Megarom

home *** CD-ROM | disk | FTP | other *** search

/ Megarom / Megarom Macintosh CD Software (Quantum Leap)(1992).iso / TEXT / Sysop's Nightmare < prev next >

Wrap

Text File | 1991-01-03 | 19KB | 319 lines

> BBS TERRORIST CPU/STR Spotlight? The extremes a creep will go to.... =============================== PROFILE OF A SICKIE =================== by Dana P. Jacobson For over a year, three of Greater Boston's Atari bulletin boards have been pestered by a 'known' user who has been flooding the message bases with obscenities, threats, and fake names. For most of us who call bulletin boards; and especially those of us who run one, this is not "too" unusual. This case is a little more unusual however, because the user is extremely persistent in his endeavors. Most remote users of these systems have learned to, at least, try and ignore this person. The SysOps of these boards (myself included) have worn out fingers hitting the delete key on his messages and fake accounts. This user has been deleted from just about every legitimate BBS in the area, and his hatred for this happening to him grows. Until recently, he has been resigned to the fact that he has to log on to boards under assumed names to keep active. Then, he decided to get revenge on those of us who originated his mass deletion from the area boards. As he put it, we were heading a conspiracy to ban him from all boards. Well, I have to admit, we were spreading the word about him wherever we saw his name. Conspiracy, no. There's an unwritten bond between SysOps to help each other protect the integrity of our boards, so this was a natural occurrence among us. This "pest" finally got fed up with what was happening to him (HE got fed up - what about us?) and decided to retaliate. One of the last bulletin boards to delete this guy's account was BCS/Atari, run by Harry Steele. It was Harry's contention that if you left the guy alone, he'd go away. Well, as per normal, this user didn't go away and continued to leave abusive messages on the BBS. Users were complaining more than usual, so Harry reluctantly deleted the account. I happened to be online (BCS/Atari has 2 lines) when the person logged on after being deleted. He re- registered and Harry engaged him in Chat. Having WizOp access (we run MichTron BBS), I was able to "spy" on the chat discussion and find out what this user was up to. Without going into detail, the essence of the "discussion" ended with this user threatening to do something to make Harry sorry for deleting him. A few hours later, the three major Atari boards in the area were crashed, and the majority of files were deleted! The next day, there was a message on another local BBS, from an individual calling himself the "Bbs Vigllante". In that message, he stated what he had done, and why. He then went on to state that until his "demands" were met (to be aired later), that this trashing would occur again. Needless to say, the three respective WizOps were speechless, and hurried to restore their boards. The phones were busy that day trying to reconstruct the events of the night before. Let me try and reconstruct the background leading up to this heinous destruction, starting back over a year ago. I belong to the South Shore Atari Group (SSAG), since its "revival" just over two years ago. Kevin Champagne, owner of the newly opened Atari store, Computer Cache, talked to former SSAG members and offered to host the meetings. The members took him up on it, and SSAG was reformed. The old group had its own BBS, and Kevin offered the new group a discounted copy of MichTron BBS. The group bought it, and were back online as well as meeting regularly again. Since the SysOp of the former SSAG board allegedly had a "tainted" past, some of the members of the Steering Committee wanted access to the new BBS to "keep tabs" on it. Well, after a few months of access, we lost it. The SysOp felt "restricted" in his running the BBS, and wanted to do it his way without any "watchdogs". Heated discussions went on for a couple of months, and the committee requested that the BBS software be returned. Meanwhile, on of the ST SIG SysOps was our "friend, the pest", who at that time, was a typical active and regularly-contributing user on the boards. To make the connections between this user and the "soon-to- be-defunct" SSAG board, we learned that this SysOp managed to make a copy of the board's userlog, containing among other info, the passwords of every user! I was given this info much later, by the person who ran the BBS, after the SSAG BBS was down, and tensions diminished among the parties involved. By the way, the BBS went down shortly after, and some of those who ran that board quit the group. Now that this SysOp didn't have a BBS to "hang-out", he began to frequent the other Atari boards more often. On occasion, he'd log on under aliases, starting message threads that were anti-SSAG because of our involvement in that board going offline. Also, this past summer, Computer Cache closed its doors, adding more fuel to this user's anger - he now had no access to a nearby computer store; and he also blamed SSAG for the store's demise. Now his activity on the local boards was increasing, and he had numerous phony accounts which we kept deleting. He also was using some of the former-SSAG board's accounts, to keep his anonymity. As we learned of these accounts, we deleted them. When he called under his real name, we cautioned him to act responsibly to retain his access. We warned him on numerous occasions, we restricted hIs time-limit, and finally deleted his "good" account. None of this kept him from calling and continuing his abuse of SSAG and the closing of the store. His tirades grew. When he lost one account, he'd create another. He called other boards and continued his tirade there. One by one, he lost most of his legitimate accounts, and many phony ones - still no end in sight, even now. The old SSAG board was back on-line, under a different name now; and had no connection to the usergroup. Our frustrated user became a user there again, but was not made a SysOp again. The board went down a few months ago for personal reasons, and our user was again blaming that on SSAG. Just a short while ago, that board was back again, supposedly running on a pirated version of FoRem BBS. I have no idea if there is any validity to this, and the "source" of this information was, you guessed it, our "pal". The reason he told us, supposedly, was that the BBS was now a pirate board. Now, since Computer Cache was closed, and there were "no good" stores nearby, he resorted to piracy to obtain new software. He "snitched" on his local source because he even got himself dumped from there! He even called the author of FoRem to turn the board in (I thought there was "honor among thieves!"). Now this guy is really furious. He now has to call long-distance pirate boards to obtain his software! Again, I only know what this user has left in messages about the alleged local pirate board. I have talked voice with the person allegedly running that board, and he says no, not that he'd admit to running one, but he added he wasn't even up. I can't verify that information. Now, our pest is running out of local sources for anything, public domain or pirated. He's left my bulletin board alone for awhile, and has resorted to calling the last three boards that he had legitimate access to. His comments, threats, etc. have not stopped however. He has continued to get even with those who have been conspiring against him, for giving him such a bad time (is this guy for real?). On the evening of December 30th, I happened to log on to the BCS/Atari BBS while our "friend" was online. Having the access to do so, and being the curious type, I went to check up on what he was doing. Thanks to Tim Purves, author of the MichTron BBS, I was able to use a "screen-display" command which enabled me to actually "see" what he was doing. He was engaged in Chat with the SysOp, and I watched the conversation progress. The SysOp (Harry Steele) was telling the user that users were finally fed up with this guy's antics on the board, and his access was about to be taken away, again, only for good. The user complained that he was being wrongly treated, and pressure by the other users should not be used against him. Well, since the board is backed by the BCS, Harry was obligated to listen to its members. Our user didn't want to listen to reason. Personally, I don't think he's capable of reason! The discussion went on for a bit more, and finally the user threatened to get even, to make "us" pay for how we were treating him. About 8:00 am the next morning (an ungodly hour for me on a Saturday morning!), I got a phone call from Harry. He told me to go check on my BBS (Toad Hall EBBS). I turned the monitor on, and was faced with the ST's desktop instead of the usual BBS's "call- waiting" screen. The first thing I thought to myself as I tried to wake up was that there was a power outage in the area that night, and Toad Hall got "hit". When I "clicked" on the BBS run program, I got that dreaded message to check the drive. Something was seriously wrong. I got back on the phone and discovered that not only was my BBS down, but so was BCS/Atari and Harbour Light BBS (the former in-house BBS of Computer Cache, now run elsewhere). I asked Harry what happened, and he informed me that around 3:00 that morning, his wife was awakened by the BBS's hard drive making an unusual amount of noise so she went to investigate. She turned on the monitor and saw "me" deleting files from the hard drive! She knew "something" was wrong, so she hit the reset button to the ST. Apparently, someone had systematically deleted files from all three boards in the "darkness of the night. The BCS/Atari board was fortunate that Mrs. Steele was awakened. The damage to that board was limited to one of two hard drives connected to the BBS. The culprit was "stopped" before he got to the second hard drive which wasn't backed-up at all. The affected drive was recently backed up a few days before the "attack". Harbour Light was also fortunate. That MichTron board is running on an IBM-clone, and the internal set-up was different from the Atari-run boards. The "terrorist" didn't know, or was unaware of how or where to look to find all the files. So, little damage was done, and back-ups of the system files and the affected downloads were relatively current as well. Toad Hall was hit the hardest. Just about every file on the 48-meg hard drive was deleted. All that remained were a few hard drive utility files, and a few other worthless ones. To make matters worse, the most current back-up of the system files and downloads were in an area of the hard drive which had a lot of available space, not on floppies. The most recent floppy back-up was from late-August, almost 4-month's old! Well, all three boards were restored and back on-line by the end of the day. Once things were as back to "normal" as possible, we tried to piece together how this was accomplished, and who did it. The "who" was fairly obvious from the start. After seeing the messages on various boards in the area from the "Bbs Vigllante" (his spelling, not mine!) stating what was done, why, and further threats, we knew there was only one suspect: our disgruntled user. But how? Well, we knew that he had the old SSAG userfile. Now all of the affected SysOps had been users on that board before the usergroup took back the software, almost a year ago. All of us had changed our passwords to be sure that the one we used on the SSAG board wasn't repeated elsewhere. Or did we? Apparently, one of the SysOps did not change his passwords (to keep from embarrassing that person, I won't reveal who, but it wasn't me!). Our Bbs Vigllante finally used his purloined userfile to call various boards, looking for one where that same user had high access. From there, he got WizOp access to all three boards, using one password to gain others. Once that access was his, the systematic deletion of the boards was simple. After seeing the additional threatening messages on other boards, two of us immediately downgraded all users with SysOp-access or higher, knowing that the Vigllante had copies of all three userlogs. One system didn't do so immediately, and subsequently was uploaded a pirate file which was downloaded twice before discovering it. We were more concerned with getting the boards back to normal than checking out uploads. The file was subsequently deleted, and users on all three boards were told to change their passwords or expect that the possibility of their accounts to be misused was inevitable. To this day, not all users have done so, so there is still a password abuse on all three boards. We're currently considering deleting the entire userlist and starting from scratch. This would be a drastic measure, and we're considering others. Our first concern was to protect our boards from similar "terrorism" and finding a way to bring the "Bbs Vigllante" to justice and end this abuse. We voice-validated all high-access password changes. Those we couldn't contact are still "demoted" until we do so. Some of us have taken further precautions and enhanced our password menus to include secondary (or more) passwords. We've also tried to point out to, not only our users, but on other boards as well, that passwords should be changed regularly on every board a user calls; and not to use the same password on other boards. We learned what could happen, the hard way. Meanwhile, the threats have continued. I've included a bunch of these messages captured in my term program's buffer for proof, should the opportunity be made available to use them against the vigllante. He's also resorted to "BBS extortion", making demands on the three trashed boards AND the SSAG. Briefly, these demands include: WizOp access on all three boards, a public apology for the way HE's been treated, and a monthly column in the SSAG Newsletter (non-edited)! If these demands aren't met, then we will be leaving ourselves open to similar, or worse, attacks. Dana P. Jacobson WizOp - Toad Hall EBBS Boston, MA 617-567-8642 ______________________________________________________ > BBS GRIEF CPU/STR Spotlight? Boston Computer Society gets involved... ============================ FROM THE MIDDLESEX NEWS, FRAMINGHAM, 1/9/89 =========================================== A hacker, apparently using a year-old list of passwords, has managed to crash three Atari-based computer bulletin-board systems in the Boston area and is now threatening to do the same to a fourth. Calling himself the ``BBS Vigilante,'' the hacker has, over the past two weeks, gained phone access to the internal operating systems of the three systems, one of them run by the Boston Computer Society. He has deleted hundreds of files, including scores of messages and programs left by users and even the software that runs the boards themselves. Harry Steele, who runs the Boston Computer Society Atari board from his Medford home, said the hacker, using the purloined password of another system operator, cracked into his system early on Dec. 30. But around 3:15 a.m., he said, his wife was awakened because "she heard the hard drive going cuckoo." She turned on the monitor, saw what was happening and promptly shut the machine, he said, adding he was especially lucky because the hacker was deleting files on a disk drive he had backed up just a few days before - rather than a second drive that had about 400 programs he had never backed up. Still, Steele said it took him eight or nine hours to fully restore the roughly 20 megabytes of software the hacker did delete. Toad Hall, an East Boston system, was not so lucky. Although the system operator there had backed up his files, he had done it on a section of his disk drive that the "Vigilante" managed to delete. Steele said the sysops strongly suspect the culprit is a teen-ager once involved in a BBS and club run by a now-defunct software store. As an active member, he was able to gain access to that BBSs' password list, of which he apparently made a copy. When the store closed about a year ago, Steele said, he turned vicious, calling up Atari-based boards and leaving nasty messages for users. Faced with complaints from other users, the system operators kicked him off - something they had to do several times because he was using a number of assumed names. What the board operators did not realize, Steele said, was that the list the kid had included some names and passwords of either system operators or "co-sysops," people who maintain conferences on the systems and who generally can gain entry into the system's internal programs over the phone lines. In December, he threatened to take the systems down. Then, after he did, he left messages threatening to do it again. Steele said that if need be, he and the other operators can simply shut their systems down, delete their password files and then not give anyone access until they are contacted by telephone to ensure they are 'real.' One board, which the hacker has threatened to crash, now requires all users to send in a $1 check with their name and telephone number on the back before they are given more than three minutes worth of access. Steel also said the problem, beyond dealing with this kid, is that many people use the same password on all the systems they log onto, even though most systems ask them not to. If the sysops or co-sysops on the list had used different passwords on each system, the hacker might never have been able to gain access, he said. Fred, the Middlesex News Computer, eagerly awaits your call. With a computer and modem, you can call him, any time, day or night, at; (508) 872-8461.