Forwarded From: William Knowles <erehwon@kizmiaz.dis.org>
[Forbes Digital Tool, By Adam L. Penenberg] (http://www.forbes.com)
J3 spends his days trolling around the hacker underground,
monitoring hacker channels on Internet Relay Chat, checking
out the latest on "phreaking,"--cracking the phone system--
dialing up bulletin boards and checking out web sites that
offer password-cracking software and how-to guides.
For J3 this isn't just a hobby, it's a job.
ICSA, a computer security firm, hired J3 (not his real name nor
his online "nick", since his success depends on total anonymity)
two years ago as the company's lead underground analyst. His
mission: to keep tabs on the latest trends and tools in the
hacker world. When he gets wind of a new security hole,
he passes the information on to ICSA's tech staff so that
the company can either develop a defense or tip off
software makers before the flaw can be exploited.
J3 is very busy. Recently, a group of European hackers released
a Trojan horse-like program that would enable them to set up
backdoors in geeky programs known only to network administrators,
such as "named" programs related to domain name servers, a basic
component of any network connected to the larger Internet. J3
found out about it in the course of his monitoring, passed it
on to ICSA, and the company informed CERT (Computer Emergency
Response Team) which posted an advisory.
The Internet is a lot like Lord of the Flies, a nasty, violent
--yet virtual--world where the strong intimidate the weak.
He was also instrumental in helping ICSA detect two types of
denial of service attack modes--Teardrop and Land--that were
being used to exploit vulnerabilities in the TCP/IP protocol.
These new attacks took advantage of tweaks that would beat
existing patches, which made it difficult for system
administrators to stay ahead of hackers. But J3, because of
his links to the underground, was able to learn of these
exploits shortly after they were posted on hacker channels.
"I'm proud of a lot of the work we do," J3 says. "I've found a
company's entire password file posted to a web site, or that
hackers have root in a network or that a merchant site with a
database of credit cards has been compromised. I then contact
the companies and warn them."
He says that the Internet is a lot like Lord of the Flies, a
nasty, violent--yet virtual--world where the strong intimidate
the weak. Not all hackers are destructive, of course. There are
many good ones on a quest for pure information, the lifeblood
of their avocation, who post security flaws because they believe
it's the best way to fix them. It's the ones who exploit these
flaws to cause damage that irritate J3.
But they have a vulnerability: their need for self-aggrandizement,
which is key to J3's success. "If hackers didn't brag," he says,
"I wouldn't have a job."
J3, who works mostly nights since the Internet never sleeps,
isn't just a full-time worker. He's also a graduate student
working on his Ph.D. in psychology. And his area of study?
Hackers, of course.
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Mon Jul 6 08:11:53 1998