Security DevCenter
oreilly.comSafari Books Online.Conferences.

advertisement




Stealing the Network: A Prequel

by Ryan Russell, coauthor of Stealing the Network: How to Own a Continent (Syngress)
07/01/2004

Editor's note: Stealing the Network: How to Own a Continent, the second release from Syngress in this series, uses fictional stories surrounding real technology and techniques to show the dangers that lurk in the shadows of the security industry. Ryan Russell, one of the coauthors of this book, has written this "prequel" depicting a '70s-era hack, set at a tech company back East. If you've been curious about Stealing the Network, this short bit of fiction provides a real sense of the concept behind the book. And be sure to respond to the talkback at the end of this tale -- we'd like to hear your theory.

The young man with the crew cut and habitual shave stood stick-straight at the reception desk of the research building, waiting for the receptionist to produce his temporary badge for the day. His arms were behind his back, left hand held in his right, in a not-at-ease pose. He looked out of place in his own clothes; dark slacks with a sharp crease in each leg, dress shirt with wide collar, and wide striped tie. The only article that seemed to match him were his highly polished, plain black shoes.

"Here you go, sir," she said to him, handing him the typewritten paper badge inside of a plastic holder with clip. She continued, "You're expected in room 365, elevators to your left," as he attached the clip to his shirt pocket.

As he navigated the hallways and rode the elevator, he couldn't help but stare at some of the people there that he saw. Many of them wore regular business attire, and carried folders or briefcases. The ones that made him stare looked rather like cleaned-up hippies. Maybe college professors, if he were feeling generous.

It was one of those people who turned from the chalkboard, chalk still in hand, when he entered room 365. With a grin on his face, he said "Ah, you must be our new Navy man, come to learn computer security." He had made a technical attempt at dressing for work, wearing what must once have been an acceptable shirt and slacks. But Crewcut saw that the man had on the most hideous, garish tie he had ever seen, and was wearing a shabby pair of boat shoes! Most shocking of all to Crewcut were his collar-length hair and full beard and moustache. He was used to seeing computer people wearing blue suits and white shirts.

"So soldier, what's your name, rank, and serial number?" "Sailor, uh. sir. Lieutenant Robert -- you don't really want my serial number, sir?" "No, of course not, I'm just teasing. Here, sit." He said, motioning to a chair.

Related Reading

Stealing the Network: How to Own a Continent
By FX, Ryan Russell, Roelof Temmingh, Russ Rogers, Jay Beale, Joe Grand, Kevin Mitnick, Fyodor, Paul Craig, Thor, Tom Parker

The room looked something like a cross between a classroom and a cafeteria. Two of the walls had well-used chalkboards, and the room was filled with plastic-and-metal chairs, and small tables. Really, the only thing that kept it from being a classroom was that the chairs didn't have desks attached. He took a chair facing the blackboard, and prepared to pay attention. He leaned back slightly startled when Fullbeard, instead of taking up a lecture position at the blackboard, plopped down in a chair on the other side of the table from him. He still held the piece of chalk in his left hand, though, absentmindedly rolling it with his fingertips.

"So, what have they taught you in the Navy?" "Sir? I'm trained as a linguist. I am conversant in Korean." "Ah, a linguist, huh? I was wondering how long it would take the agency to take an interest in some of our research."

Crewcut placed both palms flat on the table, as if preparing to push himself up out of his chair. He said "I don't know what you're referring to," staring deadpan.

"Oh, relax, I know. There's no such agency. What I meant was, what computer training have you had? What passes for computer science in the Navy?"

"I've been trained to write Fortran programs. I've studied the operations of the OS/360 platform that our programs run on."

"Ah! And have you played with the console on the System/360? Have you ever had a chance to bootstrap the system?"

"No sir. We submit our decks to systems operations for batching, and ..."

"Well, you're in for a treat then! Come with me." And Fullbeard excitedly rose from his chair, and started for the door. Crewcut had to hurry and gather his things to follow him. He caught up by the time the elevator door opened. He said "We're heading for the computer room in the basement," and pressed the "B" button. "So, why did you get picked?"

"Sir?"

"Why did they send you out of all the linguists? Why did they single you out for punishment?" he asked, smiling at his own joke.

"Not many of the linguists have any computer training. I extended my training after completing my Korean program. My base commander recommended me based on some of the programs I've written."

"Yeah? What kind of programs did you write?"

"I've written some programs to do letter frequency analysis and to solve monoalphabetic substitution ciphers ..."

"Ah! Cryptograms! We have some champion cryptogram puzzlers here, you know. Every once in a while, we'll have races to solve the daily cryptogram in the paper. Tell me, have you looked at the Enigma?"

"Sir? Have you had cryptographic training?"

"No, no. Just a hobby, something I've picked up here at the office. So? Have you? Looked at the Enigma?"

"A little. I'm working on a program to simulate an Enigma machine in Fortran. It's not done yet."

"Have you tried to break it yet?"

"Tried to break the Enigma encryption? No, I haven't. Sir, you're aware that the Enigma isn't rated for secure communications?"

"Oh yes, I know. It was broken by ..."

"Turing," interrupted Crewcut.

"Oh! So you do know a bit after all."

"I've read some of Turing's papers. I don't understand all of it."

"Maybe there's some hope after all." The elevator doors slid open, and they stepped into a white hallway with pipes on the ceiling.

As they paused at the door to the computer room, Fullbeard glanced guiltily to the left and right down the long hallway. Reaching into his pocket, he produced a brass key that he inserted into the lock, causing a low grinding noise to emanate from the sounding board of the door. Rather than simply turning the key, he placed one shoulder against the door, manipulated the knob with one hand, and violently jiggled the key with the other. After a moment of effort, the key turned, and the door popped inward. It took him nearly as much jiggling to get the key back out.

Seeing the look of confusion on the face of Crewcut, he smiled, and placed the key in Crewcut's hand. Looking at the key, he could see that the cuts were very jagged and uneven. Fullbeard simply stated, "I made it myself. I'm afraid I'm not very good with a hand file. Here." He paused, reaching into his pocket again, and this time extracting a whole key ring. Flipping through the keys, he found another brass key, and pinched the two keys together, holding it up for Crewcut to see. "Look, cuts 1 and 3 from the shoulder are two higher than my office key. This key I made myself will open most of the doors in the building."

"Just another hobby you picked up at the office?"

"Ha, well, college this time."

"How did you know when to stop filing?"

"The short version of the story is that if you've got a key to a given lock in a master key system, and you can take apart that lock, you can easily see the differences in pin heights for your key, and what must be a master key, or at least a sub-master. A few practical experiments, and you're set. Hand-filing a key isn't quite as hard as you might think. I'll show you more later if you want, let's hurry up. I don't want another talking to about unapproved computer room entry."

Now fearing how this would reflect on himself, Crewcut clammed up and followed Fullbeard across the raised floor tiles. They turned a corner to arrive in front of a tall cabinet whose most noticeable feature was a row of lights with many orange and purple switches beneath. "Know what this is?" asked Fullbeard.

"No, sir."

"This is a PDP-11/70. One of the earlier models, with the proper color toggle switches."

Crewcut glanced at the switches, finding it hard to believe there was anything proper about the color scheme. It looked much more like someone had had to assemble it out of two different sets.

"Here," said Fullbeard, reaching down and flipping one of the switches towards the right-hand side. "Halted."

"What?" replied Crewcut, looking panicked, glancing back the way they had come.

At that, Fullbeard actually laughed out loud, and flipped the switch back to its original position. "Resumed."

"Won't that cause problems? Won't someone notice? Who pays for the lost runtime charges?"

Laughing again, Fullbeard said, "We don't charge back CPU time here. This is my system. Well, ours. No, it won't cause any problems. Well, you can, of course, if you don't know what you're doing. No one is going to notice a few-second pause. Our OS gets busy sometimes with a bunch of users, and no one is going to think twice about a small stall. Next time I need to put a new version of the OS on, how about I let you toggle in the bootstrap, OK?"

Crewcut followed Fullbeard out of the room, the look on his face somewhere between awestruck and fearful.

"I know a good Korean food place for lunch. You can order for us."

Pages: 1, 2

Next Pagearrow






Sponsored by: