What's New!

Chat with

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 


Meet the 
Happy Hacksters 

Help for 



It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

Everything You Wanted to Know about Social Engineering -- But Were Afraid to Ask...

Vranesevich fought back by setting his firewall to redirect access from web browsers that followed links from these sites.

Figure 1: What people saw when they clicked on a malicious link to Antionline.

So far that was just a denial of service attack. Where the social engineering came in was when Martin and his buddies claimed on their web sites that Vranesevich was denying access as an attack on their web sites, trying to harm them by making their links not work.

However, it was easy to for anyone to find out why those links didn't work. Just run the mouse cursor on top of a link and you can see at the bottom of the browser that the link looks really weird. Also, in most browsers there is an option to let you download the source code for the page, which is how I got a copy of the above bogus link to Antionline.

When this silly attack failed to arouse mass indignation against Vranesevich, Pete Shipley tried a new approach. To recap, he runs the official email list for the Def Con hackers' convention (which is owned by his good friend Jeff Moss, until recently an employee of a major National Security Agency contractor, Secure Computing Corp.). Someone subscribed a large number of made up user names with antionline.com to the Def Con list. Oh, yes, someone also subscribed a lot of made up user names to my cmeinel.com domain, which at the time was using a POP3 server on the Antionline network. We were unable to get any of them unsubscribed by the unsubscription methods publicly posted by the official Def Con list. And, in fact, as I write this some nine months later, huge amounts of Def Con mail list spam continues to be rejected at the Antionline firewall. This was an illegal mailbomb attack.

I don't want to get sued disclaimer: Pete Shipley may not be committing this mailbombing felony. Despite being the chief security architect for Big Six accounting firm Peat Marwick, he may simply be unable to figure out how to keep the Def Con list he administers from doing this.

More on social engineering --->

Back to the index of "Everything You Wanted to Know About Social Engineering -- But Were Afraid to Ask --->

Carolyn's most
popular book,
in 4th edition now!
For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Visit this group

 © 2013 Happy Hacker All rights reserved.