1 July 1999


Date: Thu, 1 Jul 1999 02:17:40 -0400 (EDT)
From: Ken Williams <jkwilli2@unity.ncsu.edu>
X-Sender: jkwilli2@ultra3-100lez.eos.ncsu.edu
To: The Usual Suspects: ;

-----BEGIN PGP SIGNED MESSAGE-----
Hi,
I just got off the phone (6/30/99 PM) with one of the Harvard
Network managers.  John Vranesevich, of www.AntiOnline.com,
contacted Harvard this morning and threatened to sue them
because of the content in the jp/ directory of the Packet
Storm Security web site that was located at
http://packetstorm.harvard.edu, and before that at
http://packetstorm.genocide2600.com (see www.attrition.org
for details about this info).  I was told that the situation
quickly escalated to the Harvard Office of General Counsel. 
John Vranesevich claims that I was using the server as a
platform to harass and threaten him, his family, and his
business.  Nothing could be further from the truth.  I ran
a network security related web site and archive!
The result:  the server and the web site and it's contents
are permanently offline, I have no access to even retrieve
anything off of the server, the site known as "Packet Storm
Security" is history now.  I was told by Leo Donnelly at
Harvard, via phone, that ALL of the content AND the backups
made are either destroyed, being destroyed now, or will be
before I can do anything to prevent it.  All 4+ GB of files
in the publicly accessible directories, over 45,000 files
collected and archived over the years, are gone.  There was
another 4 GB that was composed of research data, customized
IDS, Linux, Apache software, etc too.
Harvard is facing a lawsuit from JP, I am facing a lawsuit
from JP, and possibly some sort of legal action from Harvard.
Harvard seems to be trying to free themselves of any liability,
and use me as the fall guy for this whole thing.  All
agreements with Harvard in the beginning were verbal (with
Jeff Gray, the senior sysadmin), so I've got nothing on paper
to back up the truth.  I've got emails, but I don't have the
money or legal defense to counter Harvard, or anybody else for
that matter.
This has turned really ugly, really quickly, and it is very
plausible that I will be facing charges involving "hacking"
or computer crimes of some sort, because I "never had a
Harvard ID, and thus was not authorized to use their
facilities", and I "compromised their security."  I guess it
doesn't matter that I was contacted by the Senior Sysadmin at
Harvard and invited to move my site there.  It doesn't matter
that the head of Harvard UIS approved of everything.  It
doesn't matter that he placed the box on a subnet of his
choosing and called me and gave me the root password and told
me I had free rein on the box.  It doesn't matter that
Harvard network security was never actually compromised. 
For the record, Jeff Gray, the Harvard senior sysadmin, has
been extremely supportive of my site and work from the
beginning, and he deserves ALOT of credit for going out of
his way to help keep Packet Storm Security alive and online. 
In fact, Jeff Gray has provided so much support for "the
security community" in general, and is so supportive of
security-related research and projects, that he deserves all
the credit in the world for his efforts.  I hope Harvard
gives him the credit he is due, because any network security
they have is in large part due to his skills, devotion, and
diligence.
If that's not enough to annoy me, all of my class work for
the class I'm taking at NCSU this summer (CSC499 Independent
Research project involving IDS) is/was on that server at
Harvard and gone now too.  With 4 weeks left in the semester
here at NCSU, I have just lost seven weeks of work and data
that cannot be replaced in 4 weeks. 
What bothers me the most is that all of the countless hours I
put into that web site and the archives, thousands of hours,
are gone now, for good.
The site was getting over 400,000 hits/day and doing about
10 GB/day in transfers, so I don't see it coming back online
even if I do get any of the site content back.
Obviously, I have taken full responsibility for the site
content and all activities and events associated with that
server.  Even though no laws or rules were broken, on my part,
and to my knowledge, I am now facing possible legal action
from both JP and Harvard, and state/federal computer crime
charges as well. 
What am I going to do now?  I don't know.  The web site I
devoted most of my waking hours to is gone.  My chances of
passing my CSC499 class do not look good, according to the
negative comments from my professor.  I'll try to salvage
the summer's worth of course work anyway if possible and pass. 
Until formal charges are filed, I've still got my job and
account here at NCSU.  When NCSU catches wind of this, and
I'm sure they will, my account probably will be permanently
revoked, and my job and the past three years of school will
then be gone too.  Until then, I can be contacted at the email
address in the sig below.
Check out the news and history of John Vranesevich and
Carolyn Meinel's smear and harassment campaigns that have ruined
the careers and lives of many people, mine included.
www.attrition.org has all of the details.
Funny how I spent the past few years donating my time, literally
thousands and thousands of hours, to "the security community",
never asking for or making a single penny off the time and work
I invested, and have now lost it all because John Vranesevich
and a few of his IRC friends are able to make quick phone calls,
fabricate absurd stories about criminal activity, libel, threaten
to sue Harvard, and I don't even get to plead my case.  I am
guilty without even being informed of what was going on.
He has effectively ruined years of my work, my education, my
career, my life. 
There are really only four things that I'd like right now:
1. Justice
2. Truth
3. The 3 GB of MY data that Harvard has and refuses to turn
   over to me
4. A job in the IT/IS/IW industries - the pay doesn't even matter,
   I'm willing to move, I'm willing to put in 60-80 hour weeks.
   Just give me a UNIX or Linux box to work from.
I'll settle for just the job though, and like I said, the pay
doesn't matter - I love computers, network security, and systems
administration.  If I was not doing it for pay, I'd be doing it
for free.
See you at BlackHat and DEFCON.
take it easy,
Ken Williams
jkwilli2@unity.ncsu.edu
if you need to reach me by phone, email me at jkwilli2@unity.ncsu.edu
and CC the email to packetstorm@genocide2600.com with phone # request.
my pgp keys are available on all of the regular keyservers, and at
www4.ncsu.edu/~jkwilli2/
[Note: yes, you can quote or print any part of or the whole email.]
Ken Williams
ken@packetstorm.harvard.edu
Packet Storm Security  http://packetstorm.harvard.edu              
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv
iQEVAwUBN3sH3pDw1ZsNz1IXAQE67QgAt5O4cgV4UN/tNro0V9Hkrz4YJGuysf2F
aZdUuM+P73MwwlvjKFpLW5WOJwtZzFjicv6RYMlXaMLRL48Fz/rltX95dy71LCOs
/UVa9LXvh7kSgD5p/pSeP2+zyDuvbvUxjtSTIPRp68sOQTKILaQpohwl9hzpfVLz
ADvQMD5vAUqGlTeoQrZRmHC/OxtWqVEgh72Gms4XpGaGwT3OdtoRKuK0d4Js3mP9
Vs1szlsT3DQEFvdblLR/jsf8jonbME/Imo89K69wFsbyeVpIB1+g0Se11BdQCbeU
TdauQTJMfDTkIWSQvpQXXIhvukErb8D9bmFvKiE7MqS+N8RVaMO7Zw==
=7OhX
-----END PGP SIGNATURE-----