[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: A ReYou'll be the judge. (was: Hackers from leb.net)
On Tue, 27 Oct 1998 hzo@goldfish.cube.net wrote:
> I'm here to defend Alex Khalil from leb.net and me against these
> incredible allegations about a "hack attack" against Israeli servers.
> In the meantime the whole thing seems to go out of control and changes
we are not the one you need to explain this to, since we are well aware of
the implications and problems. my personal oppinion is that you should
actually let it be, because this could actually start to become dangerous
to you. Hank Nusbacher is no small fish and can pull as many strings as he
wishes. you have already wrote to all of ISOC-IL's management, and this is
the most you can do right now...
just some points:
1. the computer having a lebanonian name is not working for your benefit
2. the fact you're German may also not help in some people's minds
3. a DOS attack means "Denial Of Service". Do you call yourself a network
expert, or are you a kid who thinks he discovered QueSO? answering
people with "I'm using Linux, how can it be a DOS attack" sounds very
unprofessional
4. before everyone on this list puts their good name on the line and
defend you, could you make sure your machine has indeed never been
broken and used by crackers as a homebase and camouflage for break in
attempts? your obvious mistake (see 3) makes me think that beirut box
may have indeed initiated attacks, maybe not by the incompetants that
run it, but by people they blindly let in.
> from something where you could laugh about into a pretty severe case. A
> gentleman from a security company c
> is shining up in an Israeli news paper.
that could be a publicity stunt maybe, and there is not much you can do
about it. money talks, and the guy will not let go of it.
> I'm not willing to remain quiet when I get drawn into something which
> are pretty serious allegations.
> It is really a shame that these people who released a false alarm which
> was triggered by my operating system survey now try to save face by
> accusing others of _criminal_ behaviour.
and following it will be a formal complaint at the interpol. do yourself a
favor and shut up about it.
> These who triggred the false alarm behaved unprofessional and hysteric
> when the packets of my survey were registered by firewalls. This survey
it doesn't matter. Nusbacher rules the entire Israeli Academia network,
the ISOC , the IBM net for Israel and more. rules not de jure but de
facto. you do NOT want to talk becak to him. you want to appologize and
watch your ass. I have argued with him in the past, but NOT when a
criminal charge was hanging above my head.
> Hi ----,
>
> sorry for the disturbance.
>
> system is determined. For details and statistics, please visit
> http://www.hzo.cubenet.de/ioscount/
> More than 940 000 hosts were queried until today.
when you started this adventure, did you really never think about the
legal implications if someone was to see this as an attack? how naiive
were you when you started? did you not think of pasting a nice big legal
disclaimer and explanation on your site after talking to a lawyer "just in
case" before starting?!
> To prevent further irritation I can put host into
> the exclude file and they will no longer be queried.
> If you want to exclude further hosts from the survey,
> please send me the domain name(s) which should be excluded.
> I'll put them on my exclude list.
exclude lists are NOT a solution, as you see. I would SERIOUSLY consider -
if I were you - to start looking for a lawyer. you don't have to pay him
or consult him yet, but since this is out in the press, and leading the
pack in a guy from ISOC, there is a good chance it will leak to
international newspapers, and you may need one before you know it. YES, it
may seem paranoid of me, but I'm trying to be a fatalist while maintaining
a realistic view here.
> answers were evaluated. The principle is available for further
> evaluation at http://www.apostols.org/projectz/queso
there is something that really bothers me with QueSO's page, btw. the
URL's name and spelling, as well as the design reeks of hackerism of the
underground, questionably legal, type. it is definitely not the page you
want to send to ISOC to make yourself look better.
> correct. It is incredible! He notifies the Israeli press before
> verifying at leb.net what really happend and then does not contact me
> despite I send him two emails which refute his claims. I'm sorry to
> state that I feel that this has to be described as an unprofessional
> behaviour.
what's done is done, like I told Alex, it will be more usefull for you to
talk to the Israeli press than Nusbacher and friends right now, IF you
think you want to stick yout foot in this deeper at all.
> After some time I find out, that some article was posted online by El
> Haaretz about a hack on Israeli servers. I try to get it, but -yuck-
> you need a password to read this article. So I'm writing the
well, Mr. Hans "-yuck-" Zoebelin, not all papers are free on the net.
Haaretz, actually, IS free in the english edition. it was the stupidity of
whoever you were writing to that sent you the article in Hebrew, I can
understand how frustrating that is, but if you would have dug a bit in
their site you would have found it, not password protected even...
> postmaster and explain to him , that I think I'm accused to have hacked
> these Israeli servers and if he could send me this article. After some
> time I get response from El Haarez containing a pointer to this article
> and a comment, that the article will be available there until Sunday.
one more thing. it's Ha'aretz and not "El" Ha'aretz. "El" is the "The"
preposition in Arabic, and not in Hebrew.
> So I fire up my browser to read it, but -yuck- again I'm questioned for
> some pass word. It seems as if they are securing their articles better
> than their military servers.
unlike the US army servers we don't put ours on the web, see... I wonder
how you would make that comparison... I'm sure you never tried to hack
into an Israeli army server.
Ha'aretz, lamely enough, seem to be using ASPs on their site, which
sugests the use of NT, btw.
> reference. And really the article is inclueded as attachment. I open the
> attachment and -yuck- the article is
> in Hebrew, which I unluckily don't understand, Only the words "denial of
> service" and "leb.net" which shine up "unencrypted" seem to show pretty
> clear, what there is written.
send it to us and we'll translate it if you'd like.
> 2) How can a hacker fire up an "DOS http attack"
> when the server (leb.net) is running on Linux,
> an Unix clone.
see my remark aove
> PS: If these allegations about criminal activities will continue to pop
> up, I'll have set up a web page, where all facts and log files will
> be presented to the public for closer inspection. These gentlemen who
> claim to have witnessed a "hack attack" on Israeli servers will then
> also have the chance to present their evidence and log files to the
> public for inspection by expert viewers from all the world.
go ahead and set it up now, I wouldn't wait one more minute if I were you.
> Luckily nowadays it is easier to go public than in earlier times. You
> don't have to own a whole news paper anymore. 10 mb of web space is
> all you need.
sadly today you don't need to produce a book to make people angry at you,
you just spew some IP packets over the net with spam of any sort (IP or
SMTP level) for almost free.
Don't get me wrong, I like the idea of the IOS++ counter very much, but
only if it was done by a responsable known company with financial and
legal backing, and not by "some guy who wanted to count some stats" and
didn't stop for one moment to think. maybe offer this project to netcraft
or some respectable research firm (like Zona Research that's quoted by all
the online news sites) so as not to risk your sorry ass.
Good luck. Ira.
--
Ira Abramov (°- L I N U X -°)
whois: IA58 //\ /\\
www.scso.com v_/_ Because a 486 is too good to waste _\_v