Transcript Complete
The Complete Break-in 1 Agenda • • • • Famous Break-ins Anatomy of a break-in Steps taken in lab Easy Break-in using Knoppix STD ECE 4112 - Internetwork Security 2 Famous Breakins • 1995 – Vladimir Levin, a graduate of St. Petersburg Teknologichesky University, convinced Citibank’s computers to transfer $10 million dollars from its accounts to his. Interpol caught him soon after and Citibank got most of the money back. • 1995 – FBI catch Kevin Mitnick. First person charged with gaining access to an interstate computer network for criminal purposes. Charged with stealing at least $1 million worth of sensitive project data from computer systems and remotely controlling New York and California’s telephone switching hubs. ECE 4112 - Internetwork Security 3 Famous Breakins • 1990 – Kevin Poulsen took over all telephone lines going into Los Angeles area radio station KIIS-FM, assuring that he would be the 102nd caller. Poulsen won a Porsche 944 S2 for his efforts. ECE 4112 - Internetwork Security 4 Anatomy of a break-in • Reconnaissance Gaining vital information about a company that is publicly available • Scanning Network Mapping Port Mapping Operating System Detection Vulnerability Assessment • Penetration Gaining access to the system using existing vulnerabilities Privilege escalation if needed ECE 4112 - Internetwork Security 5 Anatomy of a break-in • Pillaging Installation of attackers programs Stealing of important information • Covering Tracks Cleaning of log files ECE 4112 - Internetwork Security 6 Reconnaissance • Assume this has already been done and the target has been chosen. ECE 4112 - Internetwork Security 7 Scanning • Use nmap to scan the target. • Learn what ports are open, what operating system is in use, and assess vulnerabilities ECE 4112 - Internetwork Security 8 Penetration • Use a known vulnerability to gain access to the system. Imap server is susceptible to buffer overflow Vulnerability already grants root access so no privilege escalation is needed. ECE 4112 - Internetwork Security 9 Pillaging • Lrk4 rootkit installation • Knark kernel level rootkit used to direct /bin/login to the lrk4 login ECE 4112 - Internetwork Security 10 Covering Tracks • Cleaning of log files ECE 4112 - Internetwork Security 11 Forensics • Use Penguin Sleuth Kit to aid in analysis and correction of the victim machine. ECE 4112 - Internetwork Security 12 Easy Break-in using Knoppix • Access to password file using Knoppix ECE 4112 - Internetwork Security 13