Copyright (c), 1996, Management Analytics - All Rights Reserved

Next Part

Over the next however many days, the malicious attempts to cause innocent people to telnet into our site continued. There were misleading pointers placed in Web sites, misleading statements posted to usenet groups and mailing lists claiming that guest accounts and other interesting things could be found at our site. Or response was adapted as we got systems administrator reports from around the net. For example:

You have probably been misled into pushing a button on a Web site under
the auspices of getting a letter from a self-proclaimed security expert. 
Or perhaps you were enticed into trying to telnet into our site by
someone who misrepresented this site as something it is not.  A MUD of
some sort? Perhaps a place where you can get a free guest account? These
are all lies. 

This is part of an attack initiated by people who were caught trying to
break into our site.  It is their way to try to get us to stop detecting
their attacks. 

Their attack has involved more than 2,000 innocent internet sites and
people from all over the world.  It is ongoing and malicious, and you
can help to stop it. 

The best way is to immediately post a message to the same group or site
that lied to you to get you to come here.  Identify the people who lied
to the whole newsgroup, mailing list, or site manager. 

As their falsehoods are revealed and their names become well known
people from all over the world will come to distrust them.  If you send
their names and their postings to our administrator, we will publish
them for the whole world to see. 

The original attack involved fooling Web browsers...

By the next afternoon, we were getting less than one attempt per hour, except from the sites who were clearly malicious attackers. The attempted entries were slowing rapidly.

The attackers moved on. They read this document as it evolved and started using chat rooms at AOL and other IRC facilities to claim that we were giving free accounts away, all to try to keep the volume up. But even malicious people have to sleep. As the weekend came, they went to bed and the telnets went down to less than one every 6 hours.

Next Part