Everything You Wanted to Know about
Social Engineering -- But Were Afraid to Ask...
Next,
someone misconfigured Shipley's mail list server to bounce complaints
of bad addresses to the self-described hackers on that list.
The bounces looked like this:
Date: Sun, 16 May 1999 00:55:52 -0400
From: "mail-daemon" <postmaster@antionline.com>
Subject: Returned Mail: User Unknown
To: dc-stuff@dis.org
Reply-to: null@antionline.com
Auto-Submitted: auto-replied
(snip)
X-Mailer: Internet Anywhere Message Server Version: 2.3. Build:
10019
(snip)
The following recipient did not receive this message: aarow@techbroker.com
----- Original message follows -----
(snip)
On May 12, 1999, in a post to the Def Con list, Shipley either
acted out of ignorance or else tried to trick the readers who
weren't in on the social engineering trick into believing it
was our fault that the bad addresses were bouncing to the mail
list. "As of a day or two ago, brad and JP (both from @antionline.com
addresses) were subscribed to the list. Yet neither has taken
care of this foul mail loop."
Brian Martin chimed in: "Further tribute to their glaringly
obvious incompetance. Isnt there a law against incompetance?
If not, I shall have to ask my duly elected officials to draft
one - ex-post facto."
You probably know enough to recognize that it is the responsibility
of the sysadmin of a mail list to configure it so that bad mail
addresses do not bounce to the readers of the list. You know
it is the responsibility of a mail list owner to figure out how
to configure the system to allow people to automatically unsubscribe.
You know enough to realize that the most likely hypothesis is
that Shipley and Martin must have been only pretending to not
know how to run a mail list. Remember, I can't prove it, however…
Meanwhile, Martin (under his handle "cult hero")
complained to Vranesevich's upstream provider, Stargate, that
he was attacking the Def Con mail list:
Date: Sat, 15 May 1999 04:40:10 -0600 (MDT)
From: cult hero <jericho@dimensional.com>
To: hostmaster@STARGATE.NET
cc: postmaster@techbroker.com, postmaster@antionline.com
Subject: Inactive administration
X-NoSpam: You do not have consent to spam me.
X-Attrition: Attrition is only good when forced. http://www.attrition.org
X-©: This e-mail copyright 1999 by jericho@dimensional.com
where applicable
X-Encryption: rot26
Greetings. Below you will find mail originating from antionline.com.
This mail loop has been occuring for over one week now with
no response or resolution from Antionline staff. At the time
of this mail, two subscribers from the antionline domain (brad@
and jp@) are on the mail list, and one has answered other personal
mail in the interim (ie: he is not on vacation or away from office).
Further, one of the admins for techbroker.com is also on the
list, and has done nothing to resolve the mail loop despite repeated
complaints from list subscribers.
Martin also posted to the Def Con list "Why do I think
this is yet another publicity stunt designed to get more free
book material from Meinel?" It almost seemed that he was
begging me to write about this in my next book. OK, Martin, you
win, you got into my next book, Uberhacker!,
for this!
I actually was disappointed in Martin's weak attempt to get
Antionline in trouble. I had thought he was more ingenious than
this. Of course the sysadmins at Stargate recognized the mass
subscriptions of nonexistent Antionline and Techbroker users
was a mail bomb attack against us, and most certainly not an
attack of us against the Def Con list.
However, Shipley and Martin did succeed at fooling some of
the self-described hackers on their list. For example, one poor
sucker wrote:
From: rooster@Rage.Resentment.org
Date: Sun, 16 May 1999 13:53:02 -0700 (PDT)
To: John Vranesevich <jp@antionline.com>
cc: dc-stuff@dis.org
Subject: Re: Returned Mail
So, let me get this straight. You have no idea how to run
a mail system, so the dc-stuff admins need to help cover your
incompetence?
gotcha
--rooster
Meanwhile, the break-in attempts and DOS
attacks continued. June 1st, 1999, a DOS attack kept Antionline
down for the longest stretch of time yet, 3 hours 54 minutes
.
More on social engineering --->
Back to the index of "Everything You
Wanted to Know About Social Engineering -- But Were Afraid to
Ask --->
