Re: [ISN] Group Offers to Sell Supposed Dragon IDS Code

From: InfoSec News (isn@private)
Date: Thu Jul 15 2004 - 01:40:10 PDT

[Interesting first attempt at selling corporate secrets, you would 
have expected a group like this to have researched other delivery 
methods, like Blacknet:  - WK]

To whomever it may concern:

    Thank you for your interest in SCC.  We regret to inform that SCC
has temporarily suspended operations.  Our business model is currently
being re-designed to alleviate some of the initial fears our customers
faced.  Selling corporate secrets is a very tricky, and we believe it
is an area that we can conquer.  Look for us in the near future as we
re-emerge to bring you all kinds of secrets.


SCC Team

> By Dennis Fisher 
> July 13, 2004 
> A group calling itself the Source Code Club is offering to sell
> files that it claims contain the source code for Enterasys Networks
> Inc.'s Dragon IDS (intrusion detection system) software. The asking
> price:  $16,000.
> The group's rudimentary Web site, which is registered under a
> Ukrainian domain name, lists hundreds of files that appear as though
> they could indeed be source-code files. There is no way to tell
> whether the group actually has the code, although it claims to have
> obtained it by breaking into the Enterasys network.

> Someone using the name Larry Hobbles posted a message to the Full
> Disclosure security mailing list Monday night saying that both the
> Dragon and Napster code were available for sale.
> "The Source Code Club is now open for business. SCC is a business
> focused on delivering corporate intel to our customers. Our main
> focus is selling source code and design documents, but there are
> many other facets to our business," the message reads. "To get the
> ball rolling, we are now offering the souce [sic] code/design docs
> for both Enterasys Intrusion Detection System (NIDS/HIDS) and
> Napster server and clients."
> The files listed on SCC's site appear to be from version 6.1 of
> Dragon; the current release is 6.3.


Help InfoSec News with a donation:

This archive was generated by hypermail 2.1.3 : Thu Jul 15 2004 - 02:45:03 PDT