Feds try to take logs from Nmap creator
Published: 26 Nov 2004 17:10 GMT
The creator of the famous hacking tool Nmap is being hounded by the FBI for copies of Web server log data from his Web site Insecure.org.
Fyodor, as he is known, is a well known figure in the security world, specifically for his work with Nmap. In his blog, Fyodor said that the authorities were asking him for details but failing to give reasons of what they were up to.
His message said: "FBI agents from all over the country have contacted me demanding Web server log data from Insecure.Org. They don't give me reasons, but they generally seem to be investigating a specific attacker whom they think may have visited the Nmap page at a certain time."
The open-source network mapping program was designed to help security experts scan networks, services and applications. But some hackers have used the tool for malicious purposes, which Fyordor indicated he was unhappy with.
"One can argue whether helping the FBI is good or bad. Remember that they might be going after spammers, cyberextortionists, DDoS kiddies, etc. In this, I wish them the best. Nmap was designed to help security -- the criminals and spammers put my work to shame!"
Fyodor said he thought the FBI wanted access to his Web logs to investigate malicious hackers. "They don't give me reasons, but they generally seem to be investigating a specific attacker who they think may have visited the Nmap page at a certain time. So far, I have never given them anything. In some cases, they asked too late and data had already been purged through our data retention policy. In other cases, they failed to serve the subpoena properly. Sometimes they try asking without a subpoena and give up when I demand one."
The security expert added that he would like to protect his privacy when dealing with the Federal Bureau of Investigation. "I'll try to fight anything too broad (like if they ask for weblogs for a whole month). Protecting your privacy is important to me, but Nmap users should be savvy enough to know that all of your network activity leave [sic] traces. I'm not the only one who gets these subpoenas -- large ISPs and Web mail providers receive them daily."
In October, FBI agents seized servers in the UK from news company Indymedia. Agents served a subpoena to Indymedia's hosting company in the US, Rackspace, to hand over the computers beforehand.
British and US governments have failed to provide an explanation for the action and why the FBI was allowed to operate in London.
Did you find this article useful?
156 out of 973 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
