so wait? Let me humor you..
SSH was running and publically accessible so it was actually legal for me to login to <something>,gov, as if they didnt want me to connect it wouldnt be a publically accessible service? On Sun, Apr 17, 2011 at 12:39 PM, Jeffrey Walton <noloa...@gmail.com> wrote: > > so how long do you give yourself before you're in prison? > lol.... > > To pay devil's advocate here: FPL placed those hosts on a public internet. > In addition, FPL also configured the hosts to advertise services. If FPL did > not want the services accessed, the company would have removed the hosts > from the public internet, shut down the services, or used leased [private] > lines. Where's the leap to a criminal offense? > > Jeff > > On Sun, Apr 17, 2011 at 6:29 AM, Benji <m...@b3nji.com> wrote: > >> so how long do you give yourself before you're in prison? >> >> On Sat, Apr 16, 2011 at 4:22 PM, Bgr R <bgr_24...@yahoo.com> wrote: >> >>> Here comes my revenge for illegitimate firing from Florida Power & Light >>> Company (FPL) >>> ... ain't nothing you can do with it, since your electricity is turned >>> off !!! >>> >>> Secure you SCADA better! Leaked files are attached ... >>> >>> 1) http://img838.imageshack.us/i/49986845.png/ >>> 2) http://img718.imageshack.us/i/24380855.png/ >>> 3) http://img24.imageshack.us/i/58868342.png/ >>> 4) http://img228.imageshack.us/i/85258364.png/ >>> 5) http://img163.imageshack.us/i/90736853.png/ >>> 6) http://img217.imageshack.us/i/55439027.png/ >>> 7) http://img40.imageshack.us/i/87526089.png/ >>> 8) http://img864.imageshack.us/i/94061747.png/ >>> ------------------------------------------------------------ >>> >>> 161.154.232.65 >>> >>> HTTP/1.0 401 Unauthorized >>> Date: Sat, 05 Feb 2011 23:43:13 GMT >>> Server: VTS 9.0.05 >>> Content-Type: text/html >>> Content-Length: 622 >>> Cache-Control: no-cache >>> WWW-Authenticate: Basic realm="Ft. Sumner SCADA" >>> Cache-control: no-cache="set-cookie" >>> Cache-control: private >>> Set-Cookie: VTS=9.0005;Version=1;Path=/ >>> Set-Cookie: SessionID=0;Version=1;Path=/Ft. Sumner >>> SCADA/cc8620ba-ad1a-4ae9-96ed-036c22c3576a >>> Set-Cookie: >>> SessionID=0;Version=1;Path=/Ft%2e%20Sumner%20SCADA/cc8620ba-ad1a-4ae9-96ed-036c22c.. >>> >>> NetRange: 161.154.0.0 - 161.154.255.255 >>> CIDR: 161.154.0.0/16 >>> OriginAS: >>> NetName: FPL2 >>> NetHandle: NET-161-154-0-0-1 >>> Parent: NET-161-0-0-0-0 >>> NetType: Direct Assignment >>> RegDate: 1992-12-17 >>> Updated: 2008-10-10 >>> Ref: http://whois.arin.net/rest/net/NET-161-154-0-0-1 >>> >>> OrgName: Florida Power & Light Company >>> OrgId: FFPL-1 >>> Address: 700 Universe Blvd >>> Address: P.O. Box 14000 >>> City: Juno Beach >>> StateProv: FL >>> PostalCode: 33408-0420 >>> Country: US >>> RegDate: 1997-06-03 >>> Updated: 2007-06-29 >>> Ref: http://whois.arin.net/rest/org/FFPL-1 >>> >>> OrgAbuseHandle: INFOR40-ARIN >>> OrgAbuseName: Information Security >>> OrgAbusePhone: +1-305-552-3727 >>> OrgAbuseEmail: information_secur...@fpl.com >>> OrgAbuseRef: http://whois.arin.net/rest/poc/INFOR40-ARIN >>> >>> OrgTechHandle: DHE37-ARIN >>> OrgTechName: Hertzog, Dean >>> OrgTechPhone: +1-305-552-4080 >>> OrgTechEmail: fpl...@fpl.com >>> OrgTechRef: http://whois.arin.net/rest/poc/DHE37-ARIN >>> >>> OrgNOCHandle: DHE37-ARIN >>> OrgNOCName: Hertzog, Dean >>> OrgNOCPhone: +1-305-552-4080 >>> OrgNOCEmail: fpl...@fpl.com >>> OrgNOCRef: http://whois.arin.net/rest/poc/DHE37-ARIN >>> >>> >>> ------------------------------------------------------------------------------- >>> Configuration file from the central Cisco Router and Security Device >>> Manager: 161.154.232.2 (FPL - FFPL-1) >>> >>> Building configuration... >>> >>> Current configuration : 8467 bytes >>> ! >>> ! Last configuration change at 18:01:57 UTC Mon Oct 25 2010 by ro5810 >>> ! NVRAM config last updated at 18:01:59 UTC Mon Oct 25 2010 by ro5810 >>> ! >>> version 12.2 >>> no service pad >>> service timestamps debug datetime localtime >>> service timestamps log datetime localtime >>> service password-encryption >>> service udp-small-servers >>> service tcp-small-servers >>> ! >>> hostname cpr622i00bct >>> ! >>> logging buffered 65000 debugging >>> logging rate-limit all 10 except critical >>> enable secret 5 $1$7uN5$Ok9fYku/HC/KNqWQkHoWP. >>> ! >>> aaa new-model >>> aaa authentication login default group tacacs+ enable >>> aaa authentication enable default group tacacs+ enable >>> aaa authorization exec default group tacacs+ none >>> aaa accounting exec default start-stop group tacacs+ >>> aaa accounting commands 15 default start-stop group tacacs+ >>> ! >>> aaa session-id common >>> ip subnet-zero >>> no ip source-route >>> ip routing >>> ! >>> no ip domain-lookup >>> ip host cs00noc 172.16.0.132 >>> ip host cs01noc 172.16.0.133 >>> ip host cs00noc-pub 209.215.34.12 >>> ip host cs01noc-pub 209.215.34.11 >>> ip name-server 205.152.132.23 >>> ip name-server 205.152.144.23 >>> vtp domain Core >>> vtp mode transparent >>> ! >>> mls qos >>> no mpls traffic-eng auto-bw timers frequency 0 >>> ! >>> ! >>> no file verify auto >>> spanning-tree mode pvst >>> spanning-tree extend system-id >>> ! >>> ! >>> ! >>> vlan internal allocation policy ascending >>> ! >>> vlan 1578 >>> name FPL >>> ! >>> policy-map SHAPER1 >>> class class-default >>> shape average 250000000 >>> ! >>> ! >>> ! >>> interface FastEthernet1/0/1 >>> ! >>> interface FastEthernet1/0/2 >>> ! >>> interface FastEthernet1/0/3 >>> ! >>> interface FastEthernet1/0/4 >>> ! >>> interface FastEthernet1/0/5 >>> ! >>> interface FastEthernet1/0/6 >>> ! >>> interface FastEthernet1/0/7 >>> ! >>> interface FastEthernet1/0/8 >>> ! >>> interface FastEthernet1/0/9 >>> ! >>> interface FastEthernet1/0/10 >>> ! >>> interface FastEthernet1/0/11 >>> ! >>> interface FastEthernet1/0/12 >>> ! >>> interface FastEthernet1/0/13 >>> ! >>> interface FastEthernet1/0/14 >>> ! >>> interface FastEthernet1/0/15 >>> ! >>> interface FastEthernet1/0/16 >>> ! >>> interface FastEthernet1/0/17 >>> ! >>> interface FastEthernet1/0/18 >>> ! >>> interface FastEthernet1/0/19 >>> ! >>> interface FastEthernet1/0/20 >>> ! >>> interface FastEthernet1/0/21 >>> ! >>> interface FastEthernet1/0/22 >>> ! >>> interface FastEthernet1/0/23 >>> ! >>> interface FastEthernet1/0/24 >>> ! >>> interface GigabitEthernet1/0/1 >>> ! >>> interface GigabitEthernet1/0/2 >>> ! >>> interface GigabitEthernet1/1/1 >>> switchport trunk allowed vlan 1578 >>> switchport mode trunk >>> switchport nonegotiate >>> ip access-group 112 in >>> service-policy output SHAPER1 >>> load-interval 30 >>> speed nonegotiate >>> ! >>> interface GigabitEthernet1/1/2 >>> no switchport >>> ip address 161.154.232.2 255.255.255.0 >>> ip access-group 115 in >>> load-interval 30 >>> keepalive 10 >>> speed nonegotiate >>> mls qos trust dscp >>> no cdp enable >>> no clns route-cache >>> hold-queue 100 in >>> hold-queue 100 out >>> ! >>> interface Vlan1 >>> no ip address >>> shutdown >>> ! >>> interface Vlan1578 >>> ip address 65.14.117.30 255.255.255.252 >>> load-interval 30 >>> no clns route-cache >>> ! >>> ip classless >>> ip route 0.0.0.0 0.0.0.0 65.14.117.29 >>> ip route 155.109.5.0 255.255.255.0 161.154.232.1 >>> ip route 155.109.19.0 255.255.255.0 161.154.232.1 >>> ip route 155.109.29.0 255.255.255.0 161.154.232.1 >>> ip route 155.109.29.204 255.255.255.255 65.14.117.29 >>> ip route 155.109.29.214 255.255.255.255 65.14.117.29 >>> ip route 155.109.66.0 255.255.255.0 161.154.232.1 >>> ip route 155.109.88.0 255.255.255.0 161.154.232.1 >>> ip route 155.109.95.0 255.255.255.0 161.154.232.1 >>> ip route 161.154.0.0 255.255.0.0 161.154.232.1 >>> ip route 170.55.0.0 255.255.0.0 161.154.232.1 >>> ip route 204.238.236.0 255.255.255.0 161.154.232.1 >>> no ip http server >>> ip http secure-server >>> ! >>> ! >>> ! >>> access-list 98 permit 205.152.144.226 >>> access-list 98 permit 205.152.132.250 >>> access-list 98 permit 205.152.132.226 >>> access-list 98 permit 205.152.144.250 >>> access-list 98 permit 205.152.144.165 >>> access-list 98 permit 205.152.37.19 >>> access-list 98 permit 205.152.37.20 >>> access-list 98 permit 205.152.144.163 >>> access-list 98 permit 205.152.37.26 >>> access-list 98 permit 205.152.37.27 >>> access-list 98 permit 205.152.132.163 >>> access-list 98 permit 205.152.132.165 >>> access-list 98 permit 205.152.37.250 >>> access-list 98 permit 205.152.37.226 >>> access-list 98 permit 205.152.132.27 >>> access-list 98 permit 205.152.132.26 >>> access-list 98 permit 205.152.144.20 >>> access-list 98 permit 205.152.37.163 >>> access-list 98 permit 205.152.37.165 >>> access-list 98 permit 205.152.144.19 >>> access-list 98 permit 205.152.144.27 >>> access-list 98 permit 205.152.144.26 >>> access-list 98 permit 139.76.53.0 0.0.0.255 >>> access-list 98 permit 139.76.68.0 0.0.3.255 >>> access-list 98 permit 139.76.88.0 0.0.1.255 >>> access-list 98 permit 139.76.228.0 0.0.3.255 >>> access-list 98 permit 139.76.240.0 0.0.1.255 >>> access-list 98 permit 172.16.0.0 0.0.1.255 >>> access-list 98 permit 205.152.6.0 0.0.0.255 >>> access-list 98 permit 205.152.66.0 0.0.0.255 >>> access-list 98 permit 205.152.204.0 0.0.0.255 >>> access-list 99 permit 68.153.6.0 0.0.1.255 >>> access-list 99 permit 172.16.0.0 0.0.1.255 >>> access-list 99 permit 139.76.53.0 0.0.0.255 >>> access-list 99 permit 139.76.68.0 0.0.3.255 >>> access-list 99 permit 139.76.88.0 0.0.1.255 >>> access-list 99 permit 139.76.228.0 0.0.3.255 >>> access-list 99 permit 139.76.240.0 0.0.1.255 >>> access-list 99 permit 205.152.6.0 0.0.0.255 >>> access-list 111 permit ip 65.14.117.28 0.0.0.3 any >>> access-list 111 permit ip 74.175.105.64 0.0.0.31 any >>> access-list 111 permit ip 205.152.17.0 0.0.0.255 any >>> access-list 111 permit ip 155.109.0.0 0.0.255.255 any >>> access-list 111 permit ip 161.154.0.0 0.0.255.255 any >>> access-list 111 permit ip 205.152.161.0 0.0.0.255 any >>> access-list 111 permit ip 204.238.236.0 0.0.0.255 any >>> access-list 111 permit ip 170.55.0.0 0.0.255.255 any >>> access-list 112 deny ip 204.0.0.0 0.0.255.255 any >>> access-list 112 deny ip 204.1.0.0 0.0.255.255 any >>> access-list 112 deny ip 204.3.0.0 0.0.255.255 any >>> access-list 112 deny ip 69.22.0.0 0.0.192.255 any >>> access-list 112 permit ip any any >>> access-list 115 deny 53 any any >>> access-list 115 deny 55 any any >>> access-list 115 deny 77 any any >>> access-list 115 deny pim any any >>> access-list 115 permit ip any any >>> no cdp run >>> snmp-server community Ty#Qr53b RO 98 >>> snmp-server community R5t3bF5c RW 98 >>> tacacs-server host 172.16.0.132 >>> tacacs-server host 209.215.34.12 >>> tacacs-server host 172.16.0.133 >>> tacacs-server host 209.215.34.11 >>> tacacs-server timeout 10 >>> tacacs-server directed-request >>> tacacs-server key 7 010703174F >>> ! >>> radius-server source-ports 1645-1646 >>> ! >>> control-plane >>> ! >>> banner motd ^CC >>> ###################################################################### >>> # # >>> # ***PRIVATE/PROPRIETARY*** # >>> # # >>> # ANY UNAUTHORIZED ACCESS TO, OR MISUSE OF BELLSOUTH # >>> # SYSTEMS OR DATA MAY RESULT IN CIVIL AND/OR CRIMINAL # >>> # PROSECUTION, EMPLOYEE DISCIPLINE UP TO AND INCLUDING # >>> # DISCHARGE, OR THE TERMINATION OF VENDOR/SERVICE CONTRACTS. # >>> # # >>> # BELLSOUTH MAY PERIODICALLY MONITOR AND/OR AUDIT SYSTEM # >>> # ACCESS/USAGE. # >>> # # >>> # # >>> ###################################################################### >>> # # >>> # <VERSION TEMPLATE DATE@TIME> # >>> ###################################################################### >>> ^C >>> privilege exec level 1 traceroute >>> privilege exec level 1 ping >>> privilege exec level 1 terminal monitor >>> privilege exec level 1 terminal >>> privilege exec level 1 show line >>> privilege exec level 1 show snmp >>> privilege exec level 1 show arp >>> privilege exec level 1 show accounting >>> privilege exec level 1 show service-module >>> privilege exec level 1 show version >>> privilege exec level 1 show reload >>> privilege exec level 1 show debugging >>> privilege exec level 1 show controllers >>> privilege exec level 1 show users >>> privilege exec level 1 show sessions >>> privilege exec level 1 show access-lists >>> privilege exec level 1 show privilege >>> privilege exec level 1 show interfaces >>> privilege exec level 1 show startup-config >>> privilege exec level 1 show >>> privilege exec level 1 clear line >>> privilege exec level 1 clear counters >>> privilege exec level 1 clear >>> ! >>> line con 0 >>> exec-timeout 5 30 >>> password 7 070C285F4D06 >>> line vty 0 4 >>> access-class 99 in >>> exec-timeout 30 0 >>> password 7 03075218050061 >>> line vty 5 15 >>> access-class 99 in >>> exec-timeout 30 0 >>> password 7 03075218050061 >>> ! >>> end >>> >>> ---------------------------------------------------- >>> Fort Sumner wind turbines: >>> http://www.flickr.com/photos/30325073@N02/4113855086/ >>> _______________________________________________ >>> Full-Disclosure - We believe in it. >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/