HostedDB - Dedicated UNIX Servers

index_21
Auerbach Publications © 2001 CRC Press LLC 08/01 of unknown traffic. I knew he used a cable modem and a VPN to work from home, either at night or during the day, to avoid traffic and general office interruptions. I was also aware that he used Windows 98 as an op- erating system and standard programs to complete his work. Additional- ly, he left his computer on all the time — why not? Completely convinced that he had been attacked, I told him not to touch the computer and to start a sniffer using another computer on his home network to see what was going over the wire. In a few minutes, communications were started between his computer and an Internet- based host. It was clear, after looking at the traffic more clearly, that his system was being accessed. Between his experiences, log files from var- ious software he had installed on the system, and previous experiences with other friends in his shoes, I assumed that his system was accessed. I had him unplug the Ethernet from the cable modem and asked how se- rious could the issue be — in other words, what was on the box that someone would want or appreciate getting. After a short discussion, it appeared that the hacker was accessing all the bid packages for building projects all over the United States, each en- crusted with logos, names, contact information, competition analysis, schedules, and cost projections. It was my friend’s  job to collect this in- EXHIBIT 8 — Data is Accessed by a System Exposed to Vulnerabilities and Various Risks Associated with the Internet Internet Firewall Attacker Remote User VPN Gateway 1 Normally, the security envelope would force an attacker to obtain data directly through hardened and prepared perimeter 3 The attacker simply accesses the much weaker Internet-based system to obtain data. The data is simply delivered to the attacker. 2 Remote user obtains access to information and opens/ copies/moves the data beyond the established perimeter