A day in the life of Sysadmin vs THE TERRORISTS

[snoorkel]

GMT +0000
Wake up. Network abuse inbox full of complaints for port scanning

########################################################################

# all times are GMT-00:00

# begin logs

Check customer. a Brazilian paid in non-refundable bitcoins to do abuse with all the servers. forward complaints to him because customers need to understand consequence and justice. tomorrow he will get Terminated.


GMT+00050
More abuse. This email doesn't look good

OFFICIAL

Dear Admin,

We are urgently seeking your help in regarding a terrorist post and who have also posted an image of a decapitated man. The request for preservation has come from Paris, France and due to recent events we don’t believe this to be a hoax.

Could you please contact me at your earliest convenience and provide me with an email address where the request can be sent to.

Kind Regards,

Get the info. Customer, a chinese man hosting Tor exit nodes. Ghmmm, that may not have been a good sale. I ask him can you get end-user access info from Tor nodes. Nothing I can do here really but I  fast track  a policy update to ban all Tor nodes, forever.


GMT+0010007
Next check some billing requests. Someone got stopped by the anti-fraud filter and wishes to appeal

Country: Palestine
Total: $4.98

Here are pictures of credit card and a photo ID card and a photo driver's license and passport photo

should I approve? ghmmm, not today. beheader.

next more Anti-Fraud

Hello
I want to order server
But I have problem with my CC
I not make order yet

Ohhhhkay I see where this is goin.
Did you place an order yet? "no yet" Well go ahead, if you do it from home it will work fine.

Ahhh sorry "William Harry" aka Jose Luis Vega i don't think you really live in St Paul Minnesota OR "london, kentucky". *BAN* how the fuck does credit card authorization work anyway?


GMT+0025000
Eat a smoothie...siiiggghhhhh...what else

hello sir

I found some bugs in your site .. can I report the bugs in this email or other email?also is there any reward or bug bounty for reporting bugs?

waiting your respond

bug bounty?

in disbelief i type

No currently we do not have a program for bug bouncies or pamper pullups.

he has a LinkedIn page

Microsoft hall of fame
url directions vulnerability
October 2014
Alhamdolilah ... Finally I am in the Microsoft hall of fame .. thanks to Allah for helping me to be in this hall of fame also thank you for my Parents for supporting me to be a good security and I am the #first Yemeni security Researcher

WTF????


GMT +00548
next

I cannot login my server
IP:5.1.xx.xxx

check the damn server... suspended it for sending spam. .....siiiggghhhh......
Do I even care any more. ok online the server

Thanks for waiting, it is online now.

he responds not with Thank You So Much, but with

what is the problem

fuck nugget mass mailing spam fuck head.


GMT +006750
The Brazilian is back ordering more servers with Bitcoin under a different name. Bitcoin transactions are one-way and can't be disputed, so can I really complain about this. just waiting for the first abuse reports to roll on in. submit a request for good measure to check on these here transactions


GMT+2399
End of the day. Clearly need to make some big changes to make my life easier starting tomorrow.

Brazil
China
Palestin
Mexico
Yemen

I ban all traffic from these countries, and delete these countries from the 'Country' menu on my registration page, and immediately terminate all existing users from these countries because i assume I just haven't caught their scams yet.

drink mercury; sleep

[Socks]

Lol that's dope. i thank oldsnackbar too for my powers of bug detection. do you host any nice porn sites?

[silvertone]

hit us with the porn sites!!!!

[Daddy]

allah bug vulnerability granted jihad

[Daddy]

also let me see some logs and i can see if there really is some bug or he is just trying to get money

because if the yemenist really did find something and you don't pay him off he might try to sell it to some arabhackRs

[snoorkel]

also let me see some logs and i can see if there really is some bug or he is just trying to get money

because if the yemenist really did find something and you don't pay him off he might try to sell it to some arabhackRs

he told me that
a) my web server discloses its apache/php versions
b) he can 'hack my mail server' by sending an email from my support email address

i asked him if he actually found a vulnerability or an exploit for my apache/php versions. no answer
i asked him to go ahead and hack my mail server. he sent an email from somewhere else with a spoofed sender/return-to.

typical paki scam

[Daddy]

Add a SPF record to fix the email thing but lol at the apache version

[Socks]

Why are computer terms named after Indian warriors.

[ME##]

the white man in the usofa stole all of his terms when invading

[Daddy]

thats why some hakrs are called crackrs

[snoorkel]

Add a SPF record to fix the email thing but lol at the apache version

yup this is what you get for using Google Apps mail, vulnerabilities left and right open for Hacks

[Daddy]

you've been hacked 1 billion times by isil since you made this thread

[ME##]

you've been hacked 1 billion times by isil since you made this thread

this is the face of isil



notice how it's another white man being false?

[silvertone]

Why are computer terms named after Indian warriors.

they are actually named after helicopters

https://en.wikipedia.org/wiki/Boeing_AH-64_Apache

[snoorkel]

> the yemenees hacker going through my server headers