Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

My first experience on IRC was looking for help with my first Linux install. Someone in the channel telnet'd into my computer and wiped my hard drive while I was chatting.

I was 9 or 10 years old at the time and my root password was one of those common strings (12345, abcde, I don't remember at this point). It had taken me 3 days to learn how to download Linux, make a stack of installation floppies, find and use partitioning tools, install Linux and set up a boot loader, etc. I cried when I realized what had been done to me.



Unless someone 'fessed up to it, you really have no way of knowing who did this. It could just as easily have been a drive-by script.

And regardless, it was a hard, cheap, early lesson in the importance of ensuring fundamental levels of system security. I've ... suffered worse.

I strongly suspect you'll never forget this.


This being more than a decade and a half ago, I doubt it was a drive-by script. I was dialed into AOL on a 4 letter screen name. I had just informed a channel of Linux users, who knew my public IP, that I had just installed Linux for the first time. The chances it wasn't someone from that IRC channel are near zero.


Yep, it was common to watch new folks join a help channel, and as soon as you saw that root@host identity, the level of shenanigans would jump through the roof.


stop crying


Hah! Downvote it all you want, you know it's true. He needs to stop crying.


I didn't say it wasn't. And given the malicious activity (most scripted attacks, especially today, prefer to make productive use of your system) that's a likely explanation.

But scripted or not, someone did you a favor.

For a reference point, a (very technical) friend at a large tech company had to fire up a fresh Windows VM in order to complete some Windows/IE-only internal web app form.

He was p0wned within 5 minutes. On the corporate LAN. Stats I've seen are that an unpatched WinXP box (pre-SP2) was getting p0wned within 15 seconds, on average by the mid/late oughts. Scripted attacks are that fast and easy.

Scanning an IP range for open telnet ports (n00b move #1) and attempting root logins on same (n00b move #2) with weak passwords (third strike) is pretty trivial. Could have been another AOL user, could have been someone's IRC bot / autoattack.

While not blaming the victim, you discovered (on a freshly installed, no-real-data-present-yet box, hence, very inexpensively) that You Don't Do That[tm].

So: stop crying over this and put on your Big Boy pants. That asshole did you a favor. Really.


> So: stop crying over this and put on your Big Boy pants.

In what world do you think that

1) I'm 'still crying' over something that happened 17 years ago by relating it in a comment

2) It's appropriate to tell other professionals relating a story to 'stop crying'

It's certainly not this one.


Stop victim blaming. This was a cruel and mean thing for someone to do to someone taking thing first steps in learning about hacking.


I'm not blaming the victim.

I am saying that, yes, he did something stupid and got spanked for it.

I'm also saying (and in my highly downvoted follow-up providing additional examples of) that it's reasonably if not highly plausible that the attack was wholly scripted and automated.

I've been burned myself -- by systems stuff as well as meatspace events. Very often the key finding of a particular experiment is "don't do that".

That was my point.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: