nanog mailing list archives
Re: [funsec] Subject line misleading. AT&T Pwned. Sweet Irony: Metasploit Creator a Victim of His Own Creation (fwd)
From: Gadi Evron <ge () linuxbox org>
Date: Wed, 30 Jul 2008 14:52:41 -0500 (CDT)
I guess history decided the previous discussion in favor of vix. Although I doubt vix sees this compromise at ATT as a victory, but rather a loss.
Note: HD has not been compromised. Gadi. ---------- Forwarded message ---------- Date: Wed, 30 Jul 2008 11:46:49 -0700 From: Dragos Ruiu <dr () kyx net> To: Paul Ferguson <fergdawg () netzero net> Cc: funsec () linuxbox org Subject: Re: [funsec] Subject line misleading. AT&T Pwned. Sweet Irony: Metasploit Creator a Victim of His Own Creation On 29-Jul-08, at 10:01 PM, Paul Ferguson wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via PC World (IDG). [snip] HD Moore has been owned. That's hacker talk, meaning that Moore, the creator of the popular Metasploit hacking toolkit has become the victim of a computer attack. It happened on Tuesday morning, when Moore's company, BreakingPoint had some of its Internet traffic redirected to a fake Google page that was being run by a scammer. According to Moore, the hacker was able to do this by launching what's known as a cache poisoning attack on a DNS server on AT&T's network that was serving the Austin, Texas area. One of BreakingPoint's servers was forwarding DNS (Domain Name System) traffic to the AT&T server, so when it was compromised, so was HD Moore's company. When Moore tried to visit Google.com, he was actually redirected to a fake page that served up a Google page in one HTML frame along with three other pages designed to automatically click on advertisements. [snip] More: http://www.pcworld.com/article/149126/2008/07/.html - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFIj/Wrq1pz9mNUZTMRAmAhAJ9lT5hosH5xBOWOsTFArDsw1MGN1ACg+wQR a12h7wcZ9hy0JN2DtHkuZGo= =Wv/X -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: [funsec] Subject line misleading. AT&T Pwned. Sweet Irony: Metasploit Creator a Victim of His Own Creation (fwd) Gadi Evron (Jul 30)
- Re: [funsec] Subject line misleading. AT&T Pwned. Sweet Irony: Metasploit Creator a Victim of His Own Creation (fwd) Suresh Ramasubramanian (Jul 30)
- Re: [funsec] Subject line misleading. AT&T Pwned. Sweet Irony: Metasploit Creator a Victim of His Own Creation (fwd) Martin Hannigan (Jul 30)
- RE: [funsec] Subject line misleading. AT&T Pwned. Sweet Irony: Metasploit Creator a Victim of His Own Creation (fwd) Skywing (Jul 30)
- Re: [funsec] Subject line misleading. AT&T Pwned. Sweet Irony: Metasploit Creator a Victim of His Own Creation (fwd) Suresh Ramasubramanian (Jul 30)
- Re: [funsec] Subject line misleading. AT&T Pwned. Sweet Irony: Metasploit Creator a Victim of His Own Creation (fwd) Eric Brunner-Williams (Jul 31)
- Re: [funsec] Subject line misleading. AT&T Pwned. Sweet Irony: Metasploit Creator a Victim of His Own Creation (fwd) Suresh Ramasubramanian (Jul 30)