Anyone interested in teaching in North Korea?  https://yustpust.org

The YUST PUST Foundation has some openings listed under the Get Involved section. Curiously enough they have an address at a PO Box in Illinois

North Korea has a lot of ports open on port 8080, but I’m thinking those aren’t proxies…

Anyone know what they are? My best guess is bitcoin mining pools: https://news.bitcoin.com/north-korea-begins-bitcoin-mining-operation/

At times someone from a North Korean address has edited the following Wikipedia pages:

175.45.176.130

This one seems a little serious

User talk:Jimbo Wales: https://en.wikipedia.org/wiki/index.php?curid=9870625&diff=prev&oldid=614463449

175.45.176.135

SD Card- https://secure.wikimedia.org/wikipedia/en/wiki/index.php?curid=315794&diff=prev&oldid=608633609

175.45.176.140

Someone feels strongly about CMS’s

Content Management System- https://en.wikipedia.org/wiki/index.php?curid=75885&diff=prev&oldid=449076598

Mobile country code- https://secure.wikimedia.org/wikipedia/en/wiki/index.php?curid=6855629&diff=prev&oldid=534160820

New Asian–African Strategic Partnership- https://en.wikipedia.org/wiki/index.php?curid=37183551&diff=prev&oldid=583476306

Skyline- https://en.wikipedia.org/wiki/index.php?curid=26949434&diff=prev&oldid=578541976

User:Fisherjs- https://en.wikipedia.org/wiki/index.php?curid=5071547&diff=prev&oldid=500394392

175.45.176.143

Aron da Silva- https://en.wikipedia.org/wiki/index.php?curid=30183322&diff=prev&oldid=637412128

175.45.176.144

The Eternal Champion- https://en.wikipedia.org/wiki/index.php?curid=4935162&diff=prev&oldid=568064567

Real-time Transport Protocol- https://en.wikipedia.org/wiki/index.php?curid=26163&diff=prev&oldid=597787522

 

 

Looks like there’s an open mail relay hosted in the DPRK. Masked the domain for privacy reasons. Only resolves to DPRK domains.

Resolving hostname…
Connecting…
Connection: opening to smtp.XXXXXX.kp:25, timeout=300, options=array (
)
Connection: opened
SERVER -> CLIENT: 220 mail.star-co.net.kp ESMTP Postfix
CLIENT -> SERVER: EHLO tools.wormly.com
SERVER -> CLIENT: 250-mail.star-co.net.kp
250-PIPELINING
250-SIZE 1000000000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
CLIENT -> SERVER: MAIL FROM:
SERVER -> CLIENT: 250 2.1.0 Ok
CLIENT -> SERVER: RCPT TO:
SERVER -> CLIENT: 250 2.1.5 Ok
CLIENT -> SERVER: DATA
SERVER -> CLIENT: 354 End data with .
CLIENT -> SERVER: Date: Mon, 29 Apr 2019 02:58:14 +0000
CLIENT -> SERVER: To: flph@star-co.net.kp
CLIENT -> SERVER: From: Wormly SMTP Test
CLIENT -> SERVER: Subject: Wormly SMTP Test Message
CLIENT -> SERVER: Message-ID: <513d1d6870dbfc59c46586d3494dcc8c@blog.wormly.com>
CLIENT -> SERVER: MIME-Version: 1.0
CLIENT -> SERVER: Content-Type: text/plain; charset=iso-8859-1
CLIENT -> SERVER:
CLIENT -> SERVER: This message was sent using the Wormly SMTP testing tool by this user:
CLIENT -> SERVER: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:63.0) Gecko/20100101 Firefox/63.0
CLIENT -> SERVER: 185.210.218.100
CLIENT -> SERVER:
CLIENT -> SERVER: .
SERVER -> CLIENT: 250 2.0.0 Ok: queued as 5AF6222C37A4
CLIENT -> SERVER: QUIT
SERVER -> CLIENT: 221 2.0.0 Bye
Connection: closed
Message completed successfully.

well this makes things a little easier: http://dprkportal.kp/index.php

Not sure if this deserves a regular page yet, but a list of sites that are hosted outside of the NK address space:

http://www.ournation-school.com/

http://ryugyongclip.com/

http://www.ryomyong.com/

http://chongryon.com/

http://www.kns-photo.com/

http://pyongyang.news-site.net/

http://tptloffice.com/content/first.html

http://pyongsu.com/

http://www.phoenixcommercialventures.eu/

• Defunct. Led by Nigel Cowrie who under his shell company helped sell arms and expand the North Korean nuclear program

http://www.minjok.com/

http://pyongyang.news-site.net/

http://korea-publ.com/

• porn site now. was selling North Korean literature until late last year.

http://www.pyeonghwamotors.com/ or http://pmcgroup.co.kr