---------- Forwarded message ---------- Date: Fri, 20 Jun 1997 19:51:20 -0600 From: Sean Kelly To: jericho@dimensional.com Cc: zen@sekurity.org Subject: Re: recent publicity about the.art.of.security.org (fwd) jericho said: > Greetings. Hello. > I am the owner and primary admin of sekurity.org, and do not appreciate > your slander, especially on a public mail list. The slander being "repository of cracking information", I assume? > Apparently you are as much > the 'idiot' as your hacker friend, in that you are not aware of how things > work either. Well, I do know how a few things work, like this disposable camera I got from Target. :-) Perhaps you'd be more specific---and less insulting at the same time? As a representative for the sekurity.org domain (the administrative and billing contact, to be specific), a modicum of professionalism will smooth our relations greatly. > Is there someone you can complain to? [...] I realize I can complain to you, or to root, or to your ISP/NAP. (I'm even familiar with tools like traceroute!) I could even send a letter to you in Littleton, or send a fax to Dimensional. The reason I was asking was not to determine to whom I could complain, but if such a complaint would be productive---and if so, which would be best. > would like. In any case, CCing letters to root@sekurity.org would be a > standard practice since that gives me (or whoever you are complaining > about) a chance to respond to your slander. "Slander" is a strong term, here. I made an appraisal of files available at the.art.of.sekurity.org which I feel is as accurate as can be based on the limited amount of time I could stay connected. If the files at that server aren't wholly a collection of cracking tools and information, then there should be some kind of login banner or READMEs provided that state their true intent. Furthermore, the owner of that system, zen@sekurity.org, said nothing about slander. In fact, he AGREES with my appraisal of the files. In his own words: | ... yes there is information contained on this machine | that could be used to compromise a systems security ... Let's drop this "slander" terminology since I think it's pretty clear it doesn't apply here. > "the.art.of" is a customer machine that is co-located at this POP. The > admin of that machine is physically out of town, but checking mail > (zen@sekurity.org), so you may contact him there. I was already contacted by him in a courteous and professional manner, yes. > That machine is not the > primary FTP server on this network. "obscure.sekurity.org" is. That I surmised by using (ta-da) nslookup! :-) ftp.sekurity.org is a CNAME entry for obscure.sekurity.org. > hacking information is > directly related to security information. What better way to stop an > attack than to understand how it works? I'm aware of this argument, and I don't have any qualms against it. For the most part. > Your statement that it is a repository for > hacking tools indicates that you either 1) didn't check the site out, I was able to make one successful FTP connection to the.art.of.sekurity.org and was able to make some directory listings. Furthermore, I have the evidence of the break-in showing a number of files transferred from there, all of which were clearly used to compromise security. > 2) didn't know how networks operate and catch the fact that > ftp.sekurity.org is aliased to "obscure", not "the.art.of", NOWHERE in my message did I even mention "ftp.sekurity.org". Perhaps you're referring to this part of my message: | Is anyone aware of | "sekurity.org" and what their purpose is? Is there someone there to | whom I should complain? (Doubtful, as it appears the reason that ftp | site exists is to provide a repository of cracking code.) Here, when I say "that ftp site" I'm referring to the.art.of.sekurity.org, and not the main ftp server at sekurity.org. I can see why there would be confusion. If you wish, I'll offer a public clarification in the same forum in which I originally posted this message. > or 3) were an > 'idiot' as you call your attacker. Hmmmm. > As for our purpose, send a blank letter to info@sekurity.org, finger > info@sekurity.org, or mail root and ask what our purpose is. I am very > open about the activity here, and am always willing to help out other > admins if they have a problem with this network. > > If you have any further questions about ANYTHING on this server, ANY of my > customers, or ANYTHING else security related, I will be more than happy to > assist you in whatever way I can. Thank you for your sudden kindness. -- Sean Kelly NOAA Forecast Systems Laboratory Boulder Colorado USA