[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Spam from this list
- Subject: Re: [cobalt-security] Spam from this list
- From: Dan Diehl <dan@xxxxxxxxxxxx>
- Date: Thu, 21 Sep 2000 22:18:45 -0700
- Organization: Dan TMC Media
Chris,
Next time use a little discression and think before you act. Some of us see
this list as a valuable tool in our daily work and like it because it
usually brings quick fixes to problems that are discovered on our systems.
I consider all the members in this list as knowledgeable, trustworthy
colleagues with a common goal. I would like this list to continue answering
valid security issues pertinent to the Cobalt Raq servers.
I'm sure I speak for others when I say that your words tainted the image of
this list and threw blame on one of its members prematurely. If you have a
hunch about a potential hacker, please pursue it in your own way, but don't
come here accusing someone in an open forum with no real proof.
By now most of us have read your apology and forgive you, but please refrain
from doing it again - even in jest. Most sys admins already have a full
plate of real security issues and plenty of stress in their lives.
P.S. You have no idea who comes in here and monitors this list - including
bad guys - don't make it worse!
Nuf Said,
Dan.
----- Original Message -----
From: Mike King <mikkel@xxxxxxxxxxxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Thursday, September 21, 2000 6:51 PM
Subject: RE: [cobalt-security] Spam from this list
> Chris,
>
> Fantastic joke :-)
> I am falling out of my chair with laughter ! :-) :-> :+)
>
> But seriously:
>
> Your strategy in dealing with this spammer ended up backfiring on you -
all
> you have done is embarrassed yourself publicly. I suppose you were smart
> enough not to name names, which will probably save you from litigation.
>
> I doubt whether any spammer would be deterred by someone like you 'being
> aware of their activity'. Unless you can substantiate your claims and pass
> this on to someone who has the necessary legal 'teeth', then I feel that
> you are wasting your time.
>
>
> Mike
>
> At 18:27 21/09/2000 -0400, you wrote:
> >Finally... someone with a sense of humor. This is the security list?
Did
> >anyone other than Graeme get the irony of a break in against a
participant
> >of this list??? I did nothing other than trace the machine to find out
> >where the site was hosted and who sent the spam.
> >
> >Sorry for my poor attempt at humor. I have spent years fending off
hackers,
> >and I have never engaged in these activities except against test machines
> >for the purpose of hardening the OS and user applications.
> >
> >The person who spammed me has a porno site hosted in the UK and with a
> >domain name registered out of Australia. However, he has accomplices in
the
> >US that run a 900 service, so tracking this individual or group will be
> >difficult. As far as I can tell, this spammer is running yet another
scam
> >site trying to get you to call 900 numbers to disenroll from a porno
e-mail
> >list. In case you aren't familiar with this scam, a spammer sends
raunchy
> >messages to hopefully your work email address. The only way to stop it
is
> >to call a 900 service to remove yourself from the list. The scammer then
> >pads the 900 charges, knowing you are unlikely to complain. The really
> >nasty ones ask for a credit card number as well before your call can go
> >through. There are no charges I could file unless I participated in
this
> >obvious fraud.
> >
> >I have complained to the spammer's ISP. In many cases, I have
successfully
> >stopped spam by shutting down the spammer's web site and/or e-mail
account
> >by notifying the ISP. So far, this person's ISP has not responded. I
have
> >found European and Asian ISPs to be very uncooperative with respect to
spam.
> >
> >I *did* not break into any machine. I did the following:
> >
> >Ran traceroute, ping, and nslookup to narrow hostnames, services, ip
> >addresses, etc.
> >Checked out registered domain names.
> >Sent mail to postmaster@<naughtyhost>.com to see who replied.
> >Attempted to Telnet so I could see what OS and kernel were on the other
end.
> >Tried to FTP to see what was available through anonymous FTP.
> >Tried some admin URLs to confirm that the host was a Cobalt Raq 3.
> >Performed a few web searches to look for more info.
> >I did find a person on this list with a domain that traced back to the
same
> >host. However, I don't want to reveal who it is unless I can prove this
> >person is the culprit. I sent an e-mail to this individual, and have not
> >heard back.
> >
> >I did nothing illegal!!!!
> >
> >Again, please accept my apologies.
> >
> >Chris
> >
> >
> >
> >
> >
> >
> >-----Original Message-----
> >From: cobalt-security-admin@xxxxxxxxxxxxxxx
> >[mailto:cobalt-security-admin@xxxxxxxxxxxxxxx]On Behalf Of Graeme Fowler
> >Sent: Thursday, September 21, 2000 5:47 PM
> >To: cobalt-security@xxxxxxxxxxxxxxx
> >Subject: RE: [cobalt-security] Spam from this list
> >
> >
> >
> >
> >On Thu, 21 Sep 2000, Richard Emerson quoted Chris Weiss:
> >> I have identified one offender, and I have broken into your server to
> >look
> >> around.
> >
> >Is it just me or has everyone had a sense-of-humour failure? I reckon
> >Chris was being just a teensy bit ironic with his statement... weren't
> >you? ;-)
> >
> >Graeme
> >
> >
> >
> >_______________________________________________
> >cobalt-security mailing list
> >cobalt-security@xxxxxxxxxxxxxxx
> >http://list.cobalt.com/mailman/listinfo/cobalt-security
> >
> >
> >
> >_______________________________________________
> >cobalt-security mailing list
> >cobalt-security@xxxxxxxxxxxxxxx
> >http://list.cobalt.com/mailman/listinfo/cobalt-security
>
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>