The Rat wrestles with security advice to slam down computer hackers
The Rat has been watching with interest as the rest of
the world learns a painful lesson in network security.
The New York Times Web site hack got everyones attention a few weeks ago, but
that was just one instance in a recent rash of site takeovers, including one of a Web
server in Japan that hosts 24,000 domains.
Government servers havent been immune. The New York Times hackers also scored a
hit on NASAs Jet Propulsion Laboratory. And system administrators for the CIA site
will have to live down the gaping security hole that gave hackers enough elbow room to
open an X Window System session to the CIA server.
The cyberrodent takes comfort in the knowledge that even computer security community
mavens arent immune to hacker exploitation. Winn Schwartau, editor of the http://www.infowar.com Web site and author of a number
of works on computer security, had his Social Security number posted to the fake http://www.nytimes.com Web page. Fortunately for
him, it was in Hypertext Markup Language source code and not immediately visible to casual
browsing. Unfortunately for him, hackers put it there, and the page is archived all over
the Internet.
The furry one has advice for his agency readers: Now is a really good time to check
your network security.
The Rat used the Times hack as leverage to get his department head to declare a
three-day stand-down for security while agency information technologists read the latest
Computer Emergency Response Team and Federal Computer Incident Response Capability
reports, ran security checkers, and perused firewall and server audit trails.
All the furry one had to do to gain permission was suggest that the boss Social
Security number and direct deposit information could conceivably end up on the agency
intranet.
The whiskered one topped off his 75-ounce latte cup, placed last months unread
trade magazines within easy reach, and sent his acolytes to chase down a promiscuous
network card. Then he settled back in his concrete command bunker to launch a script
that would open up his battery of security tools: SATAN, COPS, Crack and a few other old
standbys hes collected over the years.
After hitting the Enter key, he relaxed and adjusted his caffeine level to an
acceptable range.
According to the Rats sources in the cyberunderworld, the New York Times
attackers either exploited a poorly written Common Gateway Interface script or employed a
hacker utility against a known bug in Sun Microsystems SunOS to connect directly to
the servers file system.
Either way, the attackers used well-knownat least among hackersholes in
system defenses to gain control of the server. It was a derivative hack, or childs
play, boasted one of the most elite hackers, known in their parlance as a leet.
Whoopsie. Somehow the Rat suspects that the New York Times doesnt think anyone
was just playing. Folks there are thinking of all the page views lost to readers who had
expected to see the Starr report.
The timing made the cyberrodent just the least bit suspicious. The groups
Hacking for girlies handle sounds too much like a phony White House intern
selection system.
The Rat wants to check the White House systems logs just to make sure.
The Packet Rat once managed networks but now spends his time ferreting out bad
packets in cyberspace. E-mail him at rat@gcn.com.