Security Incidents mailing list archives
Re: Cracked by the Brazilians
From: jburdge () AVENTAIL COM (Jon Burdge)
Date: Fri, 31 Mar 2000 13:16:52 -0800
The servers he connected to later in the logs looked like efnet servers (cypher.core.com was one of them.)
-----Original Message----- From: Michael Damm [mailto:symetrix () symetrix org] Sent: Thursday, March 30, 2000 3:06 PM To: INCIDENTS () SECURITYFOCUS COM Subject: Re: Cracked by the BraziliansHi.Hi.[root@physics .usr]# ls BitchX [LASF]_Hanging_Up_[Telesync][1of2].asf [LASF]_Mission_To_Mars_[GOOD.Telesync][1of2].asf scr-bxsexet2.mpgBitchX-75p3-Linux-glibc2-i386.tar [LASF]_Hanging_Up_[Telesync][2of2].asf [LASF]_Mission_To_Mars_[GOOD.Telesync][2of2].asf sexet1.mpg wservThis is a red flag for me. Obviously its a warez/vcd kiddie distributing his goods from your server. Try some EFnet/Dalnet/Undernet channels like #good or #telesync or maybe even #vcd/#asf. Start talking with a few of the ops and see if you can get anyone to incriminate themselves. From there its whatever your local BOFH chooses to do with/to them. -Mike _____________________________________________ NetZero - Defenders of the Free World Click here for FREE Internet Access and Email http://www.netzero.net/download/index.html
Current thread:
- Re: Cracked by the Brazilians Jon Burdge (Mar 31)
- <Possible follow-ups>
- Re: Cracked by the Brazilians karthik krishnamurthy (Apr 01)
- Re: Cracked by the Brazilians karthik krishnamurthy (Apr 04)