Re: What hath god wrought?
Smells more like a honeypot than anything. Now that this guy's clearly decided to open his mouth and claim he's got the green light from the Fed, I wouldn't be surprised if they change their mind. On Tue, May 21, 2013 at 1:54 PM, Phil Fagan philfa...@gmail.com wrote: HAH! Thats pretty funnythe tinfoil piece. On Tue, May 21, 2013 at 10:13 AM, jim deleskie deles...@gmail.com wrote: Maybe my tinfoil isn't on tight enough, or maybe I give to much credit to a gov't, or perhaps I'm just feeding the trolls, but I have a very hard time believing that DHS, launched a DoS from their own machines. -jim On Tue, May 21, 2013 at 12:18 PM, David Conrad d...@virtualized.org wrote: On May 20, 2013, at 9:56 PM, Jay Farrell jay...@jayfar.com wrote: Are you certain it was a DoS attempt? And if you were certain, are you certain the folks at DHS were aware their machine(s) were engaged in a DoS attack? You can find zombies in the oddest places... Regards, -drc -- Phil Fagan Denver, CO 970-480-7618 -- Ryan Gard
Re: What hath god wrought?
On May 20, 2013, at 9:56 PM, Jay Farrell jay...@jayfar.com wrote: Are you certain it was a DoS attempt? And if you were certain, are you certain the folks at DHS were aware their machine(s) were engaged in a DoS attack? You can find zombies in the oddest places... Regards, -drc
Re: What hath god wrought?
Maybe my tinfoil isn't on tight enough, or maybe I give to much credit to a gov't, or perhaps I'm just feeding the trolls, but I have a very hard time believing that DHS, launched a DoS from their own machines. -jim On Tue, May 21, 2013 at 12:18 PM, David Conrad d...@virtualized.org wrote: On May 20, 2013, at 9:56 PM, Jay Farrell jay...@jayfar.com wrote: Are you certain it was a DoS attempt? And if you were certain, are you certain the folks at DHS were aware their machine(s) were engaged in a DoS attack? You can find zombies in the oddest places... Regards, -drc
Re: What hath god wrought?
HAH! Thats pretty funnythe tinfoil piece. On Tue, May 21, 2013 at 10:13 AM, jim deleskie deles...@gmail.com wrote: Maybe my tinfoil isn't on tight enough, or maybe I give to much credit to a gov't, or perhaps I'm just feeding the trolls, but I have a very hard time believing that DHS, launched a DoS from their own machines. -jim On Tue, May 21, 2013 at 12:18 PM, David Conrad d...@virtualized.org wrote: On May 20, 2013, at 9:56 PM, Jay Farrell jay...@jayfar.com wrote: Are you certain it was a DoS attempt? And if you were certain, are you certain the folks at DHS were aware their machine(s) were engaged in a DoS attack? You can find zombies in the oddest places... Regards, -drc -- Phil Fagan Denver, CO 970-480-7618
Re: What hath god wrought?
On 20 May 2013 01:58, Michael Painter tvhaw...@shaka.com wrote: http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-blessing-of-fbi-operator-says/ More on the same topic. http://krebsonsecurity.com/2013/05/ragebooter-legit-ddos-service-or-fed-backdoor/#more-19475 Maybe the FBI use this to commit crimes in USA using a foreign company as proxy so nothing dirty show on the books. That way the FBI can avoid respecting USA laws. -- -- ℱin del ℳensaje.
Re: What hath god wrought?
No proxy needed. No need to hide. While working for a very large hosting company, I once observed DHS hammering an occupy related website. No attempt to hide the source ip or anything. What are you going to do? Sue them? If they wish to take a site offline, they will ddos it or simply seize the domain under the national security banner. tei'' oscar.vi...@gmail.com wrote: On 20 May 2013 01:58, Michael Painter tvhaw...@shaka.com wrote: http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-blessing-of-fbi-operator-says/ More on the same topic. http://krebsonsecurity.com/2013/05/ragebooter-legit-ddos-service-or-fed-backdoor/#more-19475 Maybe the FBI use this to commit crimes in USA using a foreign company as proxy so nothing dirty show on the books. That way the FBI can avoid respecting USA laws. -- -- ℱin del ℳensaje. -- Charles Wyble char...@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org)
Re: What hath god wrought?
Sue them? Uhm...yes? That's why we have courts that we can sue federal agencies in. On Mon, May 20, 2013 at 11:58 AM, Charles Wyble charles-li...@knownelement.com wrote: No proxy needed. No need to hide. While working for a very large hosting company, I once observed DHS hammering an occupy related website. No attempt to hide the source ip or anything. What are you going to do? Sue them? If they wish to take a site offline, they will ddos it or simply seize the domain under the national security banner. tei'' oscar.vi...@gmail.com wrote: On 20 May 2013 01:58, Michael Painter tvhaw...@shaka.com wrote: http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-blessing-of-fbi-operator-says/ More on the same topic. http://krebsonsecurity.com/2013/05/ragebooter-legit-ddos-service-or-fed-backdoor/#more-19475 Maybe the FBI use this to commit crimes in USA using a foreign company as proxy so nothing dirty show on the books. That way the FBI can avoid respecting USA laws. -- -- ℱin del ℳensaje. -- Charles Wyble char...@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org) -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Re: What hath god wrought?
Yes. I'm aware of that. It would be futile in most cases, which is a huge problem in and of itself, as that's really the only recourse. I mean they were using a shared hosting plan. Not exactly deep pocketed. My point is that the abuse of power is blatant and they are unafraid of any kind of retaliation. They don't need to hide. Mike Hale eyeronic.des...@gmail.com wrote: Sue them? Uhm...yes? That's why we have courts that we can sue federal agencies in. On Mon, May 20, 2013 at 11:58 AM, Charles Wyble charles-li...@knownelement.com wrote: No proxy needed. No need to hide. While working for a very large hosting company, I once observed DHS hammering an occupy related website. No attempt to hide the source ip or anything. What are you going to do? Sue them? If they wish to take a site offline, they will ddos it or simply seize the domain under the national security banner. tei'' oscar.vi...@gmail.com wrote: On 20 May 2013 01:58, Michael Painter tvhaw...@shaka.com wrote: http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-blessing-of-fbi-operator-says/ More on the same topic. http://krebsonsecurity.com/2013/05/ragebooter-legit-ddos-service-or-fed-backdoor/#more-19475 Maybe the FBI use this to commit crimes in USA using a foreign company as proxy so nothing dirty show on the books. That way the FBI can avoid respecting USA laws. -- -- ℱin del ℳensaje. -- Charles Wyble char...@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org) -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 -- Charles Wyble char...@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org)
Re: What hath god wrought?
Would it be futile though? I mean...DHS running a DOS against an American organization is the kind of stuff that makes Constitutional lawyers salivate. I'm not trying to call you out, btw. I'm genuinely curious why the hosting company itself didn't file suit. You've got a US Government agency abusing your resources and acting in a blatantly illegal manner. That's the kind of stuff that results in letters of resignation when publicized. On Mon, May 20, 2013 at 12:13 PM, Charles Wyble charles-li...@knownelement.com wrote: Yes. I'm aware of that. It would be futile in most cases, which is a huge problem in and of itself, as that's really the only recourse. I mean they were using a shared hosting plan. Not exactly deep pocketed. My point is that the abuse of power is blatant and they are unafraid of any kind of retaliation. They don't need to hide. Mike Hale eyeronic.des...@gmail.com wrote: Sue them? Uhm...yes? That's why we have courts that we can sue federal agencies in. On Mon, May 20, 2013 at 11:58 AM, Charles Wyble charles-li...@knownelement.com wrote: No proxy needed. No need to hide. While working for a very large hosting company, I once observed DHS hammering an occupy related website. No attempt to hide the source ip or anything. What are you going to do? Sue them? If they wish to take a site offline, they will ddos it or simply seize the domain under the national security banner. tei'' oscar.vi...@gmail.com wrote: On 20 May 2013 01:58, Michael Painter tvhaw...@shaka.com wrote: http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-blessing-of-fbi-operator-says/ More on the same topic. http://krebsonsecurity.com/2013/05/ragebooter-legit-ddos-service-or-fed-backdoor/#more-19475 Maybe the FBI use this to commit crimes in USA using a foreign company as proxy so nothing dirty show on the books. That way the FBI can avoid respecting USA laws. -- -- ℱin del ℳensaje. -- Charles Wyble char...@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org) -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 -- Charles Wyble char...@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org) -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Re: What hath god wrought?
No attempt to hide the source IP I mean, they were using a shared hosting plan What makes you certain it was DHS? Genuinely curious, because this is a hell of a claim. -- Jason On Mon, May 20, 2013 at 3:29 PM, Mike Hale eyeronic.des...@gmail.comwrote: Would it be futile though? I mean...DHS running a DOS against an American organization is the kind of stuff that makes Constitutional lawyers salivate. I'm not trying to call you out, btw. I'm genuinely curious why the hosting company itself didn't file suit. You've got a US Government agency abusing your resources and acting in a blatantly illegal manner. That's the kind of stuff that results in letters of resignation when publicized. On Mon, May 20, 2013 at 12:13 PM, Charles Wyble charles-li...@knownelement.com wrote: Yes. I'm aware of that. It would be futile in most cases, which is a huge problem in and of itself, as that's really the only recourse. I mean they were using a shared hosting plan. Not exactly deep pocketed. My point is that the abuse of power is blatant and they are unafraid of any kind of retaliation. They don't need to hide. Mike Hale eyeronic.des...@gmail.com wrote: Sue them? Uhm...yes? That's why we have courts that we can sue federal agencies in. On Mon, May 20, 2013 at 11:58 AM, Charles Wyble charles-li...@knownelement.com wrote: No proxy needed. No need to hide. While working for a very large hosting company, I once observed DHS hammering an occupy related website. No attempt to hide the source ip or anything. What are you going to do? Sue them? If they wish to take a site offline, they will ddos it or simply seize the domain under the national security banner. tei'' oscar.vi...@gmail.com wrote: On 20 May 2013 01:58, Michael Painter tvhaw...@shaka.com wrote: http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-blessing-of-fbi-operator-says/ More on the same topic. http://krebsonsecurity.com/2013/05/ragebooter-legit-ddos-service-or-fed-backdoor/#more-19475 Maybe the FBI use this to commit crimes in USA using a foreign company as proxy so nothing dirty show on the books. That way the FBI can avoid respecting USA laws. -- -- ℱin del ℳensaje. -- Charles Wyble char...@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org) -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 -- Charles Wyble char...@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org) -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Re: What hath god wrought?
Sorry. The occupy site was on a shared hosting plan at the company I worked for. Source determined via Whois output for the attacking ip found via our analysis. It was a rather crude dos attack (repeated get requests). At first we figured they were just mirroring the site for offline analysis or something, but it soon became evident they were just hammering the site. Yes we could of sued. However the inevitable stonewalling, endless resources of the feds etc would of made for a long and exhaustive legal battle. This was at the height of the occupy activities. Far worse offenses were being committed by federal, state and local govts during that period than a dos attack by DHS. Jason L. Sparks jlspa...@gmail.com wrote: No attempt to hide the source IP I mean, they were using a shared hosting plan What makes you certain it was DHS? Genuinely curious, because this is a hell of a claim. -- Jason On Mon, May 20, 2013 at 3:29 PM, Mike Hale eyeronic.des...@gmail.comwrote: Would it be futile though? I mean...DHS running a DOS against an American organization is the kind of stuff that makes Constitutional lawyers salivate. I'm not trying to call you out, btw. I'm genuinely curious why the hosting company itself didn't file suit. You've got a US Government agency abusing your resources and acting in a blatantly illegal manner. That's the kind of stuff that results in letters of resignation when publicized. On Mon, May 20, 2013 at 12:13 PM, Charles Wyble charles-li...@knownelement.com wrote: Yes. I'm aware of that. It would be futile in most cases, which is a huge problem in and of itself, as that's really the only recourse. I mean they were using a shared hosting plan. Not exactly deep pocketed. My point is that the abuse of power is blatant and they are unafraid of any kind of retaliation. They don't need to hide. Mike Hale eyeronic.des...@gmail.com wrote: Sue them? Uhm...yes? That's why we have courts that we can sue federal agencies in. On Mon, May 20, 2013 at 11:58 AM, Charles Wyble charles-li...@knownelement.com wrote: No proxy needed. No need to hide. While working for a very large hosting company, I once observed DHS hammering an occupy related website. No attempt to hide the source ip or anything. What are you going to do? Sue them? If they wish to take a site offline, they will ddos it or simply seize the domain under the national security banner. tei'' oscar.vi...@gmail.com wrote: On 20 May 2013 01:58, Michael Painter tvhaw...@shaka.com wrote: http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-blessing-of-fbi-operator-says/ More on the same topic. http://krebsonsecurity.com/2013/05/ragebooter-legit-ddos-service-or-fed-backdoor/#more-19475 Maybe the FBI use this to commit crimes in USA using a foreign company as proxy so nothing dirty show on the books. That way the FBI can avoid respecting USA laws. -- -- ℱin del ℳensaje. -- Charles Wyble char...@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org) -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 -- Charles Wyble char...@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org) -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 -- Charles Wyble char...@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org)
Re: What hath god wrought?
Are you certain it was a DoS attempt? They may have just been running a surveillance software package such as URLy warning, which GETs the pages of a site repeatedly and diffs them to watch for updates. In the case of an (non-)organization like Occupy I can't imagine law enforcement would neglect to do this. I've been on the receiving end of this sort of thing myself (long story). -- Jayfar On Tue, May 21, 2013 at 12:07 AM, Charles Wyble charles-li...@knownelement.com wrote: Sorry. The occupy site was on a shared hosting plan at the company I worked for. Source determined via Whois output for the attacking ip found via our analysis. It was a rather crude dos attack (repeated get requests). At first we figured they were just mirroring the site for offline analysis or something, but it soon became evident they were just hammering the site. Yes we could of sued. However the inevitable stonewalling, endless resources of the feds etc would of made for a long and exhaustive legal battle. This was at the height of the occupy activities. Far worse offenses were being committed by federal, state and local govts during that period than a dos attack by DHS. Jason L. Sparks jlspa...@gmail.com wrote: No attempt to hide the source IP I mean, they were using a shared hosting plan What makes you certain it was DHS? Genuinely curious, because this is a hell of a claim. -- Jason On Mon, May 20, 2013 at 3:29 PM, Mike Hale eyeronic.des...@gmail.comwrote: Would it be futile though? I mean...DHS running a DOS against an American organization is the kind of stuff that makes Constitutional lawyers salivate. I'm not trying to call you out, btw. I'm genuinely curious why the hosting company itself didn't file suit. You've got a US Government agency abusing your resources and acting in a blatantly illegal manner. That's the kind of stuff that results in letters of resignation when publicized. On Mon, May 20, 2013 at 12:13 PM, Charles Wyble charles-li...@knownelement.com wrote: Yes. I'm aware of that. It would be futile in most cases, which is a huge problem in and of itself, as that's really the only recourse. I mean they were using a shared hosting plan. Not exactly deep pocketed. My point is that the abuse of power is blatant and they are unafraid of any kind of retaliation. They don't need to hide. Mike Hale eyeronic.des...@gmail.com wrote: Sue them? Uhm...yes? That's why we have courts that we can sue federal agencies in. On Mon, May 20, 2013 at 11:58 AM, Charles Wyble charles-li...@knownelement.com wrote: No proxy needed. No need to hide. While working for a very large hosting company, I once observed DHS hammering an occupy related website. No attempt to hide the source ip or anything. What are you going to do? Sue them? If they wish to take a site offline, they will ddos it or simply seize the domain under the national security banner. tei'' oscar.vi...@gmail.com wrote: On 20 May 2013 01:58, Michael Painter tvhaw...@shaka.com wrote: http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-blessing-of-fbi-operator-says/ More on the same topic. http://krebsonsecurity.com/2013/05/ragebooter-legit-ddos-service-or-fed-backdoor/#more-19475 Maybe the FBI use this to commit crimes in USA using a foreign company as proxy so nothing dirty show on the books. That way the FBI can avoid respecting USA laws. -- -- ℱin del ℳensaje. -- Charles Wyble char...@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org) -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 -- Charles Wyble char...@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org) -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 -- Charles Wyble char...@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org)
What hath god wrought?
http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-blessing-of-fbi-operator-says/
Re: What hath god wrought?
Like the comment below the article says, that line about turning off recursive DNS is pretty lame. Tantamount to saying if you don't want me coming in your house you shouldn't have used wooden doors n00b!. It's still breaking and entering. Call me crazy but I tend to think every service has a Backdoor these days. It's not surprising to see one for a Ddos service. In other news, the sky is still blue. Thanks for sharing the article though! Was a fun read. Cheers, Joshua Sent from my iPhone On May 19, 2013, at 4:59 PM, Michael Painter tvhaw...@shaka.com wrote: http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-blessing-of-fbi-operator-says/