|
|
| Author |
Message |
fattony
none
Joined: 13 May 2006
Posts: 12
|
 Posted: Jul 11, 2006 11:33am Post subject: How we dealt with a script kiddie |
 |
|
I've been a part of an IRC network for around 5 years and from time to time we get kids coming on and trying to prove something so they flood us with bots and such. One in particular was arrogant enough to brag about it before hand, not only that but was dumb enough to advertise the other IRC networks he used and his status on them.
He flooded several times, we attempted to just ban the bots but he kept coming with them over and over, they were clearly zombies on infected PCs. Finally we got fed up with it and we tried to contact his ISP (a major American one) but they basically told us they can't do anything at all, so then we decided to fix it on a more personal level.
I went on to one of these networks he had talked about and I had logged and I hung out for a while and figured out it was a network basically full of kiddies, in fact it was even announced on these forums, but will remain nameless. I spoke to one of the ircops there and he told me that they also hated this kid, who we will call kiddie101. He even had delinked kiddie101's server from the network. He also mentioned that out of anger towards this ircop that kiddie101 had registered several domains related to his IRC network, and he told me what they were.
I tried to check this whois information for the domains but it was all fake and the registrar refused to do anything about it.
Then convinced the ircop to give me a copy of the nickname database, which he never should have done and luckily (for me, but nobody else) he didn't use password encryption in the database (it was atheme services). So I did a little research and found that the password he used on this network also worked on all the other networks he used, then I passed all that information I gathered in that area to my girlfriend.
She in turn found that he was ircop (somehow) on an even larger network (unreal network, but not that large) and we made a massive list of all the things he had, such as email addresses, accounts at various blogging sites, etc. She found out the password got into his email, which he only used for registering things, no personal information. That was used to find out what his passwords to his domains were. She logged in and found out his real phone number, address, father's name, etc.
So, we called up his parents and told them what he had done and what all we had gone through to find out who he really was so we could put a stop to it. Nobody has seen him on IRC since, and I heard from a few of his IRC buddies that I had met that he is banned from the computer for at least until his 17th birthday, he was 16 at the time.
Of course, all this pushes the moral and legal boundaries, but it became such a problem and the people who should have done something refused to do anything, so we had to resort to vigilantism.
So, I'm curious if anyone else has done something similar or even beyond that such as going to the guys house (somebody suggest we do that). Or if you refuse to go that far, and if you refuse to go that far what would you have done instead?
Please no flaims or anything like that, the purpose of this is to get people thinking about how far they'd go to keep someone from flooding their network and harassing users. |
|
| Back to top |
|
 |
flux
Newbie
Joined: 26 Apr 2006
Posts: 93
Location: Stockton-On-Tees, England
|
| Posted: Jul 11, 2006 11:46am Post subject: |
|
|
| nice way to go about things, lol, good one. |
|
| Back to top |
|
|
Ty
none
Joined: 15 Nov 2005
Posts: 47
|
| Posted: Jul 11, 2006 1:15pm Post subject: |
|
|
| You need a hobby. |
|
| Back to top |
|
|
fattony
none
Joined: 13 May 2006
Posts: 12
|
| Posted: Jul 11, 2006 3:13pm Post subject: |
|
|
| Ty wrote: | | You need a hobby. |
This coming from a guy with 42 posts to an IRC Forum. Or better yet, coming from a guy on an IRC forum period. You know Ty, I bet you are just over occupied with ladies, you must get so much pussy and go to so many parties, man you must be big man on campus, right? Or are you just a douchebag on an IRC forum trying to show how he's less nerdy than the rest of us other losers lame enough to sign up in the first place? If you want to be cool, cancel your account then we'll talk about who needs a "hobby", because IRC can't be a hobby for some reason. |
|
| Back to top |
|
|
chaz
Idler
Joined: 15 Jun 2005
Posts: 282
Location: IRC
|
| Posted: Jul 11, 2006 3:39pm Post subject: |
|
|
| tony, I was fairly intrigued by your approach to your script kiddie, I disagreed with ty, but to be honest, your reply was just as bad. I have far more posts than him, but I feel my contribution (if you read my posts) warrants something that others enjoy as a hobby. |
|
| Back to top |
|
|
fattony
none
Joined: 13 May 2006
Posts: 12
|
| Posted: Jul 11, 2006 3:45pm Post subject: |
|
|
| chaz wrote: | | tony, I was fairly intrigued by your approach to your script kiddie, I disagreed with ty, but to be honest, your reply was just as bad. I have far more posts than him, but I feel my contribution (if you read my posts) warrants something that others enjoy as a hobby. |
Yes, i agree, my post wasn't that great but it's something that, at the time, i felt needed to be done. Done for all those nerds out there that really do nothing at all and the internet is our hobby.
Totally arrogant post, like I'm the super hero of nerds or something. But if I were going to nominate such a person, I'd say Steve Wozniak. |
|
| Back to top |
|
|
PingBad
Guru
Joined: 05 Feb 2005
Posts: 2064
Location: New Zealand
|
| Posted: Jul 11, 2006 7:03pm Post subject: |
|
|
*scribbles this down*
Very nice way of purging the Internet of immature kiddies -- one kid @ a time.  |
|
| Back to top |
|
|
ORenyRen
none
Joined: 28 Jun 2004
Posts: 38
|
| Posted: Jul 11, 2006 7:48pm Post subject: |
|
|
| What you did was underhanded and sneaky, but I definatly think that you taught the kid a lesson, so it's ok. |
|
| Back to top |
|
|
Mary
SearchIRC Admin
Joined: 03 May 2003
Posts: 692
|
| Posted: Jul 11, 2006 8:16pm Post subject: |
|
|
fattony, since you are new, I'm going to GENTLY turn your head to the left so you can see "Forum Rules". Click on that link and read it all, but especially this part:
Attack ideas, not people:
This is okay: "Your idea won't work."
This is not okay: "You are an idiot."
A word to the wise is sufficient. :) |
|
| Back to top |
|
|
ARcanUSNUMquam
none
Joined: 25 Mar 2006
Posts: 42
|
| Posted: Jul 11, 2006 8:30pm Post subject: |
|
|
| Too bad what you did is probably illegal in the US. |
|
| Back to top |
|
|
FBI
Guru
Joined: 19 Aug 2005
Posts: 1494
Location: Federation Of Bored IRC'ers
|
| Posted: Jul 11, 2006 8:36pm Post subject: |
|
|
Who cares its not like he caused billions of dollars in damage all he did was scared the living hell out of a wanna be bad script kiddie....
Is that illegal?
Its kinda a shame that he didn't encrypt his passwords in the first place  |
|
| Back to top |
|
|
katsklaw
Guru
Joined: 28 Jun 2004
Posts: 1114
|
| Posted: Jul 11, 2006 8:40pm Post subject: |
|
|
| FBI wrote: | | Its kinda a shame that he didn't encrypt his passwords in the first place |
Every IRC network that has GETPASS or SENDPASS is using unencrypted passwords. |
|
| Back to top |
|
|
Ty
none
Joined: 15 Nov 2005
Posts: 47
|
| Posted: Jul 11, 2006 9:25pm Post subject: |
|
|
| fattony wrote: | | Ty wrote: | | You need a hobby. |
This coming from a guy with 42 posts to an IRC Forum. Or better yet, coming from a guy on an IRC forum period. You know Ty, I bet you are just over occupied with ladies, you must get so much pussy and go to so many parties, man you must be big man on campus, right? Or are you just a douchebag on an IRC forum trying to show how he's less nerdy than the rest of us other losers lame enough to sign up in the first place? If you want to be cool, cancel your account then we'll talk about who needs a "hobby", because IRC can't be a hobby for some reason. |
Quite happy with my girlfriend/future fiance, thank you. The reason for my comment is because you spent way too much time with your illegal actions that basically ended in you harassing the kid. Your actions were just as bad, if not worse, than the kiddie's. In the future, I'd suggest dealing with attackers in a legal manner and not breaking so many laws. It's just IRC.
| FBI wrote: | Who cares its not like he caused billions of dollars in damage all he did was scared the living hell out of a wanna be bad script kiddie....
Is that illegal? |
Yes, it is. |
|
| Back to top |
|
|
fattony
none
Joined: 13 May 2006
Posts: 12
|
| Posted: Jul 11, 2006 10:28pm Post subject: |
|
|
| Ty wrote: | | Some stupid bullshit |
Well, in that case, I guess none of us should ever do anything when the people who are supposed to do their jobs do nothing. The man who defends himself from getting mugged is just as bad as the mugger then.
And did I harass the kid? No, I called his parents and told them what he was doing. I did not hide who i was, I did not hide how I received his real information, I told his parents upfront that we had to get into his registrar account to get his real phone number to put a stop to it. I did not repeatedly call them, I did not even speak to him on the phone, his father answered.
Following your logic I guess when a kid harasses all the students at school and the principal calls his parents, the principal is automatically harassing the student. |
|
| Back to top |
|
|
Ty
none
Joined: 15 Nov 2005
Posts: 47
|
| Posted: Jul 11, 2006 10:37pm Post subject: |
|
|
| fattony wrote: | | Ty wrote: | | Some stupid bullshit |
Well, in that case, I guess none of us should ever do anything when the people who are supposed to do their jobs do nothing. The man who defends himself from getting mugged is just as bad as the mugger then.
And did I harass the kid? No, I called his parents and told them what he was doing. I did not hide who i was, I did not hide how I received his real information, I told his parents upfront that we had to get into his registrar account to get his real phone number to put a stop to it. I did not repeatedly call them, I did not even speak to him on the phone, his father answered.
Following your logic I guess when a kid harasses all the students at school and the principal calls his parents, the principal is automatically harassing the student. |
The principal obtains the students' information legally and doesn't violate laws to discipline the pupil.
| fattony wrote: | | The man who defends himself from getting mugged is just as bad as the mugger then. |
Please educate yourself on self defense laws in the United States before making such flawed arguments. 
Last edited by Ty on Jul 11, 2006 10:44pm; edited 1 time in total |
|
| Back to top |
|
|
|
|
| |
Register
Log in
