[106485] in North American Network Operators' Group
Re: [funsec] Subject line misleading. AT&T Pwned. Sweet Irony:
daemon@ATHENA.MIT.EDU (Gadi Evron)
Wed Jul 30 15:52:56 2008
Date: Wed, 30 Jul 2008 14:52:41 -0500 (CDT)
From: Gadi Evron <ge@linuxbox.org>
To: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
--===============2024463031==
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
I guess history decided the previous discussion in favor of vix. Although
I doubt vix sees this compromise at ATT as a victory, but rather a loss.
Note: HD has not been compromised.
Gadi.
---------- Forwarded message ----------
Date: Wed, 30 Jul 2008 11:46:49 -0700
From: Dragos Ruiu <dr@kyx.net>
To: Paul Ferguson <fergdawg@netzero.net>
Cc: funsec@linuxbox.org
Subject: Re: [funsec] Subject line misleading. AT&T Pwned. Sweet Irony:
Metasploit Creator a Victim of His Own Creation
On 29-Jul-08, at 10:01 PM, Paul Ferguson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Via PC World (IDG).
>
> [snip]
>
> HD Moore has been owned.
>
> That's hacker talk, meaning that Moore, the creator of the popular
> Metasploit hacking toolkit has become the victim of a computer attack.
>
> It happened on Tuesday morning, when Moore's company, BreakingPoint
> had
> some of its Internet traffic redirected to a fake Google page that was
> being run by a scammer. According to Moore, the hacker was able to
> do this
> by launching what's known as a cache poisoning attack on a DNS
> server on
> AT&T's network that was serving the Austin, Texas area. One of
> BreakingPoint's servers was forwarding DNS (Domain Name System)
> traffic to
> the AT&T server, so when it was compromised, so was HD Moore's
> company.
>
> When Moore tried to visit Google.com, he was actually redirected to
> a fake
> page that served up a Google page in one HTML frame along with three
> other
> pages designed to automatically click on advertisements.
>
> [snip]
>
> More:
> http://www.pcworld.com/article/149126/2008/07/.html
>
> - - ferg
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.6.3 (Build 3017)
>
> wj8DBQFIj/Wrq1pz9mNUZTMRAmAhAJ9lT5hosH5xBOWOsTFArDsw1MGN1ACg+wQR
> a12h7wcZ9hy0JN2DtHkuZGo=
> =Wv/X
> -----END PGP SIGNATURE-----
>
> --
> "Fergie", a.k.a. Paul Ferguson
> Engineering Architecture for the Internet
> fergdawg(at)netzero.net
> ferg's tech blog: http://fergdawg.blogspot.com/
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
--===============2024463031==
Content-Type: TEXT/PLAIN; CHARSET=us-ascii
Content-ID: <Pine.LNX.4.62.0807301450051.24306@linuxbox.org>
Content-Description:
Content-Disposition: INLINE
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
--===============2024463031==--
