Finding the Last Hackers.
This journal is an examination into psychology and into the computer sciences to find the last of, or the newest real hackers still out there. What is a real hacker? A hacker is an individual who has extensive knowledge about computer systems, and usually has a desire to enter other computer systems and networks one is not usually allowed into. Most hackers are merely curious, others are vindictive, attempting to shut down a computer system for their own personal gain or vengeance, and others are merely an annoyance. Annoyance hackers are the ones you usually hear of on the 10 O’clock news, the ones who shut down useful web sites, just because they can. The last group is the most worrying, the way they attack web sites is difficult to stop once it has started. With enough attacking computers, even the best sites can be taken down. Enough of the definitions, on to the hunt.
The first foray was into an innocuous chat room knows as ” The Hackers Lounge.” As I knew, the chances of me actually meeting a real hacker were slim. On a recent occasion, I bumped into one of the last real hacker/super users out there. He was running FreeBSD (Note 1) and noticed my attempts at trying to access his computer, since he had put out his IP address as a taunt to one of the younger wanna-be’s in the chat room. He had begun by asking this supposed other hacker what a myriad of different computer anagrams meant, which he failed to answer a single one. It was at that time he posted his IP address for all to see. It was a bold move, but like myself he had an operating system that was, at the least, hard to get into. He had gone a step further, as I found out in my conversation with him, by port spoofing many of his ports on his computer. Spoofing is a way to make hackers or people who want to find vulnerability in a system think that it can be accessed, but the ports go no where.
He turned out to be a 24 year old NT and UNIX administrator. Its always ironic that all meet all kinds of NT MSCE people…who run Linux, UNIX, or FreeBSD on their own, personal system. Or, they manage an NT domain that is run on a Samba Server, under Linux. Why, if these people are Trained by Microsoft, to use Microsoft products, do they use a UNIX based operating system? That is a question for another time.
The NT administrator, I’ll call him Axis, (A shortened version of his screen name) turned out to be a pretty nice guy. Has 2 kids, lives in Wisconsin, and has a really good job. My supposition now is that nearly anyone who has the deep talent at hacking, usually won’t because they have far too much to loose in the short and long term. The only people who can hack with real impunity, are younger people, people younger than 16 who really can’t be tried as adults. The problem with this is that it takes years, sometimes, to accumulate the knowledge necessary to hack properly. This is not to say young people don’t or can’t hack, the very opposite in fact.
With the enthusiasm of youth, and raw talent, a lot can be done, but I have not been able to find one of these talented young ones, or someone who has been in it so long, they still do it for fun. The last possibility is the older, retired computer professional, who started on punch cards and vacuum tubes who knows everything about computers. This last group is only really a theory right now, I felt I have only met the first 2 over the years of surfing, but with everyone getting online, its only time.
The second individual I met, after starting this little journal, is someone I want to call a paranoid. His screen name was humorous, so lets call him Mr. Giggles. Mr. Giggles was looking for help to stop “a group of evil hackers” who were “sending death threats” to people in real life. I decided to humor him, and see what he was talking about. The first supposed hacker he wanted me to look into, was a fast moving bot. A bot is a piece of computer code that runs in a chat system, usually to advertise a pornographic or really any type of web site. He thought that the bot was actually a person who moved room to room quickly to avoid him, ending up with crashing him. What was really happening was that the bot was doing what it normally does, go to a room, post a link to the page, and move on. The reason someone who tries to follow it seems to crash, is that whatever chat interface they are using is not really designed to change rooms like that. Eventually the chat program or Java applet crashes, and will cause a windows based computer to crash or lock up. I told him what it was, and why it did it. At first he did not believe me, but then he came to accept it.
The second person he wanted me to look into was a man in the chat room, lets call him Tex. Well, Tex wasn’t very belligerent in chat room, in fact, he seemed like a normal chatter. It was Mr. Giggles who was trying to start a fight in the chat room. I decided to do a little gentle probing or Tex’s computer, to see what he was. I found he was really in Texas, outside of Dallas. His computer was just a standard Windows 98, first edition machine. No security set. If it was a hacker, he didn’t do it on that machine. It was at that point I started to feel used for my abilities by Mr. Giggles. There was a third person he wanted me to look into, but I just fed him a string of lies, since I didn’t want to intrude on any more innocent peoples computers.
Mr. Giggles was either someone just trying to get someone else to get into a computer for them, since they didn’t’ have the talent, or else he was just a paranoid person who knows a lot about a small area of computers, and thinks he knows a lot about everything with computers. He claimed that he was a Cisco and Novell engineer. This I could actually believe since most IT people don’t know much outside of their tiny little area of expertise. He could not even answer a simple question, like what sort of corporate firewall he was behind. He seemed to lack any general computer knowledge at all. He didn’t know what Linux was, or even UNIX for that matter. That put up a red flag that Mr. Giggles was just a paranoid person, seeing threats where there were none. I stopped communicating with him then, annoyed I was taken in by his paranoia, and I vowed to be more careful next time.
The next incident was a bit more interesting, and a little more risky on my part. I met a younger person on Yahoo chat, hackers lounge. (Note 2) He was looking for someone to help him to learn how to hack. I felt like passing on a little information, so I started talking to him. He was above average computer user, been using windows based PC’s for about 6 years or so with a small smattering of UNIX commands. Never done anything outside of regular web surfing and e-mail. Had no idea what telnet was or anything like that, so I started with Telnet. I told him how to open up the telnet client in Windows 98, and gave him my IP address so he could try to log onto my computer. I have a guest account set up in case some one needs to log on, and I don’t want to set up a new account.
It made me smile, how excited he was when he successfully logged onto my computer, and got a “Welcome to linux mandrake 2.2.14-15MDK. (Note 3) He knew enough commands to get a file listing and move around a few directories. This is when I realized my computer security settings weren’t as high as I wanted them. I let him poke around a while a learn some more about Linux, but I had to cut him off eventually. Almost immediately after he logged off my computer, I upped the security level 2 points, and canceled that guest account. Its not that I’m paranoid, but it was too easy for him to log onto my machine. It was a learning experience for the both of us. If you are reading this, don’t’ try to remotely log onto another home version of Windows (95, 98, 98 SE, ME) using telnet. 99 times out of 100 you will simply crash their computer. Entertaining, but not very useful.
That’s all for now, read on every day to see who I have met, and what I have added.
Notes
1 As a side note, the Linux operating system and Free BSD is based on UNIX. Briefly, UNIX based operating systems were designed with networks involved, in fact they cannot operate without a network. Even my own, single computer, has to act like a little server and workstation talking back and forth to each other to work properly. It is transparent to the user, but very visible to someone trying to hack into from the outside. When a external user attempts to access the system, the server part of the operating system treats it like a new user trying to log onto the system. With the security level set to high on the system, virtually no access ports are granted to the outside systems. When a hacker tries to enter the system, a user name and password is required, if it is not provided in 3 attempts, the user is locked out. Even if a user manages to get logged on, they will only have user level access. User level access only allows access to applications to run, but cannot modify directories or files that are not in their “home” directory. The only exception to this is when an user logs on as the super user, or root as it is also know. This can and does happen when the administrator uses no or a weak password. Once a user is logged on as root, they have complete control of the operating system. The level of control is one not usually found in a DOS/Windows based system. It allows the user to change or delete any file, or file system, with no asking the user if they are sure. If a hacker logs in as root, they can easily and quickly delete the entire system from under the user, with virtually no chance of recovery. This not meant to dissuade the use of UNIX based computers, but as a warning to use very good passwords and change them religiously. The other advantage to UNIX based systems is the fact the number of viruses for UNIX can be counted on one hand. This, again, relates back to the fact that it is a client/server model. If a virus is written, unless the user is root, it can only spread to the users own files and not to others. Ironically, UNIX based computers can cheerily pass on viruses meant for DOS/Windows with no ill effects. Many DOS/Windows based true viruses are created on UNIX based computers because of this immunity. The immunity to DOS/Windows based viruses is also because the different file system used. UNIX usually uses the Extended 2 file system, with no FAT tables. Theoretically, successful viruses can be written for UNIX based systems, but there seems to be no concerted effort on the virus writers part. There are currently no know “in the wild” viruses for UNIX based systems. The last written virus was discovered in September of 1998 on a single network, and was harmless. The virus was created as an experiment by the root user. Windows averages between 200 to 1200 new viruses a month.
2 If you would like to chat with the author, you can find him in the Yahoo chat area, or you can try Sandbender14 on Yahoo Pager. Yahoo was good enough to make a Linux version of Yahoo Pager. You can also reach him on ICQ UIN# 1696894. Or you can do the old fashioned email to let me have your comments on this article or the site in general.
3 The author uses Linux Mandrake 7.0 running Kernel 2.2.14-15. I choos
Finding the Last Hackers.
Finding the Last Hackers.
This journal is an examination into psychology and into the computer sciences to find the last of, or the newest real hackers still out there. What is a real hacker? A hacker is an individual who has extensive knowledge about computer systems, and usually has a desire to enter other computer systems and networks one is not usually allowed into. Most hackers are merely curious, others are vindictive, attempting to shut down a computer system for their own personal gain or vengeance, and others are merely an annoyance. Annoyance hackers are the ones you usually hear of on the 10 O’clock news, the ones who shut down useful web sites, just because they can. The last group is the most worrying, the way they attack web sites is difficult to stop once it has started. With enough attacking computers, even the best sites can be taken down. Enough of the definitions, on to the hunt.
The first foray was into an innocuous chat room knows as ” The Hackers Lounge.” As I knew, the chances of me actually meeting a real hacker were slim. On a recent occasion, I bumped into one of the last real hacker/super users out there. He was running FreeBSD (Note 1) and noticed my attempts at trying to access his computer, since he had put out his IP address as a taunt to one of the younger wanna-be’s in the chat room. He had begun by asking this supposed other hacker what a myriad of different computer anagrams meant, which he failed to answer a single one. It was at that time he posted his IP address for all to see. It was a bold move, but like myself he had an operating system that was, at the least, hard to get into. He had gone a step further, as I found out in my conversation with him, by port spoofing many of his ports on his computer. Spoofing is a way to make hackers or people who want to find vulnerability in a system think that it can be accessed, but the ports go no where.
He turned out to be a 24 year old NT and UNIX administrator. Its always ironic that all meet all kinds of NT MSCE people…who run Linux, UNIX, or FreeBSD on their own, personal system. Or, they manage an NT domain that is run on a Samba Server, under Linux. Why, if these people are Trained by Microsoft, to use Microsoft products, do they use a UNIX based operating system? That is a question for another time.
The NT administrator, I’ll call him Axis, (A shortened version of his screen name) turned out to be a pretty nice guy. Has 2 kids, lives in Wisconsin, and has a really good job. My supposition now is that nearly anyone who has the deep talent at hacking, usually won’t because they have far too much to loose in the short and long term. The only people who can hack with real impunity, are younger people, people younger than 16 who really can’t be tried as adults. The problem with this is that it takes years, sometimes, to accumulate the knowledge necessary to hack properly. This is not to say young people don’t or can’t hack, the very opposite in fact.
With the enthusiasm of youth, and raw talent, a lot can be done, but I have not been able to find one of these talented young ones, or someone who has been in it so long, they still do it for fun. The last possibility is the older, retired computer professional, who started on punch cards and vacuum tubes who knows everything about computers. This last group is only really a theory right now, I felt I have only met the first 2 over the years of surfing, but with everyone getting online, its only time.
The second individual I met, after starting this little journal, is someone I want to call a paranoid. His screen name was humorous, so lets call him Mr. Giggles. Mr. Giggles was looking for help to stop “a group of evil hackers” who were “sending death threats” to people in real life. I decided to humor him, and see what he was talking about. The first supposed hacker he wanted me to look into, was a fast moving bot. A bot is a piece of computer code that runs in a chat system, usually to advertise a pornographic or really any type of web site. He thought that the bot was actually a person who moved room to room quickly to avoid him, ending up with crashing him. What was really happening was that the bot was doing what it normally does, go to a room, post a link to the page, and move on. The reason someone who tries to follow it seems to crash, is that whatever chat interface they are using is not really designed to change rooms like that. Eventually the chat program or Java applet crashes, and will cause a windows based computer to crash or lock up. I told him what it was, and why it did it. At first he did not believe me, but then he came to accept it.
The second person he wanted me to look into was a man in the chat room, lets call him Tex. Well, Tex wasn’t very belligerent in chat room, in fact, he seemed like a normal chatter. It was Mr. Giggles who was trying to start a fight in the chat room. I decided to do a little gentle probing or Tex’s computer, to see what he was. I found he was really in Texas, outside of Dallas. His computer was just a standard Windows 98, first edition machine. No security set. If it was a hacker, he didn’t do it on that machine. It was at that point I started to feel used for my abilities by Mr. Giggles. There was a third person he wanted me to look into, but I just fed him a string of lies, since I didn’t want to intrude on any more innocent peoples computers.
Mr. Giggles was either someone just trying to get someone else to get into a computer for them, since they didn’t’ have the talent, or else he was just a paranoid person who knows a lot about a small area of computers, and thinks he knows a lot about everything with computers. He claimed that he was a Cisco and Novell engineer. This I could actually believe since most IT people don’t know much outside of their tiny little area of expertise. He could not even answer a simple question, like what sort of corporate firewall he was behind. He seemed to lack any general computer knowledge at all. He didn’t know what Linux was, or even UNIX for that matter. That put up a red flag that Mr. Giggles was just a paranoid person, seeing threats where there were none. I stopped communicating with him then, annoyed I was taken in by his paranoia, and I vowed to be more careful next time.
The next incident was a bit more interesting, and a little more risky on my part. I met a younger person on Yahoo chat, hackers lounge. (Note 2) He was looking for someone to help him to learn how to hack. I felt like passing on a little information, so I started talking to him. He was above average computer user, been using windows based PC’s for about 6 years or so with a small smattering of UNIX commands. Never done anything outside of regular web surfing and e-mail. Had no idea what telnet was or anything like that, so I started with Telnet. I told him how to open up the telnet client in Windows 98, and gave him my IP address so he could try to log onto my computer. I have a guest account set up in case some one needs to log on, and I don’t want to set up a new account.
It made me smile, how excited he was when he successfully logged onto my computer, and got a “Welcome to linux mandrake 2.2.14-15MDK. (Note 3) He knew enough commands to get a file listing and move around a few directories. This is when I realized my computer security settings weren’t as high as I wanted them. I let him poke around a while a learn some more about Linux, but I had to cut him off eventually. Almost immediately after he logged off my computer, I upped the security level 2 points, and canceled that guest account. Its not that I’m paranoid, but it was too easy for him to log onto my machine. It was a learning experience for the both of us. If you are reading this, don’t’ try to remotely log onto another home version of Windows (95, 98, 98 SE, ME) using telnet. 99 times out of 100 you will simply crash their computer. Entertaining, but not very useful.
That’s all for now, read on every day to see who I have met, and what I have added.
Notes
1 As a side note, the Linux operating system and Free BSD is based on UNIX. Briefly, UNIX based operating systems were designed with networks involved, in fact they cannot operate without a network. Even my own, single computer, has to act like a little server and workstation talking back and forth to each other to work properly. It is transparent to the user, but very visible to someone trying to hack into from the outside. When a external user attempts to access the system, the server part of the operating system treats it like a new user trying to log onto the system. With the security level set to high on the system, virtually no access ports are granted to the outside systems. When a hacker tries to enter the system, a user name and password is required, if it is not provided in 3 attempts, the user is locked out. Even if a user manages to get logged on, they will only have user level access. User level access only allows access to applications to run, but cannot modify directories or files that are not in their “home” directory. The only exception to this is when an user logs on as the super user, or root as it is also know. This can and does happen when the administrator uses no or a weak password. Once a user is logged on as root, they have complete control of the operating system. The level of control is one not usually found in a DOS/Windows based system. It allows the user to change or delete any file, or file system, with no asking the user if they are sure. If a hacker logs in as root, they can easily and quickly delete the entire system from under the user, with virtually no chance of recovery. This not meant to dissuade the use of UNIX based computers, but as a warning to use very good passwords and change them religiously. The other advantage to UNIX based systems is the fact the number of viruses for UNIX can be counted on one hand. This, again, relates back to the fact that it is a client/server model. If a virus is written, unless the user is root, it can only spread to the users own files and not to others. Ironically, UNIX based computers can cheerily pass on viruses meant for DOS/Windows with no ill effects. Many DOS/Windows based true viruses are created on UNIX based computers because of this immunity. The immunity to DOS/Windows based viruses is also because the different file system used. UNIX usually uses the Extended 2 file system, with no FAT tables. Theoretically, successful viruses can be written for UNIX based systems, but there seems to be no concerted effort on the virus writers part. There are currently no know “in the wild” viruses for UNIX based systems. The last written virus was discovered in September of 1998 on a single network, and was harmless. The virus was created as an experiment by the root user. Windows averages between 200 to 1200 new viruses a month.
2 If you would like to chat with the author, you can find him in the Yahoo chat area, or you can try Sandbender14 on Yahoo Pager. Yahoo was good enough to make a Linux version of Yahoo Pager. You can also reach him on ICQ UIN# 1696894. Or you can do the old fashioned email to let me have your comments on this article or the site in general.
3 The author uses Linux Mandrake 7.0 running Kernel 2.2.14-15. I choos
Posted by admin on October 22, 2000 in Computers, General Comments
Leave a comment