The HolyWar: #4 Last updated:
05/21/00  
 
HolyWar Sections

  • Skirmishes
  • Holy War
  • Holy War 2.0
  • Holy War III (4)
  • Holy War 5 (Currently under construction)

    About Us . . .

  • "About Us"
  • Banners of the Past
  • Credits & Curses
  • Critical Citations
  • Fake Emulation Zone
  • Historical Archives
  • History of the 'Zone
  • Holy War, The
  • Hosted Sites
  • Joining/Hosting information
  • NO CARRIER's Retirement Statement
  • "Offical Figure" Archive
  • Our Headquarters
  • Staff Page
  • Staff SlideShow
  • Trophy Room
  • Want Ads
  • 'Zone Screen Saver

    Console Sections

  • 32x
  • Gameboy
  • GameGear
  • Genesis
  • Master System
  • N64
  • Neo-Geo
  • NES
  • Playstation
  • Sega-CD
  • SNES
  • Turbo Graphics 16

    Feature Sections

  • Articles
  • Console Sections
  • Fan Made Games
  • Front Ends Central
  • Projects
  • ROM Hack & Trans.
  • Save State Archive
  • V. Game Fan Sites


  • Return to the 'ZONE



    HolyWar III: Parodius Attacks


    This is Tristan Bresnen of TSSZ reporting.
    It was an event that was at first just a little way to vent some steam off by its intiator. What it turned out to be was an event that sparked incredible criticism, harsh comments, E-mail bomb threats, and even a legal threat or two. It was dubbed the Emulation Zone Attack, and it is considered the worst attack to occur in the Sonic the Hedgehog Internet Community in a year especially, if not the worst attack on Emulation sites. Almost all sites hosted on ZTNet, including Emulation Zone, were affected. Here's how it all began:


    February 5, 2000
    The news was broken early in the morning: The Sonic Stuff Research Group was gone; in place of it was a nasty fecalphiliac/hentai picture. There was no clue where it came from, or why it happened. We would not know any more for a few more hours.

    Suddenly, Emulation Zone was updated; included was this explanation:
    "Despite the latest rumors, EmulationZone.Org has _not_ transformed into a porn site. Emulationworld.com, our host, was affected by a malicious "inside" attack. To make a long story short, the server pointed to by the secondary and alternate DNS entry for emulationzone.org was redirected to a porno site by the webmaster at Parodius (Read the release below for more information.)

    If you read the release below, you find out that the cause of the attack was the fault of the admin. (Zac Williams, not Brahn.) Judging by what he has said, I can't say that I defend his actions. Nevertheless, I consider this an unjust response by parodius.com. After all, what the hell did EmulationZone.Org do to them to deserve this?

    So now, we must respond to the people at Parodius Should we boycott them, start an "anti-parodius" movement with button images or let the jerks be and do nothing at all? What do you think?"

    His name was Jeremy Chadwick, and he used to work for ZTNet. Apparently, he was a little angry about his site clogging up; more on that later. Further on in the day, EmuForce had new details on the attack. These are the first words we hear from Jeremy Chadwick:

    "What I would say is that ZTnet, LLC. made a mistake a year ago. They accidentally placed an incorrect nameserver down as their secondary and they've had a year to address this problem on the following domains:

    zone.buttonglutton.com
    zone.emulationworld.com
    zone.neoemu.com
    zone.consoledev.com
    zone.emulationzone.org
    zone.nofrendo.org
    zone.darkmazda.com
    zone.emusphere.com
    zone.psyke.com
    zone.dextrose.com
    zone.emuunlim.com
    zone.rainemu.com
    zone.dtmnt.com
    zone.hu6280.com
    zone.system16.com
    zone.emuarchive.com
    zone.lonetreekennel.com
    zone.emucamp.com
    zone.moonlitcoalition.com

    So, the person who is listed as the secondary was tired of ZTNet, LLC.'s inability to fix their brokenness on the InterNIC. So, instead of my DNS logs getting filled with blander I decided to force ZTnet, LLC., without touching hteir server or doing ANYTHING to them, or with them to fix their stuff -- so that their clients now know that they really aren't getting what they deserve.
    That's all. Case closed. No opinions, just pure fact. Lev has my server listed as secondary for a bunch of his domains. I told him months ago to fix it. he didn't. I've told users and others still hasn't been fixed so last night I wrote a program which extracted the lame queries from the logfile and made DNS zone files with the information. I can't be blamed for it. Only lev's lack-of adminsitration can be blamed. I think it's funny that he's trying to make me the bad guy for FORCING him to do something about his lack-of administrative abilities."



    February 6, 2000
    Most of everything seemed to be fixed--at least on EmuZone's part; sites that were affected were back in full. That was checked out midday. However, reports that had come in say that due to DNS changes, some could not access the SSRG, and a few might not have been able to until the week's end.

    Jeremy Chadwick had made a smart move on his part--he had blocked all E-Mail from affected domains, after potential E-Mail bomb threats had been made. The main page of Emulation Zone was updated with this rather blunt statement:

    "Well, it looks like our good friend at Parodius has "spam blocked" all email from domains which he disrupted rescently. I actually got a reply from him concerning an inquiry on why he did what he did. I might post it later if people want to read it.

    Oh, and here is the full text from with the quote on parodius.com is based upon. It's from the admin of ZTNET. I'm not defending anyone here, I feel you have the right to know.

    'Sorry, I have no control over what they say to you. If they send threats to you, that is their business. Also, not to put too fine a point on it... when you directed the visitors to that material, did you do any reasonable checks to assure that minors were not viewing it? No? Don't forward any of this crap to me. This is your problem, not mine.'"


    A question that was asked on the Message Boards about how Chadwick was able to do this was answered by Andy Wolan:

    "It's a long story. He used to work for EmulationWorld (EW), so he had access to everything. He is the one that configured, (actually misconfigured,) the secondary DNS info to point to his DNS server, NOT the correct ones at EW. He then left EW. The error was not fixed after a request to fix it was sent to the admin and thus, he used his server to attack be redirecting any DNS requests that went to his server to the porn site, instead of the correct locations.
    The Secondary DNS info has been corrected, so a retaliation on his part is not possible, unless the secondary DNS info is changed to point back to him."


    February 7, 2000
    The debate heats up as E-Mail records between Wolan and Chadwick become public. Below is a transcript of a few:

    AW: Hey y0shi, if the argument was between Lev and yourself, why did you have to drag several sites into this battle? What the hell did we do to you?
    JC; 1. There was no "argument."
    2. I didn't "drag several sites" into anything.
    3. There was no "battle."

    AW: A good chunk of the traffic that flows into 'Zone is directed toward the Sonic the Hedgehog related subsections. Most of these visitors are minor under the age of 21. You redirected these kids to porno, are you some kind of sick bastard or something? Why not a message like "Error 666: Server hacked... hahahah" or something? That would have been equally effective. But no, you choose porno.

    JC: I could care less what your site hosts. It's not for me to maintain, and it's not related to me in any way. It's not my concern.

    Secondly, and most importantly, *NOTHING WAS HACKED*. You sit there listening to the mindless blander that self-proclaimed "news sites" post about situations, which is entirely false and biased. FYI, not **ONE** site came to me personally and asked for an explanation regarding what happened. However, there was a posting on http://www.emuforce.com/ which directly quoted me, which states the truth about the situation.

    Do not state that anything was hacked when it was not. I don't care where you heard this, or if you summoned it from the bowels of your mind yourself. It's a lie, and that's FACT.

    Finally, FYI, I hate porn. I do not look at it, I do not condone it, and I do not provide it.

    I asked individuals in #emu EFNet what would be a good URL to redirect traffic to, something that I felt was suiting and portraited my view on the entire fiasco.

    An individual gave me a URL consisting of hentai, two girls defecating. This is exactly how I felt: *expletive* upon.

    If I were you, I'd spend your time complaining about why your provider didn't inform you of the faulty NIC records for a year, and why they didn't do anything about it for a year.

    It seems Zach has already addressed this on http://www.ztnet.com/.

    You should read it before opening your mouth. Your qualm is not with me, as I am within my right to do whatever I wish with *MY* server. If your provider cannot maintain his or her own NIC records, as well as service, possibly you need a new provider.

    AW: And of most of all, y0shi, I'm surprised that you, of all the people, someone who is respected by the emulation scene, would do something like this. You have permanently tarnished your reputation.

    JC; I didn't have a reputation to begin with. I wasn't part of any "scene." You have very warped views, and I can already tell you that you've fallen victim to the blasphemy that the public spits out regarding "reputations" of so-called "scene" members.

    Try thinking for yourself. Don't believe the hype.

    AW: Now I'm not defending Lev here, nor do I support his actions or his laziness, but if you are going to attack him, attack him, NOT me.

    JC: I didn't "attack" anyone. I have no problem with any of the sites your provider hosts. I have a problem with your provider using my DNS server as a secondary when I didn't authorize it: especially when I informed them of the problem a year ago.

    Thanks for playing.

    Here is a second message:

    AW: ?? Then what was this about Lev not redoing the DNS entries? I call that an argument.

    JC: 'argument'.

    Your provider did not do their job to the fullest of their responsibility. It's not an argument, it's just a fact.

    This has nothing to do with me.

    AW: "Oh boy, I always wanted to run a porno site and my wish came true." Turning several sites into porno sites which had no quarrel with you does not count as "dragging then in"... whatever.

    JC: 'quarrel.'

    I didn't turn several sites into anything. One would actually hold your provider more responsible than to hold me responsible for it. If they had done their job, it wouldn't have happened.

    That's the entire moral of the story here.

    AW: I call turning the site I run into a porno site an attack, if not on me, on Lev. After all, you got what you want by doing that.

    JC: Again, I didn't turn your site into anything. Claiming such implies that data was modified illegitimately, which in fact, is quite false as we all know.

    But you are right. I did get what I want -- I got your provider to fix 19 domains. Your domain happened to be one of the 19. You make it sound like I singled you out. I didn't single anyone out.

    I simply made your provider fix the problem IMMEDIATELY, since they've been aware of the problem for a year. Did they tell you there was a problem during that entire year? Many of the other site owners tell me ZTNet told them nothing.

    It took this "incident" to force your provider into doing their job. If I was paying money for such a service, I'd be pretty unhappy.

    But all of the above is moot, solely because the problem was addressed promptly by ZTNet. You should be cheering rather than jeering.
    I could care less what your site hosts. It's not for me to maintain, and it's not related to me in any way. It's not my concern.

    AW: You would care if I were to sue you for loss revenue, loss of business, etc, etc. If I understand correctly, you were the one who misconfigured them in the first place.

    JC: Are you threatening me with legal action? I expect an answer.

    I didn't misconfigure anyone in the first place. Your provider has known about the mess-up for over a year, and hasn't done anything about it -- until extreme action was taken.

    Your qualm is with ZTNet, not with me.

    AW: Did I say anything was hacked? I was told the whole story from the beginning. I know it wasn't a hack. It was a redirection.

    JC: To quote you:

    "... Why not a message like 'Error 666: Server hacked... hahahaha' or something? That would have been equally effective. ..."

    AW: As for no one emailing you for the truth, (at least me,) I read your statement on Emuforce and I read Lev's statement. What more is there to know?

    JC: Exactly. Your provider admits fault, and everything will be fixed. There's positive outcome from all of this, and that's what I wanted to happen anyways.

    I'm very glad ZTNet was quick to address the issue. It saves all of us time and pain.

    AW: Oh, and you felt it was ok to turn the site I run into a toilet?

    JC: I've already explained this to you. See above.

    AW: I have my arguments with Lev. I wasn't too surprised why this happened once I learned your reason behind the "attack".

    JC: 'arguments'.

    There wasn't an "attack." I suppose that's why you put it in quotes. You could also call it a "hack," or a "breech of contract," or a "violation of my domain name involving all of my data and all of my website visitors."

    You could even go to the extreme to call it "theft."

    The longer you continue to use an incorrectly attempted synonymn for what really happened, the longer your anger will last.

    AW: My, you under estimate your influence. It's a shame to see you just toss it to the crapper. Do whatever you want, it's you reputation. Distroy it if you want.

    JC: 'Destroy'.

    There is no reputation involved. You just like to think there is. Of course, aren't you the one with the reputation? Threatening legal action, claiming I'm the reason for your site "being hacked?" Sounds to me like you have more of a reputation to live up to, and you're looking for someone to blame.

    Please stop trolling for a scapegoat.

    I didn't "attack" anyone. I have no problem with any of the sites your provider hosts. I have a problem with your provider using my DNS server as a secondary when I didn't authorize it: especially when I informed them of the problem a year ago.

    AW: Then screw around with his stuff or charge him for DNS traffic to your server.

    JC: I hate to break it to you, but there's two things I don't do:

  • Harm someone else's equipment or servers via illegal methods of machine compromisation. In English: I don't condone hacking or forced entry in any way, and I do not do it. I'm sure you've used the cliché "It's a sue-happy world." I don't sue people, because it's a waste of everyone's time and money. It's silly; plain and simple. Silly.
  • I take responsibility for my own equipment and my own server. Not someone else's.

    AW: Look, all I ask is a public apology on your part for turning the 'Zone into a porno site for the day. I do not appreciate being the pawn in this little game.

    JC: 'appreciate'.

    I think the apology you're gripping for already came from your provider.

    Once again, I didn't "turn your site" into anything.

    I don't care if you don't give aflying (expletive) about the "emulation scene" or whatever.

    Apparently you give enough of a "flying (expletive)" to waste my time looking for a scapegoat for your anger, when the correct thing to do would be to hold your provider responsible.

    I know I would. But then again, if you want something done right, you're best off doing it yourself.

    AW: If you do this simple, stupid request, you will avoid a lot of headaches from other people trying to bother you indefinitely over this insident.

    JC: 'incident'.

    Your provider already apologized for the problem, and admitted fault. It's been fixed (a lot faster than usual, for your information; the InterNIC usually takes longer). It should've been fixed a year ago, but there's no sense in stating something ZTNet already did.

    All is cool.

    AW: If not, fine. Don't bother me if people bother you over this incident. I will have no control over them if you don't.

    JC: 'incident'.

    This sounds to me like you're proposing threats. This entire Email has been forwarded on to Zach and Brian of ZTNet in the hopes that they will deal with your threatening behaviour.

    Any future Emails from you or other members of your "staff" will be forwarded to admin@ZTNET.COM with no response from me.

    Thank you.

    Andy Wolan was quickly interviewed by TSSZ's Sonic Scene about this situation.

    Sonic Scene: 1) First off, can you simply believe that Parodius's Webmaster did this? It is indeed malicious, and it seriously affected several major emulation sites.

    Andy Wolan: Ya, I believe he acted alone. It's not hard for him to do what he did on his own.

    I saw the secondary DNS entry for emulationzone.org point to parodius.com for awhile. I just thought that they joined emulation world, so I though of nothing. If I knew that they were not, I would of questioned the admin.

    SS: 2) Do you think he had some right to do it? From what I've read, apparently, some secondary DNS servers were re-directing to his servers, causing clogging problems, or something along that line. That'd be a good reason, but it was still wrong to do.

    AW: I agree with him for taking action against the unwanted DNS traffic to his server. I also agree that Zac, the head admin, put things on the backburner too much. (He sometimes fails to answer questions that I ask him.)

    However, the way Parodius's Webmaster resolved the matter was way beyond acceptable. I would have accepted a message that said "DNS processing refused for this and that reason. Complain to so and so" or even something along the lines of "Error 666: this server has been hacked/attacked... hahaha."

    Instead he decided to redirect traffic to porno sites. I find that highly offensive and even perverted. After all, a large chunk of the traffic that flows into emulationzone.org is towards the Sonic the Hedgehog related websites. Minors who are under the age of 21 view most of these websites. He redirected these minors from a safe website to a porno website, and he did so WILLINGLY AND ON PURPOSE. I don't know about you, but exposing indecent material to minors is only done by sick individuals.

    And what pisses me off is, we did NOTHING to Parodius's Webmaster to deserve this crap. He had no right to infringe on our content because of a petty battle between him and Ztnet's admin.

    SS: 3) Briefly, how angry are you at this? I've read some pretty angry stuff on MBs since this mess erupted.

    AW: Bad timing. First the message boards on some pages being displaying porno now this. I would have let this slide by if the jerk redirected people to anything else but a porno site. I would of even let this go by if he apologized for his behavior. Because he didn't, I am willing to start a boycott against his business.

    SS: 4) And, finally, do you know if ZTNet might take some legal action against the webmaster of Parodius.com due to this? Or are you surprised this hack didn't happen earlier?

    AW: Their hands are tied. They could of prevented this, so there is little they can do.

    However, the site ops and viewers of Emulationzone.org can press legal action against him for indecent material, loss of business etc. I'm not sure how far or worthwhile the "loss of business" will get, but I image that he could get jail time for purposely exposing minors to porno. There is no honor in exposing kids to that type of material, for whatever reason. The thing to remember here is, the admin of Parodius.com was the one that misconfigured the secondary DNS entries in the first place.

    I'm am not too surprised to hear someone complain that Zac is lazy. However, I am deeply surprised that his laziness expended to the point of putting something like that on the back burner for that long, considering that the Parodius.com's webmaster even emailed him to correct the problem.


    February 8, 2000
    We have heard a lot from the victim's side, but how about the person that intiated it all? Indeed, we are now going to show you the other side of this Holy War; the side of Jeremy Chadwick of Parodius Networking. The Sonic Scene conducted an interview with him, and here it is in its entirety.

    Sonic Scene: I've heard that not one news guy came to you so far and asked for the facts about what happened last weekend with several ZTNet sites.

    Chadwick: That's correct. No one's "interviewed" me, none the less any news service asked me simply what happened (for their own benefit). Of course my peers asked, but naturally they were very receptive of the entire situation and all of them agreed with my decision.
    SS: That said, I've E-mailed you asking for the facts, from your point of view. So, simply put, what are the facts?

    JC: It's a long story. Very long. I'm not in very good health at the moment, but you luck out, since I'll tell you all of the facts from day one -- including a piece of information that no one seems to know (although it's not in my favour).

    A little more than a year ago, I started "working" as a member of Zophar's Domain. Brad and I are good friends, and have always remained good friends; I had a lot more spare time than I have now, so I volunteered to help maintain and configure the necessary CGI scripts and other "UNIX-oriented" aspects of www.zophar.net.

    I was brought on staff, and at the time, Sam Michaels (SwampGas) was also (supposed to be) maintaining the CGIs and what not.

    The reason I was brought on to the staff seemed to be because Sam wasn't doing his job as far as CGI maintenance went. He didn't have much experience with it all, and he had a deep loathing hatred for perl (the programming language).

    The original author of the CGIs on www.zophar.net is Infe, a very talented individual. Sam didn't want to maintain Infe's CGIs, and you know, I can't blame him -- they're a huge mess (and most likely still are).

    Needless to say, I started maintaining them and fixing them acc- ording to what needed to be done (eg. what came down the chain of command).

    Now, as we all know, Zophar's Domain was one of the original "customers" of ZTNet. For those who don't know, ZTNet is owned by Zach Williams, and maintained by Zach as well as some other "employees" such as Brian (last name unknown).

    Therefore, it was a given that I had a shell account on the machine which hosted www.zophar.net.

    During the first month or so, I got a lot done, and there was a lot of positive outcome from most of the work I did. Naturally there were problems from time to time, but I did my best to address them quickly, even though in a few of the cases I could have done much better.

    In the middle of all of this, SwampGas shows up out of no where and starts, in my opinion, feeling very "threatened" or what not. I was there doing what he was supposed to be doing, without telling him anything. I didn't particularly like him (and still don't), but usually that's because technically inclined people want to do everything their own way. Two egos butting heads, mainly.

    As SwampGas slowly began to "push" his way back into maintaining the CGI scripts I had been working on, including some new ones, we bickered constantly about my use of perl versus C, and tons of other miscellaneous things which really don't play a role to the story.

    Brad really didn't "do" anything about SwampGas "poofing in" out of no where to "re-claim" his job, if you know what I mean. Brad's a mediocre mediator, and on top of that, a very "strange" manager.

    As it turned out, I slowly was pushed out of my position at ZD, transparently at that.

    Therefore I began to focus on more "low-level" things, like the actual server configuration and other things -- things which ZTNet's employees were supposed to be taking care of. Primarily, by Zach.

    During the last 3-4 weeks of my "employment" (I wouldn't even call it that, though), I managed to find an exploitable bug in ZTNet's server (Debian Linux, for who care) which allowed me to successfully get root. Once I achieved this, I simply placed a setuid root shell in my home directory, and removed the exploit. I set the permissions on the root shell so that only it was accessible by me, to ensure that other shell users could not use it to violate the system. For your infor- mation, I never backdoored or violating system security by doing what I did. I did not harm the server(s) in any way, and I never abused (by my standards) what I had received.

    The goal of this shell was solely to provide me with the ability to fix things on the ZTNet server which I had informed Zach of, but had not done anything about them in a decent time frame (starting to sound familiar?).

    Here's the part which is "questionable," meaning not many people know this, and it hasn't been brought up for quite some time.

    Parodius had been out of operation for a period of about a year (if my memory serves me correctly). So, with my acquired root shell, I decided it wouldn't hurt anyone if I used the ZTNet server to host parodius.com's DNS (keyword: just the DNS).

    So, off I went, submitting a form to the NIC (as me, not as root, and not even from ZTNet's machine), asking to change NS.PARODIUS.COM to the IP of ZTNet's server. I also registered a domain at this time, one which will remain nameless (no it isn't pornographically-oriented; I hate porn altogether. See below for more information) as to protect the current owners, and set it up to use NS.PARODIUS.COM as it's primary DNS server.

    I also (naturally) set up zonefiles for PARODIUS.COM and the other domain on the ZTNet server, pointing the IPs of the machines *TO ANOTHER MACHINE NOT EVEN PART OF ZTNET*. What this did was allow me to have DNS hosting with ZTNet, while keeping *ALL* of the web traffic off of their server. The server I pointed it to was in Albany Oregon, for an ISP who I was working for at the time.

    During this time, Zach found out about the shell, and proceeded to come entirely unglued. We're talking so unglued that he yanked my account off ZTNet entirely. He went absolutely berserk, redefining the word "freak-out." I don't remember anyone acting so crazy in my entire life. I laugh when people act outrageous, because I see so much of it every day; I'm sure most people do as well, with shows like Jerry Springer on television and what not. It's all crazy, and that's why I was laughing about the entire scenario.

    The domain registration went through, and the DNS server modification (on the NIC) for NS.PARODIUS.COM went through as well.

    For everyone's information, I told no one about this. No one. This is where I made *MY* mistake, which was later corrected as you will see. I should have informed Zach of what I had done, but I did not.

    Naturally I resigned my staff position at Zophar's Domain, and that's how all of that became what it was.

    "So what about the DNS server using ZTNet's IP?"

    Well, as it turns out, ZTNet started registering domains, or getting new customers.

    When you register a domain, you're asking for a primary and secondary DNS server. Their primary and secondaries are NS1.ZTNET.COM and NS2.ZTNET.COM.

    It just so happened that the IP for NS2.ZTNET.COM matched the one which I had assigned (with the NIC) for NS.PARODIUS.COM.

    I'm sure you see *EXACTLY* where this is going.

    I should state something in the clear, however. The InterNIC asks you to provide two pieces of information on a domain registration: the *NAME* of the nameserver, *AND* it's IP number. They have to match in the NIC's internal database for the assignment to go through -- or at least that's what we've all been told.

    Obviously that was a lie stated by the InterNIC; proof is the fact that a ton of ZTNet domains had my nameserver listed as their secondary when they should've had NS2.ZTNET.COM listed.

    "But wasn't the IP of NS.PARODIUS.COM on ZTNet? So how did it get changed to be you?"

    Naturally after I saw what was going on, I felt the need to fix Parodius's DNS set up on the NIC. I filed for a modification to change NS.PARODIUS.COM to 205.149.163.62 (Parodius' IP number), and voila.

    Now, here's another part of the story that your readers need to focus upon.

    After I had done this, I brought the entire situation to Zach's attention (as he's admitted on www.ztnet.com). This was about a year ago. I made it clear that some of the domains he had been registering had my nameserver listed, and I have a feeling Zach knew about what had happened (between the zone files for that domain I registered and parodius.com on his server, and the information via WHOIS), and indirectly ack- knowledged the problem.

    Zach did acknowledge it, as I remember him spewing off something about "how it didn't make too much of a difference since it was the SECONDARY which was messed up, not the primary."

    Sadly enough, Zach doesn't understand how DNS works. There's a lot of things Zach doesn't understand regarding UNIX and Inter- net administration. But, his assumption was his own.

    So there you have it, the history of how everything became how it was.

    I'd just like to make a few points clear to everyone regarding everything. I do take responsibility for what is mine, and that includes my mistakes. I shouldn't have moved NS.PARODIUS.COM to one of ZTNet's IP numbers; but I did not expect to be "fired" from my position as someone who helped out in the administration of the server. I didn't expect Zach to have a hernia regarding me having root on his machine, especially when all I had done in the past was give him positive supporting advice on how to fix problems (severe ones at that) with their machines.

    But, with that said and done, I want to make the second point clear: I *DID* inform Zach of what had happened, even though it was *AFTER* it had already happened. ZTNet has had *OVER A YEAR* to simply file for domain modification and get the secondary changed over to NS2.ZTNET.COM on their domains. A year. It takes less than 3 minutes, per domain, to file for modifications.

    Nothing that I did I deem as inappropriate (regarding the above story). As any individual who knows me will tell you, my biggest requirement to be a friend of mine is that I trust you. I won't lie (this interview is proof), and that is exactly why people trust me. It really blew me away that someone didn't trust me when all I had done was positive work for them in the past.

    That's all.

    SS: There are many people, not just webmasters, out there who are very angry at what happened. Would you like to say anything to those people?

    JC: Of course, and this is something I am stating personally (NOT speaking for all of Parodius).

    Your anger isn't really justified, when being applied to me.

    Let me ask you this. What do you do when you get Email spam? I'd estimate that 98% of the Internet just deletes it. They ignore it. They assume that since they don't have to see it, that there is no problem.

    Do they actually do anything about receiving the spam? Do they examine the headers and contact the administrator of SMTP server which is incorrectly configured to allow public relaying? Do they even, at the least, contact their ISP to complain about receiving spam? Do they know that Email spam is actually *ILLEGAL* in the state of California?

    I don't work this way. When I receive spam (i.e. see a problem), I block the SMTP server sending it to me. If repeated spammings occur after the block, I contact the administrator of the SMTP server and inform them of the problem. If they do nothing, I contact their uplink pro- vider. I refuse to let things like this go by unnoticed.

    Basically, my point here is that everyone seems to assume that "just because they don't see the problem, that there isn't one."

    Nineteen of ZTNet's domains had been misconfigured for over a year. If after reading my above story, you decide to respond to this statement with "Yeah, because you used their IP number for your own personal reasons!", the response I will give you is "You're wrong."

    The reason I say "You're wrong" is because the real reason for the failure isn't my fault, and in a way, it isn't ZTNet's fault either (!!!). It's actually the fault of the InterNIC for not checking to make sure DNS servers names and IPs match in their internal database.

    How can I justify this reasoning? It's easy. We're human. We make mistakes. When something is misconfigured, or when a machine crashes, it's always due to human error. Always. The machine crashes because, well, humans invented it.

    I'm not trying to pass the blame off regarding me setting NS.PARODIUS.COM to one of ZTNet's IPs. I did that under a very bad assumption, and indeed I was wrong to do so. How- ever, all of this could've been avoided if the InterNIC had been doing (and still ISN'T doing!) what they said they did.

    SS: Second, I've seen how angry the emulation sites affected are at this. Just how angry are you that you're getting all the blame?

    JC; I wasn't angry about it until I received two lawsuit threats; one INDIRECT threat from Andy Wolan (owner of emulationzone.org) and one from "uzplayer" (owner of emucamp.com).

    The threats didn't anger me as much as they did make me laugh.

    Basically, the concept is, if your provider isn't providing the service you want...

    ---> !! CHANGE PROVIDERS !! <---

    Rather than changing providers, these emulation site owners look and search so hard for a scapegoat, and in the proceed, DEFEND the people who caused downtime for them in the first place!

    These sites have *BEEN DOWN* (by my standards, and by ANY UNIX administrators standards) for OVER A YEAR!

    How can I be held liable for something your ISP has been aware of for over a year? Look at the WHOIS information: who's the Technical Contact for your domain? Zachary Williams of ZTNet.

    When you're a webmaster, or simply a customer, it doesn't MATTER who made the mistake! You're down. You lost potential business (well, in this case, there is no business involved, so that's out the window). It shouldn't matter what mistake was executed; it's obvious your provider can't provide the services you desire.

    So if you're not happy with your service, then change providers. That's how it works in the Real World(tm).

    It's that simple. It really is.

    SS: Third, are you afraid of the small chance that possible legal action that might be taken against you? (I'm not saying it will happen, I don't even know if it will, but there's always that chance.)

    JC: I've had two lawsuit "threats" so far.

    One threat came from Andy Wolan, the owner of emulationzone.org. Andy stated that I "could legally be held for displaying porno- graphic content to minors." Andy's threat was later "muffled" by the following statement from him, after I asked "Are you threatening me with legal action?":

    "So, will we sue you? I doubt it. However, it's not my call since I don't own half of the sites on the EmulationZone domain. I can't control their behavior. If you want to avoid a headache, do what I asked: make a public apology for redirecting the visitors to porno instead of doing something that is considered professional. Just do it to end this matter. Otherwise, don't blame me for any repercussions that might happen."

    A tip for you, Andy. Legally I am not held for providing that content; the provider who contains the data and provides the upstream link of the content is to be held liable.

    Can you sue HotBot or Google or Lycos for providing pornographic links when a child does a search for "sex?" Sure, in that case they're LOOKING for sex, but your argument is that it's a minor. See below for my full view on the entire matter.

    Basically, I can't hold Andy liable for the statement he made, because the official owner of the emulationzone.org

    A note to your readers: Andy's original threat stated the same as his above quote ("Don't blame me for any repercussions..."). I forwarded this threat on to Zach Williams of ZTNet, who told me:

    "Don't forward any of this crap to me. This is your problem, not mine."

    If you look at who the Administrative contact is for the emulationzone.org domain, you will see it is Zach Williams himself. Therefore, legally, he is to be held liable for all content which comes from that domain.

    I would also like to state that I set up a spamblock list for the emulationzone.org domain right after receiving Andy's Email. I don't take well to threats.

    Andy went around the spamblock by using his dialup Email address to send me Email.

    The second lawsuit threat came from "uzplayer" (real name unknown), owner of emucamp.com. The statement was made over IRC, when I personally went into #emucamp EFNet when I was informed from an anonymous source that people in that channel were stating "I hacked a DNS server." I went in to the channel solely to offer the individual (and emucamp.com) the truth regarding the entire situation.

    I cannot provide a log, as I do not log my IRC sessions for obvious reasons, but I can get one if necessary (I'm sure some of the individuals in that channel have logs ;-) ).

    During the conversation, "uzplayer" stated that because of his "lost business," that he would be "contacting his lawyer."

    When I asked "uzplayer" if he was threatening me with legal action, he told me "Yes! And I'm going to sue you for every- thing you're worth!"

    "uzplayer" also attempted to use the same justification that Andy Wolan did, which was that "minors were involved." Again, it desn't fly.

    I was told by numerous individuals (including some who are part of the "EmulationWorld" group) that "uzplayer" is known for making preposterous claims, and that this isn't the first time he's threatened lawsuits against people. I was told to simply ignore the statement and go back to taking a nap.

    I've yet to receive any legal notification from a lawyer (ours or someone elses), nor receive a court subpoena.

    SS: You did redirect visitors to a pornographic picture, and I, along with many others, are very confident that some of those visitors were minors.

    JC: The "minor" argument is nothing more than a myth. It doesn't stand up in court. The reason for this is pretty obvious:

    There's no way to 100% guarantee someone's age.

    Credit card validations are easy to get around; CC# gener- ators have been around for 10+ years, and all people who own CCs are 18 or older.

    Those "This site contains adult material and blah blah" dis- claimers are nothing but (pardon me) bull*expletive*. If kids want to see it, they'll click on it! They wouldn't be looking at porn if their parents were around -- or so we'd hope. They're as legitimate, in the court of law, as the "You can download these ROMs if you delete them after 24 hours" disclaimer.

    There isn't a software package on the market which blocks all the T&A that your kids will see. They'll see it either in a banner ad from a service who doesn't provide porn (take for instance that Maxim ad), or they'll get smart and ask a friend how to disable NetNanny on their PC.

    The problem starts at the same place as the solution: in the home.

    If you don't want your kids being exposed to "the dirty old Internet," then don't let them on it. That's right, I'm telling parents to stifle their child's growth if they really feel that's the correct way to go about it.

    On a final note: I hate porn. I don't like it, I don't view it, and I find it to be a waste of time. The reason I picked the URL in question was because I asked a series of associates for URLs which might be suiting for the situation.

    A hentai picture of two naked women defecating pretty much represented how I felt at the time, and how I still feel:

    *expletive* upon.

    SS:Thank you for your time.

    JC: Thank you for yours.


    February 9, 2000
    The final phase of this Saga. Andy Wolan had reacted to the interview above. Take a look at his comments:

    "* He admits to purposely misconfiguring the DNS servers and he even used the ZTNET server for his own use without ZTNet's permission.

    * He gave no apology for disrupting service to the 'Zone or any of the other websites. He didn't even apologize for wasting my time. We did nothing to him, but yet he expects us to take his crap without any remorse? And he is surprised to hear people cry "law suit" for what he did to our websites?

    If someone was to do that to your website, how would you react? Would you give them just a "slap in the wrist" or would you demand satisfaction?

    * I'm not going to press charges, as I said, because I don't have time, unless I can get some outside help. If others on the site want to go after him, they will have my support. Personally, my time is too valuable to waste on a piece of trash like Jeremy. He can downplay the charges all he wants. However, the truth is, neither one of us knows for sure how this matter will turn out in a court of law. Both sides have good arguments. The twists in this matter would make for an interesting case.

    Note how he gave NO reason on why he won't apologize? Remember, I asked for a simple public apology in exchange to block any future "lawsuit" attempt.

    * I do legally own emulationzone.org. However, I don't want me name appearing on the DNS record, so it does not appear on the record. (Ya, like I want people to know where I live.)

    * Did I send him a threatening email? No. Was my emails reasonable for what just happen? Yes. But I'll let you be the judge, since I CC'ed all the email in our dialog. I personally feel that he shut-off email service just block off any complaints that he knew he deserved getting. Asking for a reply to an email message and getting it does not count as "spam"."


    Epilogue
    One can easily imagine that this was the worst problem that Emulation Zone, and possibly other Emulation Sites, had faced in a very long time. Public opinion was just as harsh. Almost everyone wanted to take on Chadwick. Parodius.Com still has fragments of Attack info remaining on its site. ZTNet.com still has a bit of information on what happened right now. On Emulation Zone, though, unless you dig deep, you would never notice that it happened now. And perhaps that is the best thing to come out of this.

    A point must be made here. Many people have limits. When those limits are pushed to the maximum, sometimes all Hell can break loose. We have seen examples of this in real life events. Jeremy Chadwick had an issue with DNS logs. When he couldn't take it anymore, it managed to affect many sites and their visitors. It proves that some 'solutions' to problems can be just as devastating on the Web as they can be in the real world. Perhaps this Attack will teach us to stand guard at all times in both worlds. You may never know what could happen next.