5 September 1999
Date: Wed, 30 Jun 1999 19:35:15 -0400 (EDT) From: Ken Williams <jkwilli2@unity.ncsu.edu> To: John Young <jya@jya.com> Subject: Packet Storm taken down by JP -----BEGIN PGP SIGNED MESSAGE----- Hey, i just got off the phone with one of the Harvard Network managers. John Vranesevich contacted Harvard this morning and threatened to sue them because of the content in the jp/ directory. I was told that the situation quickly escalated to the Harvard Office of General Counsel. The result: the server and the web site and it's contents are permanently offline, I have no access to even retrieve anything off of the server, the site known as "Packet Storm" is history now. All of the content and the backups made are either destroyed, being destroyed now, or will be before I can do anything to prevent it. Harvard is facing a lawsuit from JP, I am facing a lawsuit from JP, and possibly some sort of legal action from Harvard. This has turned really ugly, really quickly, and it is very plausible that Harvard may try to pull a "we caught a hacker / Randal Schwartz / Intel" kind of bullshit so they can free themselves of any liability, and use me as the fall guy for this whole thing. All agreements with Harvard in the beginning were verbal (with Jeff Gray, the senior sysadmin), so I've got nothing on paper to back up the truth. It is very plausible, even probable, now that I will be facing charges involving "hacking" or computer crimes of some sort, because I "never had a Harvard ID, and thus was not authorized to use their facilities", and I "compromised their security." I guess it doesn't matter that I was contacted by the Senior Sysadmin at Harvard and invited to move my site there. It doesn't matter that he placed the box on a subnet of his choosing and called me and gave me the root password and told me I had free rein on the box. It doesn't matter that Harvard network security was never actually compromised. If that's not enough to annoy me, all of my class work for the class I'm taking at NCSU this summer is on that server at Harvard and gone now too. With 4 weeks left in the semester here at NCSU, I have just lost seven weeks of work and data that cannot be replaced in 4 weeks. What bothers me the most is that all of the countless hours I put into that web site and the archives, thousands of hours, are gone now, for good. The site was getting over 400,000 hits/day and doing about 10 GB/day in transfers, so I don't see it coming back online even if I do get any of the site content back. Obviously, I have taken full responsibility for the site content and all activities and events associated with that server, and consequently am now facing legal actions from both JP and Harvard, and state/federal computer crime charges as well. I don't really mind being buried in a grave I dug for myself, but I'm damn pissed to look up and see that John Vranesevich is the jackass shoveling in the dirt. What am I going to do now? I don't know. The web site I devoted most of my waking hours to is gone. My chances of passing my csc499 class do not look good, according to my professor. If JP wasn't such a sorry waste of human life, I'd take a trip to Beaver, PA .... Until formal charges are filed, I've still got my job and account here at NCSU. If NCSU catches wind of any of this, and I'm sure they will, my account will be permanently revoked, and my job and the past three years of grad school will be gone. Until then, I can be contacted at the email address in the sig below. maybe I'll see ya round sometime. take it easy, Ken Williams jkwilli2@unity.ncsu.edu p.s. John - the info that caused all of this shit, is all mirrored at www.attrition.org/negation/ , just so you'll know wtf is going on. -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQEVAwUBN3qpqpDw1ZsNz1IXAQHAnQgAuLGfHZaU22v2uagMts/XatpIfObetwcp l3DWW/ZljB16T6oZ2zJzrsiDra+6+tOwCSE/gFAomMYQ17+nGLjXyl2Zco5q2aTm oydzeLe1K90/HYqsMhS8CcBQnaCImjSLVqNDfOgy9Ne+SpqnWA8YdObP06HHL7vM JyZH1p4h3Xu2Ccp3au2xnvT5QSa7bVvUL0DCFKPSai8UnI/v2UakwQwuYS4Dpm5w WTxVEEnIzpnaGVM1JLaB3pdFnZn/BJyTxM1yQepXW4LaQUD+LwtOMjCr4S7vo99i WPrXiKf3sv5JFYXFxwMVjySdCiBybpYpgJtt+kZxIgeikbce4g7lmA== =UQtt -----END PGP SIGNATURE-----
Date: Tue, 10 Aug 1999 09:53:32 +0200 (CEST)
From: Anonymous <nobody@replay.com>
Subject: Former hacker site changes course, gets hacked
To: cypherpunks@toad.com
August 9, 1999
Filed at 7:55 p.m. EDT
By Paul Festa, CNET News.com
A site that began chronicling the exploits of hackers has emerged as a venture-funded business with devotees in Congress and the military. But in the process, it has become a prime target.
AntiOnline late last week suffered one of its first successful attacks, which automatically redirected visitors to the hacker's site. Prior to that, AntiOnline claims it succumbed only once to its online attackers, when a denial of service attack brought the site offline for a few hours. In a denial of service attack, the attacker jams the system with a large volume of bogus queries or requests.
But this pair of successful attacks is no indication of the volume of hacking activity AntiOnline has been fending off recently, according to founder and general partner John Vranesevich.
"This month so far we averaged around 475 hack attempts an hour," said Vranesevich. "That's up from about 30 an hour two months ago."
An increase in hacking attacks could be expected with any site whose profile is rising, and a site professing an expertise in computer security is a particularly attractive target for malicious hackers. But the dramatic rise in attacks against AntiOnline stems largely from the perception that the site, which rose from the ferment of the underground hacking scene, has allied itself with the corporate and governmental interests that seek to stamp out malicious hacking.
"Our goal as defined is to fight malicious hackers," Vranesevich said. "We look at who's hacking what, we look at their motivation and their methodology. Most security companies are studying the mechanics of the gun. What we're trying to do is study the people who pull the trigger."
That has not left Vranesevich very popular with his subjects.
Now it's personal
Indeed, Vranesevich has become one of the most controversial and widely reviled figures in the hacking world. He said he has received threats to his family and himself both online and off.
Earlier this summer, Harvard University found itself at the center of an AntiOnline controversy after Vranesevich successfully prevailed on the school to evict from its servers a Web security site called Packet Storm that Vranesevich alleged featured defamatory attacks against him and family members, including his image superimposed on pornographic images and a page with his 17-year-old sister's photo, name, and address.
Harvard issued a press release stating that the site, which it says it hosted "as a service to the Internet community," included "sexually related material and personal attacks on an individual not affiliated with the university." Harvard officials did not elaborate on the site's contents. Packet Storm Webmaster Ken Williams denies both Vranesevich's and Harvard's characterizations of his site's content, though he acknowledged that a picture of Vranesevich's younger sister did appear next to a yearbook picture of Vranesevich.
Harvard's decision to pull Packet Storm created an uproar among hackers. In much of the debate in newsgroups and on news and discussion site Slashdot.org, Vranesevich was portrayed as siding with the establishment against the grassroots hacker community.
In general, Vranesevich does not deny the trend. In fact, Vranesevich said much of his time these days is devoted to working out deals to collaborate with firms on proposals for the U.S. military's research and development arm.
"Some of the changes we've made have made the underground unhappy," Vranesevich said. "For example, we're forming new alliances with corporations on some contracts for DARPA," the Defense Advanced Research Projects Agency.
DARPA handles research and development for the Defense Department and does research and development deals with small firms like AntiOnline through its Small Business Innovation Research program.
Dangerous knowledge?
If proposing projects for the military--another favorite target among hackers--isn't enough to raise hackers' ire, Vranesevich is also causing controversy with his Knowledge Base for use by military and law enforcement personnel. A free subscription to the Knowledge Base lets subscribers access information including profiles on individual hackers and their activities.
Subscribers, who have to apply for a Knowledge Base subscription on government letterhead, include members of the Army, Navy, Federal Incident Response Capability, Air Force, and Congress, according to Vranesevich.
"When we posted the Knowledge Base application form online, the hacking attempts started to rise," Vranesevich said. "There is this notion that we've sold out to other side, that we're selling information about people and they should have the right as individuals to address that information. People have called us a clandestine society forming a blacklist that the government could go after in an info-war."
And Vranesevich is not winning any popularity contests. One site, Attrition.org, maintains a site wholly devoted to criticizing Vranesevich and his enterprise.
"Vranesevich has alienated himself from just about everybody," said his Packet Storm adversary Williams. "He has definitely been shunned by the hacking community. He's looked upon as a narc, a turncoat, because of his change in direction."
To the consternation of some critics, AntiOnline has become a fairly legitimate business for Vranesevich and his investors. Since securing venture funding six months ago, AntiOnline has lined up an impressive array of advertisers to keep its staff of two full-time employees and dozen freelance writers paid and keep its T-1 line and network up and running. These advertisers include VeriSign, ISS, GoTo.com, and Microsoft.
DARPA contracts represent another source of potential income, and Vranesevich has trained his sights on the lucrative services market for future ventures.
Meanwhile, even Vranesevich's harshest critics are discovering that the hacking experience can be not only contentious, but lucrative.
"There are plans to bring back Packet Storm," Williams said. "There's corporate funding by a large corporation where I have accepted a full-time job."
Williams said a contract prevented him from disclosing more.
Copyright © 1999 CNET Inc. All Rights Reserved. Used by permission.