question about per. hack

George_Herbert1 · July 22, 1997, 12:31am

The damaged party in the denial-of-service attack earlier
(InterNIC) has, undoubtedly, filed proper reports and can't
talk about them. These investegations take time, and there's
no reason for the Feds to work faster right now because the
faked .per and .nic domains aren't hurting anyone and Eugene
has stopped knocking legitimate domains down.

MCI and Sprint, however, have dissapointed me. Their security
contacts are not responding (IMHO) appropriately.

I have a hard time believing that Eugene still doesn't realize
how serious this all is. And yet he's playing up press coverage
of it at his web site, and still posting around lists apparently
blase about it.

-george william herbert
gherbert@crl.com

Marc_Hurst · July 22, 1997, 12:16am

Knowing Eugene personally (and i barely want to admit to that now) he
does not care so long as at the end of the day he wins....

Wait till something more serious happens like he screws up a hospital or
worse....

Paul_Shag_Walmsley · July 22, 1997, 1:36am

I think he's still at it. I just watched a BIND 4.9.5-P1 server here pick
up an IP address of 207.51.48.15 (one of Eugene's boxes) for the InterNIC
at around 19:50 CDT tonight.

He also is targeting www.netsol.com.

- Paul "Shag" Walmsley <ccshag@cclabs.missouri.edu>
"People who laugh at themselves will never run out of things to laugh at."
-- fortune cookie

David_Mercer · July 22, 1997, 3:10am

He'd better watch it, or he'll get slapped with a class-action suit for
denial of service by everyone who may happen to REALLY give a hoot about
connecting to the internic web site.

-David Mercer
Systems Admin.
infiNETways, Inc.

MFS · July 22, 1997, 12:31pm

The damaged party in the denial-of-service attack earlier
(InterNIC) has, undoubtedly, filed proper reports and can't
talk about them. These investegations take time, and there's
no reason for the Feds to work faster right now because the
faked .per and .nic domains aren't hurting anyone and Eugene
has stopped knocking legitimate domains down.

MCI and Sprint, however, have dissapointed me. Their security
contacts are not responding (IMHO) appropriately.

Hmm.. you might want to talk to Alternic's direct upstream (Sprint anyway):

9 sl-osd-1-s1-t1.sprintlink.net (144.228.141.38) 103 ms 103 ms 102 ms
10 sea-nile.seanet.com (199.181.164.99) 134 ms 120 ms 103 ms
11 alternic-sea.seanet.com (204.182.108.54) 112 ms 177 ms 112 ms
12 mx.alternic.net (204.94.42.1) 116 ms 114 ms 115 ms

Knowing Sprint's names assigned to their customers border interfaces, it
APPEARS that seanet is Eugene's upstream.

Michael Stevenson

I have a hard time believing that Eugene still doesn't realize
how serious this all is. And yet he's playing up press coverage
of it at his web site, and still posting around lists apparently
blase about it.

It is nearly unbelievable, isn't it.

MFS · July 22, 1997, 12:34pm

He'd better watch it, or he'll get slapped with a class-action suit for
denial of service by everyone who may happen to REALLY give a hoot about
connecting to the internic web site.

I generally couldn't give a hoot about the nic's web page, and I would still
like to see him punished. As I said before, this is making the net look very,
very bad. Perhaps we need to begin policing ourselves?

Michael Stevenson