Page 217


Undergound. Go to Table of Contents.

   However, Joe was just an average user. He didn't have root, which is

   what Mendax wanted. But like every other user on the system, Joe had a

   user identity number. Mendax changed Joe's user id to `0'--the magic

   number. A user with `0' as his id had root. Joe had just acquired

   power usually only given to system administrators. Of course, Mendax

   could have searched out a user on the list who already had root, but

   there were system operators logged onto the system and it might have

   raised suspicions if another operator with root access had logged in

   over the dial-up lines. The best line of defence was to avoid making

   anyone on the system suspicious in the first place.

  

   The problem now was to replace the original ETC directory with the

   Trojan one. Mendax did not have the privileges to delete the

   legitimate ETC directory, but he could change the name of a directory.

   So he changed the name of the ETC directory to something the computer

   system would not recognise. Without access to its list of users, the

   computer could not perform most of its functions. People would not be

   able to log in, see who else was on the system or send electronic

   mail. Mendax had to work very quickly. Within a matter of minutes,

   someone would notice the system had serious problems.

  

   Mendax renamed his Trojan directory ETC. The system instantly read the

   fake directory, including Joe's now non-existent password, and

   elevated status as a super-user. Mendax logged in again, this time as

   Joe.

  

   In less than five minutes, a twenty-year-old boy with little formal

   education, a pokey $700 computer and painfully slow modem had

   conquered the Melbourne computer system of one of the world's largest

   telecommunications companies.

  

   There were still a few footprints to be cleaned up. The next time Joe

   logged in, he would wonder why the computer didn't ask for his

   password. And he might be surprised to discover he had been

   transformed into a super-user. So Mendax used his super-user status to

   delete the Trojan ETC file and return the original one to its proper

   place. He also erased records showing he had ever logged in as Joe.

  

   To make sure he could login with super-user privileges in future,

   Mendax installed a special program which would automatically grant him

   root access. He hid the program in the bowels of the system and, just

   to be safe, created a special feature so that it could only be

   activated with a secret keystroke.

  

   Mendax wrestled a root account from NMELH1 first, but Prime Suspect

   wasn't far behind. Trax joined them a little later. When they began

   looking around, they could not believe what they had found. The system

   had one of the weirdest structures they had ever come across.

  

   Most large networks have a hierarchical structure. Further, most hold

   the addresses of a handful of other systems in the network, usually

   the systems which are closest in the flow of the external network.

  

   But the NorTel network was not structured that way. What the IS

   hackers found was a network with no hierarchy. It was a totally flat

   name space. And the network was weird in other ways too. Every

   computer system on it contained the address of every other computer,

   and there were more than 11000 computers in NorTel's worldwide

   network. What the hackers were staring at was like a giant internal

   corporate Internet which had been squashed flat as a pancake.