Next message: mea culpa: "Re: [ISN] ICSA employes an undercover hacker spy."
Reply From: Brian Macke <macke�t_private>
Forgive my shady memory, but wasn't there an article on this list less
than a month ago stating that ICSA didn't hire "black hats", or as the
article put it "reformed hackers"?
[Moderator: 6-15-98 "First-Ever Insurance Against Hackers", an article by
Therese Poletti from Reuters says:
"Then, ICSA tests a client's security by using typical hacker methods,
through its 100 or so employees, none of whom are reformed hackers."
Ya know.. it says "not reformed". This means they could hire unreformed
hackers still active in the scene. Wonder which it is...]
It seems like ICSA's been shaving with Occam's razor lately if they're
willing to hire someone that stalks hackers in the shady back rooms of the
Internet (i.e. The guy reads BUGTRAQ. Big Friggin' Deal.) - yet won't hire
someone who might have done some bad things in their past. Maybe they just
prefer to have their hackers be script-kiddies?
> Forwarded From: William Knowles <erehwon�t_private>
>
> [Forbes Digital Tool, By Adam L. Penenberg] (http://www.forbes.com)
> ICSA [...] hired J3 (not his real name [)]
Really now? I'm glad that Forbes clarified that point.
> J3 is very busy. Recently, a group of European hackers released
> a Trojan horse-like program that would enable them to set up
> backdoors in geeky programs known only to network administrators,
> such as "named" programs related to domain name servers, a basic
> component of any network connected to the larger Internet. J3
> found out about it in the course of his monitoring, passed it
> on to ICSA, and the company informed CERT (Computer Emergency
> Response Team) which posted an advisory.
Can anyone verify this story? It sounds all too hokey to be true. The BIND
vulnerability was one of those annoying hacks that didn't see first light
on BUGTRAQ, or even USENET. It was my understanding that CERT got first
word from people who got hit, and was without verifiable source to begin
with. They're notifications were quite humourous for their lack of
concrete evidence of WHAT was happening.
> "I'm proud of a lot of the work we do," J3 says. "I've found a
> company's entire password file posted to a web site, or that
> hackers have root in a network or that a merchant site with a
> database of credit cards has been compromised. I then contact
> the companies and warn them."
Before or after they front the $20,000 blood money for ICSA?
> J3, who works mostly nights since the Internet never sleeps,
> isn't just a full-time worker. He's also a graduate student
> working on his Ph.D. in psychology. And his area of study?
>
> Hackers, of course.
Love the Scooby Doo ending. Wish all Security incidents ended with a
punchline.
> -o-
> Subscribe: mail majordomo�t_private with "subscribe isn".
> Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
>
-Brian James Macke macke�t_private
Unix SysAdmin/Security Specialist Telegroup, Inc.
"In order to get that which you wish for, you must first get that which
builds it." -- Unknown
-o-
Subscribe: mail majordomo�t_private with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30
: Fri Apr 13 2001 - 12:57:55 PDT