-
July 24th, 2001, 09:46 PM
#1
Senior Member
06-18-2001
It seems to me that by reporting "RealSecure Kill"s in your on-line log, you
are providing crackers with a safe way to scan potential targets for the
presence of RealSecure monitors. For example, they send a TCP syn packet
with your source address to an address+port at a potential target that is
likely to trigger a reset then watch your log for the result - if they see a
RealSecure Kill, they know not to try cracking that site.
Or am I misunderstanding the log entries? Maybe they're reporting sites that
have elicited a Reset from your monitor, rather than sites that have sent a
Reset to your network. If so, I misunderstood the on-line explanation of the
entries and I apologise.
Thanks.
Cheers,
Dave Long
Well Dave, it appears that you thought of something that we haven't. I looked into this, and you're right. What a deviant little mind you must have, heh. We appreciate you sharing this possibility with us. I've taken the realsecure kill flag out of our web-engine. If you send me a shipping address, I'd be happy to send you an "Official AntiOnline T-shirt" (it doesn't get any better than that, heh).
I am a concerned NASA employee who has voiced concerns in the past
which have fallen on deaf ears. So I'm providing your site with this
information, hoping that by making it public, things may improve.
Earlier today, the following message appeared on a NASA Stennis Space
Center web page. The computer in question potentially contained
sensitive information. I am unaware if other systems were affected,
but the message certainly states there were.
Rivver Ratt says SQUEEK! as you well know by now, the ease at wich i did
this was a surprise to say the least.
I really did think that this would be hard to do, considering this a classified
government network..
alas it wasnt that hard at all. As for damged to files, i didnt hurt anything
but i did do alot of reading,
and wow you ppl have been very busy indeed, there is some amazing **** on
these boxes..
now heres the good part, i still have access to these systems, yup i do,and to keep this
from happening, you would havta stop all your research your doing and make
a huge system change, as in keep the network down all the time.. hell this information
is prolly worth a fortune to some one..~shitty grin~ rest assured ill be back really soon..logs are non-existent, duh like id leave em there....
take care,
Rivver Ratt
>Greetings:
>
>Do you have the exact domain that was defaced? And also, why on earth
>would a public webserver contain sensitive information?
>
>Yours In CyberSpace,
>John Vranesevich
>Founder, AntiOnline
The box that was compromised has already been taken offline, but it was
sscwww5.ssc.nasa.gov.
The system was behind a firewall and the web page was only visable to the
Stennis intranet. In addition, only cleared employees were given access to the
box.
>Greetings:
>
>well, since it's not exactly a secret anymore, what kind of information
>was stored on it?
>
>Yours In CyberSpace,
>John Vranesevich
>Founder, AntiOnline
I appreciate your interest, but I really can't say exactly. I'm not even sure I should have said this much. All I can say is that it seemed to be a big deal at Stennis
with everyone running around like crazy.
Well, is this really a NASA employee, or did Rivver Ratt come up with a creative way to get me to publicize his defacements? Who knows....
Dear AntiOnline Staff,
I would just like to congratulate the AntiOnline staff for doing such a wonderful job for a long time. This site is one of my daily stops on the web. It is a reliable source of security and hacking news that I very much enjoy.
Keep Up the good works guys!
Sincerely,
Dalton Lebarbenchon
No, I didn't just publish this e-mail because it gives us kudos. Although, that's certainly one reason (heh). Look at this guy's last name! Cripe! I thought mine was bad. I feel for you dalton. Kindergarten must have been traumatic. Everyone else learning how to spell smith and jones, and you had that to deal with. Urgh....
Thank you for your continuing updates about what is going on with computers and computer security. As a Tech Support Rep for a major computer company I get calls from people who fall for the hoaxes that cross the Internet. The Sulfnbk.exe hoax was one of them and the worst part was it could have been avoided. I looked on the Internet through Google and many other places and there were tons of articles that stated the sulfnbk.exe virus was a hoax. I wasn’t looking through “TECH” Specific web pages, I was looking through yahoo and Google, every day search engines. If people would do some research before becoming “Trigger Happy” many of these problems could be avoided.
With pages like yours and many others there is no reason to be uninformed and ignorance is never a valid excuse. When people called our tech line because they had fallen for the hoax we were unable to help them because it was considered “Self inflicted damage” and they had to contact our pay support for help. All this because they didn’t stop to do a couple minutes worth of research. Their lack of research costed them- literally.
Again, thank you for keep us informed- those who actually take the time to do research will continue to come here and get information that will save themselves both time and money.
-Ryan
Ok, so I published this one just because it gives us kudos. Keep reading, the nasty ones are soon to follow....
Well after reading this weeks mail bag, I couldn't help but feel as if you were ridecueling me. For instance, just before my message, it says, and speaking of inbreeding . . . .
All I have to say is that isn't cool. I make an offer to extend my knowledge to you, and you make fun of me for it? Granted I do not know your past history, you could be a former hacker and computer buff, but still . . .
You could have atlest replied to my email saying "No thanks, we've got it covered" instead of what you have done. That seems a bit childish to me. "HAHAHA this guy REALLY thinks that we want his help HAHAHA lets make fun of him for it HAHAHA"
Well, I would like an explaination as to why this was done, and possibly an apollogy. And if it is all a mistake then let me know, no hard feelings.
By The Way, if you feel the need to post this message, please ask my permission first, as it was directed as a private email, and not to be displayed publicly.
GreenDevil
Well, since "greendevil" isn't a legal entity (IE, not your name), I can publish any e-mail sent by "him" since "he" can't legally claim ownership of it. In other words, I don't need your permission to post this. As for why you were "ridecueling", well, I'll leave that to you to figure out. BTW: My mailbag? Childish? Well, yeah, that's kind of the point.
hi
i am storm that is my online name i really want to become a hacker!!!!!!! i need to get some ino that i can actually understand i have always wanted to become a hacker so please help me.. thanking you
storm
Why not try e-mailing GreenDevil?
Authorization
0a. (N)ew (M)odify (D)elete.........: D
0b. Auth Scheme.....................: MAIL-FROM
0c. Auth Info.......................:
1. Comments........................:
2. Complete Domain Name............: antionline.com
Organization Using Domain Name
3a. Organization Name...............: Pitt Students
3b. Street Address..................: Sexy street
3c. City............................: Michigan
3d. State...........................: PA
3e. Postal Code.....................: 12345
3f. Country.........................: US
Administrative Contact
4a. NIC Handle (if known)...........:
4b. (I)ndividual (R)ole?............:
4c. Name (Last, First)..............:
4d. Organization Name...............:
4e. Street Address..................:
4f. City............................:
4g. State...........................:
4h. Postal Code.....................:
4i. Country.........................:
4j. Phone Number....................:
4k. Fax Number......................:
4l. E-Mailbox.......................:
Technical Contact
5a. NIC Handle (if known)...........:
5b. (I)ndividual (R)ole?............:
5c. Name(Last, First)...............:
5d. Organization Name...............:
5e. Street Address..................:
5f. City............................:
5g. State...........................:
5h. Postal Code.....................:
5i. Country.........................:
5j. Phone Number....................:
5k. Fax Number......................:
5l. E-Mailbox.......................:
Billing Contact
6a. NIC Handle (if known)...........:
6b. (I)ndividual (R)ole?............:
6c. Name (Last, First)..............:
6d. Organization Name...............:
6e. Street Address..................:
6f. City............................:
6g. State...........................:
6h. Postal Code.....................:
6i. Country.........................:
6j. Phone Number....................:
6k. Fax Number......................:
6l. E-Mailbox.......................:
Prime Name Server
7a. Primary Server Hostname.........:
7b. Primary Server Netaddress.......:
Secondary Name Server(s)
8a. Secondary Server Hostname.......:
8b. Secondary Server Netaddress.....:
Product/Service Options (For New Registrations Only)
9a. Registration Period (1-10yrs):
9b. Bulk Whois Optout (Y/N)......:
Channel Payment/Identifier Options
10a. Channel Identifier...........:
If I had a dollar for every kiddie that has tried to delete our domain names.......
Authorization
0a. (N)ew (M)odify (D)elete.: Modify
0b. Auth Scheme.............: MAIL-FROM
0c. Auth Info...............:
Contact Information
1a. NIC Handle..............: VJ288
1b. (I)ndividual (R)ole.....: Individual
1c. Name....................: Mother****, John
1d. Organization Name.......: 2600
1e. Street Address..........: 123 Sex Mile
1f. City....................: New York
1g. State...................: NY
1h. Postal Code.............: 12345
1i. Country.................: China
1j. Phone Number............: 724-773-0940 724-773-0941
1k. Fax Number..............:
1l. E-Mailbox...............: dummmimail@gmx.at
Notify Information
2a. Notify Updates..........:
2b. Notify Use..............:
Authentication
3a. Auth Scheme.............: MAIL-FROM
3b. Auth Info...............: jp@ANTIONLINE.COM
3c. Public (Y/N)............: NO
If I had a dollar for every kiddie that has tried to modify our domain names.......
Subject: Partnerschaft/ Partnership
Hallo Webmaster,
wie Du vielleicht schon anhand Deiner Hits bemerkt hast, habe ich Dich in meiner Section "Anonymes Surfen" bei RAW Syndicate (http://thx.to/RAW) gelinkt; z.Zt. ca. 600 Hits/Tag; RAW Syndicate selbst hat über 30.000 Hits pro Tag...
Da "eine Hand die andere wäscht" würde ich mir wünschen, wenn Du ebenfalls einen Link, allerdings auf meine private Seite (www.Coffee-Break.de) setzen würdest.
Dear Webmaster,
as you perhaps already noticed on the basis your hits, I linked you in my section "Anonymes Surfen (Anonymous Surfing)" on RAW Syndicate (http://thx.to/RAW); at this time over 600 Hits each Day;RAW Syndicate itself has got 30.000 Hits each day...
Since "A hand washes the other one" I would require itself, if you likewise one link, however on my private page (www.Coffee-Break.de) would set.
I have no idea what translation software this guy used. However, I do have this strange feeling that something got lost in the translation. I would require itself, if you likewise one link, however on my private page would set. Haha, crack me up. Reminds me of a certain president that we have.....
From: "Ernest J. Kluft, Jr."
Subject: Unsubscribed
Your article today was absolutely off base..... I removed my name from your list.....
GOODBYE, and SHAME ON YOU !!!!!!!!!!!!!!!
Ouch! Someone didn't like my little editorial about the way the US handled the russian hacker case. Oh well, what's one less FBI Agent on my mail list?
To: jp@antionline.com
i am a person who would like to design my very own anti hacking program could you help me to start it off?
Sure I'll help you start it: void main()
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|