Slashdot Mirror


Nmap Author Receives FBI Subpoenas

spafbnerf writes "Fyodor, author of the open-source network scanning tool Nmap, posted a story to the nmap-hackers list about having received a number of subpoenas from the FBI this year, demanding webserver log data, none of which produced anything, either because they sought old information that had already been deleted from his logs, or because the subpoenas were improperly served. In every case the request was narrowly crafted, usually directed at finding out who visited the site in a very short window of time, such as a five minute period. Fyodor writes: "If they see that an attacker ran the command "wget http://download.insecure.org/nmap/dist/nmap-3.77.t gz" from a compromised host, they assume that she might have obtained that URL by visiting the Nmap download page from her home computer"." Update: 11/25 20:21 GMT by T : Reader kv9 adds a link to Kevin Poulson's story at SecurityFocus.

9 of 390 comments (clear)

  1. Trinity used Nmap....look where it got her. by Anonymous Coward · · Score: 4, Funny

    Up shit creek sans paddle.

    1. Re:Trinity used Nmap....look where it got her. by JamieF · · Score: 5, Funny

      Yeah but for a while she had a boyfriend who could morph himself, move super fast... putting any sex toy or porn star to shame. Not a bad deal.

  2. Bad joke... by gowen · · Score: 5, Funny

    No wonder he's reticent about providing information.
    Fyodors are supposed to remain closed at all times.

    (Sorry)

    --
    Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
  3. Re:New Christmas Version ... ? by Anonymous Coward · · Score: 5, Funny

    Making a list,
    Scanning it twice.
    The FBI knows,
    Who's naughty or nice...

  4. 'She'... in related news.. by pented_rage · · Score: 5, Funny

    The FBI has tracked down a perpetrated hacker after a slip-of-tongue by Fyodor in a recent nmap-hackers list posting, relating a female hacker using wget command to get nmap. After searching the homes of the 3 females known by Fyodor, they have identified and captured the assailant.

  5. A *real* webmaster by mobiGeek · · Score: 4, Funny
    Only real webmasters get subpoenaed by the FBI. If you haven't been subpoenaed lately, take a good hard look at your website...it has become meanlingless.

    :-)

    --

    ...Beware the IDEs of Microsoft...

  6. Re:Seems valid by kfg · · Score: 4, Funny

    Perhaps neglecting the fact that if a word has multiple meanings the existence of one meaning does not negate the proper use of another meaning is an oversight on your part?

    Your use of language might need some oversight.

    KFG

  7. Re:Seems reasonable by KarmaPolice · · Score: 4, Funny

    Well, the suggestion is that they are trying to find out who downloaded the source onto a compromised machine. So - someone has cracked root on an unknown machine, visits insecure.org with the browser on their own machine, pastes the URL for the tarball into the shell on the compromised machine, and makes nmap. What it sounds like they are looking for is the IP address of the browser used to get the URL for the source.

    Well, now they can visit slashdot instead...

  8. Re:Seems valid by Doomdark · · Score: 4, Funny
    In polite society you censor the bad,

    I think you misspelled "police"?

    --
    I like paying taxes. With them I buy civilization -- Oliver Wendell Holmes