Catapults and grappling hooks: The tools and techniques of information warfare

A. Boulanger
1998 IBM Systems Journal  
For years, "hackers" have broken into computer systems, and now an entire industry is dedicated to computer network security. Both hackers and computer security professionals have developed software tools for either breaking into systems or identifying potential security problems within computer networks. This software can be found on compromised systems as well as within the toolkits of legitimate "tiger" teams that operate with the consent of the network owners. This paper describes some of
more » ... describes some of the current techniques and tools employed by the hacker underground in breaching the security of networked computers, focusing primarily on UNIX®-based hosts connected to TCP/IP networks. As organizations become increasingly dependent on computer network technology, they also become increasingly vulnerable to losses, of both financial resources and reputation, resulting from security breaches within their computer and communications infrastructure. Many of the federally funded organizations dedicated to computer security issues were formed in response to attacks on computer systems. One of the first groups, Carnegie Mellon University's Computer Emergency Response Team (CERT[1]), was formed following an incident in which thousands of computers connected to the Internet were broken into and many disabled. This was the result of a self-replicating computer program, developed by Robert T. Morris at Cornell University, commonly referred to as the "Internet Worm." [2,3] Computer security has become a serious issue. The media have reported a substantial number of recent attacks on high profile sites, and the number of reported security-related incidents is on the rise. In 1996 the United States Department of Defense (DoD) reported an estimate of 250 000 attacks per year on its computer system and stated that the rate of attack is increasing by 100 percent annually. [4] Page 1 of 11 Catapults and grappling hooks: The tools and techniques of information warfare 8/25/01 The static auditor is a valuable tool to both the hacker and the system administrator. If the hacker is able to get an unprivileged account on the system, the local scanner will point out common security weaknesses in the host that enable unauthorized privileged access. Remote exploits. A remote exploit is a program, or method, that can be used, by a person Page 3 of 11 Catapults and grappling hooks: The tools and techniques of information warfare 8/25/01
doi:10.1147/sj.371.0106 fatcat:uupknfzt4zbivh66mfjx6fldra