Home page logo
/

nanog logo nanog mailing list archives

Re: black hat .cn networks
From: "Justin Hinderliter" <justin () interaccess com>
Date: Tue, 8 May 2001 15:59:43 -0500


You actually are quite correct, I was basing that statement on past
convictions, not on a comprehensive understanding of codified law in China.
That initial posting was also quite angst-ridden in reaction to my box being
compromised.   Interpret it with those rose colored glasses in place.  The
amount of money involved may have well played a role in the death sentences.

For some recent information pertaining to Chinese rules that are being
developed regarding Internet-related cases, check this link.  There are also
links further down on the page dealing with issues like the spam email
issue.

http://latelinenews.com/ll/english/1011982.shtml

Also, since I made responses off-list to try to cut down on potentially
off-topic noise, I'll take a quick moment to reiterate to the rest of the
folks on the list that I suspected initially that the attack was Chinese in
origin based upon the index and material that was placed on a defaced
website.  In actuality, the attacks are coming from hosts ranging from
Czechoslovakian hosts, Canadian hosts, American educational hosts, APNIC
(Asian Pacific NIC) hosts, etc.  And due to the nature of the beast, one
rarely attacks a host directly from one's terminal that one's clacking away
at... you crack one host, use that to crack another host, use that one in
turn to crack into another, etc. etc, etc.  So the burden of *proof* is
something that the FBI might be more suited to task than myself, who hasn't
the significant DBs and resources to tie investigations of this nature up.
I'm not a cop, I'm a SpecOps vet and Network Analyst.  I'll leave the
policework of where it came from before it got to me to the police/FBI, but
I'm doing my homework on what clues are there on my box to give them leads
as to where to look next: the hosts that these scans and attacks came from.

And on the issue of blackholing China, I doubt that we'll do it on our core
network, but you can count on me blackholing all hosts that these scans and
attacks originated from on my internal network and on all hosts and networks
that I manage.  To not do so is stupid, but that's your choice and your
prerogative.

23 Skiddoo

Justin Hinderliter


I found a myth on this list that hacking a computer system is a
death sentence.  I really don't know where and when this mythin is
spreading on the Internet.

[snippage]



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]