666th poster and 666th thread-creator
Mod of the Mac II series Forums
Total 68K Macs liberated: 7
Regular Disappear!

jt ™

quote:

---

which end of this alleged incident is the april fools joke?

---

666th poster and 666th thread-creator
Mod of the Mac II series Forums
Total 68K Macs liberated: 7
Regular Disappear!

Jeremy

"I'll see you on the Dark Side Of The Moon" - Pink Floyd

quote:

---

Well, as far as I can tell, the 68kMLA Hotline server has been inaccessible for at least two weeks...

---

jt ™

Jeremy

"I'll see you on the Dark Side Of The Moon" - Pink Floyd

~The Penguin

Jeremy

"I'll see you on the Dark Side Of The Moon" - Pink Floyd

traceroute adsl-64-166-61-59.dsl.frsn01.pacbell.net

Pac Bell Internet Services (NETBLK-PBI-NET-8) PBI-NET-8
64.160.0.0 - 64.175.255.255
FRSN01 ADSL Rback2 PPPoX (NETBLK-SBCIS-1001030-163039) SBCIS-1001030-163039
64.166.60.0 - 64.166.63.255

Fleet Covert Ops

Good to here that nothing too bad happened.

>From: "policy@pbi.net" <kana1@pbi.net>
>Reply-To: "policy@pbi.net" <kana1@pbi.net>
>To: Pál ----------- <littlegreencube@hotmail.com>
>Subject: SBCIS Policy Department (KMM154940V34120L0KM)
>Date: Tue, 02 Apr 2002 01:56:04 -0600
>
>THIS IS AN AUTO-RESPONSE MESSAGE - PLEASE DO NOT REPLY TO THIS MESSAGE
>
>Please read carefully! This may be the only response we send you.
>
>Thank you for writing Pacific Bell's Internet Policy Department. This
>address is designated for reporting violations of Pacific Bell's Terms &
>Conditions and Acceptable Use Policy.
>
>We make every effort to investigate all reports of abusive activity in
>a timely manner. The information that you have provided will be used to
>investigate the incident for violations of our Acceptable Use Policy and
>Terms & Conditions, which you can view at:
>
>http://public.pacbell.net/faq/
>
>If you are a Pacific Bell Internet customer writing concerning
>problems you are having with your Internet Service, please direct your
>message
>to the Technical Support Department at: support@pacbell.net.
>
>Since the current volume of email prohibits a personal reply to each
>report, unless additional information is required, THIS MAY BE THE ONLY
>RESPONSE YOU WILL RECEIVE.
>
>When reporting violations, please follow these guidelines in order to
>significantly expedite the investigation process:
>
>-> To report unsolicited commercial email (UCE/spam), please forward
>the entire message, including full headers, leaving the original subject
>
>
>line intact. You will recognize full headers by the "received" line(s)
>shown. If you need assistance in enabling full headers, please refer to
>the help section of your email client.
>
>-> To report off-topic commercial newsgroup postings, please forward a
>copy of the offending post, including full headers, leaving the original
>subject line intact.
>
>-> To report scans, probes, hacking attempts, or similar activity,
>please include an excerpt of your auto-generated log files showing
>ONLY THE INCIDENTS PERTAINING TO PACIFIC BELL INTERNET, cut & pasted
>directly into the email message, including:
>
> *Offending IP Address
> *Date
> *Specific Time
> *Time Zone
> *Source/Destination Ports
> *Any other brief pertinent details
>
>***Screenshots cannot be accepted in lieu of log excerpts.***
>
>***Please DO NOT INCLUDE TRACEROUTES, WHOIS LOOKUPS, or PING results,
>as these do not contribute to the investigation, and can often cause the
>
>
>message to become "garbled" or unreadable.***
>
>***Please make sure that you are not sending an attachment that is in
>a proprietary format (i.e. a log file readable only by your firewall
>program or one that requires special software to view, .xls). If you do
>send an attachment, please note the format type in your email
>message.***
>
>----------------------------
>Pacific Bell Internet
>Policy Department
>abuse@pacbell.net
>----------------------------"

I need the log files (I assume you have those!) sent to my email account. Time to stir things up

Fleet Covert Ops

quote:

---

And unless the culprit has a static IP adderess I don't think we can do a portflood or launch much of any other type of "hack attack" aganst him.

---

Fleet Covert Ops

Padlock Magnet

Im just tryin to keep file size down, even if u do have DSL. I'll snip up the parts you want, or send you the whole file. Let me know via email once again. Thanks for your help that I am unfortuneatly to busy to handle as of right now. Anyhue, lemme know. Magicpenguin@ mac.com

As for the attacker loggin in again and all. He attempted to login only a few hours later that nite, but hasnt since. His IP has been banned, which will temp keep him from connecting period. All Accounts have also been rotated and passwords swapped out. Extra redundant systems have been taken into account, this unfortuneatley includes removing some features from admins, but this is the price of security apparently. Still, I'm happy I'm running a mac, makes it that much harder for them to screw anything up too bad ;)

~The Penguin

quote:

---

TRS-80, I'm with you... I feel like a netard. I learned most of my stuff before this 'inter-web' thing took off... I feel so old and out of it.

---

Ok what is all this turing people in thing? I mean this is what happen when I had my own hotline server up I had my Links folder on sharing cause I have some good servers and I fotgot that I had the 68kMLA one with my login, someone mistakely downloaded and loged in thinking otherwise no hacking, the iBook was stolen a lil while ago and it was in OS X boot with a login so its useless

Jeremy

"I'll see you on the Dark Side Of The Moon" - Pink Floyd

~The Penguin

quote:

---

I think we'd better calm down before we turn into the "68k Mac Vigilante Posse"

---

------------------
MacMoose
Medical Spec., 68k MLA
Total 68K Macs liberated: 9 and counting
------------------

Fleet Covert Ops

quote:

---

who was the guy who nailed the hackers (clifford stoller ?)? i've got a couple of really good magazine articles about net security, maybe i should get a firewall with as much time as i've been keeping the connection/browser running in the background while i'm "working!"

---

~Coxy - Leader, Tactical Operations Unit
00014 Macs liberated

quote:

---

quote:

---

who was the guy who nailed the hackers (clifford stoller ?)?

---

Clifford Stoll, I think, if you're referring to "The Cuckoo's Egg" (which was fiction.)

---

Oh, and the URLs get screwed up not based on length, but when a site like google or altavista uses another URL as an index in, say, double quotes:

www.abc.com/cache=2348239482348283+"www.xyz.com"

quote:

---

Are you referring to his non-fiction book: "Silicon Snake Oil" or something like that I think it was called.

---

Tito

"The use of Southwestern Bell Internet accounts to attempt to gain
unauthorized access to a host, server or network is prohibited by our
Acceptable Use Policy which may be found at the following URL:

http://public.swbell.net/faq/

I will investigate your complaint and take appropriate action.

On behalf of Southwestern Bell Internet, I apologize for any
inconvenience caused by our customer. Please do not hesitate to write
again if you have any questions or if you wish to report other instances
of abuse by Southwestern Bell Internet customers."

---------------------------------------------------------
Pacific Bell Internet Policy Department
abuse@pacbell.net
---------------------------------------------------------

Penguin: I trust that you know which parts of the logfiles I need. ;) You know, when was he online, what connection, UL, DL etc etc... How big are the logfiles?

RAWR.

Fleet Covert Ops

quote:

---

Penguin: I trust that you know which parts of the logfiles I need. ;) You know, when was he online, what connection, UL, DL etc etc... How big are the logfiles?

---

good work, raWr and penguin,
tag em' an' bag em'! *gives thumbs up!*

jt ™

RAWR.

Fleet Covert Ops

68k Macintosh Liberation Army Forums

© 2001-2003 68kMLA