[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [atlarge-discuss] Hack Report

To: "'At Large Discuss'" <atlarge-discuss@lists.fitug.de>
Subject: RE: [atlarge-discuss] Hack Report
From: "Abel Wisman" <abel@able-towers.com>
Date: Sun, 3 Nov 2002 22:22:37 -0000
Delivered-to: mailing list atlarge-discuss@lists.fitug.de
Importance: Normal
In-reply-to: <5.0.2.1.2.20021104103716.02943128@pop.paradise.net.nz>
List-help: <mailto:atlarge-discuss-help@lists.fitug.de>
List-post: <mailto:atlarge-discuss@lists.fitug.de>
List-subscribe: <mailto:atlarge-discuss-subscribe@lists.fitug.de>
List-unsubscribe: <mailto:atlarge-discuss-unsubscribe@lists.fitug.de>
Mailing-list: contact atlarge-discuss-help@lists.fitug.de; run by ezmlm
Organization: Able Towers
Reply-to: <abel@able-towers.com>

<scrapped cc-list>

Before answering this let me explain something on the principle of
mail-lists:
<soapbox>
All those who are subscribed get the content of the e-mail you sent to
it.
They will get it in a fashion they have chosen for whatever reason they
choose that fashion.
Sending the e-mail to the list and to whoever happens to be in the
header causes about 3 times as much traffic as the original maillist and
absolutely unneccessary.
If the e-mail is sent to the list, a reply will suffice to send and
answer to that list, and lo and behold, we all get it.
</soapbox>

Now on the content:

This is balony(full stop).

If there are back-ups, then thank those who made them, but forget about
bringing the "original" ones back online, I personnaly object strongly
to this, there is enough compromised **** out there without us adding to
it.

Take the site down, change NS as long as needed, put up a "sorry we are
temporarily out of order" sign and move on.

Perhaps we can not get this organization to work the way it would be
great, but let us please not try and stop thinking about what happened
here, nor blame the webmaser, please blame the host, but NOT the
webmaster.

We can learn from this: to move on forward without worrying to much
about our next mistake, which we will make, without blaming for the
errors of the past, but to pursue success while taking lessons of what
went wrong where and how and move forward.

There is more then enough real knowledge on this list to make sure we
can do better, to make sure new mistakes are made, let's try them, not
the same old ones over and over.

Will those who think they hold knowledge please post their ideas, so we
can all convene and get it done ?

Kind regards

Abel

-----Original Message-----
From: Joop Teernstra [mailto:terastra@terabytz.co.nz] 
Sent: 03 November 2002 21:46
To: Bret Fausett
Cc: At Large Discuss
Subject: Re: [atlarge-discuss] Hack Report
Importance: High

At 10:33 a.m. 3/11/2002 -0800, Bret Fausett wrote:
>Early this morning, Sunday 3 November 2002, the discussion forum of the

>icannatlarge web site was apparently hacked. Most of our discussions 
>have moved onto mailing lists, so I have taken the forum off-line until

>the issue can be resolved. I've temporarily put up a replacement page 
>asking conversations to move to <atlarge-discuss@lists.fitug.de>.
>
>      http://icannatlarge.com/forum/
>
>To the best of my knowledge, the culprits did not hack the main site or

>any of the static pages. What was compromised was the online web-based 
>discussion forum, so I assume a security vulnerability in that 
>particular software was exploited.
>
>I apologize if any ongoing conversations on the web-based forum were 
>interrupted by this outage. Please move them to this discussion list 
>until the forum is again up and running.

This is an outrage, Bret.

How can you tell the members to "move their discussion here", when there

are not here?

Taking the Forum offline, with its full record of on-going discussions,
is 
an act of sabotage.
Can you perhaps be more specific about that "apparent" hacking attempt?
Have you discussed it with the Forum Administrator? When the site was
hacked before, I worked 6 hours to update the Forum 
software and had everything  back on-line within 12 hours.

First after your takeover, you have censored our frontpage. Both the
outspoken "palace coup" quotation of Chuck Costello *and* the 
commitment to provide regular site backups to be held in escrow have 
disappeared.

And now 10Mb of archived Forum discussion, Mission Statement drafts, 
Charter Drafts, polls and everything disappears??

Bring it back on-line without delay.
Please.

--Joop

---------------------------------------------------------------------
To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de

---------------------------------------------------------------------
To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de

Follow-Ups:
- RE: [atlarge-discuss] Hack Report
  - From: Joop Teernstra <terastra@terabytz.co.nz>

References:
- Re: [atlarge-discuss] Hack Report
  - From: Joop Teernstra <terastra@terabytz.co.nz>

Prev by Date: Re: [atlarge-discuss] Hack Report
Next by Date: RE: [atlarge-discuss] Supporting an At Large Alliance outside ICANN
Previous by thread: Re: [atlarge-discuss] Hack Report
Next by thread: RE: [atlarge-discuss] Hack Report
Index(es):
- Date
- Thread