Linux Today: Linux News On Internet Time.

Network Computing: Anatomy of a Network Intrusion

Oct 20, 1999, 15:38 (3 Talkback[s])
(Other stories by Greg Shipley)

"Empty Red Bull cans litter the floor, reflecting the warm glow of the monitors. Alongside the sketch boards lie drained liters of Mountain Dew, partially eaten burritos and dozens of 486 machines configured as Linux Beowulf clusters. A Pentium II machine plugged into a seemingly endless line of surge suppressors hums as it continues to brute-force password guesses at a rate of 10 million per second. Only 12 more hours to go..."

"All the machines have their lids off-no hard-core geek is ever satisfied with the state of a system. Legal pads are covered with IP addresses, penciled network maps and port numbers. As the attackers' scripts relentlessly scan for the presence of the recently identified CGI vulnerability, they continue to exchange notes with the crew on IRC (Internet Relay Chat). They figure once they've compromised a few dozen ISPs-creating a network of "stepping stones"-they can forge ahead to their target..."

"It takes one to know one" may be cliche, but it holds up in the network security arena. Understanding how attackers operate is invaluable-in fact, it's your best defense. The concept of "hacking" into your own network for security purposes isn't new. Dan Farmer published a paper in 1995 entitled "Securing Your Site by Breaking Into It..."

Complete Story

Related Stories: