July 24th, 2001, 08:45 PM
First of all so that you know where my comments are coming from, my site was one of the ones attacked over the weekend as well (www.essd.army.mil). And let me add that based on the log files, they (and it was more than one person) visited my site on the 5th to do recon and gather some info. Then attempted to gain access on the 7th but could not, until his friend from another location tried it and finally figured out what the initial hacker was doing wrong.
While no apparent damage was done, other than maybe to my ego, the comments left by No|d were a poor attempt at saying "lookie lookie what we can do, and if we wanted to we could have done worse, but since were such nice people we didn't!", while at the same time saying, and I will quote it for you because I would definitely not want to misrepresent the No|d in any way, "We did NOT take any software from this server or any other servers that the U.S. Army Information Systems Software Center headquarters runs Nor was anything on this server harmed and further more the hole that was used to get in was fixed. They should be paying us for all the fixed servers : ^ )". First of all on this comment, the mere act of Hacking the initial page and modifying the organizational logo as well as putting the No|d logo on my sever, is classified as "harming" something on the system. This does not even begin to mention the fact that certain DLL files were overlaid as well as a couple other files. The bottom line is that it does constitute harming the server. I don't even want to comment on the part about paying for this sever... The one thing I will say is that they could have caused more damage with the hole they used. However either way, nothing would have been compromised nor would the sever have been down more than a couple hours while the image was reloaded.
However, the comments made by SGT. Dixon and the actions he has taken should be commended and not scoffed by you as is being done in your posting. Denying access to anyone who has a track record of causing (or a potential to cause) damage to any US owned service, is a good step in the right direction. Most likely, like myself, SGT. Dixon has nothing to do with the issues going on the Pentagon. This type of retaliatory response is typical "politically motivated, self serving juvenilistic cry for attention". This is like being made at your next door neighbors dog so you go down the block and beat his friends cat. No real sense behind it other than to gain attention and cause disruption. And since I feel that No|d has already gained enough attention from this, I am ending this note.
AntiOn-Line - Thank you for the opportunity to post/share my views, I do appreciate that.
We are proud to have the ability to be able to receive and post viewpoints from both computer security professionals and hackers alike. Last week
we posted the views of n0|d, and this week the views of an admin in charge of the very system they hacked. Talk about a unique situation =)
This form was submitted by: Ed.
Submitted The Following Comments/Questions:
The 'test dial' 9 0 # is an old scam.
It works on commercial phone systems.
9 - Get an outside line
0 - Get an operator
# - Transfer and hang-up
A more common variation is "Could you transfer me to ext. 90, please"
Either way the caller gets an outside operator and 'middle man' get the bill.
Ahh, Gotta love Ma Bell...
So yet another one of life's great mysteries solved. Thanks for the info Ed!
I saw the tipe you have on about:globalhistory displaying all sites your
browser has been to.
>Quick Security Tip For The Week Of January 5-11, 1998
>Do you use Netscape? If so, did you know it's possible for anyone that
has access to your computer to view a
> list of almost EVERY webpage you've ever visited? Well, it's true. In
the location bar at the top of the >Netscape browser type
"about:globalhistory" (without the quotation marks). Take a look at
what shows up.
You might advise your listeners that this is easy to remove by deleting
the file netscape.hst.
Keep up the good show!
Ok, thanks Brendan, the world now knows. Well, the little part of it that visits AntiOnline regularly anyways ;-)
First, thanks for the word on the Pentagon Hackers. Being 75 miles from
our Silicon Valley News TeeVee had to lead with the story and posted
lame followups with no information and just allegation for two days.
AntiOnline is the only place I got
real information from the sources. America needs your journalism. Bad.
Second, to comment on the X-files episode brewing out there at LLNL.
There are a lot of commercial interests trying to do decoding of
non-text content of the Web. Infoseek has made no secret that they're
doing pattern recognition on GIFs and JPGs to try to get the text out of
imagemaps. No doubt others are trying the same with audio streams. The
non-malevolent view is that there are a great number of folk worldwide
who need their information in modalities other than phosphors.
This isn't to say there isn't spook work going on at LLNL. I don't work
there, I don't know. More likely they have spooky customers (Thaw War
labs have to make a profit these days!). I'd think LLNL decrypt of
internet telephony would be a primary NSA/FBI target. The phone is still
the easiest way to reach out and touch someone.
More grist for the mill.
--cesium356 behind the ice in SillyClone Valley
Well, thanks for the kind words, I'm glad you're enjoying the site! As for the llnl stuff, well,
I refer back to my comments in last week's mail bag.
Just wanted you to know that I have been following the "Pentagon Hacker Story" with some interest and have been impressed with AntiOnline's coverage.
As an attorney who has been involved in the defense of a few hackers, and who knows how distorted the real facts can get by the mainstream media, your's is the only organization who seemed to have gotten the facts correct without all of the sensationalism, bs, or dumbing down that has accompanied major news organizations coverage of the same topic.
As an avid user myself and former tangental member of the underground its nice to see somebody out there who looks at this from the security point of view and not the hyped-up, "these guys are the worst criminals since dilinger" attitude that the governments spin doctors have put on this.
On a further note, I have been invovled in a couple of raids on my clients' homes, by both the FBI and local authorities, and the events described in your interview with Makaveli are fairly consistant with the standard operating procedures for the search and seizure of computer equipment. Isolate the suspect from the equipment; remove all items which could possibly contain data (hence the taking of all the cd's music or otherwise, although I think taking laser printers is just to be annoying rather than for any real evidentiary value) and question the suspect while this is going on.
You can check out the guidelines for seizing searching computers at <http://www.usdoj.gov/criminal/cyberc....html#FED_GUID> I only wish that Makaveli had enough sense to just sit there, smile and ask for an attorney while they asked him questions.
Its a pretty awesome thing to have all those federal agents at your house. I cn imagine he was pretty shook up about all of this. But the best thing to do is sit down, be quiet, be polite, ask for an attorney, and never, ever, believe the statement of a law enforcement agent "that he can help you if you just cooperate". LOL
Hey, thanks for your "professional viewpoint". I think there's alot of info in there that may be usefull to some of our readers =) On a personal note,
Mr. Jones has volunteered his serviced to AntiOnline, and we greatly thank him for that! With a site like ours, you never know when you may need a good attorney =)