Slashdot Mirror
Inside NSA's Efforts To Hunt Sysadmins
An anonymous reader writes "The Snowden revelations continue, with The Intercept releasing an NSA document titled 'I hunt sys admins' (PDF on Cryptome). The document details NSA plans to break into systems administrators' computers in order to gain access to the networks they control. The Intercept has a detailed analysis of the leaked document. Quoting: 'The classified posts reveal how the NSA official aspired to create a database that would function as an international hit list of sys admins to potentially target. Yet the document makes clear that the admins are not suspected of any criminal activity – they are targeted only because they control access to networks the agency wants to infiltrate. "Who better to target than the person that already has the ‘keys to the kingdom’?" one of the posts says.'"
This is why I insist that my official job title is "Soup Dispenser Technician, Second Class" on all official documents.
Finally had enough. Come see us over at https://soylentnews.org/
Do not as I do, do as I say: I am the NSA!
It's alright for me to bust into others' systems all day.
What's that you say? I can do that too then, it's ok?
The NSA says nay!
Do not as I do, but as I say!
People need to be arrested for this. The people who ordered it done, wrote the reports, signed off on it, and anyone who did it. Ship some of them to various other countries for trials too, let everyone get into the action and let it be known to governments that this is not to be accepted.
Waiting for an amusing sig.
There once was an NSA operative from Nantuckett
Whose ________ was so _______ he could ________.
He said with a _________ as he wiped off his __________,
"If my __________ was a _________ I would __________ it."
for some freelancers to fill some bodybags.
It is the only way to send them a timely message.
Directors, Chiefs and Managers. That's who. Most CEOs I've met are quite arrogant and controlling. That and the underlings don't want to cross them. The result is that they have complete access to everything.
Who knows what evil lurks in the hearts of men? The Shadow knows!
Will they let us know when they're breaking in? I've got a list of stuff I'm too lazy to fix. Maybe they can pitch in.
(police show up at house)
"Wait...what are you doing! I was just making a joke online...I didn't mean it...please!"
(shot in face, staged as suicide)
We Europeans are very angry regarding the actions that NSA is performing. We do not want dickheads like these messing with the Internet, to which we are connected too.
Once you break into a admin's computer, with his credentials, it's a two way street.. One can plant evidence just as well as detect it..
Now that this info is public knowledge, any accused should levy a defense that the NSA planted the evidence, since they have the ability and the court has no way of identifying planted information verses unapproved activity.
Advice to NSA admins, I know it is a cushy job, but find another job NOT in the government, the NSA is on a witch-hunt it's only a matter of time before they turn innocent bystanders into criminals.
I read through it. What I got was some full of himself mid-level network aware weenie who managed to get a job at NSA and get access to a vast trove of captured packet data trying to impress people with his vast knowledge of intarwebs protocols... I bet the smart people at NSA who are reading his lunatic ravings are wondering "who hired this asshole?"
When a spy agency have to spy its own spy, it's not a spy agency anymore but a paranoiac employer.
And it's also the end of any mccarthyism in the USA
Ceci n'est pas une Signature !
Let me (us) ______________________ and I (we) care not who writes the laws.
Let a well-informed imagination fill in the blank. In this case, "run the intelligence agencies" would be an appropriate choice.
i just log on & there we are; me:>/// & me (nsa):>/// advanced to a fault
The traditional fate of spies is death, so arrange to catch one and rendition him to Russia.
davecb@spamcop.net
Best. Idea. Ever.
If they are compromising sysadmins without due process, then a sysadmin like Snowden compromising them is just desserts.
This is my signature. There are many like it, but this one is mine.
Sadly the NSA isn't, and creating these back doors is just creating a honey pot for those who are. Stop compromising our networks in the name of "national security".
As bad as such revelations are, what drives me nuts is all the apologists who crawl out of the woodwork every time one of these stories breaks. They have no end of justification for whatever the NSA or CIA does, anything from "I have nothing to hide" to "privacy is dead, stop bitching because the Good Guys are working t protect you".
I predict the kind of practice in TFA is going to keep mushrooming until someone uses it as a political weapon and then gets caught. Only then will the jock-sniffing Congress do something substantive about this mess.
If I were advising Hillary Clinton, I'd tell her to never touch another computer until her political career is over.
It would be nice if we could sick the CFAA on the NSA. Unofrtunately, they are immune from that law.
But you merely adopted the shell. I was born in it, molded by it. I didn't see the GUI until I was already a man, by then it was nothing to me but BLINDING!
The login prompts betray you, because they belong to me.
so give it your best, young man. I and my greybeards are forged in this art. We know that behind your presentation, your boldface scrawlings and your bemused predatory preamble that we have coffee ringed RFC's that have seen more fervent attempts than yours. Save yourself some grief and maybe curry our favour. target our PHB instead.
Good people go to bed earlier.
Isn't this just about how every future based movies starts out where government gets too big and powerful while infringing on the people's basic rights until finally a band of rebels decided enough is enough and had the guts to stand up and say we are going to take this BS anymore.
If you are a sysadmin, and you have a Facebook page, LinkedIn account, social-media-whatever thingmagajig or Slashdot account, the NSA may well come after you.
Remember: this is written in plain sight and the NSA created fake Slashdot account to get into Belgacom.
I am a sysadmin. I have a Slashdot account. Maybe it is time for me to say so long, and thanks for all the fish. What Beta was not able to do, the NSA did.
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
It's like they're saying "we can cure cancer but give you AIDS instead".. wtf?
It's obvious that the NSA is using well people just like us that have a belief that the rules do not apply to them and are getting feedback from the people they work for at the NSA, that they are in fact right and the rules do not apply to them. this should cause you to bristle, cause while it is very sad that 9/11 occurred but I personally dont put my personal safety above my liberty. I value it more and it was a tenant of the founding of country. the ends do not justify the means. Perhaps the question we should ask those in charge is, where is the line that you wont cross? rather than why do you keep stepping over the lines in the sand we the people draw?
It has already happened.
A good systems engineer will be aware.
It's always good to have a Honeypot configured.
I monitor all attempted connections. You should make use of /etc/hosts.allow and /etc/hosts.deny
Monitor all activity.
My personal home network I launch attacks against ip addresses that attempt to log into my services running on my system.
While NSA was hunting sysadmins, they were being pwned by...a sysadmin!
Yet another example of how NSA is too focused on offensive network capabilities (breaking into target systems) and doesn't pay enough attention to defense (strong crypto, open security models, etc.)
We are the 198 proof..
So they're basically running through LinkedIn and targeting anyone who says they're a SysAdmin, a VP, or anyone else who looks like they might have elevated privileges?
Competition Good, Monopoly Bad.
Do our bidding or we'll out your posts on /mlp/.
Have gnu, will travel.
So some guy figured knocking up a document in "NSA style" makes it look authentic ?
Yeah, REL/FVEY/USEY/TS
I do think NSA and GCHQ perform massive hacks, but this particular document most probably is a fake.
Schönes Wochenende noch. Auch den Spannern von der NSA. Streichelt Eure Gänse.
Wow they are amateurs now.
Dear NSA, want to do your job right? then start watching top networking companies for job openings and have your Networking expert agents apply for the jobs there. Nothing better than having your agent working on the inside.
a "hit list" is stupid, you waste a LOT of time having to deal with them, but if Agent Davis is a network admin at VERIZON or AT&T then you make a single phone call to own the network.
This tip is free, otherwise I am $4500 an hour minimum of 10 hour charge for any more consulting, als you pay all travel costs and I only fly private or military jet. F16 trainer preferred.
Do not look at laser with remaining good eye.
stop reading my Brain.
Do people really use the cisco password7 decrypting web sites? What's to stop the operator from using the logs to ip and getting back at you?
From the article:
"any time you wanted to target a new network, you could find the admin associated with it, queue his acounts up for QUANTUM, get access to his box and proceed to pwn the network."
It seems the author has finally achieved his dream of being a "supar-1337-haxxor".. is this really the internal language they use inside the NSA? I had imagine there was atleast some modicum of professionalism; we'd probably be a whole lot safer is Captian Crunch and the 2600 crew were running the show. And what is it our elite "friend" is searching for with his unwarranted teenage style (QUANTUM based) script kiddy tactics, item five on the list is:
"*pictures of cats in funny poses with amusing captions."
M'kay.. they can leave my funny pictures of cats well enough alone, please and thank you.
So many attempted lawsuits against the USG over various spying revelations have been refused because the complainant has no "standing," i.e. legal proof that they have been damaged. I imagine that if the list of targets were to leak, that would give those individuals valid standing to sue. As someone who was the DBA at a US$6-7B/yr corporation for more than 7 years I sort of suspect my name is on their list. I will say one thing, there's no fucking way any NSA ratware got into systems under my control using me as a conduit.
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
I thought that's pretty much what Anon is. A bunch of guys from various intel agencies, with a few script kiddies going along for the ride. Wasn't it a FBI computer that Lulzsec used to stage their biggest leaks?
He had duct tape over his mouth and eyes and was being loaded into the back of a C-17 like a sack of potatoes. The waterboarding had done the trick and he had signed a blank confession. That, of course, was just a CYA. He had already spilled the beans on everything and everyone. In fact his statements implicated people that could not possibly be involved, so in the end his information must be considered suspect.
Sent to the Island. A bad job all around but there must be no loose ends.
> are ROFL-easy [...] And pointing out for the lulz [...]
- seperate normal surfing from your admin job
- encrypt everything
- consider to bounce connections via another server. Bonus if the final connection is via an intranet
- consider using a vpn-service, which routes many people over one ip
- avoid facebook and webmail (are they talking about specific webmails?)
for the selector stuff: install a cookie-killer like self-destructing-cookies (firefox) or tab-cookies (chromium).
does it; but when the government and it's many contractors do it, it's A-OK.
So now you, the company CIO, go back to work and wonder if your sysadmins might inadvertently infect your servers with a trojan. Or worse, they have already been turned by the NSA. So screw this running your own infrastructure in-house. Pull the plug and put everything in The Cloud. Where they promise you security. Its possible that this document was leaked purposefully, to sew some doubts into decision makers minds with regard to their in-house admins.
In reality, The Cloud makes things easier to crack. A couple of big targets rather than thousands of little ones.
Have gnu, will travel.
Most of the news articles I'm reading talk only about NSA "plans" to surveil admins and burglarize their nets. If an article goes further, it talks only about NSA's activities in the past tense.
Calm down, Mr. Public. Nothing to see here. Go about your business.