Windows Edition, March 2000
See the Happy Hacker web site at http://www.happyhacker.org
Your local firewall blocks you? Try http://happyhacker.org
Ok so I managed to pull myself away from this latest online
craze "EverQuest" to bring you another HHWD. I would like
to thank everybody for their creative input and e-mail
submissions, it was certainly encouraging for me to open
up the mail box and have messages overflowing onto my
desktop (Yep I felt special!). There has been a lot of
publicity lately to the recent rash of Distributed Denial
of Service Attacks. I considered addressing much of this
from a hacker's perspective (read: Hacker not Cracker) but
as I should have it both Caroly Meinel and John Vranesevich
released articles earlier in February. With such great
articles I thought I would just link to them rather than
sound like a broken record, after all it is much better to
work smarter than it is to work harder.
On another note, you might notice that Carolyn has updated
some of the content on the Happy Hacker Web Site. She has
even been kind enough to tease us with a chapter on social
engineering in her upcoming book "Uberhacker". I will admit
I came under some heavy fire from people who took offense
to my description of organized hacker groups such as
(GfH, LoU, etc). I will re-iterate that not all organized
hacker organizations are unskilled individuals with a lust
for nothing but destruction. I belong to a JAVA users group
here in Las Vegas (Oh no here come the flames!) and I would
certainly categorize this as a group of computer hackers
that have a fondness for JAVA in common. I'm simply
reinforcing the fact that you don't need to join some
"31337 H@x0r Group" to be a hacker. Using the simple
information and tools provided to you through the web one
can mold themselves into the essence of a true hacker by
sharpening their skills and building rather than destroying.
It's important to note that I still hold firm to my
perception of certain hacking groups despite the flaming
e-mails I receive.
Hacker Insurance??? Ludicrous you say? Perhaps not.
SEC to hire 60 "cybercops"
What is all this DoS stuff I'm hearing about??? This is a great article
by Carolyn Meinel detailing some very useful information regarding Denial of Service.
Microsoft to make Windows 2000 a "stable OS", that's what they say..
Users encouraged to self certify applications under Windows 2000.
A Lesson Hard Learned
What many of us would consider common sense is not
always common sense to everybody.
I received an E-mail from a friend who I introduced
to Linux which had a subject line of "Help I've Been
HACKED!." As I read on I learn that he had just
finished a complete semi-secure installation of his
favorite version of Linux. This doesn't seem like
much of a task but to properly configure a Linux
workstation that is going to be connected to the
Internet, install all relevant vendor patches, manually
scour the box for known security holes, and finally
reach a comfort level takes a considerable amount of
time regardless how great a Uberhacker you may be.
It is not uncommon for me to spend 40 + hours applying
all of my knowledge to perfect, to the best of my
ability a workstation or server being placed on a
dedicated leased line. Couple his experimentation with
certain third party software packages, busy work
schedule, and the pride he takes in his work, this
fresh and ready to go box was an accomplishment for
him. He was so excited to finally be able to hook this
box up to the Internet and take it for a test drive with
a reasonable level of security to ease his conscious.
He placed the Linux machine onto the Internet enjoyed
a few rewarding moments and headed off for bed. He
awakes Saturday morning to find his install completely
wrecked. It probably took only a few keystrokes for
somebody to undo everything he had spent countless hours
His box was in utter shambles and the OS in such
a wrecked state it was useless. My initial thought was
well if the machine won't even boot lets forget trying
to repair it and focus our attention on catching the
person responsible. He had already sent a couple of
e-mails to his ISP with no response and decided to
solicit my involvement. I e-mailed his ISP soliciting
their cooperation in tracking down the intruder. After
all I would think any ISP would be willing to help if
they knew a ruthless cracker was riding their backbone.
Below is the original E-mail with the name of the ISP
removed to protect their identity that was received by
me in response to my request for cooperation.
ABC is always willing to cooperate with law enforcement
when it concerns network abuse. Before we could release
any information, there would need to be a court order
issued. The FBI would know the proper steps to take to
obtain the proper information.
I could determine who penetrated Mr. Smiths computer if
the attack originated from the ABC network. If you sent
me the system logs showing where and when the attack
occurred I could track it back to the person responsible.
I would then take the proper action against the person
responsible according to ABC's policies.
ABC's Acceptable Use Policy (APU) prohibits abusive or
illegal conduct on our network - or the networks of our
customers. We investigate all complaints, and if it is
determined that conduct contrary to our AUP has taken
place, appropriate action will be taken per our AUP and
Terms of Service.
Please include full headers when reporting Abuse or
USENET articles; we will require this information. This
information should include the Internet Protocol address
and the date and time the message was sent. This
information is very important in determining the account
from which the message originated.
Please address reports about ABC.NET users to firstname.lastname@example.org.
Please include timestamps and your time zone if you are
forwarding copies of system logs.
We take network abuse seriously, and will respond quickly
to address security and abuse incidents on our network.
You are invited to view our AUP at the address below.
ABC, a ACME Company
More Happy Hacker Windows Digest,