Do we have enough computer gurus here to trash the hackers' server? I kept the link for the movie that was posted on the site in case anyone was interested in dolling out some American justice.

Server: http://ashqarswf.siteatnet.com/

Movie link: http://ashqarswf.siteatnet.com/foreign/ashqarswf/gasam.swf

blueAED is a 133t computer s00puh t00nuh.

i missed you rife


i really did.

It is not that hard if you wanted to do it:


http://home.btconnect.com/jamiegeddes/Tuts/hacking-tut.htm

hack the planet.......

the movie "hackers" is teh SHITE!

I forward all my spam to the FCC (fccinfo@fcc.gov) so I sent the link/story to the FCC to see if they would do anything. Here was there response:


You are receiving this email in response to your inquiry to the FCC.

Dear Michael Ousley,
The FCC does not investigate hacking.
You should contact the FBI.
Thank you,
TSR36

Rep Number : TSR36



Nah, no FBI needed, we'll just handle on our own.

The SSL port 443 is the only one open. Does anybody know any https vulnerabilities? The name (ashqarswf.siteatnet.com) resolves to 209.90.73.15.

http://mail.nessus.org/pipermail/nessus/2001-October/msg00084.html

http://supercompact.gotdns.com/Supercompact/Pictures/ssl.jpg
Any Ideas?

I think they are running a proxy. I got a different dns lookup/Ip for the server, from what M.Ousley got.

They are using Apache 1.3.28 @ rxl.idiglobal.com.

They are out of the USA.
Report for rxl.idiglobal.com [209.90.73.119]
Analysis:

Hop %Loss IP Address Node Name Location Tzone


6 12.123.21.98 tbr1-p013701.attga.ip.att.net Atlanta, GA, USA -05:00 15 x AT&T Worldnet Services ATTSVI-12-122-0-0
7 12.122.10.69 tbr2-cl1.wswdc.ip.att.net Washington, DC, USA -05:00 32 x AT&T Worldnet Services ATTSVI-12-122-0-0
8 12.123.217.18 gar1-p360.abnva.ip.att.net --- 28 x AT&T Worldnet Services ATTSVI-12-122-0-0
9 12.118.132.34 - Morristown, NJ, USA -05:00 29 x AT&T Worldnet Services ATTSVI-12-112-0-0
10 207.173.115.109 so-2-0-0--0.cr02.mcln.eli.net - 32 x Electric Lightwave Inc ELI-NETBLK5
11 207.173.115.65 p10-0.cr01.dlls.eli.net Dallas, TX, USA 69 x Electric Lightwave Inc ELI-NETBLK5
12 208.186.20.66 srp2-0.cr02.dlls.eli.net Dallas, TX, USA 71 x Electric Lightwave Inc ELI-2-NETBLK99
13 207.173.114.113 p7-0.cr02.phnx.eli.net Phoenix, AZ, USA -07:00 88 x Electric Lightwave Inc ELI-NETBLK5
14 207.173.114.165 p6-0.cr02.lsvl.eli.net - 90 x Electric Lightwave Inc ELI-NETBLK5
15 207.173.114.38 p9-0.cr01.slkc.eli.net Salt Lake City, UT, USA -07:00 95 x Electric Lightwave Inc ELI-NETBLK5
16 208.186.20.53 srp0-0-0.gw01.slkc.eli.net Salt Lake City, UT, USA -07:00 104 x Electric Lightwave Inc ELI-2-NETBLK99
17 209.210.71.86 gw-cust-FIBER-NET.slkc.eli.net Salt Lake City, UT, USA -07:00 114 x Electric Lightwave Inc ELI-NETBLK98
18 216.83.158.1 1-0-1.core1.fbp.ore.fiber.net Orem, UT, USA -07:00 98 x Fibernet Corporation FIBERNET-216-83-BLK-1
19 216.83.133.31 0-0-0.bdr2.fbp.ore.fiber.net Orem, UT, USA -07:00 95 x NISBIC llc FIBE-216831330
20
21 209.210.71.86 gw-cust-FIBER-NET.slkc.eli.net Salt Lake City, UT, USA -07:00 23855 x Electric Lightwave Inc ELI-NETBLK98
...
209.90.73.119 rxl.idiglobal.com Orem, UT, USA -07:00 Alpine Media FIBERNET-12

Here is there info:

OrgName: Alpine Media
OrgID: ALPINE-7
Address: 560 S State Suite G-1
City: Orem
StateProv: UT
PostalCode: 84058
Country: US

NetRange: 209.90.73.0 - 209.90.73.255
CIDR: 209.90.73.0/24
NetName: FIBERNET-12
NetHandle: NET-209-90-73-0-1
Parent: NET-209-90-64-0-1
NetType: Reassigned
Comment:
RegDate: 1998-09-15
Updated: 1998-09-15

TechHandle: FDS6-ARIN
TechName: Services, Fibernet Dns
TechPhone: +1-801-223-9939
TechEmail: hostmaster@fiber.net

OrgTechHandle: FDS6-ARIN
OrgTechName: Services, Fibernet Dns
OrgTechPhone: +1-801-223-9939
OrgTechEmail: hostmaster@fiber.net

here is the info on the one M.Ousley posted.

OrgName: Alpine Media
OrgID: ALPINE-7
Address: 560 S State Suite G-1
City: Orem
StateProv: UT
PostalCode: 84058
Country: US

NetRange: 209.90.73.0 - 209.90.73.255
CIDR: 209.90.73.0/24
NetName: FIBERNET-12
NetHandle: NET-209-90-73-0-1
Parent: NET-209-90-64-0-1
NetType: Reassigned
Comment:
RegDate: 1998-09-15
Updated: 1998-09-15

TechHandle: FDS6-ARIN
TechName: Services, Fibernet Dns
TechPhone: +1-801-223-9939
TechEmail: hostmaster@fiber.net

OrgTechHandle: FDS6-ARIN
OrgTechName: Services, Fibernet Dns
OrgTechPhone: +1-801-223-9939
OrgTechEmail: hostmaster@fiber.net

Why don't we do this the correct way and just report them to there ISP?

O.K. i dont understand shit about comps....but does this mean that the "towel head" hackers are actually in the states?

Well the server they linked too is.

Originally posted by SlowCobra
Why don't we do this the correct way and just report them to there ISP?

Are you going to report them?

Do you actually thing anybody that would "Hack" a site would actually leave a video or any other files on their own web site?

Hey, lets hack so-and-so.com and then link to a computer on my personal web page...

It's possible, but not probable.

I explored their site a bit. Their main site is for Arabic Tools for Creating Successful Websites. Seems to me they are just script kiddies that can read and follow directions to 'hack' websites.

There are two possible avenues; we could attack back (against the law, regardless if it seems fair) or we could report them (not against the law) Maybe the FBI would kick some ass on our behalf? However, I don't know how actively they pursue attacks of this nature. What do you guys think?

I'm willing to bet that the FBI doesn't actively persue this type of thing, but it would be worth a shot I guess.

Guess we'll find out. I submitted it to the FBI. If they don't do anything about it, then we can pursue other means of justice.

:devil:

You da man!:thumbsup:

No talk about hacking or racing then... The po-po's comming! ;)

Nice avatar BlownGT:eek:

agreed.:D

Agreed :D

ty

Originally posted by supercompact
You da man!:thumbsup:

Cough....cough!!! OK I don't get any credit? :)

Sorry, You da man too. :D

Originally posted by SlowCobra
Cough....cough!!! OK I don't get any credit? :)

I submitted the info you looked up on the terrorists' domain in addition to the two links I kept from the original attack. Hopefully the mega popo will do some righteous ass-kicking on our behalf. I got a non-automated response that looks very surprisingly like an automated response. If they e-mail me again, I will post it up on the board.

I was only kidding. :)

BTW I have been doing some .... hmmm....investigating. :)


Anyone ever play with a bootable Linux cd (Phlak). So far it has been really kool. It has allowed me to run Nessus on windows (well linux) and etc.

Originally posted by SlowCobra
Anyone ever play with a bootable Linux cd (Phlak). So far it has been really kool. It has allowed me to run Nessus on windows (well linux) and etc.

Knoppix STD is sweet.

jnNUFENwuNJKlnuqPJH;TJN;NASTIo;nkl;934jtio3;tkgl;m sl

ahjetlg;aieo;ljiao[jkg5j3oy5iojkelakrgjeioj;goijtr;kel;sjklter
jgkl;jareeeeea;gker;gioaejkl;jetrgoas;jkrgkv;m;;;; ;igea;j
jkgl;ajetrtrtrtrtrtrag;oiejjtoir;jh;835t5-qo;wjrkigjklhjrtla;eruAPWUHERBJKSLNFJAKLGUROAPWE8I TO4JI JK;A JRIOPGAOE;R IWORAPTUIROJTEA;JTJ4I5T'JIRJTA89I'JUY58grewtgurqil htugq
qwrghtuqothguwehtgt3t
hqutoqhuithhhhhp3ptq84ytu3oi5;t;KWAPTQUJIO4JTQI3U8 54P3ITOF;JIR;JHEUSGH8;HJRLGHJNBAJKGLUWRQTUWO4TOQPU IGF;Q3489



That is what the most of this whole thread looks like to me!

Originally posted by CrossupBill
jnNUFENwuNJKlnuqPJH;TJN;NASTIo;nkl;934jtio3;tkgl;m sl

ahjetlg;aieo;ljiao[jkg5j3oy5iojkelakrgjeioj;goijtr;kel;sjklter
jgkl;jareeeeea;gker;gioaejkl;jetrgoas;jkrgkv;m;;;; ;igea;j
jkgl;ajetrtrtrtrtrtrag;oiejjtoir;jh;835t5-qo;wjrkigjklhjrtla;eruAPWUHERBJKSLNFJAKLGUROAPWE8I TO4JI JK;A JRIOPGAOE;R IWORAPTUIROJTEA;JTJ4I5T'JIRJTA89I'JUY58grewtgurqil htugq
qwrghtuqothguwehtgt3t
hqutoqhuithhhhhp3ptq84ytu3oi5;t;KWAPTQUJIO4JTQI3U8 54P3ITOF;JIR;JHEUSGH8;HJRLGHJNBAJKGLUWRQTUWO4TOQPU IGF;Q3489



That is what the most of this whole thread looks like to me!

What the asdlkfjaoeijaslkenfalksnlkdjf1239810923 are you talking about?

Originally posted by SlowCobra
They are out of the USA.
Report for rxl.idiglobal.com [209.90.73.119]
Analysis:

Hop %Loss IP Address Node Name Location Tzone


6 12.123.21.98 tbr1-p013701.attga.ip.att.net Atlanta, GA, USA -05:00 15 x AT&T Worldnet Services ATTSVI-12-122-0-0
7 12.122.10.69 tbr2-cl1.wswdc.ip.att.net Washington, DC, USA -05:00 32 x AT&T Worldnet Services ATTSVI-12-122-0-0
8 12.123.217.18 gar1-p360.abnva.ip.att.net --- 28 x AT&T Worldnet Services ATTSVI-12-122-0-0
9 12.118.132.34 - Morristown, NJ, USA -05:00 29 x AT&T Worldnet Services ATTSVI-12-112-0-0
10 207.173.115.109 so-2-0-0--0.cr02.mcln.eli.net - 32 x Electric Lightwave Inc ELI-NETBLK5
11 207.173.115.65 p10-0.cr01.dlls.eli.net Dallas, TX, USA 69 x Electric Lightwave Inc ELI-NETBLK5
12 208.186.20.66 srp2-0.cr02.dlls.eli.net Dallas, TX, USA 71 x Electric Lightwave Inc ELI-2-NETBLK99
13 207.173.114.113 p7-0.cr02.phnx.eli.net Phoenix, AZ, USA -07:00 88 x Electric Lightwave Inc ELI-NETBLK5
14 207.173.114.165 p6-0.cr02.lsvl.eli.net - 90 x Electric Lightwave Inc ELI-NETBLK5
15 207.173.114.38 p9-0.cr01.slkc.eli.net Salt Lake City, UT, USA -07:00 95 x Electric Lightwave Inc ELI-NETBLK5
16 208.186.20.53 srp0-0-0.gw01.slkc.eli.net Salt Lake City, UT, USA -07:00 104 x Electric Lightwave Inc ELI-2-NETBLK99
17 209.210.71.86 gw-cust-FIBER-NET.slkc.eli.net Salt Lake City, UT, USA -07:00 114 x Electric Lightwave Inc ELI-NETBLK98
18 216.83.158.1 1-0-1.core1.fbp.ore.fiber.net Orem, UT, USA -07:00 98 x Fibernet Corporation FIBERNET-216-83-BLK-1
19 216.83.133.31 0-0-0.bdr2.fbp.ore.fiber.net Orem, UT, USA -07:00 95 x NISBIC llc FIBE-216831330
20
21 209.210.71.86 gw-cust-FIBER-NET.slkc.eli.net Salt Lake City, UT, USA -07:00 23855 x Electric Lightwave Inc ELI-NETBLK98
...
209.90.73.119 rxl.idiglobal.com Orem, UT, USA -07:00 Alpine Media FIBERNET-12






This is what the fajkxfnuanwrfawn4njwe;rfa84jhewo I am talking about. I don't have a clue what this is, and prolly don't want to.

how do you know that site itself actually has anyhting to do with these hackers you speak of?

right now i have storage access to a couple of commercial sites and several independent sites but i certainly dont own or host any of them.

not to mention, diversion is the oldest trick in the book.. especially for malicious hackers.

Originally posted by AncientSupra
how do you know that site itself actually has anyhting to do with these hackers you speak of?
not to mention, diversion is the oldest trick in the book.. especially for malicious hackers.

We don't! All we have is the info we are working with. This could be someone that just link there site with his/her hack. But the content on that site needs to be reported to the company.

As far as it being a commecial site, you are correct, it could just be a commerical site that has nothing to do with what is going on. But they need to be aware that someone is breaking there customer policies with them.

But the info I got is where the server is located or where they have directed there proxy too. Regaurdless that site needs to get reported so they can:

1. get the hacker
or
2. try to find any footprints/ take down the website

Originally posted by CrossupBill
I don't have a clue what this is, and prolly don't want to.

It's basically the path to the server where the files are hosted. It shows the hops between routers untill it finally reaches its destination. It's the IP address of the server as well as the name and location. Plus, it's a little jumpled up from being pasted in there so it looks even worse than it really is.

Originally posted by BlownGT
Plus, it's a little jumpled up from being pasted in there so it looks even worse than it really is.

I tried to fix it, but it wouldn't slide or nothing. :(

Originally posted by SlowCobra
I tried to fix it, but it wouldn't slide or nothing. :(

Yeah, it never looks right when you paste it. Not your faut. Or is it... :drunk:

Does this make it easier :)

http://supercompact.gotdns.com/supercompact/pictures/h4x0r5.jpg

:lol: :lol: :lol: :lol: :lol: