It told System X that anyone could connect to port
2001--to an interactive shell--of the computer without using a
password.
A port is a door to the outside world. TCP/IP computers use a standard
set of ports for certain services. Port 25 for mail. Port 79 for
Finger. Port 21 for FTP. Port 23 for Telnet. Port 513 for Rlogin. Port
80 for the World Wide Web. A TCP/IP based computer system has 65535
ports but most of them go unused. Indeed, the average Unix box uses
only 35, leaving the remaining 65500 ports sitting idle. Anthrax
simply picked one of these sleepy ports, dusted off the cobwebs and
plugged in using the backdoor created by his tiny mail-borne program.
Connecting directly to a port created some problems, because the
system wouldn't recognise certain keystrokes from the port, such as
the return key. For this reason, Anthrax had to create an account for
himself which would let him telnet to the site and login like any
normal user. To do this, he needed root privileges in order to create
an account and, ultimately, a permanent backdoor into the system.
He began hunting for vulnerabilities in System X's security. There was
nothing obvious, but he decided to try out a bug he had successfully
used elsewhere.
Pages:
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625