strange hacker logins
Monday November 29, 2004; part of: Net stories

Looking through the firewall logs on my backup machine, I discover that someone from a computer in the State administration of Utah (168.178.120.104) has been trying to break in here. That makes a change from the usual Bulgarians and untraceable Far Eastern suspects. But what was really unusual were the logons they tried: after the usual "test, guest, admin" and user came the following sequence: "umbro nike canon brother"

Canon and Brother I can sort of understand: they are printers, which have a natural connection to a computer. But Nike? Do people log their shoes in? And I don't even know what Umbro makes. Can any smarter readers help?

Update: I complained to the tech contact at the State of Utah and got a reply back within two hours: Yes it looks as though this host is contaminated.. Behind our backs andon the week end this host was taken over by an outside host...We will lock it out of the net and clean it before we let it back so it should not be doing any more harm... So, sometimes, things work as they should.

Posted by andrewb at November 29, 2004 07:55 PM
Comments

It's the Umbro reference that gives the game away. There's no way anyone working in Utah knows who they are: they make most professional football strips.

Posted by: Ben Hammersley on November 29, 2004 09:06 PM

OK, so why is it looking for logins in these strange sporty names? Has something else been wandering round the net setting up such acounts?

Posted by: acb on November 29, 2004 09:37 PM

Perhaps the answer lies in the very high level of brand awareness among certain sectors of society? A Darwinian would think that the informed cracker would use those passwords found to work best in the past; an economist, that this information would have sufficient value to be traded across cultural boundaries where the words lose their other contexts.

There is a sniff of an interesting column here, especially when one adds ideas like this. At the least, a modern Treasure Island...

R

Posted by: Rupert on December 2, 2004 01:02 PM

Oh, I like the treasure island idea. But these wern't passwords. They were login names, which is what I found odd.

I carry cryptic clues to my various passwords around with me in Ecco. I don't think anyone would guess them who did not know me very well indeed. Of course, they could be cracked by anyone who was able to interrogate me for long enough; in that case I would have worse problems than strangers reading my email.

Posted by: acb on December 2, 2004 03:02 PM

Post a comment
Textile formatting works here. Double hyphens are automatically converted to en dashes, quotes are automatically smartened. You can put dashes and asterisks around text to make italics bold and other silly effects easily.
  • Text wrapped in Asterisks which * will be bold. The asterisks must touch each end of the bold text. There must a space before the first and after the last.
  • Text wrapped in underscores - _ - will be italicised. The underscores must touch each end of the italics. There must a space before the first and after the last.
  • Paragraphs starting bq. will be block quoted. There must be no space before the "b" and one space after the full stop.
  • A hyperlink is made by wrapping the link text in double quotes, followed immediately by a colon, then the URL. If there is a question mark in the URL, wrap the whole lot in square brackets.
  • I use two classes to mark up text that deserves it. sane text looks like this. loony text looks like that. The syntax for those is %(sane)[space] sane text %; loony is left as an exercise to the reader.
Name:



Email Address:



URL:



Comments:



Remember info?