Now that was handy.
With the full IP address, he could connect to System X again through
the Internet directly--avoiding the gateway if he chose to. It's
always helpful in covering your tracks to have a few different routing
options. Importantly, he could approach System X through more than
just its front door.
Anthrax spiralled through the usual round of default usernames and
passwords. Nothing. This system required a more strategic attack.
He backed out of the login screen, escaped from the gateway and went
to another Internet site to have a good look at System X from a
healthy distance. He `fingered' the site, pulling up any bit of
information System X would release to the rest of the Internet when
asked. He probed and prodded, looking for openings. And then he found
one. Sendmail.
The version of Sendmail run by System X had a security hole Anthrax
could exploit by sending himself a tiny backdoor program. To do this,
he used System X's mail-processing service to send a `letter' which
contained a tiny computer program. System X would never have allowed
the program to run normally, but this program worked like a letter
bomb. When System X opened the letter, the program jumped out and
started running.
Pages:
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624