Page 220

Undergound. Go to Table of Contents.

   other, more subtle ways of getting a password than the brute force of

   a cracking program.


   System administrators sometimes sent passwords through email. Normally

   this would be a major security risk, but the NorTel system was

   firewalled from the Internet, so the admins thought they had no real

   reason to be concerned about hackers. Besides, in such a large

   corporation spanning several continents, an admin couldn't always just

   pop downstairs to give a new company manager his password in person.

   And an impatient manager was unlikely to be willing to wait a week for

   the new password to arrive courtesy of snail mail.


   In the NorTel network, a mail spool, where email was stored, was often

   shared between as many as twenty computer systems. This structure

   offered considerable advantages for Mendax. All he needed to do was

   break into the mail spool and run a keyword search through its

   contents. Tell the computer to search for word combinations such as

   `BNRGATE' and `password', or to look for the name of the system admin

   for BNRGATE, and likely as not it would deliver tender morsels of

   information such as new passwords.


   Mendax used a password he found through this method to get into

   BNRGATE and look around. The account he was using only had very

   restricted privileges, and he couldn't get root on the system. For

   example, he could not FTP files from outside the NorTel network in the

   normal way. Among Internet users FTP (file transfer protocol) is both

   a noun and a verb: to FTP a program is to slurp a copy of it off one

   computer site into your own. There is nothing illegal about FTP-ing

   something per se, and millions of people across the Internet do so

   quite legitimately.


   It appeared to Mendax that the NorTel network admins allowed most

   users to FTP something from the Internet, but prevented them from

   taking the copied file back to their NorTel computer site. It was

   stored in a special holding pen in

   BNRGATE and, like quarantine officers, the system admins would

   presumably come along regularly and inspect the contents to make sure

   there were no hidden viruses or Trojans which hackers might use to

   sneak into the network from the Internet.


   However, a small number of accounts on BNRGATE had fewer restrictions.

   Mendax broke into one of these accounts and went out to the Internet.


   People from the Internet were barred from entering the NorTel network

   through BNRGATE. However, people inside NorTel could go out to the

   Internet via telnet.


   Hackers had undoubtedly tried to break into NorTel through BNRGATE.

   Dozens, perhaps hundreds, had unsuccessfully flung themselves against

   BNRGATE's huge fortifications. To a hacker, the NorTel network was

   like a medieval castle and the

   BNRGATE firewall was an impossible battlement. It was a particular

   delight for Mendax to telnet out from behind this firewall into the

   Internet. It was as if he was walking out from the castle, past the

   guards and well-defended turrets, over the drawbridge and the moat,

   into the town below.


   The castle also offered the perfect protection for further hacking

   activities. Who could chase him? Even if someone managed to follow him

   through the convoluted routing system he might set up to pass through