Last night in conjunction with the attacks on my DSL line and the Summit Open Source Development Group, I received a threatening phone call on my home business line at 1:44 in the morning (GMT-5 CST Indiana-East). My roommate answered the call, and the dialog was simply "how's your DSL B----!", then the caller hung up.
This evening my roommate informed me of the call, and told me that the caller had not blocked caller ID, the number in question being 320-282-5940. I tracked this number to a T Mobile cellphone in St Cloud, MN. Thinking this might be the kiddie responsible for the attack I made a *67 call back.
I was greeted with the voice mail of Matthew Hallacy (AKA poptix) who has used this forum to take cheap shots at myself and my staff repeatedly. Now he has denigrated to simple threats and harassment off list that didn't even get to me but to my roommate who is entirely uninvolved in this.
I must note that this incident greatly saddened me, as I would have thought that all on this list have suffered Denial of Service attacks, and understand the seriousness and severity of these attacks, obviously one of us doesn't get it.
please contact me if you have questions regarding this incident.
Quoting from 2mbit.com:
Our group was formed after the split of Valley Of The Mage Consulting two years ago. We chose to continue our Open Source/Free Software development services under a new name and bring together all of the sites owned by Brian Bruns and Josh Rollyson under one umbrella.
Since you are "Director of Security", I will offer you some advice:
1) Cease your incessant shrieking as it is neither warranted nor desired on this list.
2) It is not possible to "denigrate" to anything.
3) Grow up.
This is not a list issue, nor does anyone on the list care.
Please take your blathering back to IRC.
"Matthew S. Hallacy" wrote:
This is not a list issue, nor does anyone on the list care.
Put me down as caring. Moreover, as a long-time participant in this
forum, I'm particularly concerned about even anecdotal evidence that
one of our posters is mounting an attack on another.
Please take your blathering back to IRC.
It saddens me that ostensible college students have grammar problems,
but that stoops to an "ad hominem" attack. Please cease.
Eric Kuhnke wrote:
...
Since you are "Director of Security", I will offer you some advice:1) Cease your incessant shrieking as it is neither warranted nor desired on this list.
2) It is not possible to "denigrate" to anything.
3) Grow up.
Based on the web pages at http://2mbit.com/ and http://www.sosdg.org/,
I see an effort to improve the community not found at either
http://www.poptix.net nor http://techmonkeys.org/.
Mayhap all persons involved are young. Never-the-less, I'd like to
encourage security awareness. I remember a decade ago, I was an
immortal on a local MUD, and helped a promising fellow there who
eventually went to work for rediris.es.
Andrew D Kirch wrote:
Last night in conjunction with the attacks on my DSL line and the
Summit Open Source Development Group, I received a threatening phone
call on my home business line at 1:44 in the morning (GMT-5 CST
Indiana-East). My roommate answered the call, and the dialog was
simply "how's your DSL B----!", then the caller hung up.
This evening my roommate informed me of the call, and told me that
the caller had not blocked caller ID, the number in question being
320-282-5940. I tracked this number to a T Mobile cellphone in
St Cloud, MN. Thinking this might be the kiddie responsible for the
attack I made a *67 call back.
I was greeted with the voice mail of Matthew Hallacy (AKA poptix) who
has used this forum to take cheap shots at myself and my staff
repeatedly. Now he has denigrated to simple threats and harassment
off list that didn't even get to me but to my roommate who is entirely
uninvolved in this.
I must note that this incident greatly saddened me, as I would have
thought that all on this list have suffered Denial of Service attacks,
and understand the seriousness and severity of these attacks,
obviously one of us doesn't get it.
please contact me if you have questions regarding this incident.
I'd say you need to contact your FBI office.
Based on the web pages at http://2mbit.com/ and http://www.sosdg.org/,
I see an effort to improve the community not found at either
http://www.poptix.net nor http://techmonkeys.org/.
I didn't draw that conclusion at all. Much the opposite, judging from
their photo gallery, they seem like a bunch of script kiddies trying to
make a name for themselves in the "open source community", while bumming
around for jobs, and doing hosting on their Ameritech DSL in blatant
violation of their AUP (any guys from SBC on this list?). I wouldn't take
them seriously.
Have a listen to http://www.poptix.net/trelane.mp3 for proof of their
maturity.
Calling someone and telling them to "get a life", in response to a NANOG
post, is like a parapalegic telling me I walk funny.
Michael Booth
Put me down as caring. Moreover, as a long-time participant in this
forum, I'm particularly concerned about even anecdotal evidence that
one of our posters is mounting an attack on another.
For clarification, no, I had nothing to do with the attacks on his network,
from what I've gathered they were the result of Andrew taunting the wrong
group of people with something like "haha, i've got you now, i'm calling
the FBI", not very intelligent.
http://www.poptix.net/trelane.mp3
The voicemail that was left on my phone, the voice and words of person
who needs to get a grip.
I made no threats against him, I expressed my lack of sympathy for the
playground bully who is now receiving what he's dished out so many times
before.
It saddens me that ostensible college students have grammar problems,
but that stoops to an "ad hominem" attack. Please cease.
I felt it was the only thing even nearly relevant to the list.
Based on the web pages at http://2mbit.com/ and http://www.sosdg.org/,
I see an effort to improve the community not found at either
http://www.poptix.net nor http://techmonkeys.org/.
I create and host documents with information that is scarce, and useful,
if it's not useful to you, there is a link to Google in there somewhere.
http://techmonkeys.org is not mine, nor do I control the content therein.
Mayhap all persons involved are young. Never-the-less, I'd like to
encourage security awareness. I remember a decade ago, I was an
immortal on a local MUD, and helped a promising fellow there who
eventually went to work for rediris.es.
Security awareness is one thing, complaining to nanog because your DSL
is under attack is not going to benefit anyone, it had no impact on
anyone beyond the end user, afaik. If everyone reported every attack on
their home DSL/Cable/dialup to nanog, the S/N ratio would drop like a rock.
(if that's still possible)
I'd say you need to contact your FBI office.
Personally, I'd start by evaluating if there was something I could do to
not incur further attacks.
The FBI is not going to care, nor have they ever when it was an incident
like this.
Why do we even have this pissing match going on in NANOG? Take it off line.
I aint even going to get in the middle of the spat between poptix and
trelane. Thats their fight, not mine. I suggest everyone else butt out of
the situation as well.
Now, I _do_ take offense to being called a script kiddie. I've been doing
development for more then 7 years in various projects under various aliases.
I have never once resorted to the tactics and methods of those who attack
EFNet servers, SPEWS, Sorbs, Osirusoft, etc. In fact, most of the people
who have been attacked are good friends of mine, and I've been working in
very great detail and using what limited resources and staff we have to help
these people. With no funding, yeah, we can't match the larger security
groups or companies, but we've survived hell and back and are still standing
on our own feet. People have yet to learn that we help others because we
like to, because its the right thing, and because this world is seriously
lacking in good guys.
We are a group made up of many cultures, from developers, to end users, to
gamers (which is why we were one of the biggest sponosors of one of the
largest gaming competitions in sweden). Just because we don't make public
everything we do doesn't mean we don't exist or haven't done good things.
I'm tired of this, I really am. My family is upset at the growing amount of
harassment, and thats dragging me farther and farther into this mess. I
have enough health problems to begin with.
On the Ameritech/SBC AUP issue, the only thing I have to say is that we have
a business class DSL line, which is specifically for situations like what we
are doing. Its apparent that we are disliked here by some, but hitting below
the belt by going after our provider isn't going to solve anything or change
anything.
Now, I _do_ take offense to being called a script kiddie. I've been doing
development for more then 7 years in various projects under various aliases.
What aliases?
Unless the "aliases" you've used include "vixie" and "rbush", I think this
is testament to your being a script kiddie, concealing your identity out
of concern your parents would ground you, or the feds would lock you
up, for publishing articles in 2600 and Phrack Magazine. I'm all too
familiar with your type.
I have never once resorted to the tactics and methods of those who attack
EFNet servers, SPEWS, Sorbs, Osirusoft, etc. In fact, most of the people
who have been attacked are good friends of mine, and I've been working in
very great detail and using what limited resources and staff we have to help
these people.
Wouldn't surprise me if you're friends with the attackers too,
considering you seem to wear a black hat as well.
I'm tired of this, I really am. My family is upset at the growing amount of
harassment, and thats dragging me farther and farther into this mess. I
have enough health problems to begin with.
I'd like to show some sympathy, but I can't. You're the one who started
this mess, not them, not anyone else on this list. Grow up.
On the Ameritech/SBC AUP issue, the only thing I have to say is that we have
a business class DSL line, which is specifically for situations like what we
are doing.
No, it's for businesses connecting to the internet. It's not for
businesses doing hosting and other high-traffic applications.
SBC/Ameritech has other services for this. I'll be following up privately
with their abuse department.
"Booth, Michael (ENG)" wrote:
> Based on the web pages at http://2mbit.com/ and http://www.sosdg.org/,
> I see an effort to improve the community not found at either
> http://www.poptix.net nor http://techmonkeys.org/.I didn't draw that conclusion at all. Much the opposite, judging from
their photo gallery,
Perhaps you have your citations backward?
At 2mbit and its companion, I see no photo gallery....
OTOH, at poptix.net, I see a photo gallery link.
they seem like a bunch of script kiddies trying to
make a name for themselves in the "open source community", while bumming
around for jobs, and doing hosting on their Ameritech DSL in blatant
violation of their AUP (any guys from SBC on this list?). I wouldn't take
them seriously.Have a listen to http://www.poptix.net/trelane.mp3 for proof of their
maturity.
Hmmm, I didn't see such a thing on that website main page, nor do I now.
That link is hidden.
Methinks we have a shill for poptix, or the same person posting from
alias accounts....
"Sirius F. Crackhoe" wrote:
Why do we even have this pissing match going on in NANOG? Take it off line.
Why do we have pseudonymous posters to NANOG? A google search doesn't
reveal particularly enlightening discourse from that account.
Apparently, the sirius guys at poptix already took it off-line, to
taunt the fellows that were suffering the DoS.
Any DoS and other attack is pertinent, but especially so from another
member of the list.
I've seen this before, as we host a number of sites, and sell DSL
service. A few years back, we hosted the new flag proposal website
for Mississippi. The goodol'boys wanted the Confederate battle flag.
It was hard to imagine the hate going on there....
I certainly was grateful for assistance from other NANOG members.
This kind of vitriol on a public list is immature at best. Please take it
elsewhere.