[ISN] ICSA employes an undercover hacker spy.

From: mea culpa (jerichot_private)
Date: Sat Jul 04 1998 - 15:40:16 PDT

  • Next message: mea culpa: "Re: [ISN] Anti-Nuke Cracker Strikes Again"

    Forwarded From: William Knowles <erehwont_private>
    [Forbes Digital Tool, By Adam L. Penenberg] (http://www.forbes.com)
    J3 spends his days trolling around the hacker underground, 
    monitoring hacker channels on Internet Relay Chat, checking 
    out the latest on "phreaking,"--cracking the phone system--
    dialing up bulletin boards and checking out web sites that 
    offer password-cracking software and how-to guides.
    For J3 this isn't just a hobby, it's a job.
    ICSA, a computer security firm, hired J3 (not his real name nor 
    his online "nick", since his success depends on total anonymity) 
    two years ago as the company's lead underground analyst. His 
    mission: to keep tabs on the latest trends and tools in the 
    hacker world. When he gets wind of a new security hole, 
    he passes the information on to ICSA's tech staff so that 
    the company can either develop a defense or tip off
    software makers before the flaw can be exploited.
    J3 is very busy. Recently, a group of European hackers released 
    a Trojan horse-like program that would enable them to set up 
    backdoors in geeky programs known only to network administrators, 
    such as "named" programs related to domain name servers, a basic 
    component of any network connected to the larger Internet. J3 
    found out about it in the course of his monitoring, passed it 
    on to ICSA, and the company informed CERT (Computer Emergency 
    Response Team) which posted an advisory.
    The Internet is a lot like Lord of the Flies, a nasty, violent
    --yet virtual--world where the strong intimidate the weak.
    He was also instrumental in helping ICSA detect two types of 
    denial of service attack modes--Teardrop and Land--that were 
    being used to exploit vulnerabilities in the TCP/IP protocol. 
    These new attacks took advantage of tweaks that would beat 
    existing patches, which made it difficult for system 
    administrators to stay ahead of hackers. But J3, because of 
    his links to the underground, was able to learn of these
    exploits shortly after they were posted on hacker channels.
    "I'm proud of a lot of the work we do," J3 says. "I've found a
    company's entire password file posted to a web site, or that 
    hackers have root in a network or that a merchant site with a 
    database of credit cards has been compromised. I then contact 
    the companies and warn them."
    He says that the Internet is a lot like Lord of the Flies, a 
    nasty, violent--yet virtual--world where the strong intimidate 
    the weak. Not all hackers are destructive, of course. There are 
    many good ones on a quest for pure information, the lifeblood 
    of their avocation, who post security flaws because they believe 
    it's the best way to fix them.  It's the ones who exploit these 
    flaws to cause damage that irritate J3.
    But they have a vulnerability: their need for self-aggrandizement,
    which is key to J3's success. "If hackers didn't brag," he says, 
    "I wouldn't have a job."
    J3, who works mostly nights since the Internet never sleeps, 
    isn't just a full-time worker. He's also a graduate student 
    working on his Ph.D. in psychology. And his area of study?
    Hackers, of course.
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:57:53 PDT