SGI.com hosts HACKED and being abused by scriptkiddies on IRC.

From: Zehra Erseymen (zehra_erseymen@hotmail.com)
Date: 01/15/03

Next message: John Washington: "Re: Curious "spam" (or broken viral payload)..."

Previous message: Ryan Yagatich: "Re: Hacked web server"
Next in thread: Matthew Wells: "Re: SGI.com hosts HACKED and being abused by scriptkiddies on IRC."
Maybe reply: Matthew Wells: "Re: SGI.com hosts HACKED and being abused by scriptkiddies on IRC."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Zehra Erseymen" <zehra_erseymen@hotmail.com>
To: incidents@securityfocus.com
Date: Wed, 15 Jan 2003 00:36:35 +0000

SGI.COM hosts are being abused by ircwar kiddies/scriptkids on the IRCNET
network (ircnet.demon.co.uk, irc.stealth.net, irc1.us.ircnet.net and other
servers)
These kiddies are taking irc channels, compromising furthur servers and
launching ddos attacks, and appear also to have compromised the SGI email
services, since abuse reports were met with silence. Today they launched a
spoofed ddos attack from ip`s with

a /whois report follows:
ÚÄÄÄÄÄ---Ä--ÄÄ-ÄÄÄÄÄÄ---Ä--ÄÄ-ÄÄÄÄÄÄÄÄÄ--- -- -
| Geert (~geert@sgigate.SGI.COM) (Internic Commercial)
³ ircname : The.Judge
| channels : @#tropical #DaJudge @#bnc @#Bitches @#irclords
³ server : irc-2.stealth.net (Stealth Communications, New York City)
: idle : 8 hours 32 mins 58 secs (signon: Thu Jan 1 01:00:00 1970)
ÚÄÄÄÄÄ---Ä--ÄÄ-ÄÄÄÄÄÄ---Ä--ÄÄ-ÄÄÄÄÄÄÄÄÄ--- -- -
| DaJudge (~Judge@yog-sothoth.sgi.com) (Internic Commercial)
³ ircname : The.Judge
| channels : #singletown #DaJudge @#tropical @#bnc @#Bitches @#irclords
³ server : irc-2.stealth.net (Stealth Communications, New York City)
: idle : 7 hours 53 mins 12 secs (signon: Thu Jan 1 01:00:00 1970)

Feel free to connect to ircnet and verify this for yourself..
#irclords is a known kiddie channel, frequented by kiddies who think they
are the "lords" of irc Also #bnc is a channel used for the trading of
"psybnc" accounts on compromised servers.

_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

Next message: John Washington: "Re: Curious "spam" (or broken viral payload)..."
Previous message: Ryan Yagatich: "Re: Hacked web server"
Next in thread: Matthew Wells: "Re: SGI.com hosts HACKED and being abused by scriptkiddies on IRC."
Maybe reply: Matthew Wells: "Re: SGI.com hosts HACKED and being abused by scriptkiddies on IRC."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]