Well well... After putting up the CIA hack mirror page on http://www.skeeve.net/cia/ I learnt a few things. o it got 50,000 hits in 1 day o everyone from the cia, senate, fbi, nsa (ncsc) and every other bloody US gov department looked at it masses of times. The CIA looked at it every 10-15 minutes. zztop{root}:15: cat skeeve.net-access_log | grep ucia.gov | wc -l 281 o Even the CIA tries to hack you. relay1-ext.ucia.gov unknown - [21/Sep/1996:01:56:44 +1000] "GET /cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd HTTP/1.0" 404 1180 o Dozens of in.fingerd/in.telnetd attempts from ucia.gov, some mil sites and ncsc.mil sites. as I speak the house are looking at it. b252-209.house.gov unknown - [21/Sep/1996:02:41:37 +1000] "GET /cia/ I "PRESUME" there are no laws (international or otherwise) being broken by my housing of the mirror... not like I actually care.. but it would be good to know. Ok... ive been up all night chuckling at all the different sort of sites hitting the mirror... time to sleep. -------------------------------------------------------------------- Skeeve Stevens Email: skeeve@skeeve.net CEO/The Big Boss/All round nice guy URL: http://www.skeeve.net/ MyInternet Australian Anglicans Online http://www.myinternet.net/ http://www.anglican.asn.au/ Phone: (+612) 869-3334 Mobile: (0414) SKEEVE [+61414-753-383] Key fingerprint = D2 7E 91 53 19 FE D0 5C DE 34 EA AF 7A 5C 4D 3E
On Sat, 21 Sep 1996, Skeeve Stevens wrote:
After putting up the CIA hack mirror page on http://www.skeeve.net/cia/ I learnt a few things.
Interesting. Some background, from Dagens Nyheter (biggest morning paper in Sweden) 09/20/96, by Anna-Maria Hagerfors: (free translation] ************************************************************** They call themselves Mr Big, Zaphod, Lixon, Bah and Nimh. They are Swedish hackers presently prosecuted at the Stocholm (low) court for, among other things, computer intrusion, corporate espionage and fraud. Swedes associated with the group (Swedish Hacker Association) have broken into CIA's homepage on the Internet for protesting against the trial. ... ...telling the Swedish prosecutor: Stop lying, Bo Skarinder! ... Those prosecuted at the Stockholm court are suspected of computer intrusion at Telia (big Swedish telco), Holmens Bruk (big Swedish corporation), KTH (University of Stockholm's engineering division) and AT&T. The oldest of the prosecuted, Mr Big, 29 yo, is believed to be the leader of the Swedish Hacker Association. He's working as a security consultant for a traveler check company and a dept collection service. ... Mr Big has applied for a job at SAPO (Swedish FBI) and Forsvarets Radioanstalt (Swedish NSA). ... *************************************************************** Asgaard
I wont be suprised if they where ALSO watching who was visting your page. I think now is the time to start looking in your hard drive or floppy disk for anything that my incrimanate you. (did i spell that right)? tah ta /*---------/* Wearen Life www.octet.com/~runnerfx Job: Wish I had one Home: Cyber Space Work: Refer to "Job" On Sat, 21 Sep 1996, Skeeve Stevens wrote:
Well well...
After putting up the CIA hack mirror page on http://www.skeeve.net/cia/ I learnt a few things.
o it got 50,000 hits in 1 day o everyone from the cia, senate, fbi, nsa (ncsc) and every other bloody US gov department looked at it masses of times. The CIA looked at it every 10-15 minutes. zztop{root}:15: cat skeeve.net-access_log | grep ucia.gov | wc -l 281
o Even the CIA tries to hack you.
relay1-ext.ucia.gov unknown - [21/Sep/1996:01:56:44 +1000] "GET /cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd HTTP/1.0" 404 1180
o Dozens of in.fingerd/in.telnetd attempts from ucia.gov, some mil sites and ncsc.mil sites.
as I speak the house are looking at it. b252-209.house.gov unknown - [21/Sep/1996:02:41:37 +1000] "GET /cia/
I "PRESUME" there are no laws (international or otherwise) being broken by my housing of the mirror... not like I actually care.. but it would be good to know.
Ok... ive been up all night chuckling at all the different sort of sites hitting the mirror... time to sleep.
-------------------------------------------------------------------- Skeeve Stevens Email: skeeve@skeeve.net CEO/The Big Boss/All round nice guy URL: http://www.skeeve.net/ MyInternet Australian Anglicans Online http://www.myinternet.net/ http://www.anglican.asn.au/ Phone: (+612) 869-3334 Mobile: (0414) SKEEVE [+61414-753-383] Key fingerprint = D2 7E 91 53 19 FE D0 5C DE 34 EA AF 7A 5C 4D 3E
On Sat, 21 Sep 1996, Wearen Life wrote:
I wont be suprised if they where ALSO watching who was visting your page. I think now is the time to start looking in your hard drive or floppy disk for anything that my incrimanate you. (did i spell that right)?
My 2 cents. But how would they go about globaly watching who goes to your URL, unless they hack into your server and look at the log, or have a network sniffer at a access point feeding you?
Well well...
After putting up the CIA hack mirror page on http://www.skeeve.net/cia/ I learnt a few things.
o it got 50,000 hits in 1 day o everyone from the cia, senate, fbi, nsa (ncsc) and every other bloody US gov department looked at it masses of times. The CIA looked at it every 10-15 minutes. zztop{root}:15: cat skeeve.net-access_log | grep ucia.gov | wc -l 281
o Even the CIA tries to hack you.
relay1-ext.ucia.gov unknown - [21/Sep/1996:01:56:44 +1000] "GET /cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd HTTP/1.0" 404 1180
o Dozens of in.fingerd/in.telnetd attempts from ucia.gov, some mil sites and ncsc.mil sites. [ rest of text snipped ]
-----BEGIN PGP SIGNED MESSAGE----- On Sun, 22 Sep 1996, Shane Brath wrote:
On Sat, 21 Sep 1996, Wearen Life wrote:
I wont be suprised if they where ALSO watching who was visting your page. I think now is the time to start looking in your hard drive or floppy disk for anything that my incrimanate you. (did i spell that right)?
My 2 cents.
But how would they go about globaly watching who goes to your URL, unless they hack into your server and look at the log, or have a network sniffer at a access point feeding you?
That may have been what they were trying to do when trying to snarf the passwd file. I can't imagine why they would want to do this -- there's nothing illegal about mirroring the page. Maybe I just lack imagination... Mark - -- PGP encrypted mail prefered. Key fingerprint = d61734f2800486ae6f79bfeb70f95348 http://www.voicenet.com/~markm/ -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv iQEVAwUBMkXrjizIPc7jvyFpAQEcYQgApFV124tsvqSlqPokbGTc1LC49IKDb5zs RPJvGrwMdVAOwg7BY0g2M1uhD8MhD7H72ZYFqKkZfOCvZ+kkwqzSqguzRLo2clIb oJVqCYsA8QYDodKnqRoCGi9huBhvqQ8nLJSKIsPHfhYyvP9AnUjwHnVVCzPLL7DX hDbRc5ZISBrTh0Hxo2+qsB/GIR4JYNLx0ljL1uloMLDxCIso74EUojXl3tNsiGlz Ym4jq9jFYqE4NkJ+gluqhxjPVcpoqcRCxQG5EXAi5Q2RJ4ANEKUzu98FyGynUX81 CICwL0UxYaGNaoN9BrpH9tzofEGCLz+k6oLzWeLODYxkpvlcNUY7Cg== =q1Lq -----END PGP SIGNATURE-----
The CIA has many powers both great and small. If the can cover up findings of UFO's and Murders I am pretty sure they can watch some puny web server. On Sun, 22 Sep 1996, Shane Brath wrote:
On Sat, 21 Sep 1996, Wearen Life wrote:
I wont be suprised if they where ALSO watching who was visting your page. I think now is the time to start looking in your hard drive or floppy disk for anything that my incrimanate you. (did i spell that right)?
My 2 cents.
But how would they go about globaly watching who goes to your URL, unless they hack into your server and look at the log, or have a network sniffer at a access point feeding you?
Well well...
After putting up the CIA hack mirror page on http://www.skeeve.net/cia/ I learnt a few things.
o it got 50,000 hits in 1 day o everyone from the cia, senate, fbi, nsa (ncsc) and every other bloody US gov department looked at it masses of times. The CIA looked at it every 10-15 minutes. zztop{root}:15: cat skeeve.net-access_log | grep ucia.gov | wc -l 281
o Even the CIA tries to hack you.
relay1-ext.ucia.gov unknown - [21/Sep/1996:01:56:44 +1000] "GET /cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd HTTP/1.0" 404 1180
o Dozens of in.fingerd/in.telnetd attempts from ucia.gov, some mil sites and ncsc.mil sites. [ rest of text snipped ]
participants (5)
-
Asgaard -
Mark M. -
Shane Brath -
skeeve@skeeve.net -
Wearen Life