[funsec] Subject line misleading. AT&T Pwned. Sweet Irony: Metasploit Creator a Victim of His Own Creation (fwd)
ge at linuxbox.org
Wed Jul 30 19:52:41 UTC 2008
I guess history decided the previous discussion in favor of vix. Although
I doubt vix sees this compromise at ATT as a victory, but rather a loss.
Note: HD has not been compromised.
---------- Forwarded message ----------
Date: Wed, 30 Jul 2008 11:46:49 -0700
From: Dragos Ruiu <dr at kyx.net>
To: Paul Ferguson <fergdawg at netzero.net>
Cc: funsec at linuxbox.org
Subject: Re: [funsec] Subject line misleading. AT&T Pwned. Sweet Irony:
Metasploit Creator a Victim of His Own Creation
On 29-Jul-08, at 10:01 PM, Paul Ferguson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Via PC World (IDG).
> HD Moore has been owned.
> That's hacker talk, meaning that Moore, the creator of the popular
> Metasploit hacking toolkit has become the victim of a computer attack.
> It happened on Tuesday morning, when Moore's company, BreakingPoint
> some of its Internet traffic redirected to a fake Google page that was
> being run by a scammer. According to Moore, the hacker was able to
> do this
> by launching what's known as a cache poisoning attack on a DNS
> server on
> AT&T's network that was serving the Austin, Texas area. One of
> BreakingPoint's servers was forwarding DNS (Domain Name System)
> traffic to
> the AT&T server, so when it was compromised, so was HD Moore's
> When Moore tried to visit Google.com, he was actually redirected to
> a fake
> page that served up a Google page in one HTML frame along with three
> pages designed to automatically click on advertisements.
> - - ferg
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.6.3 (Build 3017)
> -----END PGP SIGNATURE-----
> "Fergie", a.k.a. Paul Ferguson
> Engineering Architecture for the Internet
> ferg's tech blog: http://fergdawg.blogspot.com/
> Fun and Misc security discussion for OT posts.
> Note: funsec is a public and open mailing list.
-------------- next part --------------
Fun and Misc security discussion for OT posts.
Note: funsec is a public and open mailing list.
More information about the NANOG