Greetings, I have recently had the displeasure of reporting approximately 6 security incidents to various .edu's. The contacted .edu's have been compromised by by one ^0wn^, a paradigmic script kiddie. His recent victims include (I do not maintain a full account of actions) humphrey.ocean.washington.edu, news.waterford.org, ns0.street.tv, SIDHE.MIT.EDU, rahul.engr.CSUFresno.EDU and auction2.csc.ncsu.edu. This must come to an end. The problem is that none of the contacts were willing to pursue the matter legally, I advised everyone *NOT* to remove the compromised box. Some replied and tried to explain their motives, and some simply ignored me and removed the host (A good example for this is the admin of humphrey.ocean.washington.edu) How can one stop this malicious user? Is it even possible when nobody is willing to cooperate? Even while writing this letter, this guy is DoS'ing me from 152.15.21.19. Regards, Yotam Rubin
This archive was generated by hypermail 2b30 : Sat Jun 09 2001 - 14:01:16 PDT