home *** CD-ROM | disk | FTP | other *** search
Text File | 1991-01-03 | 18.6 KB | 319 lines | [TEXT/MCII] |
- > BBS TERRORIST CPU/STR Spotlight? The extremes a creep will go to....
- ===============================
-
-
-
- PROFILE OF A SICKIE
- ===================
-
- by Dana P. Jacobson
-
-
- For over a year, three of Greater Boston's Atari bulletin boards have
- been pestered by a 'known' user who has been flooding the message bases
- with obscenities, threats, and fake names. For most of us who call
- bulletin boards; and especially those of us who run one, this is not "too"
- unusual. This case is a little more unusual however, because the user is
- extremely persistent in his endeavors. Most remote users of these systems
- have learned to, at least, try and ignore this person. The SysOps of these
- boards (myself included) have worn out fingers hitting the delete key on
- his messages and fake accounts. This user has been deleted from just
- about every legitimate BBS in the area, and his hatred for this happening
- to him grows. Until recently, he has been resigned to the fact that he
- has to log on to boards under assumed names to keep active. Then, he
- decided to get revenge on those of us who originated his mass deletion
- from the area boards. As he put it, we were heading a conspiracy to ban
- him from all boards. Well, I have to admit, we were spreading the word
- about him wherever we saw his name. Conspiracy, no. There's an unwritten
- bond between SysOps to help each other protect the integrity of our
- boards, so this was a natural occurrence among us.
-
- This "pest" finally got fed up with what was happening to him (HE got
- fed up - what about us?) and decided to retaliate. One of the last
- bulletin boards to delete this guy's account was BCS/Atari, run by Harry
- Steele. It was Harry's contention that if you left the guy alone, he'd go
- away. Well, as per normal, this user didn't go away and continued to
- leave abusive messages on the BBS. Users were complaining more than
- usual, so Harry reluctantly deleted the account. I happened to be online
- (BCS/Atari has 2 lines) when the person logged on after being deleted. He
- re- registered and Harry engaged him in Chat. Having WizOp access (we run
- MichTron BBS), I was able to "spy" on the chat discussion and find out
- what this user was up to. Without going into detail, the essence of the
- "discussion" ended with this user threatening to do something to make
- Harry sorry for deleting him. A few hours later, the three major Atari
- boards in the area were crashed, and the majority of files were deleted!
-
- The next day, there was a message on another local BBS, from an
- individual calling himself the "Bbs Vigllante". In that message, he
- stated what he had done, and why. He then went on to state that until his
- "demands" were met (to be aired later), that this trashing would occur
- again. Needless to say, the three respective WizOps were speechless, and
- hurried to restore their boards. The phones were busy that day trying to
- reconstruct the events of the night before. Let me try and reconstruct
- the background leading up to this heinous destruction, starting back over
- a year ago.
-
- I belong to the South Shore Atari Group (SSAG), since its "revival"
- just over two years ago. Kevin Champagne, owner of the newly opened Atari
- store, Computer Cache, talked to former SSAG members and offered to host
- the meetings. The members took him up on it, and SSAG was reformed. The
- old group had its own BBS, and Kevin offered the new group a discounted
- copy of MichTron BBS. The group bought it, and were back online as well as
- meeting regularly again. Since the SysOp of the former SSAG board
- allegedly had a "tainted" past, some of the members of the Steering
- Committee wanted access to the new BBS to "keep tabs" on it. Well, after
- a few months of access, we lost it. The SysOp felt "restricted" in his
- running the BBS, and wanted to do it his way without any "watchdogs".
- Heated discussions went on for a couple of months, and the committee
- requested that the BBS software be returned. Meanwhile, on of the ST SIG
- SysOps was our "friend, the pest", who at that time, was a typical active
- and regularly-contributing user on the boards.
-
- To make the connections between this user and the "soon-to-
- be-defunct" SSAG board, we learned that this SysOp managed to make a copy
- of the board's userlog, containing among other info, the passwords of
- every user! I was given this info much later, by the person who ran the
- BBS, after the SSAG BBS was down, and tensions diminished among the
- parties involved. By the way, the BBS went down shortly after, and some of
- those who ran that board quit the group. Now that this SysOp didn't have
- a BBS to "hang-out", he began to frequent the other Atari boards more
- often. On occasion, he'd log on under aliases, starting message threads
- that were anti-SSAG because of our involvement in that board going
- offline. Also, this past summer, Computer Cache closed its doors, adding
- more fuel to this user's anger - he now had no access to a nearby computer
- store; and he also blamed SSAG for the store's demise.
-
- Now his activity on the local boards was increasing, and he had
- numerous phony accounts which we kept deleting. He also was using some of
- the former-SSAG board's accounts, to keep his anonymity. As we learned of
- these accounts, we deleted them. When he called under his real name, we
- cautioned him to act responsibly to retain his access. We warned him on
- numerous occasions, we restricted hIs time-limit, and finally deleted his
- "good" account. None of this kept him from calling and continuing his
- abuse of SSAG and the closing of the store. His tirades grew. When he
- lost one account, he'd create another. He called other boards and
- continued his tirade there. One by one, he lost most of his legitimate
- accounts, and many phony ones - still no end in sight, even now.
-
- The old SSAG board was back on-line, under a different name now; and
- had no connection to the usergroup. Our frustrated user became a user
- there again, but was not made a SysOp again. The board went down a few
- months ago for personal reasons, and our user was again blaming that on
- SSAG. Just a short while ago, that board was back again, supposedly
- running on a pirated version of FoRem BBS. I have no idea if there is any
- validity to this, and the "source" of this information was, you guessed
- it, our "pal". The reason he told us, supposedly, was that the BBS was now
- a pirate board. Now, since Computer Cache was closed, and there were "no
- good" stores nearby, he resorted to piracy to obtain new software. He
- "snitched" on his local source because he even got himself dumped from
- there! He even called the author of FoRem to turn the board in (I thought
- there was "honor among thieves!"). Now this guy is really furious. He now
- has to call long-distance pirate boards to obtain his software! Again, I
- only know what this user has left in messages about the alleged local
- pirate board. I have talked voice with the person allegedly running that
- board, and he says no, not that he'd admit to running one, but he added he
- wasn't even up. I can't verify that information.
-
- Now, our pest is running out of local sources for anything, public
- domain or pirated. He's left my bulletin board alone for awhile, and has
- resorted to calling the last three boards that he had legitimate access
- to. His comments, threats, etc. have not stopped however. He has
- continued to get even with those who have been conspiring against him, for
- giving him such a bad time (is this guy for real?).
-
- On the evening of December 30th, I happened to log on to the
- BCS/Atari BBS while our "friend" was online. Having the access to do so,
- and being the curious type, I went to check up on what he was doing.
- Thanks to Tim Purves, author of the MichTron BBS, I was able to use a
- "screen-display" command which enabled me to actually "see" what he was
- doing. He was engaged in Chat with the SysOp, and I watched the
- conversation progress. The SysOp (Harry Steele) was telling the user that
- users were finally fed up with this guy's antics on the board, and his
- access was about to be taken away, again, only for good. The user
- complained that he was being wrongly treated, and pressure by the other
- users should not be used against him. Well, since the board is backed by
- the BCS, Harry was obligated to listen to its members. Our user didn't
- want to listen to reason. Personally, I don't think he's capable of
- reason! The discussion went on for a bit more, and finally the user
- threatened to get even, to make "us" pay for how we were treating him.
-
- About 8:00 am the next morning (an ungodly hour for me on a Saturday
- morning!), I got a phone call from Harry. He told me to go check on my
- BBS (Toad Hall EBBS). I turned the monitor on, and was faced with the
- ST's desktop instead of the usual BBS's "call- waiting" screen. The first
- thing I thought to myself as I tried to wake up was that there was a power
- outage in the area that night, and Toad Hall got "hit". When I "clicked"
- on the BBS run program, I got that dreaded message to check the drive.
- Something was seriously wrong. I got back on the phone and discovered
- that not only was my BBS down, but so was BCS/Atari and Harbour Light BBS
- (the former in-house BBS of Computer Cache, now run elsewhere).
-
- I asked Harry what happened, and he informed me that around 3:00 that
- morning, his wife was awakened by the BBS's hard drive making an unusual
- amount of noise so she went to investigate. She turned on the monitor and
- saw "me" deleting files from the hard drive! She knew "something" was
- wrong, so she hit the reset button to the ST. Apparently, someone had
- systematically deleted files from all three boards in the "darkness of the
- night.
-
- The BCS/Atari board was fortunate that Mrs. Steele was awakened. The
- damage to that board was limited to one of two hard drives connected to
- the BBS. The culprit was "stopped" before he got to the second hard drive
- which wasn't backed-up at all. The affected drive was recently backed up
- a few days before the "attack". Harbour Light was also fortunate. That
- MichTron board is running on an IBM-clone, and the internal set-up was
- different from the Atari-run boards. The "terrorist" didn't know, or was
- unaware of how or where to look to find all the files. So, little damage
- was done, and back-ups of the system files and the affected downloads were
- relatively current as well. Toad Hall was hit the hardest. Just about
- every file on the 48-meg hard drive was deleted. All that remained were a
- few hard drive utility files, and a few other worthless ones. To make
- matters worse, the most current back-up of the system files and downloads
- were in an area of the hard drive which had a lot of available space, not
- on floppies. The most recent floppy back-up was from late-August, almost
- 4-month's old!
-
- Well, all three boards were restored and back on-line by the end of
- the day. Once things were as back to "normal" as possible, we tried to
- piece together how this was accomplished, and who did it. The "who" was
- fairly obvious from the start. After seeing the messages on various
- boards in the area from the "Bbs Vigllante" (his spelling, not mine!)
- stating what was done, why, and further threats, we knew there was only
- one suspect: our disgruntled user. But how?
-
- Well, we knew that he had the old SSAG userfile. Now all of the
- affected SysOps had been users on that board before the usergroup took
- back the software, almost a year ago. All of us had changed our passwords
- to be sure that the one we used on the SSAG board wasn't repeated
- elsewhere. Or did we? Apparently, one of the SysOps did not change his
- passwords (to keep from embarrassing that person, I won't reveal who, but
- it wasn't me!). Our Bbs Vigllante finally used his purloined userfile to
- call various boards, looking for one where that same user had high access.
- From there, he got WizOp access to all three boards, using one password to
- gain others. Once that access was his, the systematic deletion of the
- boards was simple. After seeing the additional threatening messages on
- other boards, two of us immediately downgraded all users with SysOp-access
- or higher, knowing that the Vigllante had copies of all three userlogs.
- One system didn't do so immediately, and subsequently was uploaded a
- pirate file which was downloaded twice before discovering it. We were
- more concerned with getting the boards back to normal than checking out
- uploads. The file was subsequently deleted, and users on all three boards
- were told to change their passwords or expect that the possibility of
- their accounts to be misused was inevitable.
-
- To this day, not all users have done so, so there is still a password
- abuse on all three boards. We're currently considering deleting the
- entire userlist and starting from scratch. This would be a drastic
- measure, and we're considering others. Our first concern was to protect
- our boards from similar "terrorism" and finding a way to bring the "Bbs
- Vigllante" to justice and end this abuse.
-
- We voice-validated all high-access password changes. Those we
- couldn't contact are still "demoted" until we do so. Some of us have
- taken further precautions and enhanced our password menus to include
- secondary (or more) passwords. We've also tried to point out to, not only
- our users, but on other boards as well, that passwords should be changed
- regularly on every board a user calls; and not to use the same password on
- other boards. We learned what could happen, the hard way.
-
- Meanwhile, the threats have continued. I've included a bunch of
- these messages captured in my term program's buffer for proof, should the
- opportunity be made available to use them against the vigllante. He's
- also resorted to "BBS extortion", making demands on the three trashed
- boards AND the SSAG. Briefly, these demands include: WizOp access on all
- three boards, a public apology for the way HE's been treated, and a
- monthly column in the SSAG Newsletter (non-edited)! If these demands
- aren't met, then we will be leaving ourselves open to similar, or worse,
- attacks.
-
-
-
- Dana P. Jacobson
- WizOp - Toad Hall EBBS
- Boston, MA
- 617-567-8642
-
-
-
-
-
- ______________________________________________________
-
-
-
-
-
-
- > BBS GRIEF CPU/STR Spotlight? Boston Computer Society gets involved...
- ============================
-
-
-
-
-
- FROM THE MIDDLESEX NEWS, FRAMINGHAM, 1/9/89
- ===========================================
-
-
- A hacker, apparently using a year-old list of passwords, has managed to
- crash three Atari-based computer bulletin-board systems in the Boston area
- and is now threatening to do the same to a fourth.
-
- Calling himself the ``BBS Vigilante,'' the hacker has, over the past two
- weeks, gained phone access to the internal operating systems of the three
- systems, one of them run by the Boston Computer Society. He has deleted
- hundreds of files, including scores of messages and programs left by users
- and even the software that runs the boards themselves.
-
- Harry Steele, who runs the Boston Computer Society Atari board from his
- Medford home, said the hacker, using the purloined password of another
- system operator, cracked into his system early on Dec. 30. But around 3:15
- a.m., he said, his wife was awakened because "she heard the hard drive
- going cuckoo." She turned on the monitor, saw what was happening and
- promptly shut the machine, he said, adding he was especially lucky because
- the hacker was deleting files on a disk drive he had backed up just a few
- days before - rather than a second drive that had about 400 programs he
- had never backed up. Still, Steele said it took him eight or nine hours
- to fully restore the roughly 20 megabytes of software the hacker did
- delete.
-
- Toad Hall, an East Boston system, was not so lucky. Although the system
- operator there had backed up his files, he had done it on a section of his
- disk drive that the "Vigilante" managed to delete. Steele said the
- sysops strongly suspect the culprit is a teen-ager once involved in a BBS
- and club run by a now-defunct software store. As an active member, he was
- able to gain access to that BBSs' password list, of which he apparently
- made a copy.
-
- When the store closed about a year ago, Steele said, he turned vicious,
- calling up Atari-based boards and leaving nasty messages for users. Faced
- with complaints from other users, the system operators kicked him off -
- something they had to do several times because he was using a number of
- assumed names.
-
- What the board operators did not realize, Steele said, was that the list
- the kid had included some names and passwords of either system operators
- or "co-sysops," people who maintain conferences on the systems and who
- generally can gain entry into the system's internal programs over the
- phone lines.
-
- In December, he threatened to take the systems down. Then, after he did,
- he left messages threatening to do it again. Steele said that if need be,
- he and the other operators can simply shut their systems down, delete
- their password files and then not give anyone access until they are
- contacted by telephone to ensure they are 'real.' One board, which the
- hacker has threatened to crash, now requires all users to send in a $1
- check with their name and telephone number on the back before they are
- given more than three minutes worth of access.
-
- Steel also said the problem, beyond dealing with this kid, is that many
- people use the same password on all the systems they log onto, even
- though most systems ask them not to. If the sysops or co-sysops on the
- list had used different passwords on each system, the hacker might never
- have been able to gain access, he said.
-
- Fred, the Middlesex News Computer, eagerly awaits your call. With
- a computer and modem, you can call him, any time, day or night,
- at; (508) 872-8461.
-