Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [ISN] Group Offers to Sell Supposed Dragon IDS Code
From: InfoSec News (isnc4i.org)
Date: Thu Jul 15 2004 - 03:40:10 CDT
[Interesting first attempt at selling corporate secrets, you would
have expected a group like this to have researched other delivery
methods, like Blacknet: http://www.c4i.org/erehwon/blacknet.html - WK]
To whomever it may concern:
Thank you for your interest in SCC. We regret to inform that SCC
has temporarily suspended operations. Our business model is currently
being re-designed to alleviate some of the initial fears our customers
faced. Selling corporate secrets is a very tricky, and we believe it
is an area that we can conquer. Look for us in the near future as we
re-emerge to bring you all kinds of secrets.
> By Dennis Fisher
> July 13, 2004
> A group calling itself the Source Code Club is offering to sell
> files that it claims contain the source code for Enterasys Networks
> Inc.'s Dragon IDS (intrusion detection system) software. The asking
> price: $16,000.
> The group's rudimentary Web site, which is registered under a
> Ukrainian domain name, lists hundreds of files that appear as though
> they could indeed be source-code files. There is no way to tell
> whether the group actually has the code, although it claims to have
> obtained it by breaking into the Enterasys network.
> Someone using the name Larry Hobbles posted a message to the Full
> Disclosure security mailing list Monday night saying that both the
> Dragon and Napster code were available for sale.
> "The Source Code Club is now open for business. SCC is a business
> focused on delivering corporate intel to our customers. Our main
> focus is selling source code and design documents, but there are
> many other facets to our business," the message reads. "To get the
> ball rolling, we are now offering the souce [sic] code/design docs
> for both Enterasys Intrusion Detection System (NIDS/HIDS) and
> Napster server and clients."
> The files listed on SCC's site appear to be from version 6.1 of
> Dragon; the current release is 6.3.
Help InfoSec News with a donation: http://www.c4i.org/donation.html