[funsec] Subject line misleading. AT&T Pwned. Sweet Irony: Metasploit Creator a Victim of His Own Creation (fwd)

Gadi Evron ge at linuxbox.org
Wed Jul 30 14:52:41 CDT 2008


I guess history decided the previous discussion in favor of vix. Although 
I doubt vix sees this compromise at ATT as a victory, but rather a loss.

Note: HD has not been compromised.

 	Gadi.


---------- Forwarded message ----------
Date: Wed, 30 Jul 2008 11:46:49 -0700
From: Dragos Ruiu <dr at kyx.net>
To: Paul Ferguson <fergdawg at netzero.net>
Cc: funsec at linuxbox.org
Subject: Re: [funsec] Subject line misleading. AT&T Pwned. Sweet Irony:
     Metasploit Creator a Victim of His Own Creation


On 29-Jul-08, at 10:01 PM, Paul Ferguson wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Via PC World (IDG).
>
> [snip]
>
> HD Moore has been owned.
>
> That's hacker talk, meaning that Moore, the creator of the popular
> Metasploit hacking toolkit has become the victim of a computer attack.
>
> It happened on Tuesday morning, when Moore's company, BreakingPoint
> had
> some of its Internet traffic redirected to a fake Google page that was
> being run by a scammer. According to Moore, the hacker was able to
> do this
> by launching what's known as a cache poisoning attack on a DNS
> server on
> AT&T's network that was serving the Austin, Texas area. One of
> BreakingPoint's servers was forwarding DNS (Domain Name System)
> traffic to
> the AT&T server, so when it was compromised, so was HD Moore's
> company.
>
> When Moore tried to visit Google.com, he was actually redirected to
> a fake
> page that served up a Google page in one HTML frame along with three
> other
> pages designed to automatically click on advertisements.
>
> [snip]
>
> More:
> http://www.pcworld.com/article/149126/2008/07/.html
>
> - - ferg
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.6.3 (Build 3017)
>
> wj8DBQFIj/Wrq1pz9mNUZTMRAmAhAJ9lT5hosH5xBOWOsTFArDsw1MGN1ACg+wQR
> a12h7wcZ9hy0JN2DtHkuZGo=
> =Wv/X
> -----END PGP SIGNATURE-----
>
> --
> "Fergie", a.k.a. Paul Ferguson
> Engineering Architecture for the Internet
> fergdawg(at)netzero.net
> ferg's tech blog: http://fergdawg.blogspot.com/
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
-------------- next part --------------
_______________________________________________

Fun and Misc security discussion for OT posts.

https://linuxbox.org/cgi-bin/mailman/listinfo/funsec

Note: funsec is a public and open mailing list.


More information about the NANOG mailing list