|
Donations |
|
 |
|
|
|
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
|
|
|
Survey |
|
|
|
|
|
|
|
|
Translate |
|
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
TMOV
Colonel
Premium Member
Joined: Feb 05, 2004
Posts: 1573
|
 Posted: Thu May 06, 2004 10:16 pm Post subject: |
|
|
| TMOV wrote: |
| phoenix22 wrote: |
?? becomes where did tank864?? no such user
tank863 post it....no record on file of that post.... |
ok i'll go back to jaguar and check on the uname to be sure.
tmov
|
ok here you go from jaguar,copy and pasted.
dmolavi
JPC Member
Registered: May 2004
Location:
Posts: 1
from a comment posted on computercops (not my comment, but it is interesting, if not a "well duh" by now):
Paul,
Seems that yor woes are a direct result of the gaobot virus/worm
Read on:
http://sarc.com/avcenter/venc/data/w32.gaobot.afj.html
http://us.mcafee.com/virusInfo/defa...&virus_k=125006
It seems that ryan1918.org is a redirect of the gaobot and since it is redirected at your site.. you are getting all the traffic from the gaobot virus...
I will talk to you tomorrow..
Tank863
Report this post to a moderator | IP: Logged
05-06-2004 09:12 AM
that should clear it up.
tmov
|
|
| Back to top |
|
 |
TMOV
Colonel
Premium Member
Joined: Feb 05, 2004
Posts: 1573
|
| Posted: Thu May 06, 2004 11:34 pm Post subject: |
|
|
had a hard time getting here just now,
when i did there are 214 guests and 11 registered members online.
tmov |
|
| Back to top |
|
|
phoenix22
General
Premium Member
Joined: Mar 08, 2002
Posts: 4521
Location: "DEROS"
|
| Posted: Fri May 07, 2004 10:06 am Post subject: |
|
|
| yepper.....thnks |
|
| Back to top |
|
|
TMOV
Colonel
Premium Member
Joined: Feb 05, 2004
Posts: 1573
|
| Posted: Fri May 07, 2004 4:09 pm Post subject: |
|
|
Re: Server Attacks Update (Score: 1)
by TMOV on Friday, 07 May 2004 @ 15:04:52 EDT
(User Info | Send a Message)
how interesting that this attack on ccsp would occur when PAUL AND ROBIN are on their HONEYMOON.
if i were an active intel gathering person my first impression would be that someone with access to closely guarded information such as the plans for a marriage and honeymoon would be the first suspect.
who would have the opportunity and the motive to pass on such information and to co-ordinated such an event?
who has the technical expertise to hide well enough to try to get away with something as nefarious as this?
a jilted lover?
an ex associate?
an illminded individual that has been banned from the site by having their ip banned and who swore they could come back spawned 4,000 times over if they wanted to through 2,000 pc's?
you know i just have to remind all those who would think that hiding is possible forever that there is a man named TED KAZYNSKI [SP] that is in federal prison at this time who was a mental giant in the field of mathematics and an assoc. professor at u.c.berkley that was eventually found by some accident and turned in by his own brother and then detained arrested arrainged and prosecuted and sentenced to a long term for murder by bombs delivered through the us mail.
sick people are all over this planet.
this man kazinsky used the U.S. POSTAGE STAMPS ON HIS MAIL BOMBS which were a difinititive issue and the man on the stamps was EUGENE O'NEILL[SP].
THE AUTHOR OF THE ICE MAN COMETH'
THE ICE MAN ,,,,WAS DEATH.
A ONE DOLLAR DEFINITIVE OF WHICH I HAVE A FEW THAT I HAVE COLLECTED BECAUSE OF THE STORY PRINTED IN LYNNS STAMP WEEKLY ABOUT THE EUGENE O'NEILL STAMP AND ITS CONNECTION TO THE UNA-BOMBER,T.KAZYNSKI.
WE WILL FIND OUT WHO IS THE CULPRIT HERE EVEN IF HIS BROTHER, SISTER OR MOTHER TURNS HIM OR HER OR THEM IN.
TMOV |
|
| Back to top |
|
|
k027
1st Responder
Joined: Aug 25, 2003
Posts: 1247
Location: USA
|
| Posted: Fri May 07, 2004 10:35 pm Post subject: |
|
|
Theodore Kaczynski was caught because of his arrogance and vanity. He demand that his "Manifesto" be published. If I remember correctly, The New York Times and The Washington Post complied. Kaczynski's brother, read the manifesto, recognized Theodore's ideology and writing style, and turned his brother in.
It's amazing how many criminals are caught because of their vanity and arrogance. I suspect that somewhere out in cyberspace someone is bragging about having brought down CCSP. And I suspect that one of those listening will be appalled enough to turn the perp in.  |
|
| Back to top |
|
|
TMOV
Colonel
Premium Member
Joined: Feb 05, 2004
Posts: 1573
|
| Posted: Sat May 08, 2004 12:08 am Post subject: |
|
|
| k027 wrote: |
Theodore Kaczynski was caught because of his arrogance and vanity. He demand that his "Manifesto" be published. If I remember correctly, The New York Times and The Washington Post complied. Kaczynski's brother, read the manifesto, recognized Theodore's ideology and writing style, and turned his brother in.
It's amazing how many criminals are caught because of their vanity and arrogance. I suspect that somewhere out in cyberspace someone is bragging about having brought down CCSP. And I suspect that one of those listening will be appalled enough to turn the perp in. |
editing 'cause of posting at jaguarpc had numbers transposed.
in this matter we are talking about the following person.
B00M
JPC Member
Registered: Mar 2004
Location: New Orleans
Posts: 2
maybe you can notify yahoo that the ddos attack to his addy is now being redirected to their site. maybe that will get him in some hot water.
and hey jason...its ryan1918.com not ryan1819.com
here is the whois.
quote:
--------------------------------------------------------------------------------
whois record for: ryan1918.com
Current Registrar: ENOM, INC.
Click here if this is your domain and you would like to switch registrars.
registrar: ENOM, INC.
whois: whois.enom.com
referrer: http://www.enom.com
Nameservers:
NS0.XNAME.ORG
NS1.XNAME.ORG
status: REGISTRAR-LOCK
expires: 15-apr-2005
Registrar Data:
Registration Service Provided By: VH Technologies, LLC
Contact:
Visit: http://www.versehost.com/
Domain name: ryan1918.com
Registrant Contact:
ryan le ([email protected])
+1.2062022130
Fax: +1.
191 josh st
mt morris, MI 48609
US
Administrative Contact:
ryan le ([email protected])
+1.2062022130
Fax: +1.
191 josh st
mt morris, MI 48609
US
Technical Contact:
ryan le ([email protected])
+1.2062022130
Fax: +1.
191 josh st
mt morris, MI 48609
US
Billing Contact:
ryan le ([email protected])
+1.2062022130
Fax: +1.
191 josh st
mt morris, MI 48609
US
Status: Locked
Name Servers:
ns0.xname.org
ns1.xname.org
Creation date: 15 Apr 2002 13:43:02
Expiration date: 15 Apr 2005 13:43:02
--------------------------------------------------------------------------------
Last edited by B00M on 05-08-2004 at 06:55 AM
Report this post to a moderator | IP: Logged
05-08-2004 06:51 AM
jason
JPC Super User
Registered: Sep 2001
Location: Rochester, NY
Posts: 2355
quote:
--------------------------------------------------------------------------------
Originally posted by B00M
and hey jason...its ryan1918.com not ryan1819.com
here is the whois.
--------------------------------------------------------------------------------
Oops...my bad. I must have mistyped it when I did the whois lookup. Appologies to the owner of ryan1819.com if he ever sees this.
--Jason
__________________
Jason Pitoniak
Interbrite Communications
http://www.interbrite.com
Report this post to a moderator | IP: Logged
05-08-2004 08:18 AM
Vin DSL
Shagadelic ®
Registered: Mar 2003
Location: Arizona Uplands IQ: 138 and counting...
Posts: 1943
I you want to see something really funny, jason, check out the A record for ryan1918.net. It is being directed to the site of legendary cyber squatter, Emil Kacperski. This guy hijacked an entire slash 16 block from the City of Los Angeles and resold them for like 5 years, before he got busted.
Nice company this guy keeps, huh?
__________________
Jag
Administrator
Registered: Sep 2001
Location:
Posts: 2206
Ryan, to put it bluntly you are not welcome here. Your are not a paying client and therefore your words here in our forums have zero weight!
__________________
Greg Landis
JaguarPC.com - HostGUI.com - DedicatedSpace.com
Report this post to a moderator | IP: Logged
05-07-2004 06:01 AM
Zhen-Xjell
JPC Super User
Registered: Jan 2002
Location:
Posts: 411
Here is my question... I'm a dedicated customer, and Jag is saying my sites might be shut down.
How is ryan1918 running a site that redirects all traffic to me (and now to Yahoo) and doesn't get shut down? I may have missed it, but someone, please explain this to me.
__________________
http://nukecops.com | http://computercops.biz
Report this post to a moderator | IP: Logged
05-07-2004 06:28 PM
OspreyServices
JPC Member
Registered: Feb 2004
Location:
Posts: 40
quote:
--------------------------------------------------------------------------------
Originally posted by Zhen-Xjell
Here is my question... I'm a dedicated customer, and Jag is saying my sites might be shut down.
How is ryan1918 running a site that redirects all traffic to me (and now to Yahoo) and doesn't get shut down? I may have missed it, but someone, please explain this to me.
--------------------------------------------------------------------------------
He is not a Customer here do Jag can not really do anything...
However Trace is Host/Registar and see if they can remove the Redirect....
Report this post to a moderator | IP: Logged
05-07-2004 07:13 PM
jason
JPC Super User
Registered: Sep 2001
Location: Rochester, NY
Posts: 2354
quote:
--------------------------------------------------------------------------------
Originally posted by Zhen-Xjell
How is ryan1918 running a site that redirects all traffic to me (and now to Yahoo) and doesn't get shut down?
--------------------------------------------------------------------------------
Easy--all he has to do is set up an A record in his DNS zone that points at your IP address. Admins can't be bothered with checking every IP in their DNS records to make sure everything legit, it would be way too time consuming.
quote:
--------------------------------------------------------------------------------
Report this post to a moderator | IP: Logged
05-07-2004 07:57 PM
Zhen-Xjell
JPC Super User
Registered: Jan 2002
Location:
Posts: 411
You are right... a dig on his A record shows:
;; ANSWER SECTION:
ryan1918.com. 86400 IN A 216.109.118.72
ryan1918.com. 86400 IN A 216.109.118.66
ryan1918.com. 86400 IN A 216.109.118.67
Going back to Yahoo.
__________________
http://nukecops.com | http://computercops.biz
|
|
| Back to top |
|
|
TMOV
Colonel
Premium Member
Joined: Feb 05, 2004
Posts: 1573
|
| Posted: Sat May 08, 2004 1:53 pm Post subject: |
|
|
more on this guy:
DNS Traversal for ryan1918.com.
Generated by www.DNSstuff.com
Getting NS record list at f.root-servers.net... Done!
Looking up at the 13 com. parent servers:
Server Response Time
l.gtld-servers.net ns0.xname.org. ns1.xname.org. 119ms
a.gtld-servers.net ns0.xname.org. ns1.xname.org. 119ms
b.gtld-servers.net ns0.xname.org. ns1.xname.org. 119ms
c.gtld-servers.net ns0.xname.org. ns1.xname.org. 120ms
d.gtld-servers.net ns0.xname.org. ns1.xname.org. 120ms
e.gtld-servers.net ns0.xname.org. ns1.xname.org. 120ms
f.gtld-servers.net ns0.xname.org. ns1.xname.org. 120ms
g.gtld-servers.net ns0.xname.org. ns1.xname.org. 120ms
j.gtld-servers.net ns0.xname.org. ns1.xname.org. 120ms
h.gtld-servers.net ns0.xname.org. ns1.xname.org. 220ms
i.gtld-servers.net ns0.xname.org. ns1.xname.org. 221ms
k.gtld-servers.net ns0.xname.org. ns1.xname.org. 221ms
m.gtld-servers.net ns0.xname.org. ns1.xname.org. 319ms
Status: Records all match.
Looking up at the 2 ryan1918.com. parent servers:
Server Response Time
ns0.xname.org 216.109.118.66 216.109.118.67 216.109.118.72 197ms
ns1.xname.org Timeout
Status: Records DO NOT all match: Results from ns1.xname.org do not match results from ns0.xname.org. |
|
| Back to top |
|
|
TMOV
Colonel
Premium Member
Joined: Feb 05, 2004
Posts: 1573
|
| Posted: Mon May 10, 2004 3:04 pm Post subject: |
|
|
this is the record of ip's banned during the ddos against ccsp.
use this link to view, there are an awful lot of them ,but get all the way to the bottom and you can see the ones for the attack period.
http://www.computercops.net/ipbans.txt
tmov |
|
| Back to top |
|
|
TMOV
Colonel
Premium Member
Joined: Feb 05, 2004
Posts: 1573
|
| Posted: Tue May 11, 2004 6:17 pm Post subject: |
|
|
-----Original Message-----
From:
Sent: Tuesday, May 11, 2004 3:11 PM
To: '[email protected]'
Subject: distributed denial of service attack originating in your jurisdiction
The phone contact doesn’t work.
This is not a joke.
And I am not anonymous.
I am a user and member of computercops.net.
My user name is TMOV.
My name is:
EMAIL:
In your jurisdiction is a man with a domain name;ryan1918.com
He launched a distributed denial of service attack against two computer security websites.
The sites are:
Nukecops.net and a sistersite,computercops.net.
I have filed a complaint with the dept. of justice.
The complaint number is in the following item that I copied and pasted here.
TMOV
Post subject: DDOS- COMPLAINT FILED- internet crime complaint center
--------------------------------------------------------------------------------
complaint filed with the dept of justice.
re:the DDoS attack on computercops and nukecops this past weekend.
you may add to the complaint on file at this link and by using this copied case number and password.
TMOV
see this post also: http://www.computercops.net/postt38954.html
Thank You:
Thank you for taking the time to complete a complaint with the IFCC.
Your complaint has been successfully submitted.
Please retain the following information for future contacts with the IFCC
Complaint number:
I04050516054707
Password:
doqopo
If you have any additional information to provide to the IFCC please use the following link and log in with the above complaint number and password.
https://www.ifccfbi.gov/update
IFCC Home
Please help to put a stop to this man.
Attached is a search on his domain information:
Here: whois record for: ryan1918.com
Current Registrar: ENOM, INC.
registrar: ENOM, INC.
whois: whois.enom.com
referrer: http://www.enom.com
Nameservers:
NS0.XNAME.ORG
NS1.XNAME.ORG
status: REGISTRAR-LOCK
expires: 15-apr-2005
Registrar Data:
Registration Service Provided By: VH Technologies, LLC
Contact:
Visit: http://www.versehost.com/
Domain name: ryan1918.com
Registrant Contact:
ryan le ([email protected])
+1.2062022130
Fax: +1.
191 josh st
mt morris, MI 48609
US
Administrative Contact:
ryan le ([email protected])
+1.2062022130
Fax: +1.
191 josh st
mt morris, MI 48609
US
Technical Contact:
ryan le ([email protected])
+1.2062022130
Fax: +1.
191 josh st
mt morris, MI 48609
US
Billing Contact:
ryan le ([email protected])
+1.2062022130
Fax: +1.
191 josh st
mt morris, MI 48609
US
Status: Locked
Name Servers:
ns0.xname.org
ns1.xname.org
Creation date: 15 Apr 2002 13:43:02
Expiration date: 15 Apr 2005 13:43:02
Please let us at computer cops hear from you all in one way or another.
The contact at the site is paul laudansky,
Home page is computercops.net
Respectfully submitted,
H.E.CLARKE III
USER NAME AT CCSP IS:TMOV |
|
| Back to top |
|
|
TMOV
Colonel
Premium Member
Joined: Feb 05, 2004
Posts: 1573
|
| Posted: Tue May 11, 2004 7:07 pm Post subject: |
|
|
index this.
http://www.whois.sc/search/?remote=wssi...an1918.com
RYAN1918.COM
Image updated 2004-03-20
Website Title: Yahoo!
Meta Description: We are all going too die one day, and your day is coming!
Meta Keywords: News, news, New, new, Technology, technology, Headlines, headlines, Nuke, nuke, PHP-Nuke, phpnuke, php-nuke, Geek, geek, Geeks, geeks, Hacker, hacker, Hackers, hackers, Linux, linux, Windows, windows, Software, software, Download, download, Downloads
Website Status: Active
Reverse IP: Web server hosts 2 websites (reverse ip tool requires free login)
IP Address: 216.109.118.66 (ARIN & RIPE IP search)
IP Location: United States - New York - New York - Hotjobs.com Ltd
Whois History: 120 records stored
Record Type: Domain Name
Monitor: Monitor or Backorder
Wildcard search: 'ryan1918' or 'ryan 1918' in all domains.
Other TLDs: .com .net .org .info .biz .us
X X X [3 available domains]
Name Server: NS0.XNAME.ORG NS1.XNAME.ORG
ICANN Registrar: ENOM, INC.
Created: 15-apr-2002
Expires: 15-apr-2005
Status: REGISTRAR-LOCK
--------------------------------------------------------------------------------
Registration Service Provided By: VH Technologies, LLC
Contact:
Visit: http://www.versehost.com/
Domain name: ryan1918.com
Registrant Contact:
ryan le ()
+1.2062022130
Fax: +1.
191 josh st
mt morris, MI 48609
US
Administrative Contact:
ryan le ()
+1.2062022130
Fax: +1.
191 josh st
mt morris, MI 48609
US
Technical Contact:
ryan le ()
+1.2062022130
Fax: +1.
191 josh st
mt morris, MI 48609
US
Billing Contact:
ryan le ()
+1.2062022130
Fax: +1.
191 josh st
mt morris, MI 48609
US
Status: Locked
Name Servers:
ns0.xname.org
ns1.xname.org
Creation date: 15 Apr 2002 13:43:02
Expiration date: 15 Apr 2005 13:43:02 |
|
| Back to top |
|
|
TMOV
Colonel
Premium Member
Joined: Feb 05, 2004
Posts: 1573
|
| Posted: Mon May 17, 2004 3:19 pm Post subject: |
|
|
be encouraged,everyone.
i have received a call FROM the fbi and the michigan statepolice about the DDOS and i am encouraged that they will make an arrest.
i hope the perpetrator runs across a state line, then they can also be charged with "interstate flight to avoid prosecution."
that rolls off the tongue so sweetly, doesn't it?
tmov |
|
| Back to top |
|
|
phoenix22
General
Premium Member
Joined: Mar 08, 2002
Posts: 4521
Location: "DEROS"
|
| Posted: Mon May 17, 2004 4:02 pm Post subject: |
|
|
| hey, if he's that close to me.......i'll just go pick him/and his system up.....with b/up of course |
|
| Back to top |
|
|
TMOV
Colonel
Premium Member
Joined: Feb 05, 2004
Posts: 1573
|
| Posted: Mon May 17, 2004 4:23 pm Post subject: |
|
|
| phoenix22 wrote: |
| hey, if he's that close to me.......i'll just go pick him/and his system up.....with b/up of course |
Hi Phoenix,
if you have anything that the law enforcement people in michigan can use, i gave all the contact information to the rabbit.
ok?
or the FBI for that matter too.
tmov
|
|
| Back to top |
|
|
TMOV
Colonel
Premium Member
Joined: Feb 05, 2004
Posts: 1573
|
| Posted: Mon May 17, 2004 9:27 pm Post subject: |
|
|
http://news.netcraft.com/archives/2004/...sites.html
in the news about ddos attack on ccsp.
tmov |
|
| Back to top |
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
Powered by phpBB 2.0.8a © 2001 phpBB Group
Version 2.0.6 of PHP-Nuke Port by Tom Nitzschner © 2002 www.toms-home.com
Version 2.2 by Paul Laudanski © 2003-2004 Computer Cops
|
You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0.
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
