[ISN] Design Disasters (internic/hacked)

From: mea culpa (jerichot_private)
Date: Thu Apr 30 1998 - 18:58:43 PDT

  • Next message: mea culpa: "[ISN] Hacker Tools Getting Smarter"

    Forwarded From: Aleph One <aleph1t_private>
    
    [ I didnt catch this one until recently. Interesting it didnt get more
    play on the news. - a1 ]
    
    http://cgi.pathfinder.com/netly/editorial/0,1012,1915,00.html
       
       Design Disasters
       
       by [11]Lev Grossman, Steve Baldwin and Declan McCullagh   April 20,
       1998
       
    [ snip ]
    
       
             *  *  *
       
           A friend of Netly's was poking around one of InterNIC's ftp
       servers last week -- let's not ask why -- when he noticed a file
       called "core" in the root directory, suggesting that a core dump had
       taken place. If you're trying to hack into a computer, one way to do
       it is to trick an application with root privileges into doing a core
       dump and then overwriting a password file; this -- coupled with the
       fact that the file size was exactly [30]68040 -- tipped our friend off
       that the machine was under attack. Since he was in a public-spirited
       mood, he called up InterNIC to tell them about it. He was passed up
       the supervisor chain a couple of times, until finally InterNIC told
       him that the server in question, [31]ds.internic.net, was "not our
       problem," that AT&T was administering it. But when InterNIC
       double-checked, they discovered that AT&T's control of the server had
       lapsed on April 1, and that nobody had been watching it for two and a
       half weeks. Creation date of the core file? April 1.
       
           For the records, the file contained the following: a message from
       the [32]Klan of the Bloodstained Blade claiming responsibility;
       instructions for hacking a Cisco router; passwords for a handful of
       porn sites; and information on how to raise marijuana. You kids play
       nice, now.
       
             *  *  *
    
    -o-
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Dimensional Communications (www.dim.com)
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:52:11 PDT