[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: System Attack & FBI (fwd)



Forwarded message:

> Subject: Re: System Attack & FBI (fwd)
> From: [email protected] (Dr.Dimitri Vulis KOTM)
> Date: Sat, 24 May 97 08:31:31 EDT

> [email protected] (Igor Chudov @ home) writes:
> ...
> > I hope that the hacker did not leave any other trojans besides rogue Apache
> > and in.telnetd.
> ...
> The cracker installed Stronghold[tm] on Jim's system?  How despicable!

The cracker installed nothing. From the first time they used the bbixler
account I have known of them.

Another interesting aspect is that since taking on the CDR I have had 3
attacks (previous ones were denial of service) while in the year previous
to that I had only one. I think there is an object lesson buried in there
somewhere.

What I want to know is if he ever realized he was running on a 486DX2/80
w/ 24M of RAM, 1G of hard-drive, and a version of Linux that is over 2 years
old? What a rube...

The bbixler account was a trip-wire with a very silly password intentionaly
left there (as are several others) just waiting for some happy jack to find
one. I also do this with my IP's. It is actualy very effective.

I once nabbed a bozo from the Richardson, Tx AT&T office who was using my
system to get to other systems. I was monitoring the account and noticed an
email go out to a buddy of his with his office number in it. I called, he
shit bricks, I asked for money or that he desist from using my system. He
desisted.

I also have a pretty quick re-install plan as well. I have a basic image
on a spare drive installed in the box. Swap cables and we are back up.
I can do a complete re-install and be configured in about 3 hours from CD
archives and the original source material which is on machines not on the
Internet (it's my Amiga 2000). This does not include the user home
dir's which I don't protect, with the users full knowledge and agreement.
Their data, their problem (I push fast cycle times, the use of off-line
encryption for security, and digital signing for authority); I provide
services only and TEMPORARY file storage on my file systems.

Linux on old 486's is wonderful!

                                                       Jim Choate
                                                       CyberTects
                                                       [email protected]