Government Warns of Mass Hacker Attacks
By TED BRIDIS, AP Technology Writer
WASHINGTON - The government and private technology experts warned Wednesday that hackers plan to attack thousands of Web sites Sunday in a loosely coordinated "contest" that could disrupt Internet traffic.
Organizers established a Web site, defacers-challenge.com, which was shut down early Wednesday evening. Before it was removed, the site listed in broken English the rules for hackers who might participate. It cautioned that "deface its crime" — an apparent acknowledgment that vandalizing Internet pages is illegal.
The Department of Homeland Security said Wednesday it was aware of the hackers' plans but did not expect to issue any formal public warnings. The Chief Information Officers Council, part of the Office of Management and Budget, cautioned U.S. agencies and instructed experts to tighten security at federal Web sites.
"Frankly, hacker challenges occur frequently, and we don't think they all rise to the level of a warning," Homeland Security spokesman David Wray said.
Affinity Internet Inc. of Fort Lauderdale, Fla., which operated through a subsidiary the computer servers where the hacker Web site was located, shut down the site for violating a service agreement, Affinity spokeswoman Laura Weir said. The company declined to identify the Affinity customer who set up the Internet site, citing privacy restrictions. Records show the Web address was registered June 21.
Home Internet users, who typically do not operate Web sites, probably would not be affected directly, said Oliver Friedrichs, the senior manager for security response at Symantec Corp.
An early-warning network for the technology industry, operating with Homeland Security, notified companies that it received "credible information" about the planned attacks and already has detected surveillance probes by hackers looking for weaknesses in corporate and government networks.
"We emphasize that all Web site administrators should ensure that their sites are not vulnerable," wrote Peter Allor of Internet Security Systems Inc., the Atlanta-based company that runs the Information Technology Information Sharing and Analysis Center.
Friedrichs, though, said Symantec's global monitoring network wasn't detecting unusual probes.
"We really haven't seen any of that activity," he said. "We're certainly going to keep watching and looking."
Separately, the New York Office of Cyber-Security and Critical Infrastructure Coordination warned Internet providers and other organizations that the goal of the hackers was to vandalize 6,000 Web sites in six hours.
New York officials urged companies to change default computer passwords, begin monitoring Web site activities more aggressively, remove unnecessary functions from server computers and apply the latest software repairs from vendors such as Microsoft Corp.
Chris Rouland, director of the X-force security team at ISS, said researchers monitoring underground chat rooms and other Internet activity detected a drop in the numbers of vandalized Web sites recently and an increase in the types of surveillance scans that typically precede computer break-ins.
"It's kind of a sandbagging period," said Rouland, who predicted that hackers were quietly breaking into computers and waiting to vandalize them on Sunday.
The purported "prize" for participating hackers was 500-megabytes of online storage space, which made little sense to computer experts. They said hackers capable of breaking into thousands of computers could easily steal that amount of storage on corporate networks.

Get your resume ready to say "Successfully defended webserver from armies or Script kiddies"
Article here

No wireless AP's near you?
The number of wireless LAN (WLAN) hot spots worldwide will more than double by 2005, but the services are unlikely to reach "critical mass" until three to five years from now, according to a Gartner analyst. I am glad to be a hacker. Source: PC WORLD

Xbox hackers demand Microsoft play Linux
Found post on: Hack in the Box
A group of Xbox-security researchers say they have found a way to run Linux on the Xbox games console without a mod chip and will go public with the technique if Microsoft won't talk to them about releasing an official Linux boot loader. The group, who have asked not to be named in this article, approached ZDNet Australia after repeated attempts to contact Microsoft independently failed. Find the story at Hack in the Box

A Victory for employee email, bitch about your boss.
After six years of fighting Intel, Ken Hamidi finally scores a victory. California Supreme court ruled Monday that an ex-Intel worker did not trespass on company computer systems when he e-mailed thousands of messages critical of his former employer to staffers at work. So next time you get fired or just don't like your boss, email EVERYBODY. Just make sure you know the difference between slander and criticism.
Source: C|net

Moloch T-Shirts Shopping Cart
Seeing how ordering t-shirts from moloch.org was, I added a paypal shopping cart. Actually, it was Rabbit who suggested it. We currently have two designs on sale and the new design will be up for preview next week. Check out the t-shirts at t-shirts.html

Microsoft offers up Workspaces
Posted on: Hack in the box on 2003-06-28 22:21:42

Microsoft officially rolled out version 1.0 of its Workspaces collaborative development environment this week. Workspaces is a lot like the open-source SourceForge environment, providing developers with a place to create, host and manage software-development projects for free. The environment is aimed at developers who are writing code that is based on the Microsoft .Net Framework. Workspaces offers hooks that enable developers to integrate their projects tightly with Visual Studio .Net. Workspaces users also are able to take advantage of source-control capabilities via their choice of a Web interface or Windows Forms client (in addition to the Visual Studio .Net source-control mechanism). And Workspaces users are authenticated via Microsoft Passport.

Wget from FTC opt-out site: 503
As if they didn't know but after the announcement was made, access to the Do Not Call site was intermittent Friday and the site took roughly 28 seconds to load, said Roopak Patel, an Internet analyst for Keynote Systems, a Web performance and load-testing service company.
Even those fortunate enough to get through to the site and register Friday had trouble. For some--ironically--the desire to block unwanted marketing calls was tripped up by the blocking of unwanted marketing e-mail: Internet service providers either routed the Do Not Call registration confirmation e-mails to users' junk-mail folders, or prevented the messages from reaching in-boxes, due to the way users set up their spam-blocking filters.
If users fail to respond to their e-mail confirmation within 72-hours of its being sent from the Do Not Call site, their telephone number will not be registered, Torok said. Source:C|net.

Will the real tommEE pickles please stand up!
For those who didn't hear about the saga about two years ago. There is this little imposter out there that persists to tell people he is tommEE pickles. He is not. He first stole graphics off of the Moloch Website and used them on his website. He then opened up a homepage saying he was a website designer. Funny, website 'designers' design, not reproduce. This guy them would get instant messages on yahoo IM client. His ID is tommEE_pickles. He would tell everyone that he is a great hacker and impersonate me. Well it appears that he still hasn't given up the username and he apparently is still at the game. He even caps the EE's on tommEE. If you want to have fun, check out the fake at iCe Graphic DesingZ

Oh my, Spam or Money Laundering Scheme?

I recieved this mail today... fun
Return-Path: t_nicholas7@excite.com
Delivered-To: evilgeniusnet-tommEE@evilgenius.net
Received: (qmail 13802 invoked from network); 29 Jun 2003 22:21:06 -0000
Received: from mini.pair.com (209.68.1.138)
by 0 with SMTP; 29 Jun 2003 22:21:06 -0000
Received: (qmail 24513 invoked by uid 3075); 29 Jun 2003 22:21:03 -0000
Message-ID: x0030629222103.24512.qmail@mini.pair.com
Delivered-To: moloch:org
X-Envelope-To: moloch.org
Received: (qmail 24493 invoked from network); 29 Jun 2003 22:21:01 -0000
Received: from 63-109-247-236.btlimited.com (HELO 2mails1205.com) (63.109.247.236)
by mini.pair.com with SMTP; 29 Jun 2003 22:21:01 -0000
From: "Dr. Nicholas Ted" t_nicholas7@excite.com
Reply-To: tnicholas2@go.com
To: moloch.org
Date: Sun, 29 Jun 2003 23:20:19 -0700
Subject: PLEASE REPLY
X-Mailer: Microsoft Outlook Express 5.00.2919.6900 DM
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

From=3A Dr=2E Nicholas Ted
Tel=3A 234-8033074806
fax=3A 234-1-7596714
Email=3Atnicholas2=40go=2Ecom
Dear sir=2FMadam=2C
In order to transfer out =28USD 12=2E6 M=29 Twelve million Six Hundred United
States Dollars=29 from African Development Bank=2E I have the courage to ask you
to look for a reliable and honest person who will be capable for this
important business believing that you will never let me down either now or
in future=2E
I am Dr=2E Nicholas Ted=2C the Chief Auditor of African Development Bank=28ADB=29=2E
There is an account opened in this bank in 1998 and since nobody has
operated on this account again=2E
After going through some old files in the records=2C I discovered that if I do
not remit this money out urgently it would be forfeited for nothing=2E The
owner of this account is Mr=2ESmith B=2EAndreas=2C a foreigner=2Cand a miner at
kruger gold co=2E=2C a geologist by profession and he died since 1998=2E No other
person knows about this account or any thing concerning it=2C the account has
no other beneficiary and my investigation proved to me as well that this
company does not know anything about this account and the amount involved is
=28USD 12=2E6M=29 Twelve Million=2C six Hundred United States Dollars million
dollars=2E I want to first transfer US$6=2C000=2C000=3A00 Six million United States
Dollars from this money into a safe foreigners account abroad before the
rest=2C but I don't know any foreigner=2E
I am only contacting you as a foreigner because this money cannot be
approved to a local bank here=2C but can only be approved to any foreign
account because the money is in us dollars and the former owner of the
account is Mr=2E Smith B=2EAndreas he is a foreigner too=2E
I know that this message will come to you as a surprise as we don't know
ourselves before=2E We will sign an agreement=2C but be sure that it is real and
a genuine business=2E I only got your contact address from International
Business Directory=2Cwith believe in God that you will never let me down in
this business=2E You are the only person that I have contacted in this
business=3B so please reply urgently so that I will inform you the next step
to take immediately=2E Send also your private telephone and fax number
including the full details of the account to be used for the deposit=2E I want
us to meet face to face or sign a binding agreement to bind us together so
that you can receive this money into a foreign account or any account of
your choice where the fund will be safe=2E And I will fly to your country for
withdrawal and sharing and other investments=2E
I am contacting you because of the need to involve a foreigner with foreign
account and foreign beneficiary=2E I need your full co-operation to make this
work fine because the management is ready to approve this payment to any
foreigner=2C who has correct information of this account=2C which I will give to
you later immediately=2C if you are able and with capability to handle such
amount in strict confidence and trust according to my instructions and
advice for our mutual benefit because this opportunity will never come again
in my life=2E I need truthful person in this business because I don't want to
make mistake I need your strong assurance and trust=2E With my position now in
the office I can transfer this money to any foreigner's reliable account=2C
which you can provide with assurance that this money will be intact pending
my physical arrival in your country for sharing=2E I will destroy all
documents of transaction immediately we receive this money leaving no trace
to any place=2E You can also come to discuss with me face to face after which
I will make this remittance in your presence and two of us will fly to your
country at least two days ahead of the money going into the account=2E
I will apply for annual leave to get visa immediately I hear from you that
you are ready to act and receive this fund in your account=2E I will use my
position and influence to effect legal approvals and onward transfer of this
money to your account with appropriate clearance forms of the ministries and
foreign exchange departments=2E
At the conclusion of this business=2C you will be given 35% of the total
amount=2C 60% will be for me=2C while 5% will be for expenses both parties might
have incurred during the process of transferring=2E
I look forward to your earliest reply
Dr=2E Nicholas Ted