Presentation is loading. Please wait.

Presentation is loading. Please wait.

The KGB the Computer and Me

Published byShavonne Merritt Modified over 5 years ago

Similar presentations

Presentation on theme: "The KGB the Computer and Me"— Presentation transcript:

1 The KGB the Computer and Me

2 The KGB the Computer and Me
Appeared on the program Nova in the early 90’s Describes an attack on Berkley computers taking place almost exactly 20 years ago and the response to it. Based on the Book, “The Cuckoos Egg”

3 Computing in the late 80’s
Most engineers and Scientists used mainframe computers. Mainframes were accessed locally using terminals Terminal is a keyboard, and screen with no computer. Mainframes were accessed from remote locations using modems, and dial-up connections Mainframes belonging to Universities, Defense Department researchers and some businesses were linked by an early version of the internet

4 Home Computers Home Computers were available
IBM PC Apple Macintosh They were expensive and limited by today’s standards

5 Home Computers Home computers could communicate to Mainframes using modems and dialup connections. Terminal emulators allowed the home computer to simulate a terminal File transfer software, like Kermit, allowed files to be uploaded and downloaded to the mainframe No World Wide Web yet.

6 Clifford Stoll Astronomy Student turned Computer Security Expert
His book, “The Cuckoo’s Egg”, was the first real exploration of the computer security problem. Currently sells Klein Bottles on the Internet

7 Clifford Stoll His later books are skeptical of the role of computers in Society “High Tech Heretic: Why computers don’t belong in the classroom and other reflections by a computer contrarian” “Silicon snake oil : second thoughts on the information highway”

8 Markus Hess Was tried and convicted, and sentenced to 2 to 3 years in prison The sentence was suspended He now works writing networking code for a computer firm in Germany

9 Some Questions What attack types did the Hacker Use?
What were the hacker’s motivations? Do you think this could happen today? How was the hacker detected?

10 Attack Types Hess originally gained access to systems by gaining access to an existing account (swentec) Its not covered in the film, but he used several methods of password guessing We call this approach Impersonation

11 Attack Types Once Hess gained access to a system, he became “superuser”, (Unix slang for the administrative user He did this by exploiting a flaw in the system For the record, this was our old friend, the buffer overflow exploit We call this, “Privilege Escalation”

12 Attack Types Once superuser, he hid all traces of his attack and created accounts he could use later. He then typically left the system. Later he would log on using one of the accounts he created. From this account, he could launch attacks on other systems without being traced back to his home This is similar to the behavior of modern worms.

13 What Were Hess’s Motivations?
Ideas? Did the motivations of Hess and his companions change as time went on?

14 How was the attack Detected
Ideas?

15 How was the attack Detected
Initial detection was because of a minor accounting error Tracing the activity once detected was extremely difficult Hess passed through many systems The systems were in many legal jurisdictions Many technicians and law enforcement official were ultimately involved.

16 How was the attack Detected
The final technique Stoll used is called today, a “honeypot” Create something the hacker wants Use it to draw him/her to the site, and keep him there while tracing and identifying the hacker This technique is often used today in child pornagraphy investigations

17 Can it Happen Today Thoughts?

18 Final Thought This case is still important today because it is one of the few times a hacker has been caught, prosecuted and convicted. It still remains extremely difficult to trace the source of attacks We solve more cases, (%), involving serial killers than hackers. Next case, Mr. McGinnis and the flying saucers

Download ppt "The KGB the Computer and Me"

Similar presentations

The technology develops so quickly that many new things appear in human beings life. Lets guess what they are:

The technology develops so quickly that many new things appear in human beings life. Lets guess what they are:
Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.
PEOPLE’S REPUBLIC OF HACKING By: Lani N, Ashley R, Michael R, Gregory R.

PEOPLE’S REPUBLIC OF HACKING By: Lani N, Ashley R, Michael R, Gregory R.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Trojan Horse Program Presented by : Lori Agrawal.

Trojan Horse Program Presented by : Lori Agrawal.
Ethical Hacking by Shivam.

Ethical Hacking by Shivam.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Downloading and Installing AutoCAD Architecture 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the software.

Downloading and Installing AutoCAD Architecture 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the software.
SM3121 Software Technology Mark Green School of Creative Media.

SM3121 Software Technology Mark Green School of Creative Media.
Engineering H192 - Computer Programming The Ohio State University Gateway Engineering Education Coalition Lect 4P. 1Winter Quarter Introduction to UNIX.

Engineering H192 - Computer Programming The Ohio State University Gateway Engineering Education Coalition Lect 4P. 1Winter Quarter Introduction to UNIX.
Desktop Security: Worms and Viruses Brian Arkills, C&C NDC-Sysmgt.

Desktop Security: Worms and Viruses Brian Arkills, C&C NDC-Sysmgt.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Viruses.

Viruses.
ITIS 2110 Class #18. 1. No home network 2. 1-2 devices 3. 3-4devices 4. 5-6 devices 5. 7-8 devices 6. 9-10 devices 7. 11-12 devices 8. 13-14 devices 9.

ITIS 2110 Class # No home network devices devices devices devices devices devices devices 9.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)

Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Drupal Security Securing your Configuration Justin C. Klein Keane University of Pennsylvania School of Arts and Sciences Information Security and Unix.

Drupal Security Securing your Configuration Justin C. Klein Keane University of Pennsylvania School of Arts and Sciences Information Security and Unix.
Malware  Viruses  E-mail Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
The Internet A Wide Area Network across the world The network of networks –Lots of smaller networks joined together.

The Internet A Wide Area Network across the world The network of networks –Lots of smaller networks joined together.

Similar presentations

Ads by Google