Asmo
Site Admin
Joined: 26 Oct 2004
Posts: 663
Location: Undernet
|
 Posted: Wed Oct 27, 2004 10:28 am?? ?Post subject: August 2004
|
 |
|
CIT/FooNet FBI raid related to DDoS
Friday, August 27 2004 by Asmo
"A Massachusetts businessman allegedly paid members of the computer underground to launch organized, crippling distributed denial of service (DDoS) attacks against three of his competitors, in what federal officials are calling the first criminal case to arise from a DDoS-for-hire scheme", this post on Securityfocus reports.
And reading the post further down, we see a familiar name; "Paul Ashley, 30, of Powell, Ohio, is named in a separate criminal complaint as Echouafni's go-between in arranging two of the attacks. Ashley was the network administrator of the Web and IRC hosting company CIT/FooNet, run from his home, which was shuttered sometime after being raided by the FBI last February. Three other Americans and one U.K. citizen are charged with actually carrying out the attacks."
Allegedly, Ashley received $1000,- USD for staging a DDoS attack against two competitors of the Massachusetts businessman, Jay Echouafni. To perform the attacks Ashley recruited three scriptkiddies, "Emp," "Rain," and "sorCe" (Joshua Schichtel, Jonathan Hall, and Lee Walker). By example, sorCe had an Agobot net consisting of between 5000 and 10000 infected machines.
"I think it's the first case of its kind involving a DDoS for commercial advantage or for hire," says Alikhan. "There are DDoS attacks all the time organized on IRC, but this is certainly the first case where you have a corporate executive who was using the services of another person to launch attacks against competitors."
You can find the full article on Securityfocus.
Update: Also The Register has a story on this subject now.
There have been 20 comments added to this article.
XChat goes shareware for Windows
Thursday, August 26 2004 by Asmo
"Due to the large amount of time and expense expended in creating X-Chat for Windows, it will only be available to registered users from now on" the website of XChat reports.
We asked the coder of XChat Zed if the move caused any reactions from Windows users. "Well of course, the reaction has been mixed. What you have to remember is you can still google for 2.0.10c and use it for ever. But, I'm under no obligation to keep creating Windows releases for free."
"Those who have tried to create a usable Windows exe of the program will understand. Most of them had problems, and lots of them. Most people who have ever got it built asked me for help", Zed continued in a reaction to IRC-Junkie.
One of those people have been Silverex, who until yesterday had a subdomain on XChat.org, http://silverex.xchat.org/ where he offered custom builds of XChat for windows.
Silverex explains about the differences between the XChat windows build, and his: "zed compiles gtk+ libraries into xchat.exe executable itself, mine uses gtk+ runtime environment, which many gtk+ for windows applications can share. thus, one can change gtk themes on my build. there are also several other minor differences. zed can and is able to hack gtk+ so it would look better, I'm stuck with official gtk sources, which lack some features."
Zed asked Silverex to move his website from the XChat.org domain, and the domain is now disabled.
"It's, of course, absolutely logical thing to do", Silverex continues, "free and shareware builds in the same xchat.org domain would conflict. Anyway, I'm fully supporting him, me myself have to earn money for living. Though I do not plan to ever make my build non-free."
Silverex has setup a temporary website where is offering the current 2.4.0 Windows version for download. On the same page he is also asking his users for some help. "Since I have no money for a domain (like silverex.info), maybe someone could provide me with that or both?"
There has been some discussion on whether this move would break the GPL under which XChat is released. We can read in the GPL: You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. As long as the source code is made available, a fee can be charged for making a binary available under the GPL.
Edit: http://www.silverex.org/ and http://www.silverex.info/ are now functional.
Update: We got in contact again with Zed, the coder of XChat, and have asked him a few questions.
We asked Zed if he will release the source code he uses for the Windows version as well, as people complain using different code is breaking the GPL. "My Windows version is not released under GPL and it makes use of only LGPL libraries (the modifications of which I've made available)."
Pomac, one of the contributors expressed his unhappiness about this move on the comments section on this post. Is there anything going to be done to resolve any issues with your contributors? "When contributors send me code, there are no terms and restrictions expressed.
However, I'll always respect all contributors' wishes. If they want their code removed, that isn't a problem, they just have to ask. But, I don't think it would achieve anything positive. In most cases I'll just rewrite those parts and release it under G.P.L in the next source tarball release.".
In a reaction to IRCJunkie Pomac commented on the situation: "As i said in the comment, Paypal is OK, he can beg on his bare knees about the paypal account, but not forcing it on people like this. (And also as noted by people in the forum, you can charge for the act of getting the binaries, which is what the distributions live on, but not 30 days later.)"
There have been 50 comments added to this article.
Spam infects Winamp
Thursday, August 26 2004 by Asmo
"That's the lesson for Winamp users, after a group of security researchers discovered that spyware makers are using a flaw in the way the multimedia software loads graphical themes, or skins, to infect PCs with their wares", this article reports on C|Net.
All users clicked on links which they received as spam over IRC channels. The exploit allows malicious users to execute arbitrary code, and as expected, the infectees on their turn will start spamming on IRC to get more users infected.
Don't click links from people you are not 100% solid on if you can trust them or not.
There have been 4 comments added to this article.
Eggdrop 1.6.17 released
Tuesday, August 24 2004 by Asmo
Just over 2 weeks after the RC was released we now see the full Eggdrop 1.6.17 version.
Full release notes can be found here.
A new 1.7 development tree has been founded where IPv6, SSL, and dynamic channel mode support can be added. The previous 1.7 tree has been renamed to 1.9 which will eventually become the next major release of Eggdrop, 2.0. For a glimpse on what that release will look, please read the interview we had with guppy (look no capitals guppy!) in September 2000.
There have been 0 comments added to this article.
Anope 1.7.5 released
Tuesday, August 24 2004 by Asmo
Anope 1.7.5 has been released yesterday of this popular IRC services package. Some of the changes include: full Bahamut 1.8 support, Hungarian and Polish language files and a series of bugfixes. You can find a complete list of changes in the change log.
You can find Anope here.
There have been 0 comments added to this article.
Channel websites gone due to hardware failure
Monday, August 23 2004 by Asmo
"Within the past hour we have had a failure of one of the hard disks in the server that hosts the http://channels.dal.net websites", this news item reports on the DALnet website.
"Due to the size of this system and the volunteer nature of the service, none of the data was backed up and any data that has been lost has been lost permanently", the site reports.
We asked Doc_Z if it was never discussed whether there should be backups made. "It had always been considered, however due to the large quantity of data (in excess of 6gb) it's always been largely problematic to backup as there are no other machines with spare space under our control at that data center.
Ironically enough I had just started a backup system which was being trialed to a computer inside of my network using rsync, however this only covered the official DALnet sites (again due to the size)."
"We've had a couple of people say that it's been an inconvenience, however most are understanding to our cause to the extent that they extend their best wishes", Doc_Z continues.
About 50% of the data which got lost was from channels which already expired. They were still lingering around from when the system was not automatically cleaning out expired channels.
There have been 11 comments added to this article.
Review IRC Hacks by O'Reilly
Tuesday, August 17 2004 by Asmo
For those waiting for my review on this new release from O'Reilly's Hack series, you can now find it here.
There have been 0 comments added to this article.
XChat 2.4.0 released
Monday, August 16 2004 by Asmo
XChat 2.4.0 is released. A few crash bugs have been fixed, but the most important changes seems to be in the way information is displayed, with a new default theme.
" Constructive criticism of the default scheme is welcome (i.e. suggest alternatives, show screenshots, and convince everyone it's better). But, the colors and text-events were chosen for good reasons:
o Colors are mainly used for informational purposes, not to decorate.
o Green for Joining, Yellow for Parting/Quiting is logical.
o Red for highlight events, since they are most important.
o The <> around nick names are not necessary. These were only useful on text clients running in black-and-white. This presents a slight problem when cut&pasting", the forum reads.
You can download XChat here.
There have been 18 comments added to this article.
jIRCii Stable 14 Released
Thursday, August 12 2004 by Asmo
"After some intense development jIRCii Stable 08.07.04 has been released. During the beta process jIRCii received over 9000 downloads. A special thanks to all of you who offered suggestions and feedback to help make a jIRCii stable release possible", developer Raffi said in a reaction to IRC-Junkie.
Besides a few bugfixes, this stable release also shows a few new features in the whatsnew.txt, mostly of an cosmetic character.
jIRCii has seen many releases the last few months, so we asked Raffi if this current release will stand for a while. "Definitely safe to call it stable for awhile. I need a break  Its been a couple of days since I released the stable version and I haven't found anything too big, so I'm comfortable putting the project down for awhile", Raffi assures us.
jIRCii is a Java based IRC client and runs on a multitude of OS flavors including Windows, MacOS X, and Linux. You can find it here.
There have been 0 comments added to this article.
GameSurge introduces custom hosts
Thursday, August 12 2004 by Asmo
Hosthiding is an hot issue on IRC networks. Undernet users .users.undernet.org, as does many Ircu based networks, other spoof the host of the user mathematically.
GameSurge decided that could be done a better way. "GameSurge is pleased to announce a new custom host service that is being made available for our users. For a nominal fee, users can select from a dictionary list of titles for their current fake host, or alternatively create their very own fake host without the need of a bounce or vhost", their site reports.
There is a small catch however, to use these custom hosts users will have to pay a small fee. "GameSurge is offering this additional service for a fee to pay the bills! We are hoping to collect enough money to pay off our remaining legal fees", the site specially setup for this service explains. They are referring to the domain dispute we reported on first on 19th of February 2003. The prices asked are friendly prized if compared to for example a BNC shell account.
For more information visit http://customhost.gamesurge.net/.
There have been 20 comments added to this article.
Dangerous Peace & Protection exploit
Tuesday, August 10 2004 by Asmo
"A new exploit has been found in the very popular script Peace & Protection v4.22 which allows a remote user to execute arbitrary code on any mIRC client running this script. The script is available for download on most popular scripting websites", zack^ wrote in a reaction to IRC-Junkie.
The exploit can be abused when a mIRC with this script is not currently the active application, and a new query window opens directly (not for example with the "single message window" in between) containing a specially crafted message.
"The exploit was originally located a short while ago, but was not fixed effectively. It appears that not many PnP users even knew of the previous exploit or any fixes for it", zack^ continues. "The new exploit IceShaman and I found bypasses the old fix, and breaks the currently exploitable versions of PnP found on many scripting websites."
Peace & Protection has an excellent record for being one of the most stable and reliable "full scripts" around. In the past the scripster, Pai (also known as MissPai) included fixes for exploits found in mIRC which had not been fixed in an updated mIRC for example.
The updated version where this exploit has been fixed can be found on MircScripts.org, direct download link here. To update, close down mIRC and overwrite your old files with the ones from the .zip file.
There have been 10 comments added to this article.
IRC Hacks released by O'Reilly
Friday, August 6 2004 by Asmo
This month, O'Reilly released a new book in their Hacks series, IRC Hacks.
"IRC Hacks is a collection of tips and tools that cover just about everything needed to become a true IRC master, featuring contributions from some of the most renowned IRC hackers," the description reads on O'Reilly's website, where you can also download 10 sample hacks.
A copy signed by the author, Paul Mutton, is currently bid on eBay.
Keep an eye out on the reviews section on this website where we will post a review soon.
There have been 11 comments added to this article.
Darkbot.org problems
Friday, August 6 2004 by Asmo
"Darkbot.org is gone for now the server it was on had a severe mishap", project leader Juice told IRCJunkie in an email.
The IRC server of the project is still available at irc.darkbot.org, and the bot itself will still be available from Sourceforge.
Darkbot is a kind of AI type of bot which is especially used a lot on help channels where it helps to answer FAQ's.
There have been 0 comments added to this article.
Eggdrop 1.6.17 Release Candidate 1 released
Friday, August 6 2004 by Asmo
Eggdrop 1.6.17 Release Candidate 1 got released. Amongst the more prominent changes is that it will compile now on Mac OS X, and compiling and crash errors are fixed.
You can find the complete release notes here and Eggdrop can be downloaded here.
There have been 1 comments added to this article.
Putty 0.55 released
Wednesday, August 4 2004 by Asmo
Putty is a popular freeware Telnet and SSH client for Windows and *NIX.
"This is a bug fix release to 0.54, and also a SECURITY UPDATE. We recommend that _everybody_ upgrade, as soon as possible," Simon put in an email to subscribers of the Putty release list.
The exploit lies in the pre-verification where a maliscious SSH2 server could spoof itself making you think your connected to a certain server, while you are not. Exact impact is unknown, but in theory the server could make you execute code you don't really want executed at all.
Besides this security fix, there are serveral other bugs and improvements making the update more then worthwhile.
To end with the same words as Simon: "I repeat: PuTTY 0.55 fixes a SERIOUS SECURITY HOLE in all previous versions of PuTTY. You should upgrade now."
There have been 4 comments added to this article.
_________________
Asmo
webmaster www.IRC-Junkie.org
|
|
???
