Page 216


Undergound. Go to Table of Contents.

   The system had just rung all 1000 numbers at the same time. One

   thousand phones ringing all at once.

  

   What if some buttoned-down Telecom engineer had driven to work early

   that morning to get some work done? What if he had just settled down

   at his standard-issue metal Telecom desk with a cup of bad instant

   coffee in a styrofoam cup when suddenly ... every telephone in the

   skyscraper had rung out simultaneously? How suspicious would that

   look? Mendax thought it was time to high-tail it out of there.

  

   On his way out, he disabled the logs for the modem line he came in on.

   That way, no-one would be able to see what he had been up to. In fact,

   he hoped no-one would know that anyone had even used the dial-up line

   at all.

  

   Prime Suspect didn't think there was anything wrong with exploring the

   NorTel computer system. Many computer sites posted warnings in the

   login screen about it being illegal to break into the system, but the

   eighteen-year-old didn't consider himself an intruder. In Prime

   Suspect's eyes, `intruder' suggested someone with ill intent--perhaps

   someone planning to do damage to the system--and he certainly had no

   ill intent. He was just a visitor.

  

   Mendax logged into the NMELH1 system by using the account Prime

   Suspect had given him, and immediately looked around to see who else

   was on-line. Prime Suspect and about nine other people, only three of

   whom were actually doing something at their terminal.

  

   Prime Suspect and Mendax raced to get root on the system. The IS

   hackers may not have been the type to brag about their conquests in

   the underground, but each still had a competitive streak when it came

   to see who could get control over the system first. There was no ill

   will, just a little friendly competition between mates.

  

   Mendax poked around and realised the root directory, which contained

   the password file, was effectively world writable. This was good news,

   and with some quick manipulation he would be able to insert something

   into the root directory. On a more secure system, unprivileged users

   would not be able to do that. Mendax could also copy things from the

   directory on this site, and change the names of subdirectories within

   the main root directory. All these permissions were important, for

   they would enable him to create a Trojan.

  

   Named for the Trojan horse which precipitated the fall of Troy, the

   Trojan is a favoured approach with most computer hackers. The hacker

   simply tricks a computer system or a user into thinking that a

   slightly altered file or directory--the Trojan--is the legitimate one.

   The Trojan directory, however, contains false information to fool the

   computer into doing something the hacker wants. Alternatively, the

   Trojan might simply trick a legitimate user into giving away valuable

   information, such as his user name and password.

  

   Mendax made a new directory and copied the contents of the legitimate

   ETC directory--where the password files were stored--into it. The

   passwords were encrypted, so there wasn't much sense trying to look at

   one since the hacker wouldn't be able to read it. Instead, he selected

   a random legitimate user--call him Joe--and deleted his password. With

   no password, Mendax would be able to login as Joe without any

   problems.