, SecurityFocus 2004-11-24
The author of the popular freeware hacking tool Nmap warned users this week that FBI agents are increasingly seeking access to information from the server logs of his download site, insecure.org.
Expand all |
Post comment
Fyodor theorizes the FBI is investigating cases in which an intruder downloaded Nmap directly onto a compromised machine. "They assume that she might have obtained that URL by visiting the Nmap download page from her home computer," he wrote.
Yes, nmap can be downloaded from one of a hundred different mirrors but with subponeas for information within a 5 minute time frame it seemed the FBI knew that they were looking for. They probably have logs from a compromised machine that downloaded from insecure.org. They have the machine that downloaded it, but they are looking for clues on the attacker. They believe that if they can get logs to the users who viewed insecure.org's download.htm page (or w/e page the downloads are listed one...i'm too scurrred to look) they will have some leads or some evidence when prosecuting the attacker.
I DON'T KNOW ABOUT YOU, BUT THIS TRIGGERED A "NOTE TO SELF".
FBI may not be as dumb as their stereotype as they seem to be thinking outside the box. You also have to remember that the people in the FBI cybercrime are people just like most of us. They understand security, they have to understand the laws and likely 'hack' just like you and me, but in the true meaning of the word 'hack', trying their best not to cross the fine line between legal and illegal.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/10011/29335#29335