By Dan Ilett, 29 November 2004 10:35
NEWS
The creator of the famous hacking tool Nmap is being hounded by the FBI for copies of web server log data from his Web site Insecure.org.
Fyodor, as he is known, is a well known figure in the security world, specifically for his work with Nmap. In his blog, Fyodor said that the authorities were asking him for details but failing to give reasons of what they were up to.
His message said: "FBI agents from all over the country have contacted me demanding Web server log data from Insecure.Org. They don't give me reasons, but they generally seem to be investigating a specific attacker whom they think may have visited the Nmap page at a certain time."
The open-source network mapping program was designed to help security experts scan networks, services and applications. But some hackers have used the tool for malicious purposes, which Fyordor indicated he was unhappy with.
"One can argue whether helping the FBI is good or bad. Remember that they might be going after spammers, cyberextortionists, DDoS kiddies, etc. In this, I wish them the best. Nmap was designed to help security - the criminals and spammers put my work to shame!"
Fyodor said he thought the FBI wanted access to his Web logs to investigate malicious hackers. "They don't give me reasons, but they generally seem to be investigating a specific attacker who they think may have visited the Nmap page at a certain time. So far, I have never given them anything. In some cases, they asked too late and data had already been purged through our data retention policy. In other cases, they failed to serve the subpoena properly. Sometimes they try asking without a subpoena and give up when I demand one."
The security expert added that he would like to protect his privacy when dealing with the FBI. "I'll try to fight anything too broad (like if they ask for weblogs for a whole month). Protecting your privacy is important to me, but Nmap users should be savvy enough to know that all of your network activity leave [sic] traces. I'm not the only one who gets these subpoenas - large ISPs and web mail providers receive them daily."
In October, FBI agents seized servers in the UK from news company Indymedia. Agents served a subpoena to Indymedia's hosting company in the US, Rackspace, to hand over the computers beforehand.
British and US governments have failed to provide an explanation for the action and why the FBI was allowed to operate in London.
Dan Ilett writes for ZDNet UK.
Comments
There are 3 comments. Join the discussion
1. anonymous
I think the fbi should say thank you to you. for many reason you did this to help them... but they have to do what they have to do...
2. Paul Weegar
My goodnes, this is scary stuff. I thought the Gestapo died with the end of WWII, The KGB got it's wings clipped witht he fall of the USSR and Big Brother was just fiction.
And what about the protections of the US Constitutions agains 1) unreasonable search and seizures, the right to be safe in our effects and papers and Due Process???
I'm all for a secure USA. But I'm NOT willing to give up my rights and freedoms to the gov't with out due cause. What rights will they go after next??? Freedom of speech (already , to a point has been attacked, etc).
No, I can't say I'm a conspiracy theorist or anything like that. But what the gov't is trying to do, smacks of socialist tryanny in the name of security. And that, is just plan wrong.
3. Ashish Majithia
Get an NDA signed with the FBI for all other materials which are of no use to them. Only those logs should be presented which were of use. The FBI should give in writing that in no circumstances will the gain undue advantage of logs they recieve from Fyodor.......
Fyodor says that he has made NMAP to secure. Helping FBI to track down a hacker will certainly help everybody. It is for our betterment.
This will also scare the hackers who try hack for personal and undue gains.