[Kenny]

FBI go after Nmap inventor for InSecure.org web logs

11-29-2004 12:01:17 AM CST -- by Dan Ilett for Silicon.com

Security guru being pestered by the FBI for logs... The creator of the famous hacking tool Nmap is being hounded by the FBI for copies of web server log data from his Web site Insecure.org. Fyodor, as he is known, is a well known figure in the security world, specifically for his work with Nmap. In his blog, Fyodor said that the authorities were asking him for details but failing to give reasons of what they were up to. His message said: "FBI agents from all over the country have contacted me demanding Web server log data from Insecure.Org. They don't give me reasons, but they generally seem to be investigating a specific attacker whom they think may have visited the Nmap page at a certain time." The open-source network mapping program was designed to help security experts scan networks, services and applications. But some hackers have used the tool for malicious purposes, which Fyordor indicated he was unhappy with.

"One can argue whether helping the FBI is good or bad. Remember that they might be going after spammers, cyberextortionists, DDoS kiddies, etc. In this, I wish them the best. Nmap was designed to help security - the criminals and spammers put my work to shame!" Fyodor said he thought the FBI wanted access to his Web logs to investigate malicious hackers. "They don't give me reasons, but they generally seem to be investigating a specific attacker who they think may have visited the Nmap page at a certain time. So far, I have never given them anything. In some cases, they asked too late and data had already been purged through our data retention policy. In other cases, they failed to serve the subpoena properly. Sometimes they try asking without a subpoena and give up when I demand one....

continued...

software.silicon

[LittleHacker]

Waw !
To be famous has it's own troubles !

wish luck for him

[Nick W]

Everyone should send him an email telling him that he should know exactly why they are asking and not only that, but do a request for information they my have on him with the FBI. It'd go a long ways as to tell if they think he is malicious or not.

I can't believe that in this day and age the FBI would bother someone that isn't going to actually be able to help their investigation. nmap is a tool, thousands have downloaded it, including myself. Does that mean that I, as a network administrator am a suspect in whatever investigation they are undertaking?

[Terminal]

It is not always wrong to help the cops . If FBI give him a good reason he should give the logs .
Bcoz no matter if he agrees or not FBI will get the logs from the site . :ph34r:

[MsMittens]

vicky, on Dec 1 2004, 01:57 AM, said:

It is not always wrong to help the cops . If FBI give him a good reason he should give the logs .
Bcoz no matter if he agrees or not FBI will get the logs from the site .  :ph34r:

<{POST_SNAPBACK}>

Uh no. In the US there is the 4th Amendment and this requires they give out a warrant for any searches. Honestly, these could be legit processes and they are following up on them but they do need to follow procedure. They can ask (and maybe they should be asking) but they also should be "dotting their i's and crossing their t's" in the process.

[protocol]

In a private email fydoor has securley deleted all web logs in fear they would be used as evidence, what you guys are failing to see is the bigger picture where microsoft is buying up as much companys and code as possible including linux shares and then going after companys and organizations and even governments. stating that if they use something besides microsoft they can be sued for intilecutal copyright infringement, there seems to me to be no higher form or action of a monopoly than this type of action. where they are useing these types of tactics to prevent users and lets face it if governments and corps break down under fear the home user will as well!!! I hope it never comes to this but either microsoft will win in this game or we will see them back in court for implementing these stratagies to control world markets.

[Butterfly]

It's bad to hear.I know Nmap but not that well..

[Blake]

Just a mental note that any police organization will first ask for the information. For example, they will ask to search your room. They will ask to come inside. They will ask for your logs. The reason that they do this is if you do say yes then they do not have to go through normal avenues looking for a court order. If you volunteer the information you have given up your rights. It is best to just say no to everything and let them work for it.