T A K E D
O W N

T R A N S C R I P T S


Kevin On Demand!


In the course of tracking the attacker, a great deal of network traffic was captured by a specially modified version of tcpdump (here's information on the legality of the acquisition of this evidence), and then a program written by Tsutomu was used to produce playable logs. Another program will play them back (forwards or backwards) for you, in real-time (or faster, if you choose).

Note that you must have a version of the program telnet running on your machine to view these.

Select a period of traffic from the list below and you will see a list of sessions on those days to choose from.


Sessions

The "best of"

February 5-7, 1995

A series of sessions in which he forges mail to Jon Littman and looks at Littman's and Markoff's mail. Continually covers his tracks.

February 8, 1995

Key sessions in tracing the attack back to Netcom. Some hints that this is Kevin Mitnick - searches for the "itni" in mail files.

February 10, 1995

The talk sessions with jsz from Israel that offer proof that this is Kevin Mitnick.

February 10-11, 1995

Late night/early morning sessions on the 10th/11th. Breaking in to Dan Farmer's machine. Breaking in to Motorola, rebooting CSN. This is the call that was traced; what a way to spend a Friday night! Hiding files on netcom. Searching for "Kevin Mitnick" in NEXIS/LEXIS.

February 11-12, 1995

Late night/early morning sessions on the 11th/12th. Breaking in to Dan Farmer's machine to steal SATAN, his network security probing program. Talk session with his friend Lewiz, poking at various sites.

February 13-14, 1995

Something or someone has tipped Kevin, and he's turning paranoid and more destructive. Move around his files, changes his passwords, like a squirrel digging up and reburying its nuts.


TAKEDOWNBIOGRAPHYTIMELINEEVIDENCE
PURSUITCOVERAGESCENIC TOUR


Copyright © 1995 Vicious Fishes Web Design and Dan Meriwether. All rights reserved.
Contact: webmaster@takedown.com