Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Can you hack our web?

On 17 Okt 2005 the suspect Roy Schestowitz said:

> From:Publilev <levpubli@xxxxxxxxxxxx>
> Date:Sat, 15 Oct 2005 21:40:48 +0000 (UTC)
> Organization:Publilev
> Message-ID:<Xns96F0F0E73A0D9abrete@xxxxxxxxxxxxx>
> NNTP-Posting-Host:152.red-83-45-6.dynamicip.rima-tde.net
> X-Trace:nsnmrro2-gest.nuria.telefonica-data.net 1129412448 22307
> X-Complaints-To:usenet@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 
[headers shortened]

> Am I missing something? I can't see anything fishy unless you were
> referring particularly to "Subject Line", in which case I can take
> your point. 

In essence I said the same as Gandalf and Hawke :)

The From doesn't mean much, it's easily forged, but it still smells.
The date might mean one of two things: the client or the server are set
to GMT, or the user is in the GMT zone. Only the latter might mean
anything, of course, but it's unreliable and has to get additional
confirmation. The organisation is another optional and unreliable
header - check mine :) The MID indicates that the client used is XNews,
the interesting part is the IP in the end, though, since it contradicts
the X-Trace. X-Trace isn't reliable either, but many ISPs tend to give
their machines quite telling names, so "dynamicip" might mean exactly

With these headers, the OP can't convince anybody here that he's got a
right to request anything.

> Some people think of hacking as a game or an afternoon activity. They
> have watched too many films, I suppose, if they expect script kiddies
> to work for free upon demand.

*shrug* scriptkiddiots would probably do it. But you would never know
how reliable they are, how good their tests are (they're pathetic, the
best you'd get is an exploit a few hours old, written by someone else,
which they don't understand), how  many backdoors they left in (and of
how many they know) and how much they'll try to blackmail you for later.
Far better to have a contract, because that means that you've got a
real - and legally responsible - person on the other end.

Life ain't fair, but the root password helps.
                      - BOFH
RTFFAQ: http://www.alt-hacker.org/
RC5 team FAQ: http://www.alt-hacker.org/~wolf/RC5-72.html

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index