Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Compiling the WikiLeaks Fallout

app13b0y hey US government (833 comments)

if you have nothing to hide then you have nothing to fear

more than 3 years ago
top

Could Anti-Texting Laws Make Roads More Dangerous?

app13b0y Re:Simple solution (709 comments)

this reminds me of a conversation with a friend

friend: "I really wish I had a system in my car where I could talk and it could turn it into text and send the text message, and then when they text me it would read the message outloud"

me: "you mean like talking to them on the phone?"

friend: "exactly!"

me: "then why don't you try calling them?"

more than 4 years ago
top

EU Demands Canada Gut Its Copyright and Patent Laws

app13b0y Our new overlords (324 comments)

I, for one, welcome our new EU Overlords!

more than 4 years ago
top

UMG v. Lindor Ends, No Fees, No Sanctions

app13b0y Re:Weird (113 comments)

Judge Trager was not the trier of fact, since this was a jury case. So the judge -- without even observing the demeanor of witnesses -- made a decision which it was beyond his authority to make.

If that is the case, can you appeal Trager's decision to still try to collect lawyer fees? or is that a final decision

more than 4 years ago
top

Man Tries To Use Explosive Device On US Flight

app13b0y Obligatory (809 comments)

http://xkcd.com/651/

Granted, the weapon of choice is a bit different...

more than 4 years ago
top

Jobs Finally "Happy" With Unannounced Apple Tablet

app13b0y Re:New interface (303 comments)

so they took this and made it touchscreen instead of a hard wheel?

more than 4 years ago
top

Murdoch-Microsoft Deal In the Works

app13b0y Re:If anyone can see it, it can be indexed (468 comments)

he already uses a robots.txt file,

User-agent: *
Disallow: /printer_friendly_story
Disallow: /projects/livestream
#
Sitemap: http://www.foxnews.com/google_news_news.xml
Sitemap: http://www.foxnews.com/google_news_entertainment.xml
Sitemap: http://www.foxnews.com/google_news_opinion.xml
Sitemap: http://www.foxnews.com/google_news_politics.xml
Sitemap: http://www.foxnews.com/google_search_news.xml
Sitemap: http://www.foxnews.com/google_search_entertainment.xml
Sitemap: http://www.foxnews.com/google_search_opinion.xml
Sitemap: http://www.foxnews.com/google_search_politics.xml
Sitemap: http://www.foxnews.com/google_search_sections.xml

more than 4 years ago
top

Microsoft Takes Responsibility For GPL Violation

app13b0y Re:Fair Play (364 comments)

They did "Man up", as it were. Yes, we are all pleasantly surprised. Inspired, I just halted my download of Windows 7, vowing then and there to pay full price.

Here is your subpoena to show up in court for sharing an illegal copy of Windows 7. You now owe us $200,000 for lost revenue, and thank you for also purchasing a legal copy of Windows 7. - Microsoft

about 5 years ago
top

Hallowe'en means to me primarily ...

app13b0y a story that I got a long time ago (658 comments)

great for every halloween

(Bob is a analyst at a security operations center for an ISP. He sent me this email and I decided I'd pass it on to you guys for review. Is this even possible? I'm not sure, but it sure did freak Bob out. He can't bring himself to go back to the SOC anymore, and he's looking for telecommuting jobs on Monster.
--Alice)

Alice,
I know you're gonna think I'm crazy but you're the only one I can think who would possibly listen to what I'm about to say without immediately dismissing it. Please, read my whole account of what happened to me tonight before writing me off.

I went into work last night for the graveyard shift. Yeah, graveyard shift on Halloween, haha. We'd just ramped up to 24/7 ops the previous week so this was going to be my first night alone in the SOC. I was pretty excited at first, since I wouldn't have any of these other knuckleheads in my hair while I was doing some hard core analysis, you know? I logged into my station, started some queries for deltas in the previous 24, and went to get some coffee, since it was going to be a long night.

Little did I know...

After returning to the SOC with my joe, Carol gave me the briefing on the days events (in a nutshell, nothing - apparently all the s'kiddies were gearing up for Trick or Treating and not harassing us). She did mention something that didn't show up in any of the reports though - a general "weirdness" to the traffic in the DMZ. She couldn't really qualify it, but she said she though something kind of odd was going on. Okay Carol, I'll keep my eyes open (as I roll them back into my head). She punched out and I was all alone.

Or was I?

I threw some tunes on WinAmp and started to rock out while pouring over the output of my earlier queries. My attempts at scripting up some rudimentary anomaly detection in our aggregation console appeared to be woefully inadequate or simply functioning properly with a dearth of anomalies when I saw it.

A new host in the DMZ.

A host which had apparently come up at midnight local, October 31st. Who the hell stands up a box in the DMZ at *midnight* on a Saturday night? It had to be the mouth-breathers in development relying on the assumption that no one would be monitoring the network over the weekend. Heh, nice try chumps, but you've just tweaked the wrong BOFH. To cover my bases, I looked up the latest network diagrams for the DMZ. Just as I thought, nothing authorized or even submitted regarding a new box in the DMZ. Finally, after months of slaving away over reports I was going to get to demand someone take a box down. I could feel the power coursing through my fingertips as I began to compose the flame to end all flames.

"Dear clownboats,"

I hesitated. What would they come back with? I needed more ammunition to stave off a possible counteroffensive. I decide to scan the box, to see how much risk these "developers" were actually exposing my DMZ to. A quick nmap returned results the likes of which I had not seen since my days at that dot bomb in Sunnyvale.

"Remote operating system guess: Linux 2.0.35-37"

W

T

F

Two-oh? Was this some sort of prank? These guys are dullards to be sure, but no one is this stupid. It's gotta be some sort of security through ob-fu or something. I had to know. Telnetting quickly confirmed my worst fears.

Trying 10.31.10.31...
Connected to 10.31.10.31.
Escape character is '^]'.

Red Hat Linux release 5.2 (Apollo)
Kernel 2.0.36 on an i486
login:

I stared, dumfounded, at the prompt's ever-blinking cursor. I tried to wrap my head around what I was seeing. Red Hat FIVE DOT FSKING TWO? Even if this was a honeypot, this was ridiculous. What were they trying to do, find out which kiddie has the oldest sploits?

I did what any sane security professional would do in my situation.

I typed "root".

The box retorted with "Password:"

I reiterated, "root".

[root@zion root]#

A chill crept out of my keyboard and up my spine as I realized that this wasn't a joke, and it wasn't a honeypot. It was a real box, and the people who put this on my DMZ were officially TOO STUPID FOR INTERNET. I was going to get to the bottom of this and it would be made right, dammit. I haven't been working in the security industry for over SIX MONTHS to have morons like this come CRAP ALL OVER MY DMZ.

I took a deep breath and considered my options. If I went off half-cocked, blasting accusatory emails to everyone in network engineering, the box would be burned and mysteriously vanish. Oh, a magic server that no one owns, how original.

No, I needed to find out who this box belonged to. I listed the contents of /home, and was rewarded with a litany of names which I did not recognize. The one with the most recent activity was an 'tanderson,' so I decided to play a hunch. The 'w' command confirmed my hunch, and showed root and tanderson currently logged in. It also showed that the box had been up for close to 12 days, and that tanderson had logged in on October 18th, 1999. This box has more problems than I thought. 'date' confirmed it, these fools apparently have the system set to a date in 1999. Still testing those Y2K compatibility patches, eh boys? It was a little outside of my jurisdiction, so to speak, but I decided to question my only witness/suspect. After googling for a bit, I discovered the "write" command.

[root@zion root]# write tanderson tty1
What's up with this box?

Message from tanderson@zion on tty1 at 23:53

>> what? who are you?

I'm root, who are you

>> look i dont know if your a hacker or whatever but please dont hack my computer right now i need to finish my work

You look, you bring a swiss-cheese box up on *my* DMZ and its *my* problem. What the hell are you doing?

>> hey pal i dont want to fight i just want to finish this project, okay, i'm on a

d e a d l i n e ...

The word "deadline" appeared slowly, one character at a time, and for some reason really resonated with me. I could swear I felt a presence in the room with me - or was I merely feeling "sympathy pains" for this 'tanderson' and his arbitrary deadline?

Shake it off Bob, you're an infosec pro, not a social worker. You get paid to be hardcore.

Sorry dude, but your deadline ain't my problem. This box is going to have to come down immediately - it's too risky to leave up.

>> No.

What? I don't think you've got much say in the matter. I'm the security admin, and you're some random cluebie who happened to be in the wrong place at the wrong time. Take it like a man. > NO

All of the other boxes in the SOC powered down.

>> NO

Then the lights.

>> NO

I stared at the screen, my breath caught in my throat. My terrified trance was broken by the beeping of my calculator watch. It was midnight.

"Connection closed by foreign host."

I scooped up the phone and hurriedly dialed Ted, the night sysadmin.

"This is Ted. Whassup?"

"Hey Ted, Bob." My mouth was dry and the words barely managed to squeak out.

"Hey Bob, what can I do ya for?"

"Do you know anything about a box named 'zion' in the DMZ?"

"Our DMZ?"

My fear had begun to give way to annoyance again.

"Yes, our DMZ. At 10.31.10.31."

"Bob, there's nothing at that IP."

I quickly pinged it, and attempted to telnet in again. He was right, the box was down.

"It... it was just up. I telnetted right in, it was a Red Hat 5.2 box, and a user named 'tanderson' was logged in ..."

"tanderson? Are you sure?", Ted said, with a wavering uncertainty.

"Yes, I'm positive. He kept yammering about finishing his project," I blurted.

"Bob - Thomas Anderson was downsized back in '99. He was working on moving all of our NT servers to Linux, but he never got to finish. Bob... ... that server's been down for FIVE YEARS."

about 6 years ago

Submissions

top

Glenn Beck's Lawsuit Against Parody Site Rejected

app13b0y app13b0y writes  |  about 5 years ago

app13b0y (767720) writes "An arbitrator has rejected controversial talk show host Glenn Beck's contention that the domain name glennbeckrapedandmurderedayounggirlin1990.com infringes his trademark. World Intellectual Property Organization arbitration panelist Frederick Abbott ruled Friday that the less-than-flattering domain name was protected by fair use principles because the URL, when combined with the site's content, constitutes protected speech. Eiland-Hall had argued that the site parodied Beck by using the same rhetorical techniques that Beck uses on the air. In legal papers filed on his behalf by First Amendment lawyer Marc Randazza, he referenced a YouTube clip of Beck interviewing Rep. Keith Ellison (D-Minn.), a Muslim, during which Beck asked Ellison to prove that he was "not working with our enemies."

However, after Eiland-Hall won the case, he transferred the domain over to Glenn Beck anyway."

Link to Original Source

Journals

app13b0y has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?