From: Aleph One <aleph1@dfw.net>
Date: Thu, 11 Jan 96 17:39:02 PST
To: Mark <mark@zang.com>
Subject: Re: Mitnik and Shimomura
In-Reply-To: <199601112238.MAA04861@zang.com>
Message-ID: <Pine.SUN.3.91.960111193209.23671A-100000@dfw.dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 11 Jan 1996, Mark wrote:

> It was not a trap. Shimomura was caught with his proverbials down. His
> arrogance made him complacent and as such he didnt take the most basic
> steps to keep the attack out.
> 
> According to Tsutomo's own account of the incident he was only able to
> decipher what happened because the attacker(s) didnt clean away the info
> off the hard drive when they were finished. They rm'd sure but he dd'd
> the raw disk to another drive and worked through the blocks until he
> found the two tools that were used to effect the intrusion. He was also
> able to recover the tcpdump logs that were erased.
> 
> If the intruder(s) had rm'd the data and THEN done a mkfile that filled the
> disk with 0's then most of what we know today would not be available.
> As mentioned a week or two back, filling the unused portions of blocks with
> 0's would probably also be necessary.

Yes but the the attacker would have been a malicous one wouldnt he?

> As to wether Mitnik is capable of effecting the intrusion, that is yet to
> be ascertained. He claims no involvement in it and based on whats known of
> his cracking prowess there is a certain truth to it. He's infinitely better
> with a phone than a keyboard.
> 

And hes not the one that made the phonecalls either.
BTW,I'am I the only one bother to see my tax dollars being wasted
my scsd.edu hosting www.takedown.com a commercial venture?
Iam sure T&M have ebough money after book and movie deals to pay
for their net access.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01