Path: utzoo!mnetor!uunet!lll-winken!csustan!polyslo!caus-dp!marcos
From: marcos@caus-dp.UUCP (Marcos R. Della)
Newsgroups: comp.misc
Subject: Re: Trojan Horse a Myth?
Message-ID: <331@caus-dp.UUCP>
Date: 11 Dec 87 16:17:56 GMT
References: <459@gtx.com> <405@tardis.cc.umich.edu> <8192@ism780c.UUCP>
Organization: USPFO for CA - Data Processing Div., SLO, Ca
Lines: 36


Back around 1978 I think (I can't remember that far back too well) there
was this kid in the Concord/Walnut Creek area of the Bay area who bought
himself a 300 baud modem and a small terminal. He managed to get an account
on one of the local machines and proceeded to learn as much about unix as
he could. The following is what happened to him with this knowledge...

He managed to start creating login shells that saved passwords and the like
and then called the real shell with the information that he had learned. That
way he could get the facts of if the person typed in the correct password and
also the person would be logged on normally.

He also wrote a package that duplicated this effort over the ARPA lines to
other machines (Before arpa started putting better restrictions on these
kinds of things) and his little bug started floating around the country,
reporting passwords and the like back to him.

He was finally caught because some unix hacker at stanford started noticing
that it took 15-30 seconds longer than normal to log on the machine and
was wondering what the system admins had done to the operating system to
slow it down so much. In his words, he was going to fix it up for them and
put some more speed in and turn it in as a project. Well, he found this
bug and the people at stanford started a little search and started tracking
down all these bugs and started tracing them around the country.

Eventually they caught the kid. The FBI came in and confiscated his equipment
and hauled him off.. The kid was 13 or 15 I think. Anyway, later that year
after he went through all the wrist slapping and such, someone offered him
a high paying job trying to break into machines and create fixes to prevent
it. Something on the order of use a crook to catch a crook.


-- 
...!csustan ->!polyslo!caus-dp!marcos		    | Whatever I said doesn't
...!sdsu ---/	Marcos R. Della			    | mean diddly as I forgot
...!csun --/	Smail:PO Box 8104 SLO,CA 93403-8104 | it even before finishing
...!dmsd -/	Tele: (805) 544-4900		    | typing it all out!!! :-)