Read the article. Of course the time is well known, and the logs are stamped. You are naive, though, if you beleive that will stop an LEA from trashing the lives of innocents... ...and of course they'll get away with it. Peter [Now, I'm not excusing the FBI's jackboot tactics in this case, but I will point out that Mr. Salomon poked at 'unusual' ports, and zone transfered yankee.com during his investigation. An IDS might well trigger an attack alert under those conditions. The government's theft of his property after all this was explained, is of course inexcusable.]
---------- From: mmotyka@lsil.com[SMTP:mmotyka@lsil.com] Reply To: mmotyka@lsil.com Sent: Tuesday, October 31, 2000 3:19 PM To: cypherpunks@cyberpass.net Subject: CDR: Re: Visit a hacked site, loose your computers.
Wouldn't the time of the hack be pretty well known and wouldn't the RPI firewall logs be timestamped or am I naive?
Is knowledge being used as evidence of guilt?
Mike
Andres Salomon, a fairly clued in RPI student, heard on IRC that the Yankees website had been hacked. He checked it out, noted some well-known Red Hat security holes, and came to the conclusion that there had been a DNS redirect attack. Total time: 5 minutes.
The next day, the FBI raided his dorm room and seized his computers (along with a copy of ORA's DNS & BIND).
Peter Trei