Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
No joke. At LEAST run War-FTPD or something . . . :) Seriously, people were
like "I can't figure it out." That was before my linux days. so War-FTP was
pretty 'leet then. hehe Hey, it got me into computers and networks way back
when, so I consider all those experiences well worth it.
Although, on a serious note. I hung out with some not-so-good people in high
school (online only). When it went too far (like just morally reprehensible
stuff) I blew the whistle on them, to their strong retaliation against my
family and I. Since I knew what they did and how they did it I could protect
us; but it made daily life kind of crappy for a long time. These people were
good and used social engineering to it's worst possible extent. Tried to
fake hospital visits, psychologists records, credit cards, phone cards,
plain o harassment (work, home, phone, school, you name it), and the
standard internet harassment (web pages, telling everyone they could find
all about me and my family with instructions to harass). It got pretty
nasty. hehe My parents had just seen this 60 minutes special and went "Do
you have the internet? You don't do "chat rooms" do you?". Try explaining
IRC to that. A few weeks later a few suits show up and want to pin this
entire groups 4-year history of a list of felonies on me. Yeah, that was
fun. Loads. Now, when existing technology couldn't do anything to track
these people you can imagine how much fun this was. So, after going through
that for a few years and having it tear up my family pretty badly I got
nailed for an FTP site. Yeah, that was another fun one.
So when I'm "overly-paranoid" it's because I've been on both sides and know
how these people think and what they can do. So I'm really-big on security,
ESPECIALLY physical security (of myself). I may be a scrawny white boy, but
it's probably not a good idea to mess with me. Just because I'm smart and
very aware and have multiple defensive measures to protect myself against
pretty much anything from any weapon and any range (well, OK - you could
snipe me).
Speaking of weapons. My new hobby is range shooting (no I don't carry nor do
I plan on doing so). Last Sat. after Security Essentials I went to Target
Masters down on RangeLine. Now, in IL they make you have a FOID (Firearms
Owners ID) that is registered. Plus when you go to a range you have to show
it, sign a long rules/reg/disclaimer form (every time), and then they make
sure you know proper safety. I go into Range Masters and they just handed me
a gun (Glock 17 9mm), ammo, safety goggles and ears, and let me go. They
asked to see my ID because my credit card says "Ask for ID." Now, I'm big on
the 2nd amendment and against big brother in general, but come on! Now, if
you just tried to run out with the stuff you'd be shot dead before you got
away, but just letting anyone in is plain stupid. Seriously, go try it; it's
a ways down Rangeline. They'll hand anyone a weapon and ammo.
Anyway, I'm going back to sharpening knifes, listening to cadences, and
target shooting while watching my IDS with a watchful eye and a shotgun on
my lap . . . hahaha j/k
-- Brent
-----Original Message-----
From: Davis, Ryan Wiley (UMC-Student) [mailto:EMAIL:PROTECTED]
Sent: Monday, April 02, 2001 6:51 PM
To: EMAIL:PROTECTED
Subject: RE: [MLUG - DISCUSSION] l33t kiddies (was network scanning?)
Brents right. Back in the days before napster nobody but the geeks and warez
kids knew what an MP3 was. I used to hang on the warez scene and FTP is the
way to go. IRC warez trading gives me a headache but sometimes its necessary
(when you need like a copy of somethng weird like softimage or something).
Funny though most of the people in there acted like they were h4x0rs but
they really were l4m3rs gets annoying. As for FTP it was funny cause some
would have readme or something that said youd get messed up if you messed
with their FTP server. Funny thing is I laugh now when I see that message
and they are acting like they are hard and stuff then I notice they are
running a cracked version of Serv-U...really l33t software (and secure none
the less). Of course if you try and through up a warez FTP make sure you
have good space for the IDS log. Once you have a known FTP server you get
scanned a ton. Specially with the warez crew, funny thing is that most of
these kids are using w98 with a silly port scanner and wouldnt know what to
make of port info and a packet sniffer log anyway (go windump!).
As for the websites, those are bad. Make porn pop ups rather bearable (not
that I surf the web for porn). One time a guy I know came to me cause he
knew I was into MP3s and said we had been surfin the internet for mp3 sites
and said he didnt have any luck and wanted to know what site to go to. I
just cracked up and walked away knowing that most of those websites just put
you into an infite banner loop.
As for Greg and crew Ive been wanting to get a job in security for some time
now. And yes the campus machines are breeding grounds for hacking. I guess
its easier to footprint a large university network knowing that alot of the
people are using machines they dont know a thing about. Combine trojans,
NetBios, shared network resources(dorms), weak passwords, un-updated office
and outlook, null sessioning, fresh linux boxes with inetd, rpc, ftps,
DNS(bind) and other stuff that is left open and not updated. Then IIS
servers that arent run by IATS or any other people that care about certain
vulnerabilities... I could go on but seriously its really easy. Greg Johnson
posted a comment on how some boxes were 0wn3d over spring break. Kinda
scary.
To make a long story short there is not much we can really do that will have
any affect. A ping sweep really isnt illegal (from what I know), just dont
be stupid enough to do it on broadcast IP or you could DoS yourself. The
thing is that stuff like this will always be on campus. I ran blackice
defender on a NT machine at work and was suprised by how many Sub7 scans I
got, but then again I also got a scan from Brent saying that IATS Security
was keepin an eye out. Not much you can do but report it but alot of times
the person that owns it isnt doing the scanning.
Ryan
1 0wn j00 n00b!!!1
-----Original Message-----
From: Deterding, Brent D (UMC-Student)
To: EMAIL:PROTECTED
Sent: 4/2/01 5:43 PM
Subject: RE: [MLUG - DISCUSSION] network scanning?
I want to know how long that took to write, because it took entirely too
long to read. I hated that back in my IRC days; damn lamahs couldn't
spell
and traded, *shudder* web sites *shudder*, back and forth. Rule #1 of
IRC/warez/mp3s - no one worth his keyboard had a web page. FTP was the
way
to go baby. Plus, you ever try to keep up with #warez5 when people
wouldn't
spell anything with fewer than 2 num6er$? Then they had, *shudder*
colors
*shudder*, and mIRC (ahhh! my brain is bleeding). Don't leave out those
who
considered themselved |<rad ! because "d00d, I hrd it meant dark
backwards!!!!! way 'leet" And I wondered why I got into groups instead
of
the masses . . .
-- Brent
-----Original Message-----
From: Jonathan King [mailto:EMAIL:PROTECTED]
Sent: Monday, April 02, 2001 2:04 PM
To: EMAIL:PROTECTED
Subject: RE: [MLUG - DISCUSSION] network scanning?
On Mon, 2 Apr 2001, McNutt, Justin M. wrote:
> True. Certain people (Greg Johnson & Co.) in IATS are permitted to
> scan the network any time they want.
w0w d00d2, LlkE h4u m4Ny EMAIL:PROTECTED d0 +H3y 0wN? +H3y mU$t B 3l337 H4X0r$!
:-)
jking
--
To manage your subscription, go to
http://mlug.missouri.edu/members/edit.php
Archives are available at http://mlug.missouri.edu/list-archives/
--
To manage your subscription, go to
http://mlug.missouri.edu/members/edit.php
Archives are available at http://mlug.missouri.edu/list-archives/
--
To manage your subscription, go to http://mlug.missouri.edu/members/edit.php
Archives are available at http://mlug.missouri.edu/list-archives/
--
To manage your subscription, go to http://mlug.missouri.edu/members/edit.php
Archives are available at http://mlug.missouri.edu/list-archives/
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact