Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: Crack attempt last weekend
From: Bryan Smith <bryan () THECLERK COM>
Date: Mon, 27 Nov 2000 15:17:56 -0600
<SNIP> Yes, I have posted this individual's FTP username and
password.</SNIP>

I have to question the ethics here.  Posting exploit code is questionable at
times, but posting account information is unethical.

<SNIP> So I logged onto tripod with that username and password </SNIP>

um...'back hacking' is not only unethical - but illegal.  i question that
action as well as the possible results of more entries through the release
of user/pass.

----<SNIP>----

P.S. I have already notified all service providers involved (Lycos,
NameZero, Tripod, Anglefire) and they have not responded to me.

----</SNIP>----

depending on your intended course of action:  the isp should have received
the account info; the list should have received an attack signature/log; and
i would suggest not taking it upon oneself to gain access to an intruder's
host.

-b

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]