About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search
Home » Industry Watch


Guilmette goes after Anal.

Get It

Try It

Why do arrogance and stupidity go so hand in hand? The Wall Street Journal recently published an article about legendary Internet moron Marc Thompson, aka AnalogX, and both SPEWS and this site did follow-ups. Now security guru Ronald Guilmette has gone off the deep end. Guilmette's already-famous Usenet posting follows in its entirety.

(It should perhaps be pointed out that Guilmette is normally not this 'vociferous' - meaning 'Anal' has finally annoyed him - and this posting was well-received - even applauded - in the security community.)

SPEWS: S2681 (www.analogx.com - revisited)
From: Ronald F Guilmette
Date: Tuesday 27 May 2003 04:30:09 am
Groups: news.admin.net-abuse.email

Hello SPEWS!

Please reinstate your listing for www.analogx.com to Level 1. If anybody deserves it, it is this self-serving egotist sociopath named Mark Thompson.

(I have been trying to contact this asshole about his piece-of-shit proxy for MONTHS, and he is apparently too busy admiring his own reflection in the mirror to even bother to reply to my e-mail.)

This guy is every bit as bad as a spammer. He is fucking over our community to serve his own selfish ends, namely making a big name for himself.

Please DO NOT BE FOOLED into believing that he either has fixed or that he is going to fix that piece-of-crap malware that he calls the AnalogX proxy. I can assure you that he hasn't fixed it, and probably CAN'T fix it, because he is too fucking dumb to even know what all of the spammer-exploitable holes in it are.


This dumbshit, Thompson, apparently believed that he was doing the world some sort of a Big Favor by implementing some lame-ass start-up warnings and by implementing a file within which the installer could place some restrictions on the operation of part of his AnalogX proxy.

Well guess what! The clueless lusers who use this piece of shit proxy don't even know what the warning is telling them, let alone how to fix it. So the warning is useless.

More to the point however, his lame-ass 'https-ports.txt' 'control' file which in its distributed form looks like this:


only even has an effect on the http part of the AnalogX proxy, i.e. the part that runs on port 6588 and that speaks HTTP. THIS DOESN'T DO SHIT ABOUT THE FULLY EXPLOITABLE SOCKS4/SOCKS5 proxy (on port 1080) that is also a standard (and *wide open*) part of every AnalogX default install.

Are you starting to get this picture?

And that's not all. I also found YET ANOTHER WIDE OPEN HOLE in AnalogX. Even if Thompson ever managed to get his head out of his ass for long enough to properly secure both the HTTP and SOCKS4/SOCKS5 proxy portions of his crap product, THERE WOULD STILL BE YET ANOTHER WAY FOR SPAMMERS TO ABUSE default-installed AnalogX proxies. (No, I'm not going to disclose that here, because the spammers would just pick up on it. Hell! I was stunned at how fast the FormMail spammers picked up on all of the new and different tricks I exposed in my paper on FormMail exploits.)

AnalogX is worse than any ordinary net-bourne Microsloth virus. THOSE at least get cleaned up eventually! But AnalogX is insidious and is causing growing and apparently PERMANENT amounts of damage to the entire Internet infrastructure.

As far as I am concerned, Thompson is a computer criminal, and he ought to be locked up along with the other irresponsible kiddies who have infected the Internet with various other virii.

SPEWS, whoever you are, I urge you in the strongest possible terms to do everything in your power to FORCE www.analogx.com off the Internet, at least until Thompson takes some remedial programming and network security classes, and until he STOPS DISTRIBUTING THIS VIRUS.

Specifically, I hope that you, SPEWS, will blacklist the main mail servers of LLNW.NET (see traceroute below), i.e. the connectivity providers for WWW.ANALOGX.COM, until they insist that Thompson stop distributing his current crap in its current form. If he wants to actually fix it someday, then fine. He can distribute it again then. But for now, what he is distributing is no better that a date-rape drug.

There are other freeware Windoze-based proxy packages out there, so the world could get along just fine without AnalogX. Better in fact. Distribution of the AnalogX proxy in its current form only serves two purposes, i.e. (1) to enhance Thompson's ego trip, and (2) to further fuck up security on the Internet... not necessarily in that order.


PS. If I have left any doubt in anybody's mind what I think about Thompson and his software, then by all means please visit:


with JavaScript (scripting) enabled in your browser. I've made one rather significant improvement lately to the UPL site... a new pop-up that clarifies my opinions about AnalogX.

% traceroute www.analogx.com
traceroute to analogx.com (, 64 hops max, 44 byte packets
10 ( 47.208 ms
  47.085 ms 46.854 ms
11 pos4-0-622M.hr2.PHX1.gblx.net ( 47.357 ms
  55.173 ms 71.889 ms
12 ge2-0-0.jr1.phx1.llnw.net ( 92.620 ms
  47.293 ms 47.801 ms
13 so0-0-0.jr1.phx3.llnw.net ( 47.997 ms
  66.131 ms 47.741 ms
14 * * *
15 * * *
16 * * *
17 * * *

Click here to send a nastygram to Anal's IPP.

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search
Copyright © Rixstep. All rights reserved.