Keeping Track of the Bad Guys

Modified 6 November 2008

When I took some Russian classes at Purdue, I was one of the few non-ROTC students in the room. In that same spirit of "know your enemy"....

Classic Hackers

• Two magazines and web sites catering to the community of bad guys:
  • http://www.2600.com/
  • http://www.phrack.com/.
• Hacker hangouts, groups providing information exchange and tools:
  • http://berlin.ccc.de/wiki/Hauptseite -- The German "Chaos Computer Club"

Hacker Technology

• Lots and lots of ready-to-compile programs for testing your systems with the same weapons the hackers will use:
  • http://www.packetstormsecurity.com/
  • http://www.anticode.com/
• Stack smashing — a great paper on how to exploit poor coding via buffer overflow and related attacks was in Phrack volume 49.
  • The original paper:
    • http://insecure.org/stf/smashstack.html
    • http://www.packetstormsecurity.com/docs/infosec/buffer-overflows/p49-14.txt
    • Or find it with Google.
  • A nice follow-up paper:
    • http://www.packetstormsecurity.com/papers/unix/adv.overflow.paper.txt
• A great 3-part paper on the methods of the bad guys:
  • http://users.rcn.com/~lspitz/enemy.html
  • http://users.rcn.com/~lspitz/enemy2.html
  • http://users.rcn.com/~lspitz/enemy3.html

Software keys, serial numbers, patches

Keys and other bits needed to unlock "warez", pirated copies of Cisco certification exams, etc:

• Very large searchable database, points to other sites hosting the cracks: http://crackspider.net/
• http://www.crackway.com/
• Microsoft-specific: http://mscracks.com/

Remember that Trojan Horse construction hasn't changed since ancient Greece — make it look innocent, simultaneously doing the expected thing and some bad thing. When someone tries to get the system administrator to run some program, remember Virgil's Aenid, "Timeo Danaos et dona ferentis," or "I am wary of Greeks, even bearing gifts."

Back to the main Security Page

Home Unix/Linux Networking Infosec Travel Technical Radio Site Map Contact