Slashdot Mirror


Nmap Author Receives FBI Subpoenas

spafbnerf writes "Fyodor, author of the open-source network scanning tool Nmap, posted a story to the nmap-hackers list about having received a number of subpoenas from the FBI this year, demanding webserver log data, none of which produced anything, either because they sought old information that had already been deleted from his logs, or because the subpoenas were improperly served. In every case the request was narrowly crafted, usually directed at finding out who visited the site in a very short window of time, such as a five minute period. Fyodor writes: "If they see that an attacker ran the command "wget http://download.insecure.org/nmap/dist/nmap-3.77.t gz" from a compromised host, they assume that she might have obtained that URL by visiting the Nmap download page from her home computer"." Update: 11/25 20:21 GMT by T : Reader kv9 adds a link to Kevin Poulson's story at SecurityFocus.

2 of 390 comments (clear)

  1. waste of money. by Folmer · · Score: 0, Flamebait

    I'm grateful that im not from the USA, so im not paying for this useless waste of money..
    They might have a chance for capturing them if they figure out who executed the command.. if youre experienced i this hacking buisness should have the address in their head anyway :)

  2. Re:FBI spies by MikeFM · · Score: 0, Flamebait

    Only an idiot wouldn't change their MAC address to something random for each attack. Or for that matter just steal somebody elses laptop for the duration of the attack. It's not like it's hard to lay hands on a computer without having any record of having done so. Just changing your MAC address is probably enough though.

    --
    At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.