Transcript Complete
The Complete Break-in
1
Agenda
•
•
•
•
Famous Break-ins
Anatomy of a break-in
Steps taken in lab
Easy Break-in using Knoppix STD
ECE 4112 - Internetwork Security
2
Famous Breakins
• 1995 – Vladimir Levin, a graduate of St. Petersburg
Teknologichesky University, convinced Citibank’s
computers to transfer $10 million dollars from its
accounts to his. Interpol caught him soon after and
Citibank got most of the money back.
• 1995 – FBI catch Kevin Mitnick. First person charged
with gaining access to an interstate computer network
for criminal purposes. Charged with stealing at least $1
million worth of sensitive project data from computer
systems and remotely controlling New York and
California’s telephone switching hubs.
ECE 4112 - Internetwork Security
3
Famous Breakins
• 1990 – Kevin Poulsen took over all
telephone lines going into Los Angeles
area radio station KIIS-FM, assuring that
he would be the 102nd caller. Poulsen
won a Porsche 944 S2 for his efforts.
ECE 4112 - Internetwork Security
4
Anatomy of a break-in
• Reconnaissance
Gaining vital information about a company that is publicly
available
• Scanning
Network Mapping
Port Mapping
Operating System Detection
Vulnerability Assessment
• Penetration
Gaining access to the system using existing vulnerabilities
Privilege escalation if needed
ECE 4112 - Internetwork Security
5
Anatomy of a break-in
• Pillaging
Installation of attackers programs
Stealing of important information
• Covering Tracks
Cleaning of log files
ECE 4112 - Internetwork Security
6
Reconnaissance
• Assume this has already been done and
the target has been chosen.
ECE 4112 - Internetwork Security
7
Scanning
• Use nmap to scan the target.
• Learn what ports are open, what
operating system is in use, and assess
vulnerabilities
ECE 4112 - Internetwork Security
8
Penetration
• Use a known vulnerability to gain access
to the system.
Imap server is susceptible to buffer overflow
Vulnerability already grants root access so no
privilege escalation is needed.
ECE 4112 - Internetwork Security
9
Pillaging
• Lrk4 rootkit installation
• Knark kernel level rootkit used to direct
/bin/login to the lrk4 login
ECE 4112 - Internetwork Security
10
Covering Tracks
• Cleaning of log files
ECE 4112 - Internetwork Security
11
Forensics
• Use Penguin Sleuth Kit to aid in analysis
and correction of the victim machine.
ECE 4112 - Internetwork Security
12
Easy Break-in using Knoppix
• Access to password file using Knoppix
ECE 4112 - Internetwork Security
13