An Evening with Berferd In Which a Cracker is Lured, Endured, and Studied
暂无分享,去创建一个
On 7 January 1991 a cracker, believing he had discovered the famous sendmail DEBUG hole in our Internet gateway machine, attempted to obtain a copy of our password file. I sent him one. For several months we led this cracker on a merry chase in order to trace his location and learn his techniques. This paper is a chronicle of the cracker’s “successes” and disappointments, the bait and traps used to lure and detect him, and the chroot “Jail” we built to watch his activities. We concluded that our cracker had a lot of time and persistence, and a good list of security holes to use once he obtained a login on a machine. With these holes he could often subvert the uucp and bin accounts in short order, and then root. Our cracker was interested in military targets and new machines to help launder his connections.
[1] Bill Cheswick. The Design of a Secure Internet Gateway , 1990, USENIX Summer.
[2] C. Stoll. The Cuckoo's Egg : Tracking a Spy Through the Maze of Computer Espionage , 1990 .