Information Security News mailing list archives

Re: Group Offers to Sell Supposed Dragon IDS Code

From: InfoSec News <isn () c4i org>
Date: Thu, 15 Jul 2004 03:40:10 -0500 (CDT)

http://server.splitto.com.ua/scc/index.html

[Interesting first attempt at selling corporate secrets, you would 
have expected a group like this to have researched other delivery 
methods, like Blacknet: http://www.c4i.org/erehwon/blacknet.html  - WK]


To whomever it may concern:

    Thank you for your interest in SCC.  We regret to inform that SCC
has temporarily suspended operations.  Our business model is currently
being re-designed to alleviate some of the initial fears our customers
faced.  Selling corporate secrets is a very tricky, and we believe it
is an area that we can conquer.  Look for us in the near future as we
re-emerge to bring you all kinds of secrets.

Sincerely,

SCC Team

http://www.eweek.com/article2/0,1759,1623245,00.asp

By Dennis Fisher 
July 13, 2004 

A group calling itself the Source Code Club is offering to sell
files that it claims contain the source code for Enterasys Networks
Inc.'s Dragon IDS (intrusion detection system) software. The asking
price:  $16,000.

The group's rudimentary Web site, which is registered under a
Ukrainian domain name, lists hundreds of files that appear as though
they could indeed be source-code files. There is no way to tell
whether the group actually has the code, although it claims to have
obtained it by breaking into the Enterasys network.


[...]

Someone using the name Larry Hobbles posted a message to the Full
Disclosure security mailing list Monday night saying that both the
Dragon and Napster code were available for sale.

"The Source Code Club is now open for business. SCC is a business
focused on delivering corporate intel to our customers. Our main
focus is selling source code and design documents, but there are
many other facets to our business," the message reads. "To get the
ball rolling, we are now offering the souce [sic] code/design docs
for both Enterasys Intrusion Detection System (NIDS/HIDS) and
Napster server and clients."

The files listed on SCC's site appear to be from version 6.1 of
Dragon; the current release is 6.3.


[...]



_________________________________________
Help InfoSec News with a donation: http://www.c4i.org/donation.html

Current thread:

Group Offers to Sell Supposed Dragon IDS Code InfoSec News (Jul 13)
- <Possible follow-ups>
- Re: Group Offers to Sell Supposed Dragon IDS Code InfoSec News (Jul 15)