Security Incidents mailing list archives
Re: Crack attempt last weekend
From: Bryan Smith <bryan () THECLERK COM>
Date: Mon, 27 Nov 2000 15:17:56 -0600
<SNIP> Yes, I have posted this individual's FTP username and password.</SNIP> I have to question the ethics here. Posting exploit code is questionable at times, but posting account information is unethical. <SNIP> So I logged onto tripod with that username and password </SNIP> um...'back hacking' is not only unethical - but illegal. i question that action as well as the possible results of more entries through the release of user/pass. ----<SNIP>----
P.S. I have already notified all service providers involved (Lycos, NameZero, Tripod, Anglefire) and they have not responded to me.
----</SNIP>---- depending on your intended course of action: the isp should have received the account info; the list should have received an attack signature/log; and i would suggest not taking it upon oneself to gain access to an intruder's host. -b
Current thread:
- Crack attempt last weekend Nick Ruisi (Nov 28)
- Re: Crack attempt last weekend Bryan Smith (Nov 29)
- Re: Crack attempt last weekend Clayton Hoskinson (Nov 30)
- Re: Crack attempt last weekend Bryan Smith (Nov 29)