[amsat-bb] SatReporter Hacked once Again
Steve Fraser
sfraser at sky.apana.org.au
Fri Sep 8 03:29:22 UTC 2017
Can I suggest to Andrew that he posts more details of the actual "hack"?
In this way we might be able to suggest some mitigation techniques.
For example, if it's a denial-of-service from one address, then a simple
firewall rule to block that address. If its a DDOS, then maybe a rate
limiting firewall rule. I dont understand the "65000 emails" - what is
that about and how is it related? But I think upgrading the hardware to
cope with the volume is not the right way to solve it - there may be
many ways. For example, maybe it should operate on amprnet (44net) only?
I think we should encourage and help people (especially if they are not
IT security experts) who devise a service but encounter problems. The
internet is a dangerous place, people often need guidance to survive there!
Steve,
vk5asf
>> On Sep 7, 2017, at 5:14 PM, Jim Jerzycke <kq6ea at verizon.net> wrote:
>>
>> Aw, c'mon guys, give him a break. He's doing what he has to so he can keep his website up.
>>
>>
>> What would any of you do in similar circumstances, just let it slide?
>>
>>
>> 73, Jim KQ6EA
>>
>>
>>> On 09/07/2017 07:54 PM, Ted wrote:
>>> Uh.oh...black helicopters and tin foil hat alert !!
>>>
>>> -----Original Message-----
>>> From: AMSAT-BB [mailto:amsat-bb-bounces at amsat.org] On Behalf Of
>>> vk4tec at tech-software.net
>>> Sent: Wednesday, September 6, 2017 1:10 PM
>>> To: AMSAT
>>> Cc: aprssig at tapr.org
>>> Subject: [amsat-bb] SatReporter Hacked once Again
>>>
>>> I have been accused of not supplying enough information
>>>
>>>
>>> So here it is
>>>
>>>
>>> I designed a SatReporting tool that encompases the ISS and NO-84
>>>
>>>
>>> It draws information from the APRS-IS stream and presents it in a web form.
>>>
>>>
>>> I added a function where people could manually add a satellite
>>> observation
>>>
>>>
>>> This was exploited and I had to deal with the authorities and coped
>>> 65,000 emails from a vindictive individual in California
>>>
>>>
>>> I contacted his her ISP and they were dumb and clueless
>>>
>>>
>>> The help exceed my monthly internet bill in the the process.
>>>
>>>
>>> That stoped after I reported them and took away the manual reporting
>>> feature.
>>>
>>>
>>> I then let the system back on line and once again the same vindictive
>>> indivual was hitting my web site with a denial of service attack
>>> every second.
>>>
>>>
>>> I have had to report them again.
>>>
>>>
>>> My ISP are pissed off at me when I have done nothing wrong
>>>
>>>
>>> Some jelous individual obviously does not like any one else doing
>>> something smart
>>>
>>>
>>> It is sad and I feel sorry for that individual
>>>
>>>
>>> I have a had a rough life and I can can take the punches
>>>
>>>
>>> I will persist in bringing new and smart solutions to problems where
>>> I see I can help
>>>
>>>
>>> Here is the individual that is doing it
>>>
>>>
>>> vk4tec at hpserver:/maint/scripts> nslookup 50.255.43.233
>>>
>>> Server: 192.168.1.1
>>>
>>> Address: 192.168.1.1#53
>>>
>>>
>>> Non-authoritative answer:
>>>
>>> 233.43.255.50.in-addr.arpa name =
>>> 50-255-43-233-static.hfc.comcastbusiness.net.
>>>
>>>
>>> Authoritative answers can be found from:
>>>
>>>
>>> vk4tec at hpserver:/maint/scripts>
>>>
>>>
>>> I have migrated from a raspberry pi to a quad quad core processore
>>> machine with 64 GB of RAM running LINUX OpenSuse
>>>
>>>
>>> I will not be shut down by some asshole who wants to make my life
>>> hell
>>>
>>>
>>> I say go for it
>>>
>>>
>>> I am smater than you think having been in volved in both
>>> telecommunications and aviation security incidents.
>>>
>>>
>>> I have been given military clearance and are friends with federal
>>> police
>>>
>>>
>>> You have been warned
>>>
>>>
>>> Andrew
>>>
>>> _______________________________________________
>>> Sent via AMSAT-BB at amsat.org. AMSAT-NA makes this open forum available
>>> to all interested persons worldwide without requiring membership.
>>> Opinions expressed are solely those of the author, and do not reflect
>>> the official views of AMSAT-NA.
>>> Not an AMSAT-NA member? Join now to support the amateur satellite program!
>>> Subscription settings: http://www.amsat.org/mailman/listinfo/amsat-bb
>>>
>>> _______________________________________________
>>> Sent via AMSAT-BB at amsat.org. AMSAT-NA makes this open forum available
>>> to all interested persons worldwide without requiring membership.
>>> Opinions expressed are solely those of the author, and do not reflect the official views of AMSAT-NA.
>>> Not an AMSAT-NA member? Join now to support the amateur satellite program!
>>> Subscription settings: http://www.amsat.org/mailman/listinfo/amsat-bb
>>>
>> _______________________________________________
>> Sent via AMSAT-BB at amsat.org. AMSAT-NA makes this open forum available
>> to all interested persons worldwide without requiring membership.
>> Opinions expressed are solely those of the author, and do not reflect the official views of AMSAT-NA.
>> Not an AMSAT-NA member? Join now to support the amateur satellite program!
>> Subscription settings: http://www.amsat.org/mailman/listinfo/amsat-bb
> _______________________________________________
> Sent via AMSAT-BB at amsat.org. AMSAT-NA makes this open forum available to all interested persons worldwide without requiring membership. Opinions expressed are solely those of the author, and do not reflect the official views of AMSAT-NA.
> Not an AMSAT-NA member? Join now to support the amateur satellite program!
> Subscription settings: http://www.amsat.org/mailman/listinfo/amsat-bb
> _______________________________________________
> Sent via AMSAT-BB at amsat.org. AMSAT-NA makes this open forum available
> to all interested persons worldwide without requiring membership. Opinions expressed
> are solely those of the author, and do not reflect the official views of AMSAT-NA.
> Not an AMSAT-NA member? Join now to support the amateur satellite program!
> Subscription settings: http://www.amsat.org/mailman/listinfo/amsat-bb
More information about the AMSAT-BB
mailing list