readenglishbook.com » Literary Collections » Underground, Suelette Dreyfus [ebook reader online .txt] 📗

Book online «Underground, Suelette Dreyfus [ebook reader online .txt] 📗». Author Suelette Dreyfus



1 ... 51 52 53 54 55 56 57 58 59 ... 79
Go to page:
other, less obvious, ways of making money, such as espionage.

Mendax could have easily found highly sensitive information about planned NorTel products and sold them. For a company like NorTel, which spent more than $1 billion each year on research and development, information leaks about its new technologies could be devastating. The espionage wouldn’t even have to be about new products; it could simply be about the company’s business strategies. With access to all sorts of internal memos between senior executives, a hacker could procure precious inside information on markets and prices. A competitor might pay handsomely for this sort of information.

And this was just the start of what a malicious or profit-motivated hacker could do. In many companies, the automated aspects of manufacturing plants are controlled by computers. The smallest changes to the programs controlling the machine tools could destroy an entire batch of widgets—and the multi-million dollar robotics machinery which manufactures them.

But the IS hackers had no intention of committing information espionage. In fact, despite their poor financial status as students or, in the case of Trax, as a young man starting his career at the bottom of the totem pole, none of them would have sold information they gained from hacking. In their view, such behaviour was dirty and deserving of contempt—it soiled the adventure and was against their ethics. They considered themselves explorers, not paid corporate spies.

Although the NorTel network was firewalled, there was one link to the Internet. The link was through a system called BNRGATE, Bell-Northern Research’s gateway to the Internet. Bell-Northern is NorTel’s R&D subsidiary. The connection to the outside electronic world was very restricted, but it looked interesting. The only problem was how to get there.

Mendax began hunting around for a doorway. His password cracking program had not turned up anything for this system, but there were other, more subtle ways of getting a password than the brute force of a cracking program.

System administrators sometimes sent passwords through email. Normally this would be a major security risk, but the NorTel system was firewalled from the Internet, so the admins thought they had no real reason to be concerned about hackers. Besides, in such a large corporation spanning several continents, an admin couldn’t always just pop downstairs to give a new company manager his password in person. And an impatient manager was unlikely to be willing to wait a week for the new password to arrive courtesy of snail mail.

In the NorTel network, a mail spool, where email was stored, was often shared between as many as twenty computer systems. This structure offered considerable advantages for Mendax. All he needed to do was break into the mail spool and run a keyword search through its contents. Tell the computer to search for word combinations such as `BNRGATE’ and `password’, or to look for the name of the system admin for BNRGATE, and likely as not it would deliver tender morsels of information such as new passwords.

Mendax used a password he found through this method to get into BNRGATE and look around. The account he was using only had very restricted privileges, and he couldn’t get root on the system. For example, he could not FTP files from outside the NorTel network in the normal way. Among Internet users FTP (file transfer protocol) is both a noun and a verb: to FTP a program is to slurp a copy of it off one computer site into your own. There is nothing illegal about FTP-ing something per se, and millions of people across the Internet do so quite legitimately.

It appeared to Mendax that the NorTel network admins allowed most users to FTP something from the Internet, but prevented them from taking the copied file back to their NorTel computer site. It was stored in a special holding pen in BNRGATE and, like quarantine officers, the system admins would presumably come along regularly and inspect the contents to make sure there were no hidden viruses or Trojans which hackers might use to sneak into the network from the Internet.

However, a small number of accounts on BNRGATE had fewer restrictions. Mendax broke into one of these accounts and went out to the Internet.

People from the Internet were barred from entering the NorTel network through BNRGATE. However, people inside NorTel could go out to the Internet via telnet.

Hackers had undoubtedly tried to break into NorTel through BNRGATE. Dozens, perhaps hundreds, had unsuccessfully flung themselves against BNRGATE’s huge fortifications. To a hacker, the NorTel network was like a medieval castle and the BNRGATE firewall was an impossible battlement. It was a particular delight for Mendax to telnet out from behind this firewall into the Internet. It was as if he was walking out from the castle, past the guards and well-defended turrets, over the drawbridge and the moat, into the town below.

The castle also offered the perfect protection for further hacking activities. Who could chase him? Even if someone managed to follow him through the convoluted routing system he might set up to pass through a half dozen computer systems, the pursuer would never get past the battlements. Mendax could just disappear behind the firewall. He could be any one of 60000 NorTel employees on any one of 11000 computer systems.

Mendax telnetted out to the Internet and explored a few sites, including the main computer system of Encore, a large computer manufacturer. He had seen Encore computers before inside at least one university in Melbourne. In his travels, he met up with Corrupt, the American hacker who told Par he had read Theorem’s mail.

Corrupt was intrigued by Mendax’s extensive knowledge of different computer systems. When he learned that the Australian hacker was coming from inside the NorTel firewall, he was impressed.

The hackers began talking regularly, often when Mendax was coming from inside NorTel. The black street fighter from inner-city Brooklyn and the white intellectual from a leafy outer Melbourne suburb bridged the gap in the anonymity of cyberspace. Sometime during their conversations Corrupt must have decided that Mendax was a worthy hacker, because he gave Mendax a few stolen passwords to Cray accounts.

In the computer underground in the late 1980s and early 1990s, a Cray computer account had all the prestige of a platinum charge card. The sort of home computer most hackers could afford at that time had all the grunt of a golf cart engine, but a Cray was the Rolls-Royce of computers. Crays were the biggest, fastest computers in the world. Institutions such as large universities would shell out millions of dollars on a Cray so the astronomy or physics departments could solve enormous mathematical problems in a fraction of the time it would take on a normal computer. A Cray never sat idle overnight or during holiday periods. Cray time was billed out by the minute. Crays were elite.

Best of all, Crays were master password crackers. The computer would go through Mendax’s entire password cracking dictionary in just ten seconds. An encrypted password file would simply melt like butter in a fire. To a hacker, it was a beautiful sight, and Corrupt handing a few Cray accounts over to Mendax was a friendly show of mutual respect.

Mendax reciprocated by offering Corrupt a couple of accounts on Encore. The two hackers chatted off and on and even tried to get Corrupt into NorTel. No luck. Not even two of the world’s most notable hackers, working in tandem 10 000 miles apart, could get Corrupt through the firewall. The two hackers talked now and again, exchanging information about what their respective feds were up to and sharing the occasional account on interesting systems.

The flat structure of the NorTel network created a good challenge since the only way to find out what was in a particular site, and its importance, was to invade the site itself. The IS hackers spent hours most nights roving through the vast system. The next morning one of them might call another to share tales of the latest exploits or a good laugh about a particularly funny piece of pilfered email. They were in high spirits about their adventures.

Then, one balmy spring night, things changed.

Mendax logged into NMELH1 about 2.30 a.m. As usual, he began by checking the logs which showed what the system operators had been doing. Mendax did this to make sure the NorTel officials were not onto IS and were not, for example, tracing the telephone call.

Something was wrong. The logs showed that a NorTel system admin had stumbled upon one of their secret directories of files about an hour ago. Mendax couldn’t figure out how he had found the files, but this was very serious. If the admin realised there was a hacker in the network he might call the AFP.

Mendax used the logs of the korn shell, called KSH, to secretly watch what the admin was doing. The korn shell records the history of certain user activities. Whenever the admin typed a command into the computer, the KSH stored what had been typed in the history file. Mendax accessed that file in such a way that every line typed by the admin appeared on his computer a split second later.

The admin began inspecting the system, perhaps looking for signs of an intruder. Mendax quietly deleted his incriminating directory. Not finding any additional clues, the admin decided to inspect the mysterious directory more closely. But the directory had disappeared. The admin couldn’t believe his eyes. Not an hour before there had been a suspicious-looking directory in his system and now it had simply vanished. Directories didn’t just dissolve into thin air. This was a computer—a logical system based on 0s and 1s. It didn’t make decisions to delete directories.

A hacker, the admin thought. A hacker must have been in the NorTel system and deleted the directory. Was he in the system now? The admin began looking at the routes into the system.

The admin was connected to the system from his home, but he wasn’t using the same dial-up lines as the hacker. The admin was connected through Austpac, Telecom’s commercial X.25 data network. Perhaps the hacker was also coming in through the X.25 connection.

Mendax watched the admin inspect all the system users coming on over the X.25 network. No sign of a hacker. Then the admin checked the logs to see who else might have logged on over the past half hour or so. Nothing there either.

The admin appeared to go idle for a few minutes. He was probably staring at his computer terminal in confusion. Good, thought Mendax. Stumped. Then the admin twigged. If he couldn’t see the hacker’s presence on-line, maybe he could see what he was doing on-line. What programs was the hacker running? The admin headed straight for the process list, which showed all the programs being run on the computer system.

Mendax sent the admin a fake error signal. It appears to the admin as if his korn shell had crashed. The admin re-logged in and headed straight for the process list again.

Some people never learn, Mendax thought as he booted the admin off again with another error message:

Segmentation violation.

The admin came back again. What persistence. Mendax knocked the admin off once more, this time by freezing up his computer screen.

This game of cat and mouse went on for some time. As long as the admin was doing what Mendax considered to be normal system administration work, Mendax left him alone. The minute the admin tried to chase him by inspecting the process list or the dial-up lines, he found himself booted off his own system.

Suddenly, the system administrator seemed to give up. His terminal went silent.

Good, Mendax thought. It’s almost 3 a.m. after all. This is my time on the system. Your time

1 ... 51 52 53 54 55 56 57 58 59 ... 79
Go to page:

Free e-book «Underground, Suelette Dreyfus [ebook reader online .txt] 📗» - read online now

Comments (0)

There are no comments yet. You can be the first!
Add a comment