Path: utzoo!mnetor!uunet!lll-winken!csustan!polyslo!caus-dp!marcos From: marcos@caus-dp.UUCP (Marcos R. Della) Newsgroups: comp.misc Subject: Re: Trojan Horse a Myth? Message-ID: <331@caus-dp.UUCP> Date: 11 Dec 87 16:17:56 GMT References: <459@gtx.com> <405@tardis.cc.umich.edu> <8192@ism780c.UUCP> Organization: USPFO for CA - Data Processing Div., SLO, Ca Lines: 36 Back around 1978 I think (I can't remember that far back too well) there was this kid in the Concord/Walnut Creek area of the Bay area who bought himself a 300 baud modem and a small terminal. He managed to get an account on one of the local machines and proceeded to learn as much about unix as he could. The following is what happened to him with this knowledge... He managed to start creating login shells that saved passwords and the like and then called the real shell with the information that he had learned. That way he could get the facts of if the person typed in the correct password and also the person would be logged on normally. He also wrote a package that duplicated this effort over the ARPA lines to other machines (Before arpa started putting better restrictions on these kinds of things) and his little bug started floating around the country, reporting passwords and the like back to him. He was finally caught because some unix hacker at stanford started noticing that it took 15-30 seconds longer than normal to log on the machine and was wondering what the system admins had done to the operating system to slow it down so much. In his words, he was going to fix it up for them and put some more speed in and turn it in as a project. Well, he found this bug and the people at stanford started a little search and started tracking down all these bugs and started tracing them around the country. Eventually they caught the kid. The FBI came in and confiscated his equipment and hauled him off.. The kid was 13 or 15 I think. Anyway, later that year after he went through all the wrist slapping and such, someone offered him a high paying job trying to break into machines and create fixes to prevent it. Something on the order of use a crook to catch a crook. -- ...!csustan ->!polyslo!caus-dp!marcos | Whatever I said doesn't ...!sdsu ---/ Marcos R. Della | mean diddly as I forgot ...!csun --/ Smail:PO Box 8104 SLO,CA 93403-8104 | it even before finishing ...!dmsd -/ Tele: (805) 544-4900 | typing it all out!!! :-)