Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Peek At Script Kiddie Culture

Posted by timothy on from the culture-is-a-strong-word dept.

Brian Bruns writes "NewsForge is covering an article on the Script Kiddie Culture, in an interview with my co-admin Andrew Kirch. It provides insight into a culture that not many people fully understand, or get to see."

5 of 470 comments (clear)

  1. WTFOMGROFLMAO!!!11!1! by dupper · · Score: 0, Troll
    TEH 4R7ICL3 SI TEH INFORMATIVE!!!

    anti-lameness anti-lameness anti-lameness

  2. Re:Baseball BATS ! by Anonymous Coward · · Score: 0, Troll

    You're lying. Shut the fuck up.

  3. AOL H@x0rZ! by cybermint · · Score: 0, Troll

    I used to use AOHell back in the day. Does this qualify me as a script kiddie?

  4. Since it ti almost slashdotted - The Article - by Unleashd · · Score: 1, Troll

    A peek at script kiddie culture
    Friday March 05, 2004 - [ 08:00 AM GMT ]
    By: Robin 'Roblimo' Miller

    The more things change, the more they stay the same. Andrew D. Kirch, security administrator for AHBL, infiltrated several script kiddie groups and shared some of his findings with us via IRC. From the (edited) interview transcript, you'll learn that one of the "new waves" in DDoS coordination is hijacking corporate conference call facilities, which is really an update of good old '60s-style phone phreaking, plus some insight into why some DDoSers do what they do -- and some tips on how they might be stopped.

    Roblimo:

    How and why did you get started tracing DDoS perpetrators?

    Andy: Part of it landed in my lap, and part of it was the attacks on the blacklists last summer. I met a [foreign] hacker a few years back on [major IRC network], and we founded an IRC network. Last March he contacted me, as I have some influence on [major IRC network]. An administrator was running illegal (against network policy) code, and they wanted someone from the outside that could independently log and prove it.

    Roblimo: So this started on IRC?

    Andy: Correct. Most things that these kiddies are doing are coordinated on IRC, or hijacked conference lines through carriers like AT&T or XO.

    Roblimo: When you say "hijacked conference lines" do you mean phone conference lines?

    Andy: Correct, business conference lines.

    Roblimo: I've seen nothing in the press about this problem.

    Andy: There is still an element of phone phreaking, it's simply upscaled in technology. Want to talk on one right now? :)

    Roblimo: How does one go about hijacking a phone conference line?

    Andy: That's one I haven't figured out yet. I'd have to assume it'd involve wardialing extensions into the system. Occasionally they're also liberated from work.

    The policies on [major IRC network] allow quite a bit of freedom and privacy and make an excellent place to coordinate actions if they're to be taken off the network, or start "wars" with each other. Largely these actions have been ignored up to now. These kiddies band together into groups that have something between a street gang and Mafia personality. Friends of friends type stuff. When there's a major war, as there was a month or so ago, alliances get changed. The same occurred when the RPC.DCOM exploit came out last May. (And no, May isn't a typo.)

    Editor's note: per the link above, the RPC.DOM exploit wasn't known to most of the world until September 2003.

    The [hacker] group I've been monitoring just picked up a few people who are into that sort of thing, but I haven't seen them work much yet. A common theme is everyone switches sides about once every 6-7 months.

    Roblimo: Switches sides?

    Andy: Consider the people and the medium. You've got a lot of adolescents, and young adults with minimal if any social life. The interaction is not going to be on the same level as people with broader social experience. Considering that, and the ability to cripple a medium-sized ISP, there's going to be relationship issues, especially when you throw the sparse quantity of girls into the mix.

    There was a girl in the channel, went by the nick ricki [name changed to maintain confidentiality]. Along with the phone conference aspect, there's also the prank calls. Friends even prank each other. Well, one of the guys pranked ricki. She took offense, and convinced two members of the channel to take it over. Both sides started firing packets, and my line was down for about 2 hours until the channel was sorted.

    The war isn't really won on IRC. A win looks something like this: (if it's still up) http://www.geocities.com/kylegotpwnt/. This guy hung up on a conf when it was decided to prank him. So the general course of a war is that words get exchanged over whatever the current "drama" is. Packets are fired, and shellhosts or IPv6 tunnels go down. Then there's a mad rush to "pull dox

    --
    We don't need no stinking sig!
  5. To sum up script kiddies ... by madpierre · · Score: 0, Troll

    wankers.

    Why do you need an *entire* article to communicate this?

    --
    siggy played guitar