IT Jobs
Novell server under attack
Hackers not playing the game
By Jaikumar Vijayan, Computerworld (US) online
Published: 09:00 GMT, 29 September 05
A company server at Novell, apparently used by employees for gaming purposes, has been hacked to scan for vulnerable ports on potentially millions of computers worldwide.
Chris Brandon, president of Brandon Internet Security, reported the problem to Novell. He said he had been first alerted to the hack when a client reported scanning activity several days ago.
The scans, which have been going on since 21 September use Port 22 - the default port for Secure Shell (SSH) services. SSH programs are used to log into other computers over a network or to execute remote commands and move files between machines in a secure fashion. Scans against the port are often an indication that hackers are looking for vulnerable SSH systems that they can break into and take control of.
Kevan Barney, a Novell spokesman, Wednesday confirmed that one of the company’s systems had been compromised. But he added that the server was not part of the company’s corporate network nor was it a production server.
According to Brandon, the scans were traced back to a server with an IP address assigned to Novell. The hacked system appeared to be running a mail server for a gaming site called Neticus, and the main game web page for Neticus.com was hosted on a separate server that also belonged to Novell.
Going by the large number of IP blocks scanned by the attacking server, it is safe to assume that "millions" of computers may have been probed for SSH-related weaknesses, he said.
"The employees that set it up apparently had no idea of security," Brandon said. "But what is really surprising is that Novell would allow employees to set up game servers on their corporate network and then allow the public to access it."
Logs documenting the scans from the Novell-owned computer were made available to Computerworld by Brandon. One of them is available online.
Barney said that both servers - the one hosting the gaming website and the server that scanned for vulnerable ports on other machines - were test systems outside the company’s firewalls. He also denied that the server hosting the main game web page was actually being used by gamers. Instead, it appears to have been used only to host game-related information, he said.
"There was no major breach of security here," Barney said. "Needless to say, we are taking the appropriate steps" to address the situation.
Attempts to access the Neticu site this afternoon were unsuccessful. But a search for the site yielded references to a group called the Neticus Guild which described itself as a World of Warcraft players. The site appears to have been administered by someone using a Novell.com address.
Add your commentComments
CLT Shark | Published: 14:29 GMT, 24 November 2009
I'm looking for any info that anyone has on Chris Brandon or his so-called Internet Security company. If you've got any info whatsoever, I'd love to have it. Conducting investigation into this guy
Contacted By Christopher | Published: 21:54 GMT, 30 June 2009
This guy contacted me today saying he wanted to talk to our lawyers about Spamming Practices. He kept saying he would "settle this out of court". Did not say how much he wanted. I wonder if he is a scam.
The Truth | Published: 20:01 GMT, 11 April 2009
Funny how there are so many searches today for "Chris Brandon". I ran across this article and was curious, so I decided to do a little investigating of my own. He claims that he "checked out" Kathy Reeves and that her residence is a legitimate "mail drop". However, when he was arrested in 2001 for No Operator's License which turned into a Failure To Appear, he was listed in court as residing at that address. I did further Birth records checks and confirmed the date of birth. The phone number is also listed in her name, and he answers it regularly. The house was purchased for $120K, which does not lend creedence to assertions of being an executive. Furthermore, property searches and business searches in NC and surrounding states showed no ownership of property or business licenses. I would say that these simple and easily verifiable contradictions would have to make you think twice before believing anything he says. If anyone has any further info about him, please post it.
concerned2 | Published: 19:49 GMT, 11 April 2009
The address used as Brandon's 'mail drop' house was uses as his residence on his arrest for driving without a license (later adding failure to appear) in 2001. This man has issues, and I, too feel sorry for him. http://www.recordslogin.com/members/?stid=894grepk87rnmdr40ul4verha2
Concerned | Published: 19:45 GMT, 11 April 2009
Chris Brandon's 'mail drop' address was listed on his arrest information for driving without a license (later developing to failure to appear) as his residence. This man has some issues. I, too, feel sorry for him. He is not credible. http://www.recordslogin.com/members/?stid=894grepk87rnmdr40ul4verha2
A concerned citizen | Published: 18:58 GMT, 11 April 2009
Christopher Brandon has a screw or two loose. One would think that if "Brandon Internet Security" was a reputable company, then they would at least have a website found trhrough Google or Yahoo searches. Anyone ever heard of a computer related company without a website. The Reeves house is not a mail drop, and has been the phone number in use by him for years. There are no property records or business records to be found on him. If he were the computer expert so higly touted, he probably would have more recent news. He is a the kind that believes in conspiracy theories,and you have to feel a little sorry for him.
christopher brandon brandon internet security | Published: 00:52 GMT, 11 April 2009
Someone showed me this post today and I laughed so hard! First point is that the people that posted those lies are clearly deperate that they have to make up lies and Second, the FBI doesn't have ANY cases they discuss with the public and I haven't been charged with anything... Ever! So its now April 2009 so that's a lie, and the woman named below, I checked out, Does provide a mail forwarding service and I don't reside there. Check out the other press from Computerworld etc by valid investigative reporters who have already verified the facts for years and the article above since 2000. Since free speech is allowed, This is clear evidence that some of the scammers I have shutdown in the past are angry and I'm glad!
Christopher Brandon, Brandon Internet Security | Published: 00:50 GMT, 11 April 2009
Someone showed me this post today and I laughed so hard! First point is that the people that posted those lies are clearly deperate that they have to make up lies and Second, the FBI doesn't have ANY cases they discuss with the public and I haven't been charged with anything... Ever! So its now April 2009 so that's a lie, and the woman named below, I checked out, Does provide a mail forwarding service and I don't reside there. Check out the other press from Computerworld etc by valid investigative reporters who have already verified the facts for years and the article above since 2000. Since free speech is allowed, This is clear evidence that some of the scammers I have shutdown in the past are angry and I'm glad!
Unknown | Published: 23:27 GMT, 25 September 2008
Chris brandon lives ina house owned by a women named kathryn reeves. His company does not exist! H lives in indian trail north caroina.
Concerned | Published: 00:00 GMT, 12 September 2008
Chris brandon is not the President of anything. He is being investigated for Identity theft and fraud by the FBI