Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
Cracked! Part 2: Watching and Waiting

By noeld in News
Wed May 10, 2000 at 04:18:10 PM EST
Tags: Security (all tags)
Security

Noel continues the story of when some Unix boxes that he helped admin were cracked. Is sniffing a cracker moral? If it is then is sniffing to watch for crackers moral? Where is the line?

"On this Linux box I set up a sniffer to watch for traffic going to the ISP and some of the sites we had suspected he was coming from. We thought that by watching him to see where he was coming from and what he was doing that we could get some idea of who he was, what his motivations were and most important what he was doing. We also thought that we could use this to find out what kind of skills he had. Was he a script kiddie, or a super cracker like it was claimed?"

Note: I am planning to publish these articles on RootPrompt.org once a week. Due to the number of articles in the series and the views expressed about the last few articles I have submitted to Kuro5hin I do not plan to submit them.


Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Related Links
o Kuro5hin
o continues the story
o RootPrompt .org
o Also by noeld


Display: Sort:
Cracked! Part 2: Watching and Waiting | 20 comments (20 topical, editorial, 0 hidden)
Hmm, links to other weblogs from wi... (none / 0) (#9)
by flamingcow on Wed May 10, 2000 at 08:29:29 AM EST

flamingcow voted -1 on this story.

Hmm, links to other weblogs from within kuro5hin. Thats a hell of a jyp.

Interesting. I'll read it on a slow... (none / 0) (#13)
by guppie on Wed May 10, 2000 at 08:49:42 AM EST

guppie voted 1 on this story.

Interesting. I'll read it on a slow morning.

What? The land of the free? Whoever told you that is your enemy.
-Zack de la Rocha

Been waiting for this one.... (none / 0) (#5)
by dlc on Wed May 10, 2000 at 09:25:47 AM EST

dlc voted 1 on this story.

Been waiting for this one.

(darren)

It would have been nice to include ... (none / 0) (#14)
by Qtmstr on Wed May 10, 2000 at 09:46:53 AM EST

Qtmstr voted 1 on this story.

It would have been nice to include a longer writeup, but still good.


Kuro5hin delenda est!

... (none / 0) (#12)
by BJH on Wed May 10, 2000 at 09:53:54 AM EST

BJH voted 1 on this story.

His spelling and grammar leave a little to be desired, but it's an interesting tale.
--
Roses are red, violets are blue.
I'm schizophrenic, and so am I.
-- Oscar Levant

Why won't you submit them? I love ... (none / 0) (#1)
by davidu on Wed May 10, 2000 at 10:18:34 AM EST

davidu voted 1 on this story.

Why won't you submit them? I love them. They are great reading and informative.

I just got my account at rootprompt... (none / 0) (#4)
by End on Wed May 10, 2000 at 10:27:57 AM EST

End voted 1 on this story.

I just got my account at rootprompt. As I said before, I am glad you and rusty worked things out. Sorry for my harsh tone <:-/ ... nice article too, BTW.

-JD

Nothing particularly interesting in... (none / 0) (#15)
by robin on Wed May 10, 2000 at 10:59:35 AM EST

robin voted -1 on this story.

Nothing particularly interesting in here; lots of words but not much information.
--
W.A.S.T.E. (do not antagonise the Horn)

Nothing wrong with you posting a lo... (none / 0) (#2)
by xah on Wed May 10, 2000 at 11:15:25 AM EST

xah voted -1 on this story.

Nothing wrong with you posting a lot, noeld. I just want to hear from rootprompt.org slightly less often here. Thanks.

Good series. Keep it coming. ... (none / 0) (#10)
by Anonymous Zero on Wed May 10, 2000 at 11:17:18 AM EST

Anonymous Zero voted 1 on this story.

Good series. Keep it coming.

These are very interesting and wort... (none / 0) (#8)
by Rasputin on Wed May 10, 2000 at 12:07:45 PM EST

Rasputin voted -1 on this story.

These are very interesting and worthwhile articles, the problem is that it's piecemeal over time which strikes me as inappropriate for K5. Let us know when the entire set is available and a commentary would be a good article here. Until then, we can check on our own weekly basis.
Even if you win the rat race, you're still a rat.

it's on rootprompt. duh! ... (none / 0) (#11)
by haiku san on Wed May 10, 2000 at 01:20:49 PM EST

haiku san voted -1 on this story.

it's on rootprompt. duh!
we don't need it here too. blah!
keep this crap away!

The ethics of software self defense... (none / 0) (#16)
by maynard on Wed May 10, 2000 at 01:25:44 PM EST

maynard voted 1 on this story.

The ethics of software self defense are a worthy discussion.

Read The Proxies, a short crime thriller.

Good stuff, but it's a series that'... (none / 0) (#7)
by prevostjm on Wed May 10, 2000 at 01:36:47 PM EST

prevostjm voted -1 on this story.

Good stuff, but it's a series that's already been posted about.

It's interesting ... (none / 0) (#3)
by pwhysall on Wed May 10, 2000 at 02:06:06 PM EST

pwhysall voted 1 on this story.

It's interesting

It's original content

It's a +1
--
Peter
K5 Editors
I'm going to wager that the story keeps getting dumped because it is a steaming pile of badly formatted fool-meme.
CheeseBurgerBrown

I liked the first one, it was large... (1.00 / 1) (#6)
by pvg on Wed May 10, 2000 at 03:01:00 PM EST

pvg voted -1 on this story.

I liked the first one, it was largely buildup and reasonably written so the lack of great technical detail was appropriate. It seems now that the entire series will proceed at this rather laborious pace while branching off to talk about well-covered topics like login warning banners. How can an ISP be so strangely unfamiliar with privacy issues? Just like freedom of speech often means freedom of speech on your own press, privacy rights typically apply in similar circumstances - in your house, in your system. If you're on my system, you have no privacy rights - you have to trust the operator. And that's the critical part - you don't change anyone's rights by putting up a banner that users you may be monitored, you're simply doing the honest thing. One could argue putting up such a banner makes an operator seem more trustworthy.

Re: Cracked! Part 2: Watching and Waiting (4.00 / 2) (#17)
by xah on Wed May 10, 2000 at 04:41:28 PM EST

On the whole I found the piece boring and pointless. We are told that the intruder eventually wiped all their machines. And from the description last week of the tangled web of interdependencies and unmanageable diversity of operating systems, that is probably a good thing. Then, at just the point when it might have become interesting, it got cut off. Was there a problem with the upload? The other half of the article is apparently missing.

It's interesting. (none / 0) (#18)
by TomG on Wed May 10, 2000 at 07:35:54 PM EST

Not, like, a professional documentary, but it's interesting. And I haven't seen them use crack and hack incorrectly. :-)

A tale (none / 0) (#19)
by cthulhu on Wed May 10, 2000 at 07:36:29 PM EST

That's all it is. In the spirit of K5 noeld is expressing something close to him. The way things were configured obviously made them a target. They obviously weren't the most secure site (but I've seen worse, much worse). The point is not to tell people how to secure their systems (Inoshiro has been doing a good job of that), but simply to tell a tale of our culture.



Drawing "the line" (none / 0) (#20)
by Phyruxus on Wed May 10, 2000 at 10:15:33 PM EST

About where to draw the line:

That "line" is a simplification tool humans created to apply to sundry topics. Unfortunately it often fails to be true to what we think when we draw it. There's a field called "fuzzy logic" that gives truth values of 0, 1, and every number in between (well, no tensors or complex numbers ;) anyhoo, let's say we drew the line at the boundary of your internal network (your router/uplink/whatever). Ok, great, you can do whatever you want on your side of the network. As soon as you draw that "line", crackers are going to start exploiting that constant. Just like heads of state who are security conscious don't travel the same route every day, varying you network security has benefits...

Um, basically i'm just writing this because I'm against the "line" idea itself... I feel it's a dumming down, which sometimes might be useful or even necesary, but not in this case.

peace.
P: this assertion is not provable.
It is provable that an assertion equivalent to P exists.

Cracked! Part 2: Watching and Waiting | 20 comments (20 topical, 0 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!