1 July 1999 ------------------------------------------------------------------------ Date: Thu, 1 Jul 1999 02:17:40 -0400 (EDT) From: Ken Williams X-Sender: jkwilli2@ultra3-100lez.eos.ncsu.edu To: The Usual Suspects: ; -----BEGIN PGP SIGNED MESSAGE----- Hi, I just got off the phone (6/30/99 PM) with one of the Harvard Network managers. John Vranesevich, of www.AntiOnline.com, contacted Harvard this morning and threatened to sue them because of the content in the jp/ directory of the Packet Storm Security web site that was located at http://packetstorm.harvard.edu, and before that at http://packetstorm.genocide2600.com (see www.attrition.org for details about this info). I was told that the situation quickly escalated to the Harvard Office of General Counsel. John Vranesevich claims that I was using the server as a platform to harass and threaten him, his family, and his business. Nothing could be further from the truth. I ran a network security related web site and archive! The result: the server and the web site and it's contents are permanently offline, I have no access to even retrieve anything off of the server, the site known as "Packet Storm Security" is history now. I was told by Leo Donnelly at Harvard, via phone, that ALL of the content AND the backups made are either destroyed, being destroyed now, or will be before I can do anything to prevent it. All 4+ GB of files in the publicly accessible directories, over 45,000 files collected and archived over the years, are gone. There was another 4 GB that was composed of research data, customized IDS, Linux, Apache software, etc too. Harvard is facing a lawsuit from JP, I am facing a lawsuit from JP, and possibly some sort of legal action from Harvard. Harvard seems to be trying to free themselves of any liability, and use me as the fall guy for this whole thing. All agreements with Harvard in the beginning were verbal (with Jeff Gray, the senior sysadmin), so I've got nothing on paper to back up the truth. I've got emails, but I don't have the money or legal defense to counter Harvard, or anybody else for that matter. This has turned really ugly, really quickly, and it is very plausible that I will be facing charges involving "hacking" or computer crimes of some sort, because I "never had a Harvard ID, and thus was not authorized to use their facilities", and I "compromised their security." I guess it doesn't matter that I was contacted by the Senior Sysadmin at Harvard and invited to move my site there. It doesn't matter that the head of Harvard UIS approved of everything. It doesn't matter that he placed the box on a subnet of his choosing and called me and gave me the root password and told me I had free rein on the box. It doesn't matter that Harvard network security was never actually compromised. For the record, Jeff Gray, the Harvard senior sysadmin, has been extremely supportive of my site and work from the beginning, and he deserves ALOT of credit for going out of his way to help keep Packet Storm Security alive and online. In fact, Jeff Gray has provided so much support for "the security community" in general, and is so supportive of security-related research and projects, that he deserves all the credit in the world for his efforts. I hope Harvard gives him the credit he is due, because any network security they have is in large part due to his skills, devotion, and diligence. If that's not enough to annoy me, all of my class work for the class I'm taking at NCSU this summer (CSC499 Independent Research project involving IDS) is/was on that server at Harvard and gone now too. With 4 weeks left in the semester here at NCSU, I have just lost seven weeks of work and data that cannot be replaced in 4 weeks. What bothers me the most is that all of the countless hours I put into that web site and the archives, thousands of hours, are gone now, for good. The site was getting over 400,000 hits/day and doing about 10 GB/day in transfers, so I don't see it coming back online even if I do get any of the site content back. Obviously, I have taken full responsibility for the site content and all activities and events associated with that server. Even though no laws or rules were broken, on my part, and to my knowledge, I am now facing possible legal action from both JP and Harvard, and state/federal computer crime charges as well. What am I going to do now? I don't know. The web site I devoted most of my waking hours to is gone. My chances of passing my CSC499 class do not look good, according to the negative comments from my professor. I'll try to salvage the summer's worth of course work anyway if possible and pass. Until formal charges are filed, I've still got my job and account here at NCSU. When NCSU catches wind of this, and I'm sure they will, my account probably will be permanently revoked, and my job and the past three years of school will then be gone too. Until then, I can be contacted at the email address in the sig below. Check out the news and history of John Vranesevich and Carolyn Meinel's smear and harassment campaigns that have ruined the careers and lives of many people, mine included. www.attrition.org has all of the details. Funny how I spent the past few years donating my time, literally thousands and thousands of hours, to "the security community", never asking for or making a single penny off the time and work I invested, and have now lost it all because John Vranesevich and a few of his IRC friends are able to make quick phone calls, fabricate absurd stories about criminal activity, libel, threaten to sue Harvard, and I don't even get to plead my case. I am guilty without even being informed of what was going on. He has effectively ruined years of my work, my education, my career, my life. There are really only four things that I'd like right now: 1. Justice 2. Truth 3. The 3 GB of MY data that Harvard has and refuses to turn over to me 4. A job in the IT/IS/IW industries - the pay doesn't even matter, I'm willing to move, I'm willing to put in 60-80 hour weeks. Just give me a UNIX or Linux box to work from. I'll settle for just the job though, and like I said, the pay doesn't matter - I love computers, network security, and systems administration. If I was not doing it for pay, I'd be doing it for free. See you at BlackHat and DEFCON. take it easy, Ken Williams jkwilli2@unity.ncsu.edu if you need to reach me by phone, email me at jkwilli2@unity.ncsu.edu and CC the email to packetstorm@genocide2600.com with phone # request. my pgp keys are available on all of the regular keyservers, and at www4.ncsu.edu/~jkwilli2/ [Note: yes, you can quote or print any part of or the whole email.] Ken Williams ken@packetstorm.harvard.edu Packet Storm Security http://packetstorm.harvard.edu -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQEVAwUBN3sH3pDw1ZsNz1IXAQE67QgAt5O4cgV4UN/tNro0V9Hkrz4YJGuysf2F aZdUuM+P73MwwlvjKFpLW5WOJwtZzFjicv6RYMlXaMLRL48Fz/rltX95dy71LCOs /UVa9LXvh7kSgD5p/pSeP2+zyDuvbvUxjtSTIPRp68sOQTKILaQpohwl9hzpfVLz ADvQMD5vAUqGlTeoQrZRmHC/OxtWqVEgh72Gms4XpGaGwT3OdtoRKuK0d4Js3mP9 Vs1szlsT3DQEFvdblLR/jsf8jonbME/Imo89K69wFsbyeVpIB1+g0Se11BdQCbeU TdauQTJMfDTkIWSQvpQXXIhvukErb8D9bmFvKiE7MqS+N8RVaMO7Zw== =7OhX -----END PGP SIGNATURE----- ------------------------------------------------------------------------