API tools faq
paste
Guest User

Untitled

a guest
Mar 28th, 2015
1,241
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.06 KB | None | 0 0
raw download clone embed print report
  1. Rutgers Central Services - Re: Data Breach (self.rutgers)
  2. submitted 6 hours ago * by HypocriticalRutgers
  3. Yes there is an issue. No, it is not a hack.
  4. 80 commentsshare
  5. all 80 comments
  6. sorted by: best
  7. [-]enduhroo2 points
  8. am i hearing this right? so some nerd got pissed at the buses and decided to fuck the rest of us because of it? what a goddamn pussy.
  9. permalink
  10. [-]sportsfan1019902 points
  11. Assuming the guy was telling the truth yeah. According to the OP of this thread the guy just started the issue, they figured it out but it opened up a whole nother can of worms which is what they're trying to fix now.
  12. permalink
  13. [-]forbiddenone1 point
  14. Wait what?
  15. What exactly was his issue with the busses, what do you mean by 'started the issue', and what is the "whole nother can of worms' that they are trying to fix now?
  16. permalink
  17. [-]ButtClenching1 point
  18. I don't know, but I have issues with the REXL sometimes.
  19. permalink
  20. [-]forbiddenone1 point
  21. What issues? Too crowded? Not showing up? Bus driving pulling away as you frantically pound on the doors?
  22. permalink
  23. [-]Darth_drizzt_425 points
  24. okay i'm just seeing this post and none of OP's replies are showing up.
  25. permalink
  26. [-]sportsfan1019906 points
  27. Earlier in the day OP said he was affiliated with RU but was keeping anonymous. He called out the guy that was posting on here taking credit fro the ddos saying he pretty much didn't really do anything. A few hours later I looked at this thread and OP changes his post saying his best guess would be noon tomorrow. All of his replies were changed to "no." now they're all blank. Idk if OP was even affiliated with RU, if he got shut down for posting this and told to change his answers by his hire ups, or if it was something else altogether, maybe another troll.
  28. permalink
  29. [-]slightly_anon1 point [original unedited comment restored by uneddit.com]
  30. That has happened in the past. Student employeescan/do get fired for posting comments containing non-public informaton.
  31. permalink
  32. [-]dodobrains1 point
  33. I can't see them either
  34. permalink
  35. [-]TodayILearnedAThing3 points
  36. Can anyone summarize the details? OP? All of your comments are editted out
  37. permalink
  38. [-]ohhiiiiii8 points
  39. He deleted them all. They didn't really clarify anything and personally I think he was BSing everyone.
  40. permalink
  41. [-]HypocriticalRutgers-2 points
  42. As the title says, yes there was an issue. No there was not a hack. Full disclosure is done by the university. Not by me.
  43. permalink
  44. [-]Daniel_Yusim3 points
  45. As the title says, yes there was an issue. No there was not a hack. Full disclosure is done by the university. Not by me.
  46. People should quote the OP by highlighting his comments before hitting reply to keep him from deleting them and being a total sketch.
  47. permalink
  48. [-]wildemu4 points
  49. That would be some Se7en type shit if OP was the hacker. All these deletions really weren't necessary. And if you're worried about your internship job, you shouldn't have been here posting then. Now there's just more confusion on what happened.
  50. permalink
  51. [-]HypocriticalRutgers0 points [original unedited comment restored by uneddit.com]
  52. I'm not worried about my job (Not an internship btw) Haha in all honesty, I just got tired of my phone going off. Systems will be back online soon.
  53. permalink
  54. [-]forbiddenone1 point
  55. Can you explain to me why SERC only has the mysterious "LAWN" network for internet access when it's... well... SERC?
  56. I mean, is it on purpose (so that people who bring laptops and such will have a harder time goofing off during class- at least they'll have to use their cell phones as hotspots), or is it an oversight, or what?
  57. Just curious.
  58. permalink
  59. [-]forbiddenone1 point
  60. I knew it! Macs are the source of all evil!
  61. Just take a look at those podiums with their evil Apple software with their evil hidden icons and obfuscation of how to do what you want to do!
  62. permalink
  63. [-]agiantwaffle3 points
  64. If the guy was smart enough to bring your department down for this longass period of time, I'm pretty sure he's not dumb enough to DDOS you without hiding his original MAC address and information.
  65. Not to mention he's also taunting you..
  66. permalink
  67. [-]HypocriticalRutgers-2 points [original unedited comment restored by uneddit.com]
  68. I leave with this final comment: If he was smart, he would have not brought about attention to himself.
  69. permalink
  70. [-]gaypolarbear6 points
  71. And why are you now removing all of your replies, and trimmed your OP down to a mere sentence...?
  72. permalink
  73. [-]HypocriticalRutgers-2 points [original unedited comment restored by uneddit.com]
  74. Situation has been resolved.
  75. permalink
  76. [-]gaypolarbear4 points
  77. Not quite sure, but if this is what RU OIT calls a resolution then I need to get a job over there.
  78. permalink
  79. [-]HypocriticalRutgers0 points [original unedited comment restored by uneddit.com]
  80. Like the main post states, my eta until systems are back up are at 12noon tomorrow.
  81. permalink
  82. [-]gaypolarbear3 points
  83. And do you, as a representation of your department, feel this is an adequate response/resolution window since the time of the attacks?
  84. permalink
  85. [-]gaypolarbear1 point
  86. He'd only bring attention to himself if he was confident he covered enough significant backdoors that could trace back to him. Seems he is.
  87. permalink
  88. [-]HypocriticalRutgers-4 points [original unedited comment restored by uneddit.com]
  89. It isn't my job to go after would be hackers. It is my job to stop them. And I have.
  90. permalink
  91. [-]gaypolarbear5 points
  92. With all due respect, and trust me, I respect your hustle and know what you're doing is hard work... with that being said, you didn't stop him. Our entire network is down. Our entire network has been compromised regardless if you feel at this very moment that it is safe. A person single-handedly brought our network infrastructure to a screeching halt, and 50,000+ students are unable to access vital information. This was not preventative. This wasn't even controlled upon the attack. The fact that the network is STILL down, over 24 hours since his assault proves how he already feels: in his twisted little mind, he won.
  93. permalink
  94. [-]HypocriticalRutgers0 points [original unedited comment restored by uneddit.com]
  95. He didn't create the issue.
  96. permalink
  97. [-]gaypolarbear1 point
  98. He didn't create an issue, but earlier you stated you "stopped" him?
  99. I'm confused man. You seem to be doing a lot of flip flopping. And of course, i'm all for giving time to get things rolling again... but a lot of time has already passed since the attacks first happened.
  100. permalink
  101. [-]HypocriticalRutgers-2 points [original unedited comment restored by uneddit.com]
  102. He may taunt. The issue is resolved. Internet will be up within the weekend. Happy browsing everyone.
  103. permalink
  104. [-]someoneinsignificant2 points [original unedited comment restored by uneddit.com]
  105. The exfocus guy made a rebuttal stating that the mac address provided is wrong, and so is the color of the laptop. Idk is this legit?
  106. permalink
  107. [-]yy4me5002 points
  108. Well the internet has been up for about 45 min now so thats at least something. I think he's full of crap personally.
  109. permalink
  110. [-]ThrowAway_Rutgers1 point [original unedited comment restored by uneddit.com]
  111. MAC addresses are unreliable. It's actually my birthdate. I just needed to have him spinning his wheels while I fixed a few things. Internet will remain 'bleh' for a while but tomorrow expecting 100% full recovery. Happy browsing everone.
  112. permalink
  113. [-]semipellucid2 points
  114. Soooooo are you going to be able to catch him?
  115. permalink
  116. [-]Unspec73 points
  117. http://pastebin.com/HY8d7UZ9
  118. Created a backup since he set that one to expire in an hour. My question is, how does he know the OP is an intern who's been at OIT for 3 months? Either he's making it up, or he works/worked at OIT.
  119. permalink
  120. [-]someoneinsignificant3 points
  121. He could have just made that up to insult OP. I want to know why OP thinks the laptop is gray. Unless the student has been spotted in public, I don't see how that's possible. OP could have just said "you were sitting at the LSC at this time wearing this clothes with this backpack" or something like that, I don't think "gray laptop" is a clue that OP found him.
  122. permalink
  123. [-]Daniel_Yusim1 point [original unedited comment restored by uneddit.com]
  124. It's a very generic color for laptops, since silver and charcoal/black-ish can be seen as grey. 5/6 laptops I've owned have been "grey". (this fugly blue one that I'd prefer in grey or green being number 6)
  125. permalink
  126. [-]ChillAlterEgo4 points
  127. Is there any eta on this being resolved?
  128. permalink
  129. [-]HypocriticalRutgers-2 points [original unedited comment restored by uneddit.com]
  130. No eta, sorry. Hang tight.
  131. permalink
  132. [-]Unspec73 points
  133. I thought mac addresses were in hex, like 00:00?
  134. permalink
  135. [-]HypocriticalRutgers2 points [original unedited comment restored by uneddit.com]
  136. It's an inside message to him. He will figure it out.
  137. permalink
  138. [-]coairrob7777 points [original unedited comment restored by uneddit.com]
  139. An inside message? This is starting to sound like Catch Me if you Can: Rutgers edition.
  140. permalink
  141. [-]HypocriticalRutgers2 points [original unedited comment restored by uneddit.com]
  142. This was an inside message to see there was any validity to statements made. The user in question is not a threat.
  143. permalink
  144. [-]yy4me5002 points
  145. Rekt.
  146. permalink
  147. [-]MutatedSpleen4 points
  148. One question for you:
  149. What many users are experiences is a failure in accessing SECURE portions of the Rutgers umbrella due to an 'allergic' type reaction among servers. All other services remain unaffected at this time.
  150. Would that include both Resnet and RU Wireless? People in dorms have been basically totally unable to internet now for the past two days.
  151. permalink
  152. [-]HypocriticalRutgers1 point [original unedited comment restored by uneddit.com]
  153. In a word yes. When you access RU wireless, you are authenticated when you login. Resnet has a similar authentication. Be patient. Many professors are aware and will grant extensions on homework.
  154. permalink
  155. [-]TheShadyTurtle1 point
  156. Question: heard in the office that the Rutgers network was doing something with their security certificates, and that RCS was going to be spotty. Is this related to what this guy is claiming? note: very limited to no computer knowledge.
  157. permalink
  158. [-]HypocriticalRutgers16 points [original unedited comment restored by uneddit.com]
  159. I can't tell you what the repercussions are and if the university wishes to pursue a legal matter. His information is on my bosses desk. It is out of my hands at this time. Personally he did no damage in my opinion. The bug was already there, and he was just the one to uncover it in my opinion. I just wanted to calm fears among students.
  160. Using external DNS resolvers will help you connect back to the network.
  161. The internet will shift from active to active as routers reset and the network adjusts.
  162. permalink
  163. [-]4amchocolatepudding2 points
  164. So what did he do exactly? He said a ddos attack as well as something about social security numbers(which is probably b.s)
  165. permalink
  166. [-]HypocriticalRutgers7 points [original unedited comment restored by uneddit.com]
  167. Social security numbers are not stored AT ALL at Rutgers. This is mandated by New Jersey law. Federal Servers manage that data. If he accessed federal servers, he's stupid.
  168. permalink
  169. [-]monjan620142 points
  170. I just entered my SSN (it prompted me) when I requested my RU transcripts. What's that all about then?
  171. permalink
  172. [-]4amchocolatepudding2 points
  173. ah ok. Thanks for the post
  174. permalink
  175. [-]knaik00undefined points [deleted comment restored by uneddit.com]
  176. hey, I am a student, so all of this is speculation from my end, I am actually a bio major lol, i have been thinking about turning to CS, anyway, he basically use botnets to spam the servers, like what what we all accidentally do during registration XD lol , the botnets aren't real people, it's all just one computer pretending to be that many but sakai can't tell they aren't real
  177. permalink
  178. [-]HiHaplo2 points
  179. Thank you for clearing this up.
  180. permalink
  181. [-]4amchocolatepudding2 points
  182. He was banned from the subreddit so he won't see this. Judging by his twitter he doesn't seem likely to stop on his own
  183. permalink
  184. [-]wildemu2 points
  185. You can also use a VPN to make another account and post again. If he really wanted to post here again, he would.
  186. permalink
  187. [-]4amchocolatepudding1 point
  188. He was boasting that he was using a vpn yesterday
  189. permalink
  190. [-]bobsbitchtitz1 point
  191. he can see this he just cant post
  192. permalink
  193. [-]RelentlessKid3 points
  194. Can't he just make a new reddit account? Also as to the original post, I was wondering when someone would say something although it's a big risk if they find out who you are OP.
  195. permalink
  196. [-]HypocriticalRutgers2 points [original unedited comment restored by uneddit.com]
  197. Rest assured I'm doing alright. I've had authorization from by boss to post. He has not had authorization from his boss (go figure, he's on vacation) however which is why this was released "hush hush"
  198. permalink
  199. [-]wildemu3 points
  200. He seems quite confident on his twitter that he will get away with this. But he's really fucked right?
  201. permalink
  202. [-]knaik00undefined points [deleted comment restored by uneddit.com]
  203. I would think he is, but either way I would be careful about logging into sakai and related things without the SSL (the https:// in front)... this could be him "luring" people to sakai, who knows
  204. permalink
  205. [-]wildemu1 point [original unedited comment restored by uneddit.com]
  206. luring in the sense that he can take your information, or the fact that our traffic helps him?
  207. permalink
  208. [-]knaik00undefined points [deleted comment restored by uneddit.com]
  209. on a twitter he was bragging that he has a 0day exploit, which honestly isn't very likely, but it's not bad to be safe. 0day basically means he has an exploit that the developers of sakai don't know yet, but with sakai being open source that's not likely and also probably time consuming. Although we probably won't know for sure, my guess is he is using http://www.akamai.com/html/about/press/releases/2015/press-022515-2.html which i found by literally googling "sakai ddos 2015" because i rememebered it happened last year
  210. permalink
  211. [-]HypocriticalRutgers2 points [original unedited comment restored by uneddit.com]
  212. Technically the bug he uncovered wasn't Sakai based. (Or it was and it just tripped some internal alarms) We have a slightly polished version ported with a few extras.
  213. permalink
  214. [-]HypocriticalRutgers5 points [original unedited comment restored by uneddit.com]
  215. Upvoted. Do not connect to any Rutgers secure services without HTTPS://. The only exception are the RU Financial and OPDocs for professors as they have internal security measures.
  216. permalink
  217. [-]MongolianDynamite2 points
  218. O balls I used sakai last night to submit a paper is that ok?
  219. permalink
  220. [-]HypocriticalRutgers1 point [original unedited comment restored by uneddit.com]
  221. I can't check if your paper was properly received, however the issue is with the network and not with Sakai so more than likely your paper was received successfully.
  222. permalink
  223. [-]thephenom211 point [original unedited comment restored by uneddit.com]
  224. Internet is back for me right now!
  225. permalink
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!