[iwar] news

From: Fred Cohen (fc@all.net)
Date: 2001-05-29 07:37:30

Return-Path: <sentto-279987-1260-991147052-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 29 May 2001 07:38:09 -0700 (PDT)
Received: (qmail 26727 invoked by uid 510); 29 May 2001 13:38:36 -0000
Received: from ef.egroups.com ( by with SMTP; 29 May 2001 13:38:36 -0000
X-eGroups-Return: sentto-279987-1260-991147052-fc=all.net@returns.onelist.com
Received: from [] by ef.egroups.com with NNFMP; 29 May 2001 14:37:34 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_1_3); 29 May 2001 14:37:32 -0000
Received: (qmail 43661 invoked from network); 29 May 2001 14:37:31 -0000
Received: from unknown ( by l7.egroups.com with QMQP; 29 May 2001 14:37:31 -0000
Received: from unknown (HELO all.net) ( by mta3 with SMTP; 29 May 2001 14:37:31 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id HAA12760 for iwar@onelist.com; Tue, 29 May 2001 07:37:30 -0700
Message-Id: <200105291437.HAA12760@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Tue, 29 May 2001 07:37:30 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

From: InfoSec News 


BY George I. Seffers 
May 28, 2001

In a two-day rampage against U.S. government Web sites, a group of cyber
vandals dubbed PoizonB0x, attacked two sites maintained by the Defense
Information Systems Agency, the organization tasked with defending
military networks.

The attacks, which included the two Defense Department sites and nine U.S.
government sites, were conducted May 24 and 25. The group also
participated in an apparent multi-group attack on California state sites. 

In a terse confirmation of the attack, a DISA spokeswoman replied, "Yes,
two Defense Enterprise Computing Center publicly accessible Web sites were
defaced. The group claiming responsibility was PoisonB0x."  She added that
no classified networks were infiltrated and that other than the
defacements, no harm was done. 

The two DOD Web sites belonged to DECCs in St. Louis and San Diego,
according to information provided by Attrition.org, a group of volunteers
who maintain a Web site that many information warriors in the military
rely on for news and information about hackers. The information was
confirmed by DISA. 

PoizonB0x defaced nine other government Web sites, including: 

* The chief information officer of the General Services

* NASAs Advanced General Aviation Transport Experiments. 
* The Arcata [Calif.] Fish and Wildlife Office. 
* The U.S. Bankruptcy Court, Eastern District of California. 
* The U.S. District Court, Northern District of Texas.

The group also participated in what appeared to be a multi-group effort to
deface California state government Web sites. Other groups said to be
involved include Hi-Tech Hate and tty0, according to information provided
by Attrition. 

In each of the PoizonB0x attacks, the defacements consist of solid black
backgrounds with large white letters stating that "PoizonB0x Wuz Here." 

In response to e-mailed questions, a PoizonB0x representative said it was
a "pice of cake," getting into DISA's systems and that they could have
taken advantage of three or more other vulnerabilities. PoizonB0x said
that DISA apparently was unaware of the penetration and that no harm was
done other than the defacements. 

"damage? nope, maybe coz i was a lil drunk and lazy, coz i think i could
execute some viruses or backdoors there. i could also format all hdds and
shutdown the system. and u know, i looked through almost all papers there
and i did find them interesting. and, heh, i had an idea to edit some of
'em but i decided to leave the system," the representative said. 



Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 

This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:14 PDT