Written by TonikGin
Sept. 11 2002
contact: e-mail: tonikgin01@yahoo.com
Read the complete article at: http://www.russonline.net/tonikgin/eduhacking.html
This paper was written purely for the administrators, nobody else. I strongly feel that the administrators at every college in the world (particularly targeted America) need to read this, or else they will face many problems. All the information in here is true, accurate, and describes that is actually being done to university computer networks. In this I describe how a hacker scans for machines, how the machine is broken into, and what tools are used. Also, I outline the steps needed to prevent these attacks, how to see if you are already victim, and to catch the people doing this to you. Written in 5 hours, I present the final product.
- Contents
--- 1. Starting with the basics
------ a. Intro to IRC
------ b. Intro to File Sharing
------ c. Intro to XDCC
--- 2. Programs used, In Depth
------ a. X-Scan
------ b. Dameware
------ c. Iroffer
------ d. Firedaemon
------ e. Serv-u (brief)
------ f. .Bat files
--- 3. The Process
------ a. Step-by-Step
------ b. No Genius
--- 4. Halten!
------ a. Protection
------ b. Damn! I am a Victim.
------ c. Tricky kids
--- 5. Who are these people?
------ a. Organization
------ b. Operators
------ c. Scanners
------ d. Hackers
------ e. Fillers
------ f. Leechers
--- 6. Ending Notes
------ a. Methods
------ b. Conclusion
Summary:
In a recent advisory written by Microsoft, and by trends being noticed by many university administrators over the past recent years, people have wanted to know what all these slave computers are on IRC. These machines are serving to newest warez (games, movies, apps, mp3, ect.) to anyone that knows how to use a keyboard. Also, massive amounts of bandwidth is being wasted (easily up to 2MB/s each machine). In this, I will describe from an insiders view, what is happening, how this is being done, how to see if you are a victim, and what you can do to prevent this from happening to your network.
--- Chapter 1. - Starting with the Basics
A) Intro to IRC
IRC is a worldwide network of computers all setup for one purpose, communication. People can come to IRC to chat with friends or meet new people, discuss hot topics such as politics, religion, or breaking news. Over the recent years it has gained much fame, much due to popularity in the warez scene. Warez, simply defined, is the illegal downloading of copyrighted material. Groups which have access to pre-released games, are willing to sneak a camera into a theatre, or happened to beta test the newest Microsoft OS, are eagerly willing to digitize these formats, and make them readily available on the internet for the masses. How does IRC fit into this? IRC is one meeting place people (deemed leechers) can come to congregate and download these files.
Intro to File SharingAhhh.. the wonders of connecting to a server, finding a file, and downloading it. Sure is easier than going to Best Buy and buying the game (and usually quicker). So, what is exactly file sharing? Simply. sharing files. Large amounts of people connect to servers, where they are all 'connected' to each other, to download files off others hard drives. IRC has a file server feature, where people can connect, view files on your machine, and download whatever you give them access too. But there are also services such as Kazza, BearShare, Napster, LimeWire, and many more which when you search for a file, your looking through everyones computer at once. That is what it is all about. How is file sharing related to this article? Read on.
C) Intro to XDCC
Pay attention, this is where things pick up. XDCC revolutionized IRC. Many people now use IRC because of this new 'XDCC' feature. What is it? Like a file server, yet automated. It will periodically list the files (usually 1-5 large files) in the channel (chat room) which it is hosting, for people to download. There is a program called Iroffer (1) which makes this even easier. It will (using the definitions in a configuration file you setup), connect to an IRC server, join a channel, and automatically list files. You can set bandwidth limits, max sends per persons, and more, which will all be covered later.
Read the complete article at: http://www.russonline.net/tonikgin/eduhacking.html
