Honeynet Project and the Underground

Have you ever been tempted to hack, or even crack, a system—maybe just to recover your own lost administrator password? If you have, you know how it feels to approach that kind of challenge, and therefore, you share a common perspective with hackers everywhere. But what if the experience so intrigues you that you can't resist testing other people's systems in some unauthorized fashion?

Most of us are probably comfortable living vicariously through the lives of real black hat crackers instead of venturing into that type of activity ourselves. You know the adage: To defend against intruders, you must think like intruders. But how can you gain insight into the lives of system crackers without becoming one? Unembellished tales of the underground are few except for the news reports we see almost every week. However, a few books are available that lend deep insight into the minds of those who would forego the law in favor of a mental challenge—black hat crackers. One such book, "Underground," was recently released in electronic form on the Internet.

"Underground" (ISBN 1863305955) was written by Suelette Dryfus and originally published as a paperback in May 1997. Dryfus recently made the book available online for free at the suggestion of Julian Assange, researcher for the book. Underground tells the true story of a group of people from around the world who banded together and exploited thousands of highly sensitive computer systems, including some belonging to the Pentagon, NASA, and NATO. The book's attraction, according to published reader comments, is the accuracy of the technical and historical aspects of the events within the story. And this type of accuracy is rare in stories about hackers and crackers. So if you haven't already read "Underground," download a copy and check it out (it's only 957KB). I think you'll find it interesting and educational.

Another great way to gain insight into the minds of information security experts is to attend the Black Hat Windows Security convention in Las Vegas at Caesar's Palace on February 14 and 15. Windows 2000 Magazine is sponsoring the event, and you can attend any of three tracks: Technical, More Technical, and Deep Knowledge. I'll be attending track sessions myself, so if you're coming to the show, I'll see you there!

Before I close, I want to tell you about the Honeynet Project's new forensic challenge, which launched January 15. According to the project's Web page for the challenge. "The Forensic Challenge" is an effort to allow incident handlers around the world to all look at the same data—an image reproduction of the same compromised system—and to see who can dig the most out of that system and communicate what they've found in a concise manner. This is a nonscientific study of tools, techniques, and procedures applied to post-compromise incident handling."

The basic premise is that someone really did compromise a system, and the project has taken an image of that compromised system and made it available to the public to determine what kind of forensic information can be derived from it. The top 20 submissions win a copy of the book "Hacking Exposed," courtesy of Foundstone.

Sounds like a great exercise doesn't it? It is; however, there is a caveat: The compromised system wasn't running a Windows OS. It was running Red Hat Linux 6.2 Server. Nonetheless, if you're familiar with Linux-based systems, or just want to try your hand at the forensic analysis of a UNIX system, be sure to check out the Honeynet Project's forensic challenge. Until next time, have a great week!

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.