Duke University in 1979. The grad students who began the project
|
||
|
presented it the following year at the annual USENIX conference and
|
||
|
after that, it exploded in popularity at universities and corporations
|
||
|
that did not have access to the predecessor of the Internet, the
|
||
|
ARPAnet.
|
||
|
|
||
|
In the late 1980s, Usenet servers starting being available on the new
|
||
|
Internet. In the 1990's, Usenet was the message board of the
|
||
|
Internet. Early online services like AOL and Compuserv had their own
|
||
|
message boardsand chat rooms, but many of the best conversations were
|
||
|
happening on Usenet. Much of today's online culture originated
|
||
|
on Usenet. This where we get concepts such as trolling and spam. It is
|
||
|
where Linux and IMDB had their starts. Activists like Julian Assange
|
||
|
got their start on Usenet and the seeds for Bitcoin were discussed
|
||
|
years before it was originally published. In the 90s and early 2000s,
|
||
|
Usenet was the 4chan, Reddit, Twitter, and Slashdot, of the Internet.
|
||
|
|
||
|
### Usenet today:
|
||
|
|
||
|
Usenet isn't what it used to be, but that doesn't mean
|
||
|
that it is completely dead. For the OSINT investigator, it is probably
|
||
|
not atop-tier location for investigations today. However, due to its
|
||
|
historic importance and the fact that it is still alive, albeit much
|
||
|
smaller, it should not be ignored.
|
||
|
|
||
|
Because Usenet is based on sending plain text messages, much if it has
|
||
|
been archived to this day and can be continually archives easily. That
|
||
|
isn't something that can be said about the proprietary systems
|
||
|
of the online services or even about modern services like Reddit or
|
||
|
Twitter where messages must be manually archived and are subject to
|
||
|
deletion by moderators at any time.
|
||
|
|
||
|
## How to perform OSINT on Usenet
|