abuse from a user of this list
Last night in conjunction with the attacks on my DSL line and the Summit Open Source Development Group, I received a threatening phone call on my home business line at 1:44 in the morning (GMT-5 CST Indiana-East). My roommate answered the call, and the dialog was simply "how's your DSL B----!", then the caller hung up. This evening my roommate informed me of the call, and told me that the caller had not blocked caller ID, the number in question being 320-282-5940. I tracked this number to a T Mobile cellphone in St Cloud, MN. Thinking this might be the kiddie responsible for the attack I made a *67 call back. I was greeted with the voice mail of Matthew Hallacy (AKA poptix) who has used this forum to take cheap shots at myself and my staff repeatedly. Now he has denigrated to simple threats and harassment off list that didn't even get to me but to my roommate who is entirely uninvolved in this. I must note that this incident greatly saddened me, as I would have thought that all on this list have suffered Denial of Service attacks, and understand the seriousness and severity of these attacks, obviously one of us doesn't get it. please contact me if you have questions regarding this incident. -- Andrew D Kirch | trelane@2mbit.com | Security Admin | Summit Open Source Development Group | www.sosdg.org
Quoting from 2mbit.com: Our group was formed after the split of Valley Of The Mage Consulting two years ago. We chose to continue our Open Source/Free Software development services under a new name and bring together all of the sites owned by Brian Bruns and Josh Rollyson under one umbrella. Since you are "Director of Security", I will offer you some advice: 1) Cease your incessant shrieking as it is neither warranted nor desired on this list. 2) It is not possible to "denigrate" to anything. 3) Grow up. At 09:02 PM 10/12/2003 -0500, you wrote:
Last night in conjunction with the attacks on my DSL line and the Summit Open Source Development Group, I received a threatening phone call on my home business line at 1:44 in the morning (GMT-5 CST Indiana-East). My roommate answered the call, and the dialog was simply "how's your DSL B----!", then the caller hung up. This evening my roommate informed me of the call, and told me that the caller had not blocked caller ID, the number in question being 320-282-5940. I tracked this number to a T Mobile cellphone in St Cloud, MN. Thinking this might be the kiddie responsible for the attack I made a *67 call back. I was greeted with the voice mail of Matthew Hallacy (AKA poptix) who has used this forum to take cheap shots at myself and my staff repeatedly. Now he has denigrated to simple threats and harassment off list that didn't even get to me but to my roommate who is entirely uninvolved in this. I must note that this incident greatly saddened me, as I would have thought that all on this list have suffered Denial of Service attacks, and understand the seriousness and severity of these attacks, obviously one of us doesn't get it. please contact me if you have questions regarding this incident.
--
Andrew D Kirch | trelane@2mbit.com | Security Admin | Summit Open Source Development Group | www.sosdg.org
This is not a list issue, nor does anyone on the list care. Please take your blathering back to IRC. http://dictionary.reference.com/search?q=denigrate -- Matthew S. Hallacy FUBAR, LART, BOFH Certified http://www.poptix.net GPG public key 0x01938203
"Matthew S. Hallacy" wrote:
This is not a list issue, nor does anyone on the list care.
Put me down as caring. Moreover, as a long-time participant in this forum, I'm particularly concerned about even anecdotal evidence that one of our posters is mounting an attack on another.
Please take your blathering back to IRC.
It saddens me that ostensible college students have grammar problems, but that stoops to an "ad hominem" attack. Please cease. Eric Kuhnke wrote:
... Since you are "Director of Security", I will offer you some advice:
1) Cease your incessant shrieking as it is neither warranted nor desired on this list. 2) It is not possible to "denigrate" to anything. 3) Grow up.
Based on the web pages at http://2mbit.com/ and http://www.sosdg.org/, I see an effort to improve the community not found at either http://www.poptix.net nor http://techmonkeys.org/. Mayhap all persons involved are young. Never-the-less, I'd like to encourage security awareness. I remember a decade ago, I was an immortal on a local MUD, and helped a promising fellow there who eventually went to work for rediris.es.
Andrew D Kirch wrote:
Last night in conjunction with the attacks on my DSL line and the Summit Open Source Development Group, I received a threatening phone call on my home business line at 1:44 in the morning (GMT-5 CST Indiana-East). My roommate answered the call, and the dialog was simply "how's your DSL B----!", then the caller hung up. This evening my roommate informed me of the call, and told me that the caller had not blocked caller ID, the number in question being 320-282-5940. I tracked this number to a T Mobile cellphone in St Cloud, MN. Thinking this might be the kiddie responsible for the attack I made a *67 call back. I was greeted with the voice mail of Matthew Hallacy (AKA poptix) who has used this forum to take cheap shots at myself and my staff repeatedly. Now he has denigrated to simple threats and harassment off list that didn't even get to me but to my roommate who is entirely uninvolved in this. I must note that this incident greatly saddened me, as I would have thought that all on this list have suffered Denial of Service attacks, and understand the seriousness and severity of these attacks, obviously one of us doesn't get it. please contact me if you have questions regarding this incident.
I'd say you need to contact your FBI office. -- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Based on the web pages at http://2mbit.com/ and http://www.sosdg.org/, I see an effort to improve the community not found at either http://www.poptix.net nor http://techmonkeys.org/.
I didn't draw that conclusion at all. Much the opposite, judging from their photo gallery, they seem like a bunch of script kiddies trying to make a name for themselves in the "open source community", while bumming around for jobs, and doing hosting on their Ameritech DSL in blatant violation of their AUP (any guys from SBC on this list?). I wouldn't take them seriously. Have a listen to http://www.poptix.net/trelane.mp3 for proof of their maturity. Calling someone and telling them to "get a life", in response to a NANOG post, is like a parapalegic telling me I walk funny. Michael Booth
Why do we even have this pissing match going on in NANOG? Take it off line. -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Booth, Michael (ENG) Sent: Monday, October 13, 2003 7:18 AM To: William Allen Simpson Cc: nanog@merit.edu
Based on the web pages at http://2mbit.com/ and http://www.sosdg.org/, I see an effort to improve the community not found at either http://www.poptix.net nor http://techmonkeys.org/.
I didn't draw that conclusion at all. Much the opposite, judging from their photo gallery, they seem like a bunch of script kiddies trying to make a name for themselves in the "open source community", while bumming around for jobs, and doing hosting on their Ameritech DSL in blatant violation of their AUP (any guys from SBC on this list?). I wouldn't take them seriously. Have a listen to http://www.poptix.net/trelane.mp3 for proof of their maturity. Calling someone and telling them to "get a life", in response to a NANOG post, is like a parapalegic telling me I walk funny. Michael Booth
----- Original Message ----- From: "Booth, Michael (ENG)" <MBooth@corp.as26857.com> To: "William Allen Simpson" <wsimpson@greendragon.com> Cc: <nanog@merit.edu> Sent: Monday, October 13, 2003 7:18 AM Subject: Re: abuse from a user of this list
I didn't draw that conclusion at all. Much the opposite, judging from their photo gallery, they seem like a bunch of script kiddies trying to make a name for themselves in the "open source community", while bumming around for jobs, and doing hosting on their Ameritech DSL in blatant violation of their AUP (any guys from SBC on this list?). I wouldn't take them seriously.
Have a listen to http://www.poptix.net/trelane.mp3 for proof of their maturity.
Calling someone and telling them to "get a life", in response to a NANOG post, is like a parapalegic telling me I walk funny.
I aint even going to get in the middle of the spat between poptix and trelane. Thats their fight, not mine. I suggest everyone else butt out of the situation as well. Now, I _do_ take offense to being called a script kiddie. I've been doing development for more then 7 years in various projects under various aliases. I have never once resorted to the tactics and methods of those who attack EFNet servers, SPEWS, Sorbs, Osirusoft, etc. In fact, most of the people who have been attacked are good friends of mine, and I've been working in very great detail and using what limited resources and staff we have to help these people. With no funding, yeah, we can't match the larger security groups or companies, but we've survived hell and back and are still standing on our own feet. People have yet to learn that we help others because we like to, because its the right thing, and because this world is seriously lacking in good guys. We are a group made up of many cultures, from developers, to end users, to gamers (which is why we were one of the biggest sponosors of one of the largest gaming competitions in sweden). Just because we don't make public everything we do doesn't mean we don't exist or haven't done good things. I'm tired of this, I really am. My family is upset at the growing amount of harassment, and thats dragging me farther and farther into this mess. I have enough health problems to begin with. On the Ameritech/SBC AUP issue, the only thing I have to say is that we have a business class DSL line, which is specifically for situations like what we are doing. Its apparent that we are disliked here by some, but hitting below the belt by going after our provider isn't going to solve anything or change anything. -------------------------- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org ICQ: 8077511
Now, I _do_ take offense to being called a script kiddie. I've been doing development for more then 7 years in various projects under various aliases.
What aliases? Unless the "aliases" you've used include "vixie" and "rbush", I think this is testament to your being a script kiddie, concealing your identity out of concern your parents would ground you, or the feds would lock you up, for publishing articles in 2600 and Phrack Magazine. I'm all too familiar with your type.
I have never once resorted to the tactics and methods of those who attack EFNet servers, SPEWS, Sorbs, Osirusoft, etc. In fact, most of the people who have been attacked are good friends of mine, and I've been working in very great detail and using what limited resources and staff we have to help these people.
Wouldn't surprise me if you're friends with the attackers too, considering you seem to wear a black hat as well.
I'm tired of this, I really am. My family is upset at the growing amount of harassment, and thats dragging me farther and farther into this mess. I have enough health problems to begin with.
I'd like to show some sympathy, but I can't. You're the one who started this mess, not them, not anyone else on this list. Grow up.
On the Ameritech/SBC AUP issue, the only thing I have to say is that we have a business class DSL line, which is specifically for situations like what we are doing.
No, it's for businesses connecting to the internet. It's not for businesses doing hosting and other high-traffic applications. SBC/Ameritech has other services for this. I'll be following up privately with their abuse department.
This kind of vitriol on a public list is immature at best. Please take it elsewhere. -- Scott Francis || darkuncle (at) darkuncle (dot) net illum oportet crescere me autem minui On Mon, Oct 13, 2003 at 08:46:43AM -0400, MBooth@corp.as26857.com said: [snip]
What aliases?
Unless the "aliases" you've used include "vixie" and "rbush", I think this is testament to your being a script kiddie, concealing your identity out of concern your parents would ground you, or the feds would lock you up, for publishing articles in 2600 and Phrack Magazine. I'm all too familiar with your type. [snip] Wouldn't surprise me if you're friends with the attackers too, considering you seem to wear a black hat as well. [snip] I'd like to show some sympathy, but I can't. You're the one who started this mess, not them, not anyone else on this list. Grow up. [snip] No, it's for businesses connecting to the internet. It's not for businesses doing hosting and other high-traffic applications. SBC/Ameritech has other services for this. I'll be following up privately with their abuse department.
"Booth, Michael (ENG)" wrote:
Based on the web pages at http://2mbit.com/ and http://www.sosdg.org/, I see an effort to improve the community not found at either http://www.poptix.net nor http://techmonkeys.org/.
I didn't draw that conclusion at all. Much the opposite, judging from their photo gallery,
Perhaps you have your citations backward? At 2mbit and its companion, I see no photo gallery.... OTOH, at poptix.net, I see a photo gallery link.
they seem like a bunch of script kiddies trying to make a name for themselves in the "open source community", while bumming around for jobs, and doing hosting on their Ameritech DSL in blatant violation of their AUP (any guys from SBC on this list?). I wouldn't take them seriously.
Have a listen to http://www.poptix.net/trelane.mp3 for proof of their maturity.
Hmmm, I didn't see such a thing on that website main page, nor do I now. That link is hidden. Methinks we have a shill for poptix, or the same person posting from alias accounts.... "Sirius F. Crackhoe" wrote:
Why do we even have this pissing match going on in NANOG? Take it off line.
Why do we have pseudonymous posters to NANOG? A google search doesn't reveal particularly enlightening discourse from that account. Apparently, the sirius guys at poptix already took it off-line, to taunt the fellows that were suffering the DoS. Any DoS and other attack is pertinent, but especially so from another member of the list. I've seen this before, as we host a number of sites, and sell DSL service. A few years back, we hosted the new flag proposal website for Mississippi. The goodol'boys wanted the Confederate battle flag. It was hard to imagine the hate going on there.... I certainly was grateful for assistance from other NANOG members. -- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
On Mon, Oct 13, 2003 at 12:15:02PM -0400, William Allen Simpson wrote:
Put me down as caring. Moreover, as a long-time participant in this forum, I'm particularly concerned about even anecdotal evidence that one of our posters is mounting an attack on another.
For clarification, no, I had nothing to do with the attacks on his network, from what I've gathered they were the result of Andrew taunting the wrong group of people with something like "haha, i've got you now, i'm calling the FBI", not very intelligent. http://www.poptix.net/trelane.mp3 The voicemail that was left on my phone, the voice and words of person who needs to get a grip. I made no threats against him, I expressed my lack of sympathy for the playground bully who is now receiving what he's dished out so many times before.
It saddens me that ostensible college students have grammar problems, but that stoops to an "ad hominem" attack. Please cease.
I felt it was the only thing even nearly relevant to the list.
Based on the web pages at http://2mbit.com/ and http://www.sosdg.org/, I see an effort to improve the community not found at either http://www.poptix.net nor http://techmonkeys.org/.
I create and host documents with information that is scarce, and useful, if it's not useful to you, there is a link to Google in there somewhere. http://techmonkeys.org is not mine, nor do I control the content therein.
Mayhap all persons involved are young. Never-the-less, I'd like to encourage security awareness. I remember a decade ago, I was an immortal on a local MUD, and helped a promising fellow there who eventually went to work for rediris.es.
Security awareness is one thing, complaining to nanog because your DSL is under attack is not going to benefit anyone, it had no impact on anyone beyond the end user, afaik. If everyone reported every attack on their home DSL/Cable/dialup to nanog, the S/N ratio would drop like a rock. (if that's still possible)
I'd say you need to contact your FBI office.
Personally, I'd start by evaluating if there was something I could do to not incur further attacks. The FBI is not going to care, nor have they ever when it was an incident like this. -- Matthew S. Hallacy FUBAR, LART, BOFH Certified http://www.poptix.net GPG public key 0x01938203
participants (8)
-
Andrew D Kirch
-
Booth, Michael (ENG)
-
Brian Bruns
-
Eric Kuhnke
-
Matthew S. Hallacy
-
Scott Francis
-
Sirius F. Crackhoe
-
William Allen Simpson