Crackers Take Down FBI Web Servers 105
Xanadu Inc wrote
in to send us a story over at ZD Net about
Crackers
taking down the FBIs Web Site. The article refers
to them as Hackers (Bad ZD! No Cookie!) and says that it
was the result of search warrants being filed against Global
Hell (gH) that apparently got some PCs confiscated.
Re:Stickin' it to the Man... (Score:1)
Re:Read Anti-online's coverage... (Score:1)
---
Re:Shouldn't we focus on stopping malicious users? (Score:1)
As far as breaking into computers to learn, and not be malicious. I will say on behalf of MostHateD, Zyklon, Soulblaze, and every other person raided in the past week that they have never destroyed anything on a machine. Machines are broken into to learn more. Let's take whitehouse.gov for example, that machine could just have easily been backdoord and root kept, and sniffed other accounts. Then those could be used to go on a mass "rm -rf
-mindphasr/gh/mindphasr@cha0s.org
Re:Shouldn't we focus on stopping malicious users? (Score:1)
Hacker v Cracker (Score:1)
Think of the reaction if a paper ran a headline like "Homosexuals rape more young boys" or "The person responsible for the attack was black, black people go round beating other people up"; lawsuit city. Note that these are just to be taken as random examples of other minority groups and nothing is to be read into them.
--
Re:You don't f*ck with the FBI (Score:1)
Re:the scoop on #pascal (Score:1)
Chatted with amadeus on this...
I agree with his defense of the channel and offered to post a "press-release" for the channel allong with all the info that is there. (at andross.dhs.org)
Suffice it to say that hacking exists. To look one way when a friend does it is one thing, but to abide it in your home or channel is dangerous. Like that friend who smokes pot in your car; if he gets caught you could lose your car.
I hope that #pascal will tighten down on "hackers" and recover accordingly.
Re:hack or crack, whatever... (Score:1)
Please don't mention AntiOnline on Slashdot. They really are beneath contempt: muckraking wannabe-journos who think that getting "exclusive" interviews on irc with script-kiddies who've hacked some lame site, is legitimate journalism.
They rip off other people's work, whether it be rewriting 'Smashing the Stack' into their own explanation of how buffer overflows work, or ripping off Freshmeat's HTML page and using it for their AntiCode page, and the majority of stories/analyses they put on their website are inherently flawed and misleading - e.g. they're interpreting a couple of Chinese hackers DoS'ing American webservers as an information warfare attack by the PRC on the USA.
I know for a fact that several of the website hacks they have "exclusively" reported were actually complete bullshit - some _real_ hacker/crackers (i.e. guys who hack into machines, but don't deface websites or try to get into the media) have owned AntiOnline for quite a while, and when they get bored of just reading Vranesivich's mail, they do some judicious re-routing and DNS work and make AntiOnline think that such-and-such site has been hacked. Then they piss their sides laughing when Vranesivich issues a press release about it.
Most of the people involved in AntiOnline are teenagers, and I've been told by someone who claimed to have been at college with him that Vranesivich is a hacker wannabe failure, who views AntiOnline as his own particular way of impressing what he considers to be 'hackers' - i.e. the script kiddies. Dunno whether it's true or not - I'll leave you to make your own mind up.
Dodger
Re:Hackers do serve a purpose (Score:1)
FBI Visits (Score:4)
The best was when they knocked on the door (my room a mess...)
F: Hello, we're from the FBI (badges shown).. Could we come in and ask you a few questions?
M: Sure, but I wasn't expecting guests...
F: Got any computer in your dorm room?
M: Ya.. one behind the couch, two on the desk, one in the closet and a laptop on the bed.
.... anyway the dude with a clue told me what happened (6 months earlier) and they left and never came back..
So now I have my very own file in the FBI archives.. (Does that raise my purety test score?)
FBI site not downed, only bandwidth wasted. (Score:1)
Re:Cracker...Grounded! (Score:1)
As far as media attention goes - I have not given a single interview or gave any quotes to any media outlets. It is not my choice whether the media does this or whether they do that. They are the media, they do what they want. You know that.
-mindphasr
Re:One more step. (Score:1)
ARPAnet, and who did that come from?
Re:Read Anti-online's coverage... (Score:2)
about a month ago, WSU (http://www.wsu.edu)'s webserver *was* cracked. If you were logged on when the instigating party was, you usually got a message flooding your terminal that said "The Matrix Has you" and at one point people were getting ads for the channel #Pascal. They did a fairly nice job... ended up getting the webAdmins to make the web server, our UNIX server, and our mail server serve only local (WSUNet, ResNet and DialUp) users.
If you spend five minutes in #Pascal, you will learn that it *does* have to do with cracking...
Basically, the point is that they use PASCAL to 'program' cracks, and these cracks *work*. In a few moments here, another message will be posted with a few links.
*shrug* Maybe you should spend a little time in the channels before you infer that you know of their content.
-nicole
Crackers... (Score:3)
I guess its just what was said above about cracking being the instant gratification method, and hacking being the long, slow method.
Re:Stickin' it to the Man... (Score:1)
If you're going to screw with the FBI, at least be creative about it so you'll have something to brag about in jail.
Re:Hacker vs. Cracker (Score:1)
Anyone know what hackers call crackers?
Retards, Lamers, Fucking annoying little dipshits, et cetera, et cetera...
D.
Re:crackers are hackers (Score:1)
Re:Mountain from a Molehill (Score:1)
-- Give him Head? Be a Beacon?
Re:Flooding a web server != 'Hack Attack' (Score:1)
Re: (Score:1)
Lame Posts (Score:2)
http://l0pht.com
http://www.2600.com
http://www.resentment.org
http://www.303.org
Cracker/Hacker contrast (Score:5)
I've been a hacker (not cracker) for quite a few years. I've written a lot of networked applications, been sysadmin on many types of systems and networks, decoded protocol stacks and the like... in short, I could probably be a killer cracker if I really wanted to. But I have no desire for that. Cracker accomplishments seem too fleeting for me. A crack might make the news for a day or two, but eventually it fades away. If I instead develop an open source tool that becomes popular, I will have a much more noticable (and positive) impact that will last for a long time. I get the satisfaction of actually having built something instead of having torn something down.
But I can understand the lure of cracking. It appeals to that puzzle solving side of me. If only the two communities were not so often confused in the media... (sigh)
Thad
Re:Taco, you rock (Score:1)
Cracker = Often tasty baked good, sometimes in the shape of an animal.
Hacker = Low life freak.
Neigh God Like Being = Person that knows an aweful lot about a system.
Whoops, you mixed up the definitions for a Teletubbie, a 3l1t3 d00d, and a Sysadmin...
Re:Webservers? (Score:1)
Re:ROTFL! (Score:1)
Re:New Fed Pastime, stealing computers... (Score:1)
---
A group of hacker self called slashdot... (Score:3)
This group is one of the most numerous, counting no less than many dozen of thousands of hackers who are always working on taking sites down.
The FBI said they cost more than 100Millions of $ in downtime to the society owning the websites they hacked..."
That would be funny if someone would do a satyric article in this style. Anyone has got other ideas to rewrite this or continue this???
BTW: not being myself a hacker (just a wannabe or a newbie) I found it a shame that the mainstream press use this word in this way, I really like this word and don't like to see it used by crackers.
Re:FBI Visits (Score:1)
Flooding a web server != 'Hack Attack' (Score:3)
Hell, we slashdotters take down websites all the time...
My 2 cents (Score:2)
I think that the FBI was just really asking for it.
The US government is cracking down on hackers because they (hackers) have more power than them. Hackers are not really "bad"" in the normal term. They commit crimes, but the crimes that they commit are most of the time essentially harmless. I believe that there will always be hackers.
I think that what they did was really wrong. They really gained only 2 things out of it:
1. Publicity - The media jumps on every chance to get a story about hackers. They tend to believe that they are some big "secret organization" that is trying to take over the world. I think that this story will ultimately work in the hackers favor because it shows that hackers can kick the governments butt if they want to.
2. The second thing that they got was a lot of bad publicity in the goverment. The US government (and others) will now try even harder to crack down on the Internet. The governments of the world will try and regulate it (eventually) to the point where all content, including webpages, is strictly regulated. If this happens, hackers will continue to survive, but will eventually all be caught or simply dissapear.
overall, what they did was not good for the internet community. Something less specifically directed at the government would have been better.
I know this is probably confucing, ihave no idea what I am typing either.
Pushing it back underground (Score:3)
Hahah (Score:1)
i'm not sure i grab you (Score:2)
This is just one more step toward the government trying to control the internet.
i don't agree. i think this is the government trying to squelch the hordes of 3133+ script kiddies, but not trying to control the Internet. That's the job of the large ISP corporations (AOL and the family-values-havin' like) and the no-sighted crypto restrictions.
When will they realize that when you mess with internet lifeforms, they will bite back and defend their 'offspring'?
i'm not sure i grab you here. i think this is a case of the h@x0r d00dz defending their turf, not a solidarity among net users. no one likes to see their contemporaries raided as a result of acts they too have committed. it makes people scared. this is those people's way of making the Man just a little bit more afraid. i don't think it will work.
-krog
U.S. Senate Web site "hacked" (Score:1)
http://www.senate.gov/ [senate.gov]
Select your favorite senator from the list, surprise!
Or, just open http://www.senate.gov/index.cfm. [senate.gov]
Re:Neither, just scorched earth (Score:1)
But a DoS attack is not any server crack. A DoS attack simply burns up all the bandwidth in the neighborhood and the server.
Correction - A DoS attack is a 'Denial of Service' (note the initials). Overloading a webserver (or it's link with the Internet) by flooding it with http requests/connections/pings/whatever is a TYPE of DoS attack. There are others, including things like teardrop, land, etc.
Just felt the need to be pedantic...
The Dodger
confirmed hack (Score:1)
yep. zdnn got the story. [zdnet.com]
You don't f*ck with the FBI (Score:2)
If you f*ck with the FBI, they will catch up to you. Sooner or later. And, your ass will be grass when they do. At best, you will lose your computers, and your parents will have to spend tens of thousands of dollars hiring a lawyer.
I remember someone in Isreal, who, in his arrgogance, thought he was too good to be caught. Think again. They caught him.
- Sam
Hacker............. (Score:1)
HACKERS! Stop it. You want to do something, get into the FBI's internal....hehe.... Without that, you have nothing. But you can't do it. It is impossible. With all this commotion no one is looking at the possbile consequences. What you are doing is wrong and illegal, so stop it. Get like me. Get a job. Do it for a living. When you get asked to crack a system, that is when you know you are getting good. To all the hackers that think they can do something....sorry....you will only hurt yourself.
Webservers? (Score:2)
the scoop on #pascal (Score:2)
BS you say? look here [dhs.org].
the
Read Anti-online's coverage... (Score:5)
If some of those items, specifically the article
about the FBI directives sent to ISPs, are true,
it is a VERY disturbing situation...
here are some excerpts....
AntiOnline Receives Directives
Thursday, May 27, 1999 at 11:59:27
by John Vranesevich - Founder of AntiOnline
AntiOnline has recieved directives given to
several ISPs listing the groups of hackers and
hackgroups that they're currently targeting.
Sources faxed AntiOnline the 6 page directive
which begins:
-snip-
The request then goes on for 6 pages listing
hacker, groups, and media currently under
investigation by the FBI. The list contains
not only the hacker's handles, but in most
cases, their real names. For the privacy of
those involved, AntiOnline is only publishing
their aliases. Here is a partial list of the
individuals on that list:
-snip-
Notice an important section from the above
paragraph: "...and media currently under
investigation by the FBI."
Now I REALLY have to wonder...what MEDIA is under
investigation by the FBI...and more importantly,
in what way are media services related to crackers
and their activity?
I am wondering if the FBI is attempting to "get
some dirt" on those media outlets that they
detest...(this may be completely off base but it
deserves some attention...).
Another interesting(and disturbing) part is listed
later on:
The directive goes on to request information to:
Directories, files, logs, records, information or
any data concearning IRC Channels visited by
Hackers or individuals listed in paragraph 1,
specifically:
It goes on to list the following IRC Channels:
#creep
#j00nix
#tk
#pascal
#ex0dus
#faggotsex
#gayfagsex
#gaysex
#hackunix
#hax0r
#lezbiandsex
#linux
#sex_gay
#sex_pl
#shellx.log
-snip-
It concerns me that some of those channels have
*NOTHING* to do crackers at all...
#PASCAL?!?!
Again, maybe this is not important...
but I am certain many people have visited #linux
for non-cracking reasons(I know I have on
EFNET).
Just some thoughts...
dCf
--"They go around loooking younger for a few days,
then they need more...."
Re:You don't f*ck with the FBI (Score:1)
-mindphasr/gH/mindphasr@cha0s.org
http://www.gb2600.com/
Waste of time... (Score:4)
It's about time (Score:1)
ugh (Score:1)
Re:Shouldn't we focus on stopping malicious users? (Score:1)
As for your claims that the a systems "page was defaced to show that it was vulnerable", I can't accept that. The traditional way of letting a system's admin know that his system is vulnerable, if to send him an email from himself, or to leave an unobtrusively small image on the webpage, linking to a declaration that the system has been hacked. I continue to believe that it was done in order to attract publicity and in order to impress peers.
I'll always put down cybervandals. They give the rest of us a bad name.
The Dodger
Re:Shouldn't we focus on stopping malicious users? (Score:1)
Some of the more intelligent/informed members of the media have taken to describing malicious crackers, who deface webpages, remove files, carry out DoS attacks, et cetera, as 'cybervandals', which is a perfect moniker. There is a world of difference between a cybervandal and a hacker who hacks into a system in order to learn about it (I used to have to hack into Suns in order to learn how SunOS worked, for example, because I didn't have an account on a Sun) and doesn't do anything malicious.
Put it this way - If someone were to hack into my network and do something malicious, like trashing a server or defacing a website, my first action would be to call the Computer Crime Unit. You can call me a fuckin' narq or whatever you want, but if some little shit is trying to trash the systems I administrate, I will take steps to ensure that he never fucking does it again, whether it's by cooperating with the police in identifying the perp and securing a conviction, or by paying the fuckwit a visit and breaking his fingers.
On the other hand, if I come in one day and find someone logged onto the system, poking around, reading manpages, et cetera, and I discover that he hacked in because he wanted to learn about the operating system, or hardware or whatever, then I'll invite the guy to come 'round for an interview, and, assuming he fits the bill, I'd probably hire him.
D.
Re:the scoop on #pascal (Score:2)
"hack" or cause permenant harm to any servers, whether or not anyone in there has ever tried is another things succeeded, now thats another thing. Attempting to link us with a group that weve never heard of is BS and they seem like morons just by looking at what they do and what we
ve heard, if we were a member of any group we would at least admit it. Whether or not zyklon was ever in any of those groups, i do not have that information he was in lots of things we never knew about, we have been around since the old irc war days we were known as the #pacal crew back in those days and we do refer to ourselves in that way still, but at no time were we ever into hacking servers or causeing harm apon anyone for no reason. And if you really wanna hear more or ask questions as I said above your welcome to contact me, and that still stands, but at least get it right before some punk passes stuff he feels gets back at us for things we may have done to him (ie. pissing him off banning him and such) 99% of those logs seem real although there are a few questionable lines in there, i know i did get laid so thats true, but that log was made a couple months ago and really has nothing in it linking us to any hacking group. Oh and in closeing 1 i remember that day well and noone even remembers teknodragon joining the room none, and on top of that he came in said cln and not another day thing, Im not sure who the hell he is and how that makes him special but if he has a problem with us hes welcome to take that up with us instead of spreading untrue things about our chat room. the motions made by the lines : [17:34] drip, ya want in the group as a distro? =)
[17:34] what group?
[17:34] an 3l33t hax0r group that hacks in pascal =)
[17:35] err with pascal hacks
now come on hacking in pascal? hacking takes a little better programming language then tp7 sorry to say that was a joke by someone in the channel if you believe that you should be the one being locked up, for your own good
Re:Cracker...Grounded! (Score:1)
Along with being best of friends with MostHateD I am also the co-founder of gH/global hell. I understand the slashdot forum and the rest of the internet when they call someone a 'script kiddie'. I will say I feel the same way. However, knowing a lot of people in the community it makes it very hard for people who do not know the person to clasify someone as something. I will tell you some of these people you innocently label 'script kiddies' may be some of the most intelligent people you will find on the Internet. Please give this a thought before shamelessly label someone.
-mindphasr/gH/mindphasr@cha0s.org
FBI, or NIPC? (Score:1)
What're you talking about? (Score:2)
You think setting up illegal conference calls on someone else's network for hundreds of thousands of dollars is defensible? Oh, and when you get search-and-seizure, you vent your frustration by downing the FBI website? Real mature! Damn, it's like you give a baby a hammer, and everything looks like a nail to him! These kids have to be taught that you can't get around life doing whatever the hell you feel like. The internet had a bad enough rap after the Colorado shootings, this doesn't help any.
Re:Mountain from a Molehill (Score:1)
Re:Cracker/Hacker contrast (Score:1)
Re:Hacker v Cracker - No such thing as a CRACKER. (Score:1)
they've always been called straight through the
70/80s and into the 90s. Its only recently that people on slashdot have tried to change the definition and it's quite annoying. Cracking the
password is only 1% of the total job, the rest
is being a hack with what tools you've got. Hence,
the hacking. Thats what the most part is. Sure, there are people that just crack files and passwords, but thats ALL THEY DO. All these other
kids go through multiple hosts, run your famous scripts, run your famous programs, do whatever else they can do to be a 'hack'.
Uneducated foo's.
/me goes back to watching Tron.
Re:Mountain from a Molehill (Score:1)
-mindphasr/gH
Stickin' it to the Man... (Score:1)
I would also like to say that I enjoy sticking it to the Man as much as the next guy, but this is one of the rare occasions where I wouldn't care about something like this.
btw- pardon my inabaility to articulate ideas today... I've got a cold and school is pissing me off.
Re:Cracker/Hacker contrast (Score:4)
Instant gratification.
To be a respected hacker is a lot of work. To be a famous hacker requires incredible talent. Inspiration, elegance and sophistication are all requirements to be a respected hacker. By definition, a hacker writes his own code, since the code IS the hack.
To be a "respected" cracker, requires little time. Most crackers do not have to write their own code. Elegance and sophistication may keep you from being caught, but are not requirements. Instead, to gain recognition as a cracker, you are judged by the prominence of those systems you break.
Me, I'm in it for the long term even if I never do become famous.
Re:hackers (Score:1)
*imagines dozens of
D.
Re:hackers (Score:1)
Amen (Score:1)
Re:Shouldn't we focus on stopping malicious users? (Score:1)
As an admin who has had to resurrect several cracked/hacked systems, I have to say this:
Even curiousity-hacking's time is past. If you are running a production system, and it is hacked, you spend a sh*tload of time verifying data afterwards. One system I've seen was cracked mostly for masquerading; eventually, one of the gang of script kiddies broke his/our customer's toy/system, and there was much production lost (recovering from backups, after reloading the OS, takes lots of time on an archival server). Finding out your system is cracked is like finding a bomb threat - all else stops until you do an extensive search.
It doesn't matter if you do damage - the damage is in the uncertainty; e.g. (not-really real-life experience) if an airline system holding airplane maintenance manuals was hacked, do you (A) close the loophole, or (B) start doing real serious checks to see if anything (like the manuals) was altered? Crashed planes suck. The "it was innocent" plea just doesn't cut it in the real world, because the only person who knows can't be trusted - if you want to hack on systems, get a job or buy your own.
That's NOT what I meant... (Score:1)
I have as much disdain for script kiddies as the next guy. In fact, probably more. Info security is my job.
Onion Article? (Score:1)
That part about how his parents would be mad about the FBI taking their computers was especially hilarious.
Lisa
Hackers do serve a purpose (Score:1)
Mountain from a Molehill (Score:2)
-- Give him Head? Be a Beacon?
Re:You don't f*ck with the FBI (Score:1)
hack or crack, whatever... (Score:1)
antionline [antionline.com] also have a new story about FBI, ISP, and hackers right here [antionline.com].
--
Crackers remind me of... (Score:1)
maybe another hack (US Senate)? (Score:2)
antionline sent me this:
US Senate Website Hacked Thursday, May 27, 1999 at 19:42:37
The hacker "counter strike" continues, as the the official website of the United States Senate is defaced.
For their link click here [antionline.com]. Although it may not work... hmmm....
I was a script kiddie. I've seen all this before. (Score:2)
Back then, the FBI was making a regular habit of confiscating computer equipment. It was commonly referred to "being visited by the men in brown shoes". The FBI didn't usually press charges. They just walked in and took all your stuff.
It really sucked if you hadn't done anything wrong. Which I suspect happened all to often. It's fairly trivial, although rather illegal, to reroute a phone system so your making phone calls on your neighbors line. If your neighbor owned a computer -- well hopefully you guys weren't friends... At least not for long...
I did learn an awful lot during my larval stage as a script kiddie. Not in the least how to keep a low profile. There's something about watching your friends' BBS's disappear through the "Men in Brown Shoes" to really encourage the use of aliases.
And, in time, I went on to do some interesting things. A few of which were even legal....
As for retaliating at the Man: It's an awful lot of work to do it right. But, yeah, I suspect I could do it. And I suspect I could get away with it. And that little fact lets me sleep a lot better at night.
There's a lot of powerful people in this world who could really hurt me. Our government is full of such people. But, as the sayings go: "Live and let live". Or, alternatively: "Piss me off, pay the consequences..."
Re:New Fed Pastime, stealing computers... (Score:1)
whoops, gotta go...
Cracker...Grounded! (Score:1)
Mosthated's mother confirmed to MSNBC that her computer had been confiscated by the FBI, and said "And I'm really mad."
Big evil cracker-person...sent to his room by his mom.
Re:Cracker...Grounded! (Score:1)
I will allow that script kiddies do possess some intelligence and knowledge, but only to a certain level. They are seriously deficient in common sense, however.
Put it this way, if they're so goddamned smart, then how come they get caught?
The real hackers are hardcore guys who spend a significant amount of their waking hours in front of a computers. They gain respect amongst their peers by dint of their knowledge and skills, not by hacking a high-profile website. They don't court media attention - in fact, they studiously avoid it.
And you never, ever hear of them, because they don't get caught.
Dodger
Not just the 90's (Score:1)
Hackers are often unconcerned with the havoc their computer probing might wreak. Statements from what may be called the radical left among hackers sound even more anarchic. "Philosophically," pronounced Richard Stallman, a self professed hacker and expert programmer who has placed some of his best work in the public domain, "We do not believe in property rights"
TIME/LIFE BOOKS Understanding Computers Computer Security Published 1986.