And of the bundeskriminalamt bka he was able to trace

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: e the intruder to Hannover 1989: the investigation ends with the arrest of Markus Hess in Germany, who apparently worked for the Eastern bloc Markus was sentenced to a year and eight months and a 10,000 DM fine – He was put on probation Other “hackers” were involved in the break-in and received similar sentences 23 The Internet worm November 2, 1988: The “Internet worm”, developed by Robert T. Morris, was injected in the Internet A mistake in the replication procedure led to unexpected proliferation The Internet had to be “turned off” Damages were estimated in the order of several hundred thousand dollars RTM was sentenced to three years’ probation a $10,000 fine and 400 hours of community service The CERT (Computer Emergency Reponse Team) was created as a reaction to this incident 24 The worm A worm is a self-replicating program that spreads across a network of computers The worm worked only on Sun 3 systems and VAX computers running 4 BSD UNIX The worm consisted of two parts: 25 A main program A bootstrap program The worm First step: Remote privileged access finger buffer overflow char line[512] line[0] = ‘\0’; gets(line); sendmail (the DEBUG option allows one to specify a number of commands to be executed) The bootstrap program (99 lines of C code) was transferred using a connection from the infecting machine The bootstrap program was compiled and run causing the transfer or precompiled versions of the main program on the infected host 26 The worm The main program: Gathers information about the host’s network interfaces and hosts with open connections to the infected host (e.g., by using netstat) Tries to break into hosts by using rsh, finger, or sendmail Gathers more information on “trusted hosts” by examining: /etc/hosts.equiv /.rhosts ~/.forward in users home dirs Tries to rsh to the referenced hosts Performs a password cracking attack using the information contained in the password file, an internal dictionary of 432 words, and eventually the local UNIX dictionary For each successful break-in the bootstrap was transferred 27 Kevin Mitnick One of the most well-known “hackers” in the community 1982: One year probation for breaking into PacBell’s offices 1982: Enrolls at University of Southern California and uses campus machines to perform illegal activities: 6 months of juvenile prison in Stockton, California 1987: Mitnick breaks into SCO. Sentence: three years probation 1988: Enrolls at Pierce and m...
View Full Document

This document was uploaded on 01/22/2014.

Ask a homework question - tutors are online