Suelette dreyfus julian assange



Download 6.15 Mb.
Page35/43
Date03.05.2017
Size6.15 Mb.
1   ...   31   32   33   34   35   36   37   38   ...   43

`bin', it quickly found Anthrax's Trojan and ran it.

The hacker savoured the moment, but he didn't pause for long. With a

few swift keystrokes, he added an entry to the password file, creating

a basic account for himself. He exited his connection to port 2001,

circled around through another route, using the 0014 gateway, and

logged into System X using his newly created account. It felt good

walking in through the front door.

Once inside, Anthrax had a quick look around. The system startled him.

There were only three human users. Now that was definitely odd. Most

systems had hundreds of users. Even a small system might serve 30 or

40 people, and this was not a small system. He concluded that System X

wasn't just some machine designed to send and receive email. It was

operational. It did something.

Anthrax considered how to clean up his footsteps and secure his

position. While he was hardly broadcasting his presence, someone might

discover his arrival simply by looking at who was logged in on the

list of accounts in the password file. He had given his backdoor root

account a bland name, but he could reasonably assume that these three

users knew their system pretty well. And with only three users, it was

probably the kind of system that had lots of babysitting. After all

that effort, Anthrax needed a watchful nanny like a hole in the head.

He worked at moving into the shadows.

He removed himself from the WTMP and UTMP files, which listed who had

been on-line and who was still logged in. Anthrax wasn't invisible,

but an admin would have to look closely at the system's network

connections and list of processes to find him. Next stop: the login

program.


Anthrax couldn't use his newly created front-door account for an

extended period--the risk of discovery was too great. If he accessed

the computer repeatedly in this manner, a prying admin might

eventually find him and delete his account. An extra account on a

system with only three users was a dead give-away. And losing access

to System X just as things were getting interesting was not on his

agenda.

Anthrax leaned back in his chair and stretched his shoulders. His



hacking room was an old cloakroom, though it was barely recognisable

as such. It looked more like a closet--a very messy closet. The whole

room was ankle-deep in scrap papers, most of them with lists of

numbers on the back and front. Occasionally, Anthrax scooped up all

the papers and piled them into heavy-duty garbage bags, three of which

could just fit inside the room at any one time. Anthrax always knew

roughly where he had `filed' a particular set of notes. When he needed

it, he tipped the bag onto the floor, searched through the mound and

returned to the computer. When the sea of paper reached a critical

mass, he jammed everything back into the garbage bag again.

The computer--an Amiga 500 box with a cheap Panasonic TV as the

monitor--sat on a small desk next to his mother's sewing machine

cabinet. The small bookcase under the desk

was stuffed with magazines like Compute and Australian Communications,

along with a few Commodore, Amiga and Unix reference manuals. There

was just enough space for Anthrax's old stereo and his short-wave

radio. When he wasn't listening to his favourite show, a hacking

program broadcast from a pirate station in Ecuador, he tuned into

Radio Moscow or the BBC's World Service.

Anthrax considered what to do with System X. This system had aroused

his curiosity and he intended to visit it frequently.

It was time to work on the login patch. The patch replaced the

system's normal login program and had a special feature: a master

password. The password was like a diplomatic passport. It would let

him do anything, go anywhere. He could login as any user using the

master password. Further, when he logged in with the master password,

he wouldn't show up on any log files--leaving no trail. But the beauty

of the login patch was that, in every other way, it ran as the normal

login program. The regular computer users--all three of them--could

login as usual with their passwords and would never know Anthrax had

been in the system.

He thought about ways of setting up his login patch. Installing a

patch on System X wasn't like mending a pair of jeans. He couldn't

just slap on a swath from an old bandanna and quick-stitch it in with

a thread of any colour. It was more like mending an expensive cashmere

coat. The fabric needed to be a perfect match in colour and texture.

And because the patch required high-quality invisible mending, the

size also needed to be just right.

Every file in a computer system has three dates: the date it was

created, the date it was last modified and the date it was last

accessed. The problem was that the login patch needed to have the same

creation and modification dates as the original login program so that

it would not raise suspicions. It wasn't hard to get the dates but it

was difficult to paste them onto the patch. The last access date

wasn't important as it changed whenever the program was run

anyway--whenever a user of the System X logged in.

If Anthrax ripped out the original login program and stitched his

patch in its place, the patch would be stamped with a new creation

date. He knew there was no way to change a creation date short of

changing the clock for the whole system--something which would cause

problems elsewhere in System X.

The first thing a good system admin does when he or she suspects a

break-in is search for all files created or modified over the previous

few days. One whiff of an intruder and a good admin would be all over

Anthrax's login patch within about five minutes.

Anthrax wrote the modification and creation dates down on a bit of

paper. He would need those in a moment. He also jotted down the size

of the login file.

Instead of tearing out the old program and sewing in a completely new

one, Anthrax decided to overlay his patch by copying it onto the top

of the old program. He uploaded his own login patch, with his master

password encased inside it, but he didn't install it yet. His patch

was called `troj'--short for Trojan. He typed:

cat/bin/login

The cat command told the computer: `go get the data in the file called

"troj" and put it in the file "/bin/login"'. He checked the piece of

paper where he had scribbled down the original file's creation and

modification dates, comparing them to the new patch. The creation date

and size matched the original. The modification date was still wrong,

but he was two-thirds of the way home.

Anthrax began to fasten down the final corner of the patch by using a

little-known feature of the command:

/usr/5bin/date

Then he changed the modification date of his login patch to the

original login file's date.

He stepped back to admire his work from a distance. The newly

installed patch matched the original perfectly. Same size. Same

creation date. Same modification date. With patch in place, he deleted

the root account he had installed while visiting port 2001. Always

take your garbage with you when you leave.

Now for the fun bit. Snooping around. Anthrax headed off for the

email, the best way to work out what a system was used for. There were

lots of reports from underlings to the three system users on buying

equipment, progress reports on a certain project, updates. What was

this project?

Then Anthrax came across a huge directory. He opened it and there,

couched inside, were perhaps 100 subdirectories. He opened one of

them. It was immense, containing hundreds of files. The smallest

subfile had perhaps 60 computer screens' worth of material, all of it

unintelligible. Numbers, letters, control codes. Anthrax couldn't make

head nor tail of the files. It was as if he was staring at a group of

binary files. The whole subdirectory was filled with thousands of

pages of mush. He thought they looked like data files for some

database.

As he didn't have the program he needed to interpret the mush, Anthrax

cast around looking for a more readable directory.

He pried open a file and discovered it was a list. Names and phone

numbers of staff at a large telecommunications company. Work phone

numbers. Home numbers. Well, at least that gave him a clue as to the

nature of the project. Something to do with telecommunications. A

project important enough that the military needed the home phone

numbers of the senior people involved.

The next file confirmed it. Another list, a very special list. A pot

of gold at the end of the rainbow. The find of a career spent hacking.

If the US government had had any inkling what was happening at that

moment, heads would have rolled. If it had known that a foreigner, and

a follower of what mainstream American media termed an extremist

religious group, had this information in his possession, the defence

agency would have called in every law enforcement agency it could

enlist.


As John McMahon might have said, a lot of yelling and screaming would

have occurred.

Anthrax's mother had made a good home for the family, but his father

continued to disrupt it with his violence. Fun times with his friends

shone like bright spots amidst the decay of Anthrax's family life.

Practical jokes were his specialty. Even as a small child, he had

delighted in trickery and as he grew up, the jokes became more

sophisticated. Phreaking was great. It let him prank people all over

the world. And pranking was cool.

Most of the fun in pranking was sharing it with friends. Anthrax

called into a voice conference frequented by phreakers and hackers.

Though he never trusted others completely when it came to working on

projects together, it was OK to socialise. The phreaking methods he

used to get onto the phone conference were his own business. Provided

he was discreet in how much he said in the conference, he thought

there wasn't too much risk.

He joined the conference calls using a variety of methods. One

favourite was using a multinational corporation's Dialcom service.

Company employees called in, gave their ID numbers, and the operator

put them through to wherever they wanted to go, free of charge. All

Anthrax needed was a valid ID number.

Sometimes it was hard work, sometimes he was lucky. The day Anthrax

tried the Dialcom service was a lucky day. He dialled from his

favourite pay phone.

`What is your code, sir?' The operator asked.

`Yes, well, this is Mr Baker. I have a sheet with a lot of numbers

here. I am new to the company. Not sure which one it is.' Anthrax

shuffled papers on top of the pay phone, near the receiver. `How many

digits is it?'

`Seven.'


That was helpful. Now to find seven digits. Anthrax looked across the

street at the fish and chips shop. No numbers there. Then a car

licence plate caught his eye. He read off the first three digits, then

plucked the last four numbers from another car's plate.

`Thank you. Putting your call through, Mr Baker.'

A valid number! What amazing luck. Anthrax milked that number for all

it was worth. Called party lines. Called phreakers' bridges. Access

fed the obsession.

Then he gave the number to a friend in Adelaide, to call overseas. But

when that friend read off the code, the operator jumped in.

`YOU'RE NOT MR BAKER!'

Huh? `Yes I am. You have my code.'

`You are definitely not him. I know his voice.'

The friend called Anthrax, who laughed his head off, then called into

Dialcom and changed his code! It was a funny incident. Still, it

reminded him how much safer it was working by himself.

Living in the country was hard for a hacker and Anthrax became a

phreaker out of necessity, not just desire. Almost everything involved

a long-distance call and he was always searching for ways to make

calls for free. He noticed that when he called certain 008

numbers--free calls--the phone would ring a few times, click, and then

pause briefly before ringing some more. Eventually a company

representative or answering service picked up the call. Anthrax had

read about diverters, devices used to forward calls automatically, in

one of the many telecommunications magazines and manuals he was

constantly reading. The click suggested the call was going through a

diverter and he guessed that if he punched in the right tones at the

right moment, he could make the call divert away from a company's

customer service agent. Furthermore, any line trace would end up at

the company.

Antrax collected some 008 numbers and fiddled with them. He discovered

that if he punched another number in very quickly over the top of the

ringing--just after the click--he could make the line divert to where

he wanted it to go. He used the 008 numbers to ring phone conferences

around the world, where he hung out with other phreakers, particularly

Canadians such as members of the Toronto-based UPI or the Montreal

group, NPC, which produced a phreakers' manual in French. The

conversation on the phreaker's phone conferences, or phone bridges as

they are often called, inevitably turned to planning a prank. And

those Canadian guys knew how to prank!

Once, they rang the emergency phone number in a major Canadian city.

Using the Canadian incarnation of his social engineering accents,

Anthrax called in a `police officer in need of assistance'. The

operator wanted to know where. The phreakers had decided on the Blue

Ribbon Ice-Cream Parlour. They always picked a spot within visual

range of at least one member, so they could see what was happening.

In the split second of silence which followed, one of the five other

phreakers quietly eavesdropping on the call coughed. It was a short,

sharp cough. The operator darted back on the line.

`Was that A GUN SHOT? Are you SHOT? Hello? John?' The operator leaned

away from her receiver for a moment and the phreakers heard her

talking to someone else in the background. `Officer down.'

Things moved so fast when pranking. What to do now?

`Ah, yeah. Yeah.' It was amazing how much someone squeezing laughter

back down his oesophagus can sound like someone who has been shot.

`John, talk to me. Talk to me,' the operator pleaded into the phone,

trying to keep John alert.

`I'm down. I'm down,' Anthrax strung her along.

Anthrax disconnected the operator from the conference call. Then the

phreaker who lived near the ice-cream parlour announced the street had

been blocked off by police cars. They had the parlour surrounded and

were anxiously searching for an injured fellow officer. It took

several hours before the police realised someone had played a mean

trick on them.

However, Anthrax's favourite prank was Mr McKenny, the befuddled

southern American hick. Anthrax had selected the phone number at

random, but the first prank was such fun he kept coming back for more.

He had been ringing Mr McKenny for years. It was always the same

conversation.

`Mr McKenny? This is Peter Baker. I'd like my shovel back, please.'

`I don't have your shovel.'

`Yeah, I lent it to you. Lent it to you like two years ago. I want it

back now.'

`I never borrowed no shovel from you. Go away.'

`You did. You borrowed that shovel of mine. And if you don't give it

back I'm a gonna come round and get it myself. And you won't like it.

Now, when you gonna give me that shovel back?'

`Damn it! I don't have your goddamn shovel!'

`Give me my shovel!'

`Stop calling me! I've never had your friggin' shovel. Let me be!'

Click.

Nine in the morning. Eight at night. Two a.m. There would be no peace



for Mr McKenny until he admitted borrowing that shovel from a boy half

his age and half a world away.

Sometimes Anthrax pranked closer to home. The Trading Post, a weekly

rag of personals from people selling and buying, served as a good

place to begin. Always the innocent start, to lure them in.

`Yes, sir, I see you advertised that you wanted to buy a bathtub.'

Anthrax put on his serious voice. `I have a bathtub for sale.'

`Yeah? What sort? Do you have the measurements, and the model number?'

And people thought phreakers were weird.

`Ah, no model number. But its about a metre and a half long, has feet,

in the shape of claws. It's older style, off-white. There's only one

problem.' Anthrax paused, savouring the moment.

`Oh? What's that?'

`There's a body in it.'

Like dropping a boulder in a peaceful pond.
[ ]

The list on System X had dial-up modem numbers, along with usernames

and password pairs for each address. These usernames were not words

like `jsmith' or `jdoe', and the passwords would not have appeared in

any dictionary. 12[AZ63. K5M82L. The type of passwords and usernames

only a computer would remember.

This, of course, made sense, since a computer picked them out in the

first place. It generated them randomly. The list wasn't particularly

user-friendly. It didn't have headers, outlining what each item

related to. This made sense too. The list wasn't meant to be read by

humans.

Occasionally, there were comments in the list. Programmers often



include a line of comment in code, which is delineated in such a way

that the computer skips over the words when interpreting the commands.

The comments are for other programmers examining the code. In this

case, the comments were places. Fort Green. Fort Myers. Fort Ritchie.

Dozens and dozens of forts. Almost half of them were not on the

mainland US. They were in places like the Philippines, Turkey,

Germany, Guam. Places with lots of US military presence.

Not that these bases were any secret to the locals, or indeed to many

Americans. Anthrax knew that anyone could discover a base existed

through perfectly legal means. The vast majority of people never

thought to look. But once they saw such a list, particularly from the

environment of a military computer's bowels, it tended to drive the

point home. The point being that the US military seemed to be

everywhere.

Anthrax logged out of System X, killed all his connections and hung up

the phone. It was time to move on. Routing through a few

out-of-the-way connections, he called one of the numbers on the list.

The username-password combination worked. He looked around. It was as

he expected. This wasn't a computer. It was a telephone exchange. It

looked like a NorTel DMS 100.

Hackers and phreakers usually have areas of expertise. In Australian

terms, Anthrax was a master of the X.25 network and a king of voice

mailbox systems, and others in the underground recognised him as such.

He knew Trilogues better than most company technicians. He knew

Meridian VMB systems better than almost anyone in Australia. In the

phreaking community, he was also a world-class expert in Aspen VMB

systems. He did not, however, have any expertise in DMS 100s.

Anthrax quickly hunted through his hacking disks for a text file on

DMS 100s he had copied from an underground BBS. The pressure was on.

He didn't want to spend long inside the exchange, maybe only fifteen

or twenty minutes tops. The longer he stayed without much of a clue

about how the thing operated, the greater the risk of his being

traced. When he found the disk with the text file, he began sorting

through it while still on-line at the telephone exchange. The

phreakers' file showed him some basic commands, things which let him

gently prod the exchange for basic information without disturbing the

system too much. He didn't want to do much more for fear of

inadvertently mutilating the system.

Although he was not an authority on DMS 100s, Anthrax had an old

hacker friend overseas who was a real genius on NorTel equipment. He

gave the list to his friend. Yes, the friend confirmed it was indeed a

DMS 100 exchange at a US military base. It was not part of the normal

telephone system, though. This exchange was part of a military phone

system.


In times of war, the military doesn't want to be dependent on the

civilian telephone system. Even in times of peace, voice

communications between military staff are more secure if they don't

talk on an exchange used by civilians. For this and a variety of other

reasons, the military have separate telephone networks, just as they

have separate networks for their data communications. These networks

operate like a normal network and in some cases can communicate to the

outside world by connecting through their own exchanges to civilian

ones.

When Anthrax got the word from the expert hacker, he made up his mind



quickly. Up went the sniffer. System X was getting more interesting by

the hour and he didn't want to miss a precious minute in the information

gathering game when it came to this system.

The sniffer, a well-used program rumoured to be written by a

Sydney-based Unix hacker called Rockstar, sat on System X under an

innocuous name, silently tracking everyone who logged in and out of

the system. It recorded the first 128 characters of every telnet

connection that went across the ethernet network cable to which System

X was attached. Those 128 bytes included the username and the

passwords people used to log in. Sniffers were effective, but they

needed time. Usually, they grew like an embryo in a healthy womb,

slowly but steadily.

Anthrax resolved to return to System X in twelve hours to check on the

baby.


[ ]
`Why are you two watching those nigger video clips?'

It was an offensive question, but not atypical for Anthrax's father.

He often breezed through the house, leaving a trail of disruption in

his wake.

Soon, however, Anthrax began eroding his father's authority. He

discovered his father's secrets hidden on the Commodore 64 computer.

Letters--lots of them--to his family in England. Vicious, racist,

horrid letters telling how his wife was stupid. How she had to be told

how to do everything, like a typical Indian. How he regretted marrying

her. There were other matters too, things unpleasant to discuss.

Anthrax confronted his father, who denied the allegations at first,


Directory: ~suelette -> underground

Download 6.15 Mb.

Share with your friends:
1   ...   31   32   33   34   35   36   37   38   ...   43




The database is protected by copyright ©sckool.org 2020
send message

    Main page