Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
52 Cards in this Set
- Front
- Back
|
What did Max do to hide his work on the BIND error? |
Nothing; he told Beeson & FBI all about how he did it |
|
|
What happened next? |
Max wrote out a confession |
|
|
What did the FBI offer Max? |
If he wanted leniency, he must do some work for them |
|
|
What was his first assignment? |
Get the goods on gang of phone phreaks |
|
|
What was his next assignment? |
Attend Def Con in Las Vegas; get real names of hackers; get their public PGP keys |
|
|
How did Max do in his assignment? |
Failed; these were “his people”; he did not want to be a snitch
|
|
|
Who spoke at the conference that was for Max an eye-opener?
|
Jennifer Granick
|
|
|
When he returned to SF, how was his relationship with the FBI? |
They threatened prosectution; wanted him to wear a wire
|
|
|
Who was Max supposed to get the goods on?
|
Matt Harrigan who was vying for an NSA contract
|
|
|
What did Max do?
|
Warned Harrigan and called Granick
|
|
|
What was the FBI’s response? |
prosecution |
|
|
When Max hung out his shingle as a white hat hacker, what was his chief selling point? |
100% success rate in penetration tests
|
|
|
At this point in time, what assumptions in security thinking were being revised?
|
1st – the best path to security was to keep security problems secret; the new generation preferred full disclosure
|
|
|
Keeping security problems secret benefitted what two groups the most?
|
Miscreants who exploited them, Vendors who wanted to drag their feet in fixing bugs
|
|
|
Where were hackers encouraged to send reports of security flaws?
|
Bugtraq mailing list
|
|
|
Who was the former NSA security contractor who developed a key defensive tool in 1998?
|
Marty Roesch
|
|
|
What was it? What did it do? |
Snort, a packet sniffer, later turned into an IDS
|
|
|
What is a packet sniffer?
|
Monitors information packets and looks through their information if it is unusual.
|
|
|
When SNORT was used as an IDS, what did it need to look for to spot an attacker?
|
The “signature” of an attack program
|
|
|
What was Max’s contribution to the database of signatures?
|
In one night he added 490 (as compared to 20 that had trickled in)
|
|
|
What database did he then put out and invited others to contribute to it?
|
arachNIDS = Advanced Reference Archive of Current Heuristics for Network Intrusion Detection Systems
|
|
|
What else did he do? |
Wrote papers dissecting Internet worms |
|
|
Who offered Max a job? |
Hiverworld
|
|
|
What was their business plan?
|
Create an antihacking system
|
|
|
Why did Max miss his first day of work?
|
FBI showed up at his door with an arrest warrant
|
|
|
What about his job?
|
Hiverworld cancelled his job offer
|
|
|
How did his case turn out?
|
6 months later he pleaded guilty
|
|
|
What was his sentence?
|
18 months prison – 3 years supervised release & barred from Internet unless permitted by his probation officer
|
|
|
Why were Ivanov and Gorshkov in Seattle in November, 2000? |
FBI sting operation aimed at capturing criminals based in former USSR |
|
|
What was the name of their cyber extortion gang? |
Expert Group of Protection Against Hackers |
|
|
What piece of forensic equipment was on the computers they used in demonstrating their skills? |
keystroke logger
|
|
|
What did this give to the FBI?
|
the password into the I&G’s computers; led to international download of 2.3 gB of criminal activity info
|
|
|
When the sentencing hearing for Max was held, who were among his supporters? Why?
|
Computer security experts – including one from Canada and another from New Zealand, they said society would be better served if he were allowed to practice his expertise as a free man
|
|
|
What became of Max’s marriage?
|
Kimi left him for another guy
|
|
|
Who did Max meet in prison? |
Norminton, a con man and a financial wizard |
|
|
What came of Max’s determination to “go straight”? |
he was unable to find work in the technical field |
|
|
What effect did the browser wars have on security? |
browser bloat increased the “attack surface” for hackers
|
|
|
What is browser bloat (and software bloat, in general)?
|
adding tons of features desired by only a few
|
|
|
Who was “an old friend from Shaft?
|
Norminton, looking to scam enough money to go to Mexico
|
|
|
What was Max’s response?
|
ready to make money hacking; here is a list of equipment I will need
|
|
|
Who was to supply $ for Max’s equipment needs?
|
Chris Aragon
|
|
|
What was Chris’s first foray into the criminal world? |
Robbing banks |
|
|
What did he turn to next? |
Credit fraud and drug smuggling |
|
|
What legitmate business did he set up? |
Mission Pacific Capital, a leasing firm providing computers and business equipment |
|
|
What problem occurred in 2000? |
Dot com bubble burst; his business went bust |
|
|
What was Max’s plan? |
With a powerful antenna scan for wi-fi networks unsecured against known vulnerabilities |
|
|
What the advantage for him in using open wi-fi networks? |
Illegal activity would land at the doorstep of the owner; it would not be attributed to him |
|
|
What was his gain? |
Lots of data, especially banking & financial data |
|
|
What happened to Norminton? |
Skipped town; FBI after him |
|
|
How did he go about figuring out what to do with the stolen data? |
He went online to see what other fraudsters were doing |
|
|
What two things did he find? |
Carder Planet and Shadowcrew |
|
|
asd |
asd |
