|
It's funny you should say this. I practically did the same thing, from a different perspective. I ran my own little IRC server when I was a teenager, and one day I noticed a lot of my friends were being disconnected from the server. After some more investigation, it seemed like they were actually being disconnected completely from the Internet. Bit odd. Upon more investigation, I found an acquaintance had something like 10,000 bots (spybot/rxbot) going through my server (yes, a simple /list could have sufficed...) and when I looked at the topic of his channels, and noticed they consisted primarily of commands to control to the botnet. "startkeylogger" sort of thing. A few more pokes, I realised it was Norton Antivirus that was listening to port 6667 for any "bad" commands, and then disconnecting the user from the internet. I thought this was hilarious, and went to Efnet, tried it in a large channel and watched 400 people disconnect. Then I felt quite bad, so I emailed Norton, and received no reply. Something like two years later, I notice the same exploit on the main page of Slashdot, and chaos ensured. It did make me feel pretty cool, "ha! I knew something before all you big uber leet haxxors!" :] Sadly, my acquaintance didn't mature like the rest of us and decided to use his knowledge and skills to do naughty things, and the FBI got him. Good riddance. |