index_21
Auerbach Publications
© 2001 CRC Press LLC
08/01
of unknown traffic. I knew he used a cable modem and a VPN to work
from home, either at night or during the day, to avoid traffic and general
office interruptions. I was also aware that he used Windows 98 as an op-
erating system and standard programs to complete his work. Additional-
ly, he left his computer on all the time why not?
Completely convinced that he had been attacked, I told him not to
touch the computer and to start a sniffer using another computer on his
home network to see what was going over the wire. In a few minutes,
communications were started between his computer and an Internet-
based host. It was clear, after looking at the traffic more clearly, that his
system was being accessed. Between his experiences, log files from var-
ious software he had installed on the system, and previous experiences
with other friends in his shoes, I assumed that his system was accessed.
I had him unplug the Ethernet from the cable modem and asked how se-
rious could the issue be in other words, what was on the box that
someone would want or appreciate getting.
After a short discussion, it appeared that the hacker was accessing all
the bid packages for building projects all over the United States, each en-
crusted with logos, names, contact information, competition analysis,
schedules, and cost projections. It was my friends job to collect this in-
EXHIBIT 8 Data is Accessed by a System Exposed to Vulnerabilities
and Various Risks Associated with the Internet
Internet
Firewall
Attacker
Remote User
VPN Gateway
1
Normally, the security envelope would
force an attacker to obtain data directly
through hardened and prepared perimeter
3
The attacker simply accesses
the much weaker Internet-based
system to obtain data. The data
is simply delivered to the attacker.
2
Remote user obtains access
to information and opens/
copies/moves the data beyond
the established perimeter