lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.GSO.4.43.0208150512320.24474-100000@tundra.winternet.com> From: dufresne at winternet.com (Ron DuFresne) Subject: An urgent warning to all concerning ~el8 / project mayhem (fwd) It seems that the whitehat community is under a new attack, putting fear into the souls of some reputed security experts, leaving them to now, rather then admonish these spoiled children, to rather brag them up and promote what some are referring to as their fine skillsets and tools. I'm sure this comes as dismal to many in our community, as well as myself, that not only is such an attack sending some into this position of subcumming to the whims of minor-terrorists and in a fashion, condoning them to some point in an attempt to avoid becoming ridiculed with attacks upon the systems and servers the fellow security folks are running and finding compromised repeatedly in recent weeks. In other words, like the quotes cited in the article mentioned in the forwared posting below, some are paying a verbal ransom to these little brats. At least one security related list is being pretty much held hostage to the onslaught of spew mentioned in the posting and article it cites. Now if we were managaing the list, and trying to maintain the policy of un-moderation, we'd at least unsubscribe each spamming spewer to it. For there's one thing anyone that has raised children come to understand, it's that they tire quickly of having to put forth too much effort into their games. Certainly we see the tendency to pay homage to their rants and nasty little hacking ventures into the systems of others as feeding right into what many of Marcus' recent comments to the reportings of the SANS weekly security digests highlight; [Editor's Note (Ranum): It doesn't matter what the maximum is, when the minimum is the slap on the wrist that hackers usually get. [Editor's Note (Ranum: A violation of the public trust in the US: 1-2 years. A $360 stolen credit card transaction in Indonesia: up to 11 years. No wonder we have so many problems like this.] <see the most recent SANS digest; SANS NewsBites Vol. 4 Num. 33, from this week for the related stories to these comments> Seems folks are doing just what Marcus has long been promoting against, rewarding these silly little kids for their games and intrusions and minor-terroistic rantings. This only serves to encourage not to train them to potty properly as they must have been mistrained in their earliest years. Rather the community bands together to publically spank the little fewls with some deserved time-outs from society. Articles like the one citing a number of 'security professionals' like te one mentioned in the forwarded post does diminish some respect for these folks feeding the kids in their attempts at public tantrums and rantings for attention... Thanks, Ron DuFresne ---------- Forwarded message ---------- From: dev-null@...id.com Subject: [Full-Disclosure] An urgent warning to all concerning ~el8 / project mayhem Date: 15 Aug 2002 03:45:24 -0000 To: full-disclosure@...ts.netsys.com I will not disclose my name for obvious reasons. However, as much as it pains me to do so, I need to issue a grave warning to all subscribers who are loosely antagonizing these ~el8 / project mayhem / #phrack high council individuals. When I called them kids, I meant in the sense of their behavior as being childish, not in regards to their technical abilities (if any). It would appear the sole publicly accessible machine on my company's network has been compromised using a remote Apache exploit (Apache is the only daemon running on the machine and it was installed after performing a Net install of FreeBSD-current). An obscene note was left in my webroot that I will not enclose here. The version of Apache I am running is 1.3.26. It was installed weeks ago in response to the "Apache chunking" vulnerability. Unfortunately I do not have the data available to reconstruct the attack, but I have since taken steps that will hopefully thwart all future attacks, and I urge subscribers to this list to do the same (via chroot mechanisms). They sit on #phrack on the EFNet irc network. I have joined there incognito, but as far as I can see, no mention has been made of any such vulnerability or exploit. They are using "handles" that are rather self-deprecating and appear to be feigning technical incompetence for whatever reasons. It seems they are deliberately trying to be underestimated, but the connection to ~el8 is very obvious. A friend of mine who has more underground know-how, so to speak, has told me that among their ranks are known exploit coders. There are also connections to blackhat groups such as ADM and TESO. In the topic of the channel is this wired.com article: http://www.wired.com/news/culture/0,1284,54400,00.html
Powered by blists - more mailing lists