So, please, allow me now - before this thread gets locked too.
legacycontinues wrote:Do you know a Travis Ogden?
Does he have a brother named Tim?
I do! I do! In fact, I AM Travis Ogden! Yay you found me! So, since you were asking this question of "rallitektech" I assume that YOU must first know who I am. Right? I would not imagine you'd ask such a thing without yourself knowing in fact who you were talking about - that'd be idiotic! Of course HE knows me, we're good friends!Yes, I am a reformed hacker myself appearing in three books (genocide@Genocide2600.com), wired, laptop magazine, a slew of other texts/magazines etc and writing for the 2600 magazine (some years back). Yes I used to work for the Department of Defense for four years firewalling and doing intrustion detection and yes I worked with the FBI on tracking down child pornographers. Finally, yes I work at a major unix shop doing computer security... But you already knew all that!
Oh, uh, who the hell is Tim? My brothers name is pretty easy to figure out, if you actually read the website and it's no where close to Tim. That one is just odd - I'll need you to explain that to me.
In case you are wondering, I am the guy who runs the website rallyrabbit.com which you apparently found in his signature file. Before you said:
You can do what all day, make a fool of yourself and make idle threats? I'm confuzed.legacycontinues wrote:I'm your worst nightmare you piece of shit. Try me and see!! I'll wipe that sorry excuse for a website clean and then sell the domian out from under you guys.
I can do this all fucking day! You want to talk shit and open your big mouth thats fine...
I must admit I did find that to be rather amuzing and I did utilize that statement to break the dull repetitious monotony of what I refer to as "a real job" - it made me laugh and I brought some friends over so they too could be amuzed as well. Thanks! You've brightened mine and others days!
So tell me! PM if you must, where might you start on your elite haxoring of my server? I admit, this could be great fun for everyone involved! Please allow me to be the first to say, let me "try and see"!
I am a little disheartened that you'd call it a sorry excuse, I did spend a whole 20 minutes with a simple text editor on it.
...oh well.Before you launch into your elite haxoring of my server and apparently "wipe that sorry excuse for a website clean and then sell the domian out from under you guys" I was wondering if you'd allow me to give you some pointers to assist you in your quest and furtherment of your goals. Oh, once on the server you'll need to know where the site resides, here ya go: /usr/home/traviso/public_html/rally/rabbit/ - hope that helps!
First off, if I were you, I'd want to perform some "recon" of the target! In this case, my domain. Hmm, this might be a tough one if you aren't used to it. I'll save you a little time and point you to the primary host of the domain: infohammer.net.
Ok, lets go! A port scan won't show you much other then the very few open ports I have open through my firewall (I run ipfilter if you are curious) like ssh2 and apache on port 80. But wait! There is a snag! Dang! While you'd be portscanning me (and I can suggest some great portscanners if you are interested, personally, I use NMap which even has a stealth scan - which I detect) you've just been finger printed by my IDS (intrusion detection software) that was running transparent to you or your connection (meaning you wouldn't notice it during your attack). Woops, now I have your mac address and IP
. Uh oh, I know where you live and who your ISP is. Which is bad, because the people I get my service from in my colocation are going to be angry, I will be bemused and the people you subscribe to will drop you like a hot potatoe! Uh oh! no more midget fisting porn! Personally, I think midgets in porn are just creepy.So, actually I might suggest trying to spoof your mac address first and or possibly try your recon from a different node other then your pc where you apparently make all of your brilliant and enlightening posts from.
Probably during this first stage of your "attack" you'd like to do an OS finger print so you can find out what type of system I run before you wipe it off the planet so you can find 0-day exploits for that OS! Woops, another gotcha. Nevermind, I wouldn't try that, it's going to misrepresent my OS (display something not real)! Doh, you'll spend hours trying to figure out why your elite 0-day exploits just don't work! Man, that sucks! Oh well.
Second, you'd probably want to take the 0-day exploits (actually, if you can't find any, pm me - I'll send you to some websites) you've found and engage in the attack! Awman! So cool! Oh wait, crap, Travis Ogden has patched ssh2 and apache as well as bind on port 53. Awnuts. Another gotcha, crap - remember, don't get caught by my IDS (by the way, I run Snort which you can get or read about at http://www.snort.org. It's pretty sweet, I wrote about 600 of the rules it uses to profile attacks!). ...AND you got logged by the firewall, doh.
That sucks, oh well, at least you can probably (I should hope so anyway) launch a DoS (Denial of Service) attack! Whoa! That's elite! Wait, crap, if you are just going to do a DoS - you can't wipe my server out. Crap. You can at least point the software at your desired host "infohammer.net", hit go and just watch as the website is brought to it's knees because you are blasting so many packets to that host so fast that the computer just can't keep up! WHOA! SWEET! Now those 3, maybe 4 people who might have visited my website today MIGHT NOT GET THERE. AWYEA! You are rollin' now! Lol
...oh wait. Damn, you got logged by my firewall AND fingerprinted by my IDS and probably black holed (i run portsentry - by psionic software - which writes a null route for portscanners and with some modification - DoS'ers, like mine!). Damn, so - actually probably none of your packets even made it to my site to bring it to it's knees after the first couple, and - CRAP - you can't even talk to my server anymore. Whoa, that's a buzzkill. See why you should do this from another machine?
Lastly, you'll probably realize there isn't much you can do without physical access, if you would like to fly cross country - I'll give you the physical address of where the server is, including which floor and suite the colocation is located at. Hell, just for fun and something to laugh about, I'll give you a place to stay while you try (I have a spare bedroom and a big BBQ!).
In the end you'd probably have given up your physical location by being finger printed by snort and being logged by ipfilter. Your mac address is specific to your network device (modem, ethernet card, wireless card etc). Since your silly tries have been cross state lines you're probably in trouble with the feds. Since you've wasted bandwidth that I pay for, you'll probably end up paying restitution, my internet provider will probably have you removed and black balled (yea, you are used to that!) from ISPs in your area, hair will grow on your palms and your pets will be ugly, if you do end up in prison it'll most likely be a federal pound me in the ass prison. Let me know how the tits tatt'd on your back work out!
So, in finality, I guess, if you think you have the shoes princess, please, lets dance
Travis Ogden
traviso@Infohammer.net
Genocide@Genocide2600.com
