|
-
February 19th, 2003, 01:42 AM
#1
Junior Member
-
February 19th, 2003, 02:44 AM
#2
I haven't read all the details on the Mitnick case but trust relationships were often used as part of the original ARPA. rhosts and other files would have the listing of their trusts. If Mitnick found a file with the victim's ip, it isn't that hard. It quite possible could have been a hit or miss.
Sometimes attackers find things that they aren't expected and utilize those to their advantage. I wonder if Mitnick maybe found something more than just a "victim"?
http://www.takedown.com/
Now this is one view of the whole original incident. How accurate it is.. hard to say. There are many sides to the truth.
-
February 19th, 2003, 03:16 AM
#3
Junior Member
Thanks for the link msmittens...what an excellant link!! can even watch him telnetting in n out 
So you reckon that maybe, while playing around with the victim he stumbled on to a trusted source (the target)? That seems to make sense...but its still a very very lucky find...
I can see where you are going with the ARPA theory, but i think it was something that involved some form of "recon"... I believe Tsutomo mentioned some stuff concerning TCPdump packets that showed some kind of recon involving finger, showmount and rcpinfo... being the unix wiz that i am....not! Is it possible he gained this very sensitive info from these sources?
and if he did, wouldnt that mean he would have to gain root on one of the trusted hosts before being able to get showmount info? (which would kinda defeat the purpose of the whole syn flood anyway...I am Confused!!)
\"I do not fear computers. I fear the lack of them.\"
Isaac Asimov (1920 - 1992)
-
February 19th, 2003, 03:31 AM
#4
Senior Member
I never understood the "free kevin" movement-I know the laws were different then but, and I don't know the whole story, wasn't he just a scumbag thief???
the only way to fix it is to flush it all away-tool 
-
February 19th, 2003, 12:18 PM
#5
Originally posted here by Oblivious
Thanks for the link msmittens...what an excellant link!! can even watch him telnetting in n out
So you reckon that maybe, while playing around with the victim he stumbled on to a trusted source (the target)? That seems to make sense...but its still a very very lucky find...
I can see where you are going with the ARPA theory, but i think it was something that involved some form of "recon"... I believe Tsutomo mentioned some stuff concerning TCPdump packets that showed some kind of recon involving finger, showmount and rcpinfo... being the unix wiz that i am....not! Is it possible he gained this very sensitive info from these sources?
and if he did, wouldnt that mean he would have to gain root on one of the trusted hosts before being able to get showmount info? (which would kinda defeat the purpose of the whole syn flood anyway...I am Confused!!)
The syn flood was so he could act as the trusted host. He had to disable the trusted host. He did stumble upon sensitive info. I believe he found quite a few credit card numbers and private information as well as proprietary information.
As for the Free Kevin movement, while I don't agree with Kevin's method his treatment wasn't called for. He spent 4-5 years in prison with no charges or trial date. A lot of the movement was based on the fact that the Gov't didn't do one of those paramount things: due process.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
trusted relationship?
Its been bugging me for a while so now seems like a good time, afterall "hackers know the weaknesses in your system, shouldnt you?"
Reply With Quote
