---

Scientology Crime Syndicate

Wired - Saturday, September 19, 1998

Religious sites targetted by Internet pranksters

SAN FRANCISCO -- Two unidentified women set up ISP accounts that were used in a three-day automated attack this week on religious Usenet computer bulletin board newsgroups. The attackers used familiar newsgroup member names in sending thousands of off-subject, often vulgar, posts to a number of alt.religion groups on the Internet.

Netroplex Internet Services, a small Los Angeles-based Internet service provider, disconnected the two accounts on this week after determining they were used to launch the attacks. The posts were likely generated by an automated program that collected posts from other newsgroups and sent them, en masse, to the alt.religion newsgroups. Generally, the posts weren't relevant to the newsgroup subjects, and many were laced with vulgarities and pornography.

Chris Caputo, president of Altopia Corp. -- the company that provides Netroplex with its newsfeed -- said more than 10,000 forged posts were sent from Netroplex accounts beginning late Sunday.

The forged notes continued at the rate of 8 to 20 posts a minute until early Wednesday, when Netroplex policy manager Laurent Kim disconnected the second of two accounts used to launch the attack.

"We found out who the users were," said Kim. "It was two different people who walked into our office, and paid cash for their accounts." Kim said that the individuals-both women-had given phony contact information. The first woman signed up with the ISP on 8 September and started sending forged articles on Sunday; the second obtained an account on Tuesday, and was disconnected a day later.

While the company is not looking into legal action, Kim said it will hand over Caller ID data from the dialup lines to any court of law that requests it. He stressed that his company is also a victim of the attack, because it has had to deal with the thousands of messages received from people around the world who are upset about the forgeries.

Since one or two people couldn't manually post all of the messages, Caputo suspects that the perpetrators wrote a program to do it. The forged articles had valid names and email addresses, and subject lines that looked appropriate for each group. But the body of each message contained an old news posting, often with pornographic content.

The spam attack prevented actual conversation on many newsgroups, since it was difficult to distinguish which of the messages were real. The forgeries could also come back to haunt the people whose identities were used on the postings. DejaNews, which provides a way to read and post to approximately 15,000 Usenet newsgroups, has a popular tool called "Author Profile" that displays a list of all articles that a user has posted, and may include some of the forged posts.

Most of the forged posts never made it to DejaNews' archives, according to David Wilson, the company's vice president of marketing. "We have several layers of spam filtering, and we caught several thousand of those things-actually, a few thousand at a time, from what I'm told," Wilson said.

According to Wilson, the company used a combination of technologies to rid their archive of spam. "I can't tell you how the filters work, because if I did, then whoever posted the forgeries would be able to find a workaround," Wilson said. "It's a cat-and-mouse game."

As for the inevitable remaining forgeries in the archive, Wilson said, "A user always has the ability to delete a message from the archive that was posted under their identity. And so if this forger posted something under someone else's identity, they can come to our site and nuke that article."

[Note: The URL for "nuking" spam at Deja News is:
http://www.dejanews.com/forms/nuke.shtml ]

<snip>

Copyright 1998, The Detroit News


Click here for some additional truth about the Scientology crime syndicate: XENU.NET

---

The views and opinions stated within this web page are those of the author or authors which wrote them and may not reflect the views and opinions of the ISP or account user which hosts the web page. The opinions may or may not be those of the Chairman of The Skeptic Tank.

Return to The Skeptic Tank's main Index page.

E-Mail Fredric L. Rice / The Skeptic Tank