The Cuckoo's Egg
| Author | Clifford Stoll |
|---|---|
| Country | United States |
| Language | English |
| Publisher | Doubleday |
|
Publication date
|
1989 |
| Media type | |
| Pages | 326 |
| ISBN | |
| OCLC | 43977527 |
| 364.16/8/0973 21 | |
| LC Class | UB271.R92 H477 2000 |
The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage is a 1989 book written by Clifford Stoll. It is his first-person account of the hunt for a computer hacker who broke into a computer at the Lawrence Berkeley National Laboratory (LBNL).
Author Clifford Stoll, PhD, an astronomer by training, managed computers at Lawrence Berkeley National Laboratory in California. One day in 1986 his supervisor, Dave Cleveland, asked him to resolve a US$0.75 accounting error in the computer usage accounts. Stoll traced the error to an unauthorized user who had apparently used 9 seconds of computer time and not paid for it. Stoll eventually realized that the unauthorized user was a hacker who had acquired Superuser access to the LBNL system by exploiting a vulnerability in the movemail function of the original GNU Emacs.
Early on, and over the course of a long weekend, Stoll rounded up fifty terminals, as well as teleprinters, mostly by "borrowing" them from the desks of co-workers away for the weekend. These he physically attached to the fifty incoming phone lines. When the hacker dialed in that weekend, Stoll located the phone line, which was coming from the Tymnet routing service. With the help of Tymnet, he eventually tracked the intrusion to a call center at MITRE, a defense contractor in McLean, Virginia. Over the next ten months, Stoll spent enormous amounts of time and effort tracing the hacker's origin. He saw that the hacker was using a 1200 baud connection and realized that the intrusion was coming through a telephone modem connection. Stoll's colleagues, Paul Murray and Lloyd Bellknap, assisted with the phone lines.
After returning his "borrowed" terminals, Stoll left a teleprinter attached to the intrusion line in order to see and record everything the hacker did. He watched as the hacker sought, and sometimes gained unauthorized access to, military bases around the United States, looking for files that contained words such as "nuclear" or "SDI". The hacker also copied password files (in order to make dictionary attacks) and set up Trojan horses to find passwords. Stoll was amazed that on many of these high-security sites the hacker could easily guess passwords, since many system administrators had never bothered to change the passwords from their factory defaults. Even on military bases, the hacker was sometimes able to log in as "guest" with no password.
...
Wikipedia