[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Anonymous return addresses



-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 11 Jun 1996, Alan Horowitz wrote:

> Can anyone "give away the Ending" of Cliff Stoll's book - and describe 
> the basic methodology used to track back to the German hacker?
> 
> I don't have time to read the book. I don't need to understand all the 
> little nuanced details, I just want to know the "trick".

Here's the story as best as I can remember from _Cyberpunk_:

Cliff Stoll worked at LBL where he found that the account of a former worker
was being abused by a cracker.  He set up a system that would log every
keystroke the cracker made and he would automatically get paged whenever there
was an intrusion.  The connection was apparently from a Tymnet node.  Stoll got
a search warrent and traced the Tymnet connection back to a modem pool at
Mitre in Virginia.  The people at Mitre found that the cracker was dialing into
the modem pool and exploiting a security hole to dial back out to a Tymnet
node.  With cooperation from the CIA, it was found that the calls were being
made from a network in Germany called Datex-P.  When the network discovered the
extremely high long-distance bills, they traced the call back to Pengo (Hans
Huebner).

- -- Mark

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[email protected]              | finger -l for PGP key 0xe3bf2169
http://www.voicenet.com/~markm/ | d61734f2800486ae6f79bfeb70f95348
"In Christianity neither morality nor religion come into contact with
reality at any point."
                -- Friedrich Nietzsche


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQCVAwUBMb4P3rZc+sv5siulAQE7UAP/QoDxTapE1GjxXdWBD7mXIv+p4aeo2s8Z
7MZV65Faqpa/iEUEO539TkTToDr8yIUC1Mdkx3QDaJ0k5Wfw8qT2956n6kGS6CkS
hi2CgrOIlzsdBBbvdhxMHoRlA7O15uc4nQ3ghJU/FjjdpOFsQh/pwLRcdrG78L3n
X33Gi7YUdxc=
=2NkX
-----END PGP SIGNATURE-----