Nmap Author Receives FBI Subpoenas
spafbnerf writes "Fyodor, author of the open-source network scanning tool Nmap, posted a story to the nmap-hackers list about having received a number of subpoenas from the FBI this year, demanding webserver log data, none of which produced anything, either because they sought old information that had already been deleted from his logs, or because the subpoenas were improperly served. In every case the request was narrowly crafted, usually directed at finding out who visited the site in a very short window of time, such as a five minute period. Fyodor writes: "If they see that an attacker ran the command "wget http://download.insecure.org/nmap/dist/nmap-3.77.t gz" from a compromised host, they assume that she might have obtained that URL by visiting the Nmap download page from her home computer"."
Update: 11/25 20:21 GMT by T :
Reader kv9 adds a link to Kevin Poulson's story at SecurityFocus.
Up shit creek sans paddle.
first scan.
Are we talking about Trinity?
Let me first wish you Americans a happy Thanksgiving. Meanwhile, I'm hard at work on a holiday Nmap version which should be available by Christmas.
I suppose this new version will give a new meaning to the Xmas scan, no?
In soviet russia, You ask not what country do for you, but what you do for country!
Oh wait...
No wonder he's reticent about providing information.
Fyodors are supposed to remain closed at all times.
(Sorry)
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
The FBI has tracked down a perpetrated hacker after a slip-of-tongue by Fyodor in a recent nmap-hackers list posting, relating a female hacker using wget command to get nmap. After searching the homes of the 3 females known by Fyodor, they have identified and captured the assailant.
So, this girl that has been downloading... are there photos of her? Huh? Huh?
'Thats they exact same thing a banana wrench monkey.'
printf("Goodbye cruel world!\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b");
made for backhats
Are those over by the asshats?
I wonder. Why can't they automate the subpoenas?
That way they'd have one ready and well-written in case of a hacker emergency.
Oh well.
Perhaps neglecting the fact that if a word has multiple meanings the existence of one meaning does not negate the proper use of another meaning is an oversight on your part?
Your use of language might need some oversight.
KFG
... have feelings too, the proper way to refer to something unknown is he/she/it, to be abbrevaiated as s/h/it! ;-)
Paul B.
Shame, shame! Aside from the bad outfit, and the bad acting, in the movie you scan first localhost (usually behind the firewall, so not to useful) then localhost/24
That said, I do have a copy of that movie on the usb stick in my pocket.
Well, the suggestion is that they are trying to find out who downloaded the source onto a compromised machine. So - someone has cracked root on an unknown machine, visits insecure.org with the browser on their own machine, pastes the URL for the tarball into the shell on the compromised machine, and makes nmap. What it sounds like they are looking for is the IP address of the browser used to get the URL for the source.
Well, now they can visit slashdot instead...
...
Umm, sorry."
I think you misspelled "police"?
I like paying taxes. With them I buy civilization -- Oliver Wendell Holmes