[Forwarded by: Mark Arena <marena@iinet.net.au>]
Hi all,
I just thought I'd clear up all these rumors, questions etc regarding
the denial of service attacks which happened a while ago.
1) Did mafiaboy use trinoo or smurf?
He didnt use either. He used a program called mstream and yes its
private. It basically is similar to trinoo. It comprises of a client
and a server. With the server it listens on port 7983 and you specify
the hosts which will connect to the server on that port. For that
reason you must have been added to the server to packet from it. On
the server.c program is appears like this:
char *m[]={
"1.1.1.1", /* first master */
"2.2.2.2", /* second master */
"3.3.3.3", /* third master etc */
0 };
Now as for the client you can define a password, serverfile and max
number of users to use the client at one time. The client then
connects to the servers and gets the servers to send all crap data to
the host you specify and hence if you got enough servers will take
them down eg as mafiaboy did.
2) So did mafiaboy actully hack anything?
The answer is yes. All the machine he installed the server on he had
to have root. Therefore he must have hacked a lot of machines in
preparation for the attack on the sites.
3) Did mafiaboy take out all the sites?
No, mafiaboy only took out yahoo, etrade and some others which I cant
remember. Coolio took out the rest. No matter what you're told I
assure you Coolio took out the rest.
4) How come it took so long for mafiaboy to get arrested?
Simple he hanged low and the fbi etc had not enough evidence to make
an arrest that was until his outburst on self-evident's msg board. His
allowed the fbi etc to swoop swiftly and quickly.
Now its time for my opinion:
1) Do you think mafiaboy will get convicted?
Well it depends, if mafiaboy admits to dos'ing those sites then yes I
believe he will be convicted then again if he denies it I believe they
won't have enough evidence on him. The only reason they caught him is
that his nick etc was posted on www.self-evident.com He also said to a
person I know that he destroyed the hard drive in a fire which would
give the fbi no physical evidence at his end.
Mafiaboy's story:
Here is a quick rephraze of what mafiaboy has said in channels before
he got arrested. His nick has been edited out for various reasons.
<> god fucking damnit
<> i wish i can go back in time
<> and undo what i did
In closing I'll tell you how I know this. Firstly I have spoken to
people associated with mafiaboy. I also have the program which he used
to take out the sites and no I won't send you it. Any other questions
etc direct them to me and i'll try answering them.
-------------------------------------------------------
Mark Arena marena@iinet.net.au
-------------------------------------------------------
ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".
Received on Thu May 4 05:26 CDT 2000