Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
Cracked! Part 5: Rebuilding

By SIGKILL in News
Mon Jun 12, 2000 at 10:09:03 AM EST
Tags: Security (all tags)
Security

For those following the chilling tale of a security breach, the next article in the series from rootprompt.org is out.

The article discusses rebuilding the system after the attack and the measures taken to prevent further intrusions. In addition to having a "train wreck" appeal, the article outlines how the systems were redesigned and rebuilt. It does not look like the article was proofread, but it is entertaining nonetheless.


Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Related Links
o article
o rootprompt .org
o Also by SIGKILL


Display: Sort:
Cracked! Part 5: Rebuilding | 13 comments (13 topical, editorial, 0 hidden)
Interesting and informative.... (none / 0) (#1)
by Fish on Mon Jun 12, 2000 at 02:24:45 AM EST

Fish voted 1 on this story.

Interesting and informative.

No. I absolutely refuse to vote pos... (none / 0) (#6)
by inspire on Mon Jun 12, 2000 at 02:38:36 AM EST

inspire voted -1 on this story.

No. I absolutely refuse to vote positively for any more articles in this series - if you liked the previous articles you'll already know where to go for the next ones.

Would vote -10 if I could.
--
What is the helix?

Ok Ok I give up you can all have yo... (none / 0) (#4)
by kraant on Mon Jun 12, 2000 at 02:55:10 AM EST

kraant voted 1 on this story.

Ok Ok I give up you can all have your series... now I hope this is the last one :P
--
"kraant, open source guru" -- tumeric
Never In Our Names...

I like the articles, but that write... (2.00 / 1) (#8)
by Marcin on Mon Jun 12, 2000 at 03:46:51 AM EST

Marcin voted -1 on this story.

I like the articles, but that writeup is kinda lame. :)

And it's not like we need the posting for discussion, Rootprompt has its own comments section.
M.

I love these....... (none / 0) (#3)
by davidu on Mon Jun 12, 2000 at 04:05:28 AM EST

davidu voted 1 on this story.

I love these....

I'm sure it's already been mentione... (3.30 / 3) (#9)
by Macross on Mon Jun 12, 2000 at 04:28:22 AM EST

Macross voted -1 on this story.

I'm sure it's already been mentioned that if you're into this Cracker log, you would have checked rootprompt.org and we don't need to post every update to kuro5hin. More importantly, I find the article revealing its ineptitude in administering user accounts, running servers, etc. First off, they should have done this years ago, they were just waiting for a cracker to attack their machine. Secondly, their response was most curious. Why store offsite the MD5 hashes on a FLOPPY, which has a median lifetime of less than 5 years. No CDR burner? Can't you borrow one? Media lifetimes with 200+ years (using Kodak) are much more reassuring than floppies, and plus you'll never have to worry about corrupted/hacked hashes. Also, their response in limiting user programs to mail/sendmail and not basic programs like ping, traceroute, is overly paranoid. You can't even pingflood w/o root, traceroute is mostly harmless, and you're denying your users these basic programs? They went from being blissfully ignorant of basic security procedures to being overly tyrannical in the running of their system. Lastly, the whole sham of hiding this because they were at fault, all under to guise of 'not wanting the cracker to find out'. This is complete and utter BS. As soon as the computers were down they should have admitted that they were cracked. Nothing irritates me more than holier-than-thou sysadmins who think their users don't need to know anything, and by hiding all the info things will be alright. They should face up to their mistakes and explain to everyone the situation, and then the solutions that they have come up with. I can understand their insecurities from being cracked, but their response, while adequate in reinstating their services, also belies some darker and more paranoid tendencies which are unhealthy for both the users and other sysadmins out there.

Re: I'm sure it's already been mentione... (5.00 / 1) (#12)
by Fish on Mon Jun 12, 2000 at 01:15:14 PM EST

Letting the cracker find out that you've discovered him is a bad thing for your system - it has not been unheard of for crackers to trash the system to erase all traces of them, or just for malicious reasons.

I heard of one system where a cracker installed some software that would ping a machine across the Internet fairly regularly to test connectivity. If the connection went down, it assumed it had been discovered and would erase the whole hard drive - the security consultants in this case only just caught it in time [they disconnected the network after they realised that it'd been hacked].



[ Parent ]

Re: I'm sure it's already been mentione... (none / 0) (#13)
by Buck Satan on Mon Jun 12, 2000 at 02:20:06 PM EST

I, for one, am glad it is mentioned. First, I just recently learned about k5. Not everyone is an "old timer" like you are and we had no idea this was even out there. Plus, some of us suffer from forgetfulness and would have completely missed the latest installment. So, rusty, keep reminding us!

As for the rest of your comments, I can only say "balderdash". You are apparently a network god. Not everyone is. Some are good at it, some are not. The author of the series is human. Humans make mistakes. He is writing this from his perspective. Hell, the damn series is not even done yet! Neither you nor I know what is going to be revealed in the next installment.

My point? You are spouting off about the same thing which you decry.



[ Parent ]
*YAWN*... (none / 0) (#2)
by fvw on Mon Jun 12, 2000 at 05:57:26 AM EST

fvw voted -1 on this story.

*YAWN*

Well, let's not stop at episode 4!... (none / 0) (#11)
by guerby on Mon Jun 12, 2000 at 05:59:19 AM EST

guerby voted 1 on this story.

Well, let's not stop at episode 4!

I am the happy troll.... (none / 0) (#5)
by Neuromancer on Mon Jun 12, 2000 at 08:53:43 AM EST

Neuromancer voted 1 on this story.

I am the happy troll.

Just because that's how I've voted ... (none / 0) (#7)
by Rasputin on Mon Jun 12, 2000 at 09:17:29 AM EST

Rasputin voted -1 on this story.

Just because that's how I've voted on every one. We really need an "ongoing misadventures" area.
Even if you win the rat race, you're still a rat.

Can't fight the momentum.... (none / 0) (#10)
by the Epopt on Mon Jun 12, 2000 at 09:28:56 AM EST

the Epopt voted 1 on this story.

Can't fight the momentum.
-- 
Most people who need to be shot need to be shot soon and a lot.
Very few people need to be shot later or just a little.

K5_Arguing_HOWTO

Cracked! Part 5: Rebuilding | 13 comments (13 topical, 0 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!