Information Technology Reference
In-Depth Information
The Berkeley hacker used another technique to steal passwords: he had
installed a
Trojan horse
program. In Virgil's
Aeneid
, when the Greeks pretended
to abandon their siege of the city of Troy, they left behind a giant wooden horse.
The citizens of Troy took the horse into the city and celebrated the defeat of the
Greeks. In fact, the horse was full of Greek soldiers and the Trojans had brought
the enemy inside their defenses, leading to the sacking of their city. A Trojan
horse program does much the same thing for a computer system. It hides mali-
cious or harmful code inside an apparently harmless program so that it can get
control and do damage. At Berkeley, the hacker produced his own version of
the standard login program to capture users' passwords. A would-be user was
greeted by what looked like the normal login message:
Fig. 12.3. The NSA was established in
1952 to handle secret communications
and gather intelligence.
WELCOME TO THE LBL UNIX-4 COMPUTER
PLEASE LOGIN NOW
Login:
After the user typed the account name, the system then asked for the password:
ENTER YOUR PASSWORD:
The user entered the password, which was copied along with the account name
into a file set up by the hacker. The program then responded:
SORRY, TRY AGAIN
The user is then returned to the real login page and logs in as usual, unaware
that the account details and password have been stolen. Such Trojan horse
techniques are now widely used to capture private personal information and
bank account details.
Viruses, rootkits, and worms
In principle, the damage caused by a Trojan horse program is restricted
to one computer. A computer
virus
, as the name implies, is nastier in that
it is designed to spread to other computers. The code for a virus is a small
set of instructions incorporated into an application rather than a complete,
stand-alone program. Initially, computer viruses were spread by the exchange
of infected floppy disks but are now more typically spread using the Internet
by getting users to click on harmless-looking email attachments like a photo-
graph or a document. One of the first major virus attacks was the “Brain” virus
(
Fig. 12.4
). Two Pakistani brothers created it in 1986, targeting bootable floppy
disks for PCs running MS-DOS. A
bootable floppy disk
was one that held its own
operating system and was usually used to restart a failed system or to install a
new operating system. When the PC was
booted
(started up) from the infected
disk, the computer loaded the Brain virus before executing the original MS-DOS
code. The virus hid itself from the user by reporting the sectors of the floppy
disk on which it was installed as damaged. If the user actually checked the boot
code on the disk, the original uninfected code would be displayed rather than
the modified code including the virus. In this case, the result was relatively
harmless: the virus spread an advertisement for the brothers' company with its
name and contact details, a genuine example of “viral” advertising.
Search WWH ::
Custom Search