CDR: RE: Re: Visit a hacked site, loose your computers.
Read the article. Of course the time is well known, and the logs are stamped. You are naive, though, if you beleive that will stop an LEA from trashing the lives of innocents... ...and of course they'll get away with it. Peter [Now, I'm not excusing the FBI's jackboot tactics in this case, but I will point out that Mr. Salomon poked at 'unusual' ports, and zone transfered yankee.com during his investigation. An IDS might well trigger an attack alert under those conditions. The government's theft of his property after all this was explained, is of course inexcusable.]
---------- From: mmotyka@lsil.com[SMTP:mmotyka@lsil.com] Reply To: mmotyka@lsil.com Sent: Tuesday, October 31, 2000 3:19 PM To: cypherpunks@cyberpass.net Subject: CDR: Re: Visit a hacked site, loose your computers.
Wouldn't the time of the hack be pretty well known and wouldn't the RPI firewall logs be timestamped or am I naive?
Is knowledge being used as evidence of guilt?
Mike
Andres Salomon, a fairly clued in RPI student, heard on IRC that the Yankees website had been hacked. He checked it out, noted some well-known Red Hat security holes, and came to the conclusion that there had been a DNS redirect attack. Total time: 5 minutes.
The next day, the FBI raided his dorm room and seized his computers (along with a copy of ORA's DNS & BIND).
Peter Trei
"Trei, Peter" wrote:
Read the article. Of course the time is well known, and the logs are stamped.
I meant naive in my guess at what level of detail was recorded. Wouldn't those same logs and those of the Yankee's ISP also show that his IP address and equipment was NOT connected at the time of the break-in? Shouldn't his lawyer immediately go after those records before they are conveniently erased?
You are naive, though, if you beleive that will stop an LEA from trashing the lives of innocents...
I've -never- underestimated to potential for abuse of power wherever it concentrates.
...and of course they'll get away with it.
This is the biggest problem.And also the greatest weakness.
Peter
[Now, I'm not excusing the FBI's jackboot tactics in this case, but I will point out that Mr. Salomon poked at 'unusual' ports, and zone transfered yankee.com during his investigation. An IDS might well trigger an attack alert under those conditions.
Poking at ports is no crime. Or is it?
The government's theft of his property after all this was explained, is of course inexcusable.]
No crime a'tall - we're just GovCorp property these days. Mike
participants (2)
-
mmotyka@lsil.com -
Trei, Peter