Cool. I wrote the AOLserver flap library and the whaops backend, and the ugly version of the front end (someone took my ugly stuff and made it nicer). The vector was the AOLserver ops team had a well known admin password that granted access in the default configuration to exec shel commands on the host. They fortunately did not notice that I had an undocumented command to send arbitrary msgs to arbitrary queues in the topology. We switched to two factor authentication for prod logins a few months later. And the person that got the AOLserver password was arrested.

Re: AOLServer, Are you thinking of Jay Satiro (Ref: http://justinakapaste.com/from-o0o-of-aol-files/) ?

The author implies that the whaops hackers had their own malware, written in Delphi, to do the on-lan redirection.

Yeah, and on rereading the original article, the hack was just guessing the passwords to admin AIM accounts. I hope it wasn’t mine! From my perspective that is “works as designed”. I don’t think the TFA was ever put into AIM login, but it was all a while ago. But anyways, nice to seem one of the dumb names I came up with in the press. I also wrote wam (web authentication module), Hermes (messenger of the Gods - like buddy list but where users could add data sources to the list, with filters or alarms), Ewoks (“external web Oscar knowledge server”, an http server that allowed for easy integration into the server message framework we used) and re-wrote morf “master Oscar registration facility”. The original was a custom written no-SQL DB and we moved it to Sybase with sharding.). All C. All event loop based. All really solid infrastructure written by people doing it for the third time. Fun times. Had an actual agile process and brought the coolness of the internet to many people for the first time.