[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Anonymous return addresses
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, 11 Jun 1996, Alan Horowitz wrote:
> Can anyone "give away the Ending" of Cliff Stoll's book - and describe
> the basic methodology used to track back to the German hacker?
>
> I don't have time to read the book. I don't need to understand all the
> little nuanced details, I just want to know the "trick".
Here's the story as best as I can remember from _Cyberpunk_:
Cliff Stoll worked at LBL where he found that the account of a former worker
was being abused by a cracker. He set up a system that would log every
keystroke the cracker made and he would automatically get paged whenever there
was an intrusion. The connection was apparently from a Tymnet node. Stoll got
a search warrent and traced the Tymnet connection back to a modem pool at
Mitre in Virginia. The people at Mitre found that the cracker was dialing into
the modem pool and exploiting a security hole to dial back out to a Tymnet
node. With cooperation from the CIA, it was found that the calls were being
made from a network in Germany called Datex-P. When the network discovered the
extremely high long-distance bills, they traced the call back to Pengo (Hans
Huebner).
- -- Mark
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[email protected] | finger -l for PGP key 0xe3bf2169
http://www.voicenet.com/~markm/ | d61734f2800486ae6f79bfeb70f95348
"In Christianity neither morality nor religion come into contact with
reality at any point."
-- Friedrich Nietzsche
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv
iQCVAwUBMb4P3rZc+sv5siulAQE7UAP/QoDxTapE1GjxXdWBD7mXIv+p4aeo2s8Z
7MZV65Faqpa/iEUEO539TkTToDr8yIUC1Mdkx3QDaJ0k5Wfw8qT2956n6kGS6CkS
hi2CgrOIlzsdBBbvdhxMHoRlA7O15uc4nQ3ghJU/FjjdpOFsQh/pwLRcdrG78L3n
X33Gi7YUdxc=
=2NkX
-----END PGP SIGNATURE-----