Re: Zayo Extortion

2016-08-17 Thread Jonathan Hall 
Guys,

Actually, thank you for the responses. I was hoping you wouldn’t take my 
attempt at friendly and humorous conversation the wrong way. I appreciate the 
education on the topic, as well. :)

However, I’d like to ask a few questions on it, if you don’t mind? (Also - 
you’re right, it’s not the freedom of speech act I’m thinking, wasn’t it some 
form of ‘decency act’ ? I digress, though…)

For something to actually be considered libel, isn’t it required that the 
statement be untrue, damaging in a way that must be proven and actually 
knowingly false?

Proving damages would be hard… But putting that aside, proving what he is 
saying is not true (unless it’s just 100% false and they have recorded evidence 
of it) might be even harder if they don’t have proper records of past due 
balances, or properly recorded communications (i.e. email). And where is the 
line drawn with regards to him/her knowingly making statements that are not 
true? And wouldn’t it still alsol require a general purpose public figure, or a 
limited purpose public figure, to prove malice in the instance? I don’t think 
the company would qualify as a general or limited purpose public figure. That 
would pretty much apply to actors, performer and/or social activist types - or 
politicians. Not a service provider… 

If he perceives it to be extortion, then it would be difficult to say that him 
claiming extortion is libel. The definition of extortion is the general 
practice of obtaining something, especially money, through the use of force or 
threats. In this case, the company is using the threat of disconnection as the 
force, and they are indeed attempting to collect money. So, if we take it from 
a literal definitive view of ‘extortion,’ the word, by definition, fits the 
scenario. It doesn’t imply wrong doing, really, and could be applicable to any 
and every service provider in existence today - even the pharmaceutical 
companies with regards to withholding medication that can save lives unless 
absurd amounts of money is paid. I’d say the entire world could be classified 
as extortionists if we go by the actual definition.

J


> On 17 Aug 2016, at 15:01, valdis.kletni...@vt.edu wrote:
> 
> On Wed, 17 Aug 2016 01:11:09 +0200, Jonathan Hall said:
>> And either way, defamation requires some form of punitive damage be proven in
>> order to act ually win that case.
> 
> In addition to the other things already pointed out, punitive damage doesn't
> need to be proven.
> 
> *Actual* damages have to be proven.  Punitive damages are damages added
> as punishment, to make sure the responsible party learned their lesson.
> 
> So fir instance, if a corporation's negligence results in a worker's death,
> his family may be awarded $5M in actual damages for the loss of their loved
> one - and then another $20 million in punitive damages, to make the 
> corporation
> (and possibly the industry segment as a whole) take notice that sort of
> negligent behavior will not be tolerated
>

Re: Zayo Extortion

2016-08-16 Thread Jonathan Hall 
Excuse me for chiming in, here… But, if I’m not mistaken (don’t worry, I’m not) 
- this doesn’t count as ‘slander’ in any way, shape or form. This mail thread 
is not any kind of valid FCC controlled or public communications device, as the 
internet was actually excluded from the public communications device list under 
the Freedom of Speech Act in… Was it, 1996? Which means, ‘slander’ can’t be 
called in this case. You could argue that it can, but you’d lose in court in 
the long run.

If you’re aiming for the defamation card? That’s a very difficult one to prove. 
I’d counter the argument in a court room by asking the judge to prove the 
plaintiff is NOT an extortionist scum bag. It certainly works both ways. And 
either way, defamation requires some form of punitive damage be proven in order 
to actually win that case. Are you saying that the company he is referencing 
has some way to claim and directly correlate a loss of income or potential loss 
of income, either present and/or future, due to the comment made on a mail 
group? I’d love to see that quantification on paper...

None the less, regardless of what one accuses or says on the internet, the 
usage of the word ‘extortion’ is quite open for interpretation with regards to 
context, and making such a statement does not qualify for slander nor 
defamation. He could feel he’s being extorted, in which case exasperating his 
opinion publicly is no less legal than me telling you that I don’t really think 
you’re a good lawyer. 

Good luck trying to play that card in a courtroom. 

Short and simple: One could threaten to sue over it, and one could even try. 
Personally, I’d turn that court room in to a circus act if someone tried. I’d 
most likely get fined in contempt a few times, but at least even the judge will 
go home laughing. :) 

J

> On 16 Aug 2016, at 16:45, Anne Mitchell  wrote:
> 
> 
>>> to say "our accounting system does not track invoice details -- it only 
>>> shows the total amount due so your numbers mean nothing to us."
>>> All the while they relentlessly levied disconnect threats with short 
>>> timelines such as: "if you don't pay us $128,000 by this Friday,
>>> we will shut your operation down."
>> [...]
>>> At one point their lawyers and accounting people had the nerve to say "our 
>>> accounting system does not track invoice details
>> 
>> Are you talking with your SP's lawyers without your a legal team of
>> your own present and advising you?
>> I think one of the first things they should tell you is not to discuss
>> pending disputes in public. Time to get
>> a consultation with your own Lawyers to assist with billing dispute
>> resolution, ASAP.
> 
> Not to mention that accusing someone of a crime (extortion), in public (in 
> this context I would argue that this is public, especially as the term 
> 'community' was used in the allegation) is a pretty serious thing.
> 
> Anne P. Mitchell, 
> Attorney at Law
> Legislative Consultant
> CEO/President, 
> SuretyMail Email Reputation Certification and Inbox Delivery Assistance
> http://www.SuretyMail.com/
> http://www.SuretyMail.eu/
> 
> Available for consultations by special arrangement.
> 
> Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
> Member, California Bar Cyberspace Law Committee
> Member, Colorado Cybersecurity Consortium
> Member, Asilomar Microcomputer Workshop Committee
> Ret. Professor of Law, Lincoln Law School of San Jose
> Ret. Chair, Asilomar Microcomputer Workshop
> amitch...@isipp.com | @AnnePMitchell
> Facebook/AnnePMitchell  | LinkedIn/in/annemitchell
> 
>

Fwd: John McAfee: Massive DDoS attack on the internet was from smartphone botnet on popular app

2015-12-13 Thread Jonathan Hall 
Stupid me forgot to CC the NANOG list.

Begin forwarded message:

From: Jonathan Hall <jh...@futuresouth.us<mailto:jh...@futuresouth.us>>
Date: 13 December 2015 at 11:13:31 GMT+1
To: Jay Ashworth <j...@baylink.com<mailto:j...@baylink.com>>
Subject: Re: John McAfee: Massive DDoS attack on the internet was from 
smartphone botnet on popular app

DDoS attacks launched from massive botnets are not unusual, and mobile phones 
being used as participants of said botnets has been a well known thing since 
android came to market.

People seem to have forgotten about AgoBot/PhatBot/GaoBot. Once upon a time, it 
was dubbed “The Swiss Army Knife of The Internet,” being fully cross-platform. 
It compiled on Linux, BSD and Windows with no problem, and as such, had 
spreading capabilities to infect cross-platform just the same. It was purely 
P2P at core, but also supported IRC. The P2P portion was for the developers. 
Anyone who had botnets generally only used and knew of the the IRC control 
point, and the code was watermarked originally to prevent any random Joe Blow 
from compiling. The botnets of those who had the code from Ago, Phatty and Wonk 
(the originators of the first release) were able to be controlled by a select 
group of friends of the developers.

This put more than 4 million bots at the disposal of that group.

Examining the synflood code that was contained within would show that the 
spoofing had multiple options, one of which was 100% completely random spoofed 
address per a packet.

My personal favourite is the 0.0.0.0 source spoof, which spoofs from various 
random hosts in 0.0.0.0/8 . Good luck filtering those out with ACL’s and 
mitigation techniques… I’m not certain that would work today, but it most 
certainly did in 2004.

Concepts like this do not die off and just fade away into /dev/null land. 
People simply get smarter and quieter about it. Ago/Phatty/Wonk got hit in 
Operation Cyber Slam in 2004 and the bulk of it all was kept very quiet. 
Coincidentally, Ago’s young brother, Nills, was the developer of msblaster, 
too. But, alas, I digress...

Considering all of that, why would anyone be shocked to find massive attacks 
being launched from what is technically the easiest point of infection: phones? 
In this case, all that’s done is an app gets put up and the users download it. 
And with thinks such as android roots and iPhone jailbreaks being common 
knowledge and point-and-click easy to do? More and more people are unlocking 
their devices just for the sake of saying, “My phone is rooted.” And as phones 
become more and more powerful, as well as bandwidth climbing to record highs on 
mobile platforms, you can only be assured that this sort of attack vector will 
continue to increase in popularity.

I do think that jumping up and saying, “ISIS is taking over US phones!” is a 
bit of a wild leap. But at the same time, why would anyone think they aren’t 
already using this method to fund themselves? Botnets = money, period. Do you 
have any idea how much money people pay for usage of botnets to launch attacks? 
Just pure chance says there are members of ISIL as well as present and 
potentially future supporters of ISIL that have botnets. After all, twelve year 
old kids with Guy Fawkes masks in their mothers basements have botnets these 
days…

On 12 Dec 2015, at 07:18, Jay Ashworth 
<j...@baylink.com<mailto:j...@baylink.com>> wrote:

Is McAfee just talking to dry his teeth here? This isn't actually practical, is 
it? Carriers would notice, right?

http://www.ibtimes.co.uk/john-mcafee-massive-ddos-attack-internet-was-smartphone-botnet-popular-app-1532993
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Shellshock vulnerability research leads to WHAT?!

2014-10-06 Thread Jonathan Hall 
While a little off-topic for the NANOG list, I figured some of you may want to 
know about this. I started researching and testing this vulnerability the day 
it was released, and once I started researching its usage/exploitation in the 
wild, I identified that a few major sites were actually compromised using the 
vulnerability - Yahoo! being one in particular. Tripod/Lycos and WinZip.com 
were also compromised. Yahoo! reached out and gave me a response, albeit a very 
weak one, only after the FBI, media and CEO Marissa Mayers was contacted... 
WinZip patched their boxes and didn't bother responding or notifying me that 
they got it done. Please do excuse the scattered nature of the email sent to 
Marissa Mayers @ Yahoo! - there were other correspondences that are currently 
being kept private, and at the time that I wrote that one, I had been awake for 
roughly 48 hours and was fueled on caffeine and nicotine. The chances are 
highly likely that Yahoo! is going to do their best at keeping this quiet and 
not release any information or details on this, and I figured that some of at 
are undoubtedly just as at risk from this as anyone else.

Please see the rest of everything related to this at 
http://www.futuresouth.us/yahoo_hacked.html
And http://www.futuresouth.us/yahoo_response.jpg for their initial response.

Non-authoritative answer:
Name: dip4.gq1.yahoo.com
Address: 63.250.204.25

Non-authoritative answer:
Name: api118.sports.gq1.yahoo.com
Address: 10.212.240.43

These are the two servers that were 100% positively identified thus far as 
being compromised by both me and Yahoo!, with dip4.gq1.yahoo.com being the 
initial point of entry via Shellshock.


Jonathan D. Hall

Future South Technologies
www.futuresouth.us
(504) 470-3748 - [main]
(504) 232-3306 -  [cell]


Life is a dream for the wise, a game for the fool, a comedy for the rich and a 
tragedy for the poor.

Re: looking for a tool...

2014-02-04 Thread Jonathan Hall 
Have you considered wireshark or Ettercap? I¹m not entirely certain
they¹ll monitor the throughput, but I know they can open PCAP'sŠ

Jon

On 2/3/14, 11:34 PM, Mike mike-na...@tiedyenetworks.com wrote:

Hello,

 I was wondering if anyone could point me in the direction of a tool
capable of sniffing (or reading pcap files), and reporting on lan
station thruput in terms of bits per second. Ideally I'd like to be able
to generate a sorted report of the top users and top thruputs observed
and so forth. The traffic is pppoe and I need to monitor it at a
specific switchport where I can arrange span.

Thank you.