Nuclear Warez Server

[Tedob1]

Teen hacker triggered nuclear terrorism alert

http://www.smh.com.au/text/articles/...776065349.html

A British teenager has narrowly escaped jail after sparking a nuclear panic by hacking into a top secret United States weapons laboratory.

Joseph McElroy, 18, who on Monday was ordered to serve a 200-hour community punishment order, bypassed the facility's electronic security systems with sophisticated software he had developed and nicknamed Deathserv.

McElroy wanted to use the advanced network's power to download and store films and music from the internet.

London's Southwark Crown Court heard that in June 2002, he used a special password to protect his collection and cover up his "parasitic" invasion.

But so many of his fellow hackers also accessed the system at the Fermi National Accelerator Laboratory in Illinois that it began to slow down. Technicians discovered the breach and "pressed the panic button". Fearing a terrorist attack, the computer was closed down for three days and the US Department of Energy sounded a full-scale alert.

[scriptkiddie18]

Officers at Scotland Yard's computer crimes unit were contacted and quickly traced the then-16-year-old student to his east London home.

Well how stupid can you be to actually hack into the 'top secret' stuff from home...portable laptop and a phone booth ....

However, said the judge, McElroy's previous good character, the fact he had not caused any actual harm and had not accessed any classified material meant prison was not necessary in this case.

Is it just me or was the judge kind of soft on him...

[Tedob1]

closes down a DoE server for 3 days but no harn was done. id say hes lucky we want to keep good relations with the UK. doesn't look like this judge feels the same way though


(laptops and crossover boxs for me t/y)

[nihil]

I don't think he knew what he was into? seems like he was just wanting to steal resources?

Now I have worked for a number of years in the "weapons of mass destruction" industry, and I can assure you that it is NOT PERMITTED to store even "restricted" (the lowest classification) information on a network that is linked to the internet. These are closed systems, internal only, not even allowed to link site to site..........its all within the razor wire and they are pretty secure.

I do not believe that US security is any more lax than ours in the UK.................?

I am calling "sensationalist media hype" on this one folks

bypassed the facility's electronic security systems with sophisticated software he had developed and nicknamed Deathserv.

A sixteen year old? I don't think so.............he found a general network server with crap security and exploited it.................I wonder if "deathserv" is some sort of anagram for sub7 Hell they caught him easily enough????????????

The hype is being allowed/encouraged to hide the incompetence IMHO.

You must also bear in mind that he was legally a juvenile when the offence was comitted?

I guess I am cynical as well as paranoid.


Cheers

[Negative]

Sounded like a hoax to me at first, but several other sources have the story as well:

The Register
Same story published on SecurityFocus, HNS.

Silicon.com
The Guardian

The story is all over the net, from lots of independent sources... I don't know if I should laugh or cry at this one

[prodikal]

Well how stupid can you be to actually hack into the 'top secret' stuff from home...portable laptop and a phone booth ....

Well been watching too much hackers now have we now its called finding a WiFi point !

Is it just me or was the judge kind of soft on him...

No i think the judge's ruling was fare it made the national news here in 'the sun' plus there was no mallicious intent on the intruders part he was merely using it as a file server for warez
you may call him a warez pimp

I don't think he knew what he was into? seems like he was just wanting to steal resources?

Agree fully with this statement he was just looking for a new home to serve warez from his DCC bot which BTW before every one says warez is wrong most stuff are usually released to p2p networks before they hit you're local #warez chan

Now I have worked for a number of years in the "weapons of mass destruction" industry, and I can assure you that it is NOT PERMITTED to store even "restricted" (the lowest classification) information on a network that is linked to the internet. These are closed systems, internal only, not even allowed to link site to site..........its all within the razor wire and they are pretty secure.

Well said any classified information should not be put on any kind of server that has web access i think because there wasnt any 'top secret' code or what have you the sentance was so lenient IMO I think that sentances that hackers crackers get are ridiculious big deal they broke in to you're system they made you look bad ha ****ing ha shouldnt be a lazy **** then should we because like 80% of system compromises are with published exploits and the 0day people are far to good to get noticed any way

A sixteen year old? I don't think so.............he found a general network server with crap security and exploited it.................I wonder if "deathserv" is some sort of anagram for sub7 Hell they caught him easily enough????????????

The hype is being allowed/encouraged to hide the incompetence IMHO.

You must also bear in mind that he was legally a juvenile when the offence was comitted?

I guess I am cynical as well as paranoid.


Cheers

IMO Deathserv was probably a mass rooter with a few published exploits that would scan ip ranges and try and exploit any service port that the targets were set to exploit like BIND SMTP Pop3 etc it isnt particulary hard to do. I started my 'hacking career' with mass './' tools and to be honest if thats the way you want to go its ****ing boring since i started teaching my self C i have not './' since because IMO coding is much more fun than 'dot slashing'

peace

[nihil]

Negative,

The story is genuine enough. I am just using my personal experience and "reading between the lines"

He got off with a light sentence because to attempt to prosecute more rigorously would bring out the whole incompetence story, and we have a concept of "contributory negligence" over here.

Damn glad I don't work for CIAC right now

But so many of his fellow hackers also accessed the system at the Fermi National Accelerator Laboratory in Illinois that it began to slow down

My guess is he found a printer server that was unprotected and on the internet connected general network? A common failing? "its only a print server".....sound familiar?

Now we are 5-8 hours ahead of you, so when our little skiddies get home from school you guys have at least a half day's work left. They all rush to download their MP3 files or whatever, so the print queue slows to a crawl and people complain?

Silly little bugger couldn't even keep his mouth shut Talking of which, isn't it rather strange that a google search for "deathserv" doesn't bring up any hacker or security sites? And this case goes back before Christmas.

I say it again folks...................I smell a rodent here

cheers

EDIT: Thanks prodikal

he was merely using it as a file server for warez

Makes a print server seem more likely............old machine with loads of storage capacity but not much power and tends to be ignored from a security viewpoint. Anything else should have been spotted before the system slowed down? I guess he forgot about the time zones?

[Modderfokker]

scriptkiddie18:

Well how stupid can you be to actually hack into the 'top secret' stuff from home...portable laptop and a phone booth

Using this method involves using an analogue coupler, which at the best of times can run at about 20kbps.
Do you think he could upload a sh*tload of warez and filez using a 20kbps connection? answer: yes time: weeks, months, maybe years

[Norrisk]

I don't think scriptkiddie18 was being serious on this one. I'm with Nihil on this one. I don't think he was prosecuted because they wanted to keep their incompetence as low profile as they could. Wonder how many other print servers they have that can be exploited like that still?

[Lansing_Banda]

The story I had read on CNET only said he had hacked into a network server. They didn't say anything about "triggering a nuclear terrorism alert." I am with nihil on this one, I think the rest of that story is just yellow news.

And how stupid could you be. First to try and use their server as a file server linked to his home and second to tell all his little warez friends the next day and invite them into his "brand new warez server". I wonder how they fared in all this as no doubt their IPs were logged (the other skiddies that visited the server).