Security Incidents mailing list archives

Re: Cracked by the Brazilians

From: jburdge () AVENTAIL COM (Jon Burdge)
Date: Fri, 31 Mar 2000 13:16:52 -0800


The servers he connected to later in the logs looked like efnet servers
(cypher.core.com was one of them.)

-----Original Message-----
From: Michael Damm [mailto:symetrix () symetrix org]
Sent: Thursday, March 30, 2000 3:06 PM
To: INCIDENTS () SECURITYFOCUS COM
Subject: Re: Cracked by the Brazilians

Hi.

Hi.


[root@physics .usr]# ls
BitchX
[LASF]_Hanging_Up_[Telesync][1of2].asf
[LASF]_Mission_To_Mars_[GOOD.Telesync][1of2].asf  scr-bx

  sexet2.mpg

BitchX-75p3-Linux-glibc2-i386.tar
[LASF]_Hanging_Up_[Telesync][2of2].asf
[LASF]_Mission_To_Mars_[GOOD.Telesync][2of2].asf  sexet1.mpg  wserv


This is a red flag for me. Obviously its a warez/vcd kiddie
distributing his
goods from your server. Try some EFnet/Dalnet/Undernet
channels like #good
or #telesync or maybe even #vcd/#asf. Start talking with a
few of the ops
and see if you can get anyone to incriminate themselves. From
there its
whatever your local BOFH chooses to do with/to them.

   -Mike


_____________________________________________
NetZero - Defenders of the Free World
Click here for FREE Internet Access and Email
http://www.netzero.net/download/index.html

Current thread:

Re: Cracked by the Brazilians Jon Burdge (Mar 31)
- <Possible follow-ups>
- Re: Cracked by the Brazilians karthik krishnamurthy (Apr 01)
- Re: Cracked by the Brazilians karthik krishnamurthy (Apr 04)