US Indymedia Global Indymedia Publish About us
Printed from Boston IMC : http://boston.indymedia.org/
Boston.Indymedia
IVAW Winter Soldier

Winter Soldier
Testimonies
Brad Presente

Other Local News

The Boston Underground (archive)
Spare Change News
Open Media Boston
Somerville Voices
Cradle of Liberty

Local Radio Shows

WMBR 88.1 FM
What's Left
WEDS at 8:00 pm
Local Edition
FRI (alt) at 5:30 pm

WMFO 91.5 FM
Socialist Alternative
SUN 11:00 am

WZBC 90.3 FM
Sounds of Dissent
SAT at 11:00 am
Truth and Justice Radio
SUN at 6:00 am

Create account Log in
Comment on this article | View comments | Email this article | Printer-friendly version
News :: Media
More Indy Sites Down!
29 Apr 2005
Here are other Indy sites that are currently down:

- Worcester
- Western Mass
- Vermont
- Maine
- New Jersey

The attack seems to be New England-based.
Here are other Indy sites that are currently down:

- Worcester
- Western Mass
- Vermont
- Maine
- New Jersey

The attack seems to be New England-based.
Related stories on this site:
NYC Indy has been hacked

This work is in the public domain
Add a quick comment
Title
Your name Your email

Comment

Text Format
Anti-spam Enter the following number into the box:
To add more detailed comments, or to upload files, see the full comment form.

Comments

My Guess
29 Apr 2005
This has something to do with Weisburd wanting to remove his libel from the web.
Re: More Indy Sites Down!
29 Apr 2005
You mean the libel He Who Shall Not Be Named has been spreading to half the IMCs on the friggin' globe?

Dig: the world is not under obligation to conform to your fantasies. Things actually happen which have no relationship to whoever you've decided to make a scapegoat of this week.
Fed Up is paranoid.
29 Apr 2005
Um, do you really think you know who you're posting too?

In any case, He Who Shall Not Be Named is Douglas B. Lenat of Cycorp. Lenat paid Weisburd to harass you know who. Deny it all you like, but the truth will come out.
Re: More Indy Sites Down!
30 Apr 2005
actually, imc's around the world were attacked, a great deal of them. most of the g00ns' rather repulsive content is on g00ns-forum.com, which is hosted by liquidweb.com. i'm sure they'd love to take your comments @ 800-580-4985. the hacker himself, who goes by the name of "clorox", and formerly "elac", is known to us. he's a 21-year old computer science major at collin county community college in plano, texas, and the creator of rightwingextremist.net. his name is brett chance. you can contact the director of telecommunications for his school, brian boring, @ 972-548-6644. have at it, folks.
Re: More Indy Sites Down!
30 Apr 2005
buenaventura durruti, inorder to make effective complaints to Mr. Boring we'll need some corroborating evidence.

We can't simply ask him to burn Brett Chace at the stake because some anonymous (un authenticated atleast) post on a website.

If I can make an intelligent complaint I will.
g00ns
30 Apr 2005
Modified: 09:33:13 PM
from colorado.indymedia.org:

"By Friday, several administrators of the cracked IMC websites were able to locate the responsible program and warn other indymedia sites against loading the executable on their server. Once identified, the source of the program was tracked by several sites to a batch of IP addresses owned by Collin Creek Community College in Plano, TX.

Many IMC users immediately recognized this as the same source where last year, a Sophomore Computer Science major was accused of hacking the NY IMC website and replacing their content with a series of anti-Kerry pop-ups that resolved by steering visitors to the official George W. Bush website. The student, who maintains the website www.rightwingextremist.net took credit for that attack which drove nearly 250,000 hits to his website that month. As of Friday April 29th, at least 10 other indymedia sites from across the globe have joined the list of victims, including richmond.indymedia.org in Virgina, atlanta.indymedia.org in Georgia, austin.indymedia.org in Texas, and three overseas sites from cyprus.indymedia.org. Volunteers for these organizations have issued a call to friends and allies who support free speech to help them re-create their websites and protect them against future attacks."

from dadaimc tech list:

"Here's who we are dealing with:

Brett Chance
aliases: elac, Evil Bit, RWE, awb0t
20 years old
full-time sophomore at Collin Creek Community College in Plano, TX
majoring in Computer Science
5'5", 125 lb. Caucasian, wears glasses
plays Counter-Strike as elac
Catholic
has thyroid disease
previously lived in Houston, TX and Baton Rouge, LA

He was at one point one of the more notorious right-wing hackers. He was previously associated with ProtestWarrior and then rightwingextremist.net. I also have his parents' names and contact information, but I will withhold those for the time being."

from g00ns-forum.com:

"[goon] clorox: lol you know my and you know my info GG. notice how i didnt use a proxy motherfucker. Come do something ;) ook i know it hurts to see me stand up for something and be successful but you are going to have to live with it.
[goon] corrupted: I'm right there with you brett"

from imc-tech list:

"reviewing the logs for Adelaide (can be made available upon request), it becomes apparent that the defacer(s) exploited the dada hole *there*, and then used their new access to the machine we share to deface nyc.

The IP addresses apparently used by the attacker(s) (it seems Adelaide does not remove such addresses from its logs) are:

66.147.168.5 -- Collin County Community College District
4.26.185.118 -- verizon DSL line in Dallas, TX

The holder of the latter IP address was apparently seen on some other IRC network bragging about his exploits."

from http://www.slantpoint.com/mt-arx/2004/08/interview_with_a_hacker.php (this is an interview with the founder of rightwingextremist.net, who has attacked imc's before):

"I caught up to one of these hackers, a 20-year-old from Texas... known as elac on the internet"

Slant Point: you personally didn't hack/take down any Indymedia sites?...
Evil Bit: I did...
Evil Bit: My name is also Brett...
Slant Point : Texas must be the land of hackers..."

not much more i can say at the moment. logs of the malicious activity have been sent to brian boring @ ccccd, but i encourage folks to contact him (bboring (at) ccccd.edu) to ensure that something is done. as i write this, more attacks on imc sites by these same folks are underway:

http://www.tnimc.org/newswire/display/5163/index.php
http://nhindymedia.org/newswire/display/2319/index.php
etcetc
Re: More Indy Sites Down!
30 Apr 2005
You make an excellent point, university net-admin. We don't want to go around proclaiming people guilty of hacking and harrassment without evidence, like He Who Shall Not Be Named.

The question seems to me to be "what evidence would support a strong enough hypothesis that a particular college network was used in a conmputer intrusion that the administrators of that network would decide to check it out?"

If evidence linking the attacks to a college network exists in the form of logs at the defaced servers, it's a pretty good bet that the volunteers who are investigating and cleaning up the mess will forward it to the appropriate people for investigation. One hopes that it is so.

It's trivially easy, by his own postings on 'net fora, to tie "Clorox" to "g00ns.com", "g00ns-forums.com" and "elac2k". It's equally easy to tie "elac", by his interview with an obscure New York right-wing news site, to "rightwingextremist.net", Protest Warriors, the RNC-linked attacks against NY IMC and a Texan student named "Brett". The missing link of the chain is the exact identity of this "Brett".

If I received a tip that a network I was responsible for might have been involved in computer intrusions, based on the existing, publicly available chain of relationships starting with "Clorox", I might be concerned enough to start checking out that possibility. If an additional piece of evidence existed to connect the chain from "Clorox" to a student at my school, I'd *definitely* prick up my ears and start hunting.

But then, that's what *i* would do, based on instincts developed by twenty years of being a professional troubleshooter. How a college admin would see it might be different.
does this help?
30 Apr 2005
from http://www.worksonline.org/reviews.asp?workid=301:

"Terrorist attacks have led to a decline in freedom. Brett Chance (elac2k (at) hotmail.com) - Wonderful essay."
http://www.drunkfoundation.com/forum/index.php?s=921fc19e44df88ea4cec4c8

just read that one ^, see if it sounds like someone familiar.
Damn, I don't type fast enough.
30 Apr 2005
While I was speculating about the existence of logs showing the origin of the attacks, buenaventua durruti confirmed that. Thank you, b.d. That ought to be enough to convince the C.C.C.C. administration to investigate.

One thing I've learned through researching other g00ns defacments is that they've defaced groups of sites which happened to be hosted on the same server, just as B.D. describes it happening to the IMCs.

Incidentally, traces of failed attempts to upload the same exploit code can be seen on the hidden files pages at the Urbana-Champaign IMC, and very likely elsewhere. In fact, if you look at the hidden pages on this site there are some mighty suspicious-looking posts.

If any of the IMCs which have dodged the bullet have logs indicating the origin of these posts, I hope that they will add them to your body of evidence.

I'll be writing (politely!) to Mr. Boring to urge him to investigate this incident rigorously, to apply appropriate sanctions against any student who may be found to have taken part in this, and to publish their findings and actions.

Thanks for keeping us readers informed.
goons rooted by b durruti
30 Apr 2005
if that's not enough, check the whois results for elac2k.com:

Domain name: elac2k.com

Registrant Contact:

Brett Chance (schance2 (at) houston.rr.com)
+1.9362714430
Fax:
38 Alden Glen Dr.
The Woodlands, TX 77382
US

Administrative Contact:

Brett Chance (schance2 (at) houston.rr.com)
+1.9362714430
Fax:
38 Alden Glen Dr.
The Woodlands, TX 77382
US

Technical Contact:

Brett Chance (schance2 (at) houston.rr.com)
+1.9362714430
Fax:
38 Alden Glen Dr.
The Woodlands, TX 77382
US

Billing Contact:

Brett Chance (schance2 (at) houston.rr.com)
+1.9362714430
Fax:
38 Alden Glen Dr.
The Woodlands, TX 77382
US
Re: More Indy Sites Down!
30 Apr 2005
the worcester site is up and running! check it out worcester.indymedia.org
HE WHO SHALL NOT BE NAMED has actually been right about a lot of things.
01 May 2005
He's right about Weisburd. He's right about Cycorp (I know because of an inside contact inside of Cycorp). He was right about Hagen, Matuszek, Witbrock, Bullock, Ed St. George, Jantos, Lenat, Shepherd, the guy in Tucson), Veritas, Espada....

Not bad.
Diversions?
01 May 2005
Ever think our government is behind this?
I do.
The Government
02 May 2005
The government is involved in the way it is involved in most black operations. There are certain individuals out there who work on behalf of the government under private cover. Their job is to create vigilante movements that act, largely on their own, in the government's interest.

This is not a conspiracy theory. This is the way intelligence organizations operate. I suggest going to your local library and looking for books on the Iran/Contra scandel, PsyWar on Cuba, PsyWar on Guatemala (and so on). Find books with released official documents from the CIA about these projects. Pay special attention to the history of CIA involvement in the Cuban exile community in Miami. You will learn that the CIA creates private fronts to do these things.

The private fronts always have some kind of cover. The cover can be a "legitimate" political organization at one extreme and a goon squad at the other extreme.

Miami is an especially interesting case because it shows that these operations DO happen inside of the United States.

The moron currently taking down IndyMedia website is probably not paid to do what he does and he probably has no idea that he is actually working on the government's behalf. He is one of these easily manipulated tools that intelligence agencies seek out and use.

Proof of government involvement is simple. If Sherman Austin did what this guy was doing, but did it to rightwing websites, he'd be jailed for it. This guy is being protected and encouraged to do what he is doing. If the axe ever does come down (i.e. the government finds it convenient to "go after" the hacker), they will be happy to send him up the river and claim no involvement in his activities.
Re: More Indy Sites Down!
02 May 2005
Interesting reasoning there. If the hacker is not prosecuted, it proves that the government is behind his acts.

If the hacker is prosecuted, it also proves that the government is behind his acts.

Classic. And, within the tradition of conspiracism, farily well-crafted. I especially like the way that a sort of groping structural/ecological/evolutionary analysis is folded in with the conspiracist assumption that TPTB make *everything* happen to suit their evil purposes.

Now, how are we to interpret the variety of possible outcomes which lie between the two extremes? Will some kind soul save us the time and labor of affirming our own consequents?
Re: More Indy Sites Down!
25 May 2005
well put it this way i was friends with the g00ns and i know alot of there shit soo u want some info guess your gonna have to contact me alright im out