Information Security News mailing list archives
Re: Group Offers to Sell Supposed Dragon IDS Code
From: InfoSec News <isn () c4i org>
Date: Thu, 15 Jul 2004 03:40:10 -0500 (CDT)
http://server.splitto.com.ua/scc/index.html [Interesting first attempt at selling corporate secrets, you would have expected a group like this to have researched other delivery methods, like Blacknet: http://www.c4i.org/erehwon/blacknet.html - WK] To whomever it may concern: Thank you for your interest in SCC. We regret to inform that SCC has temporarily suspended operations. Our business model is currently being re-designed to alleviate some of the initial fears our customers faced. Selling corporate secrets is a very tricky, and we believe it is an area that we can conquer. Look for us in the near future as we re-emerge to bring you all kinds of secrets. Sincerely, SCC Team
http://www.eweek.com/article2/0,1759,1623245,00.asp By Dennis Fisher July 13, 2004 A group calling itself the Source Code Club is offering to sell files that it claims contain the source code for Enterasys Networks Inc.'s Dragon IDS (intrusion detection system) software. The asking price: $16,000. The group's rudimentary Web site, which is registered under a Ukrainian domain name, lists hundreds of files that appear as though they could indeed be source-code files. There is no way to tell whether the group actually has the code, although it claims to have obtained it by breaking into the Enterasys network.
[...]
Someone using the name Larry Hobbles posted a message to the Full Disclosure security mailing list Monday night saying that both the Dragon and Napster code were available for sale. "The Source Code Club is now open for business. SCC is a business focused on delivering corporate intel to our customers. Our main focus is selling source code and design documents, but there are many other facets to our business," the message reads. "To get the ball rolling, we are now offering the souce [sic] code/design docs for both Enterasys Intrusion Detection System (NIDS/HIDS) and Napster server and clients." The files listed on SCC's site appear to be from version 6.1 of Dragon; the current release is 6.3.
[...] _________________________________________ Help InfoSec News with a donation: http://www.c4i.org/donation.html
Current thread:
- Group Offers to Sell Supposed Dragon IDS Code InfoSec News (Jul 13)
- <Possible follow-ups>
- Re: Group Offers to Sell Supposed Dragon IDS Code InfoSec News (Jul 15)