Xref: utzoo ut.general:538 ont.general:712 Checksum: 44151 Path: utzoo!utgpu!molnar From: molnar@gpu.utcs.toronto.edu (Tom Molnar) Date: Sat, 1-Apr-89 19:29:04 EST Message-ID: <1989Apr1.192904.27339@gpu.utcs.toronto.edu> Organization: University of Toronto Computing Services Newsgroups: ut.general,ont.general Subject: Re: U of T employee/student charged with "unauthorized access"? References: <754@helios.toronto.edu> Reply-To: molnar@gpu.utcs.UUCP (Tom Molnar) In article <754@helios.toronto.edu> sysruth@helios.physics.utoronto.ca (Ruth Milner) writes: # Has anyone heard anything about this? I was told by someone who works at # _The Star_ that a U of T employee or student (not clear) has been charged # with Unauthorized Computer Access for getting into some U.S. military # computer. Does anyone know the details about this? Is it true? If so, # what exactly did he/she do, and how was it traced (as easily as seeing # where the telnetd was connected to?) ? Yes, I have some familiarity with the case. The individual (a 19 year old male) is not an employee nor do I believe that he is a student. An individual had been accessing our systems and using our Internet connection to attack potentially sensitive sites. Among these sites was a nuclear balistics research lab and a U.S airforce base machine. The individual spent some effort collecting password files from various machines accessible via the UofT internet and the Internet at large. He then proceeded to apply sophisticated techniques to crack passwords. He was successful in several cases. The individual was also aware of how to gain root access to certain unix machines (sun included) via anonymous ftp. Several sensitive files were copied using this technique. Obviously it's not practical for me to explain how we tracked this fellow down. We certainly didn't use the confrontational approach. He wasn't aware that we were closely monitoring him. A search warrant was issued and all of his computer equipment, printouts, manuals etc. were seized. The raid was successful, he was arrested after incriminating evidence was found in his home. He was caught redhanded, completely unawares and with no time to destroy evidence. I hope potential "hackers" (in the bad sense of the term) will take heed and realize that the groundwork has been laid to catch illegal intruders even more easily in the future. We will not hesitate to alert both the UofT police force and work with the Metro Police to catch and prosecute "hackers". A criminal record is not worth the "fun". The maximum penalty is 10 years imprisonment. We regard unathorized access to UofT systems very seriously. One final word. Review your password allocation mechanism, make life a little difficult for "hackers". Make sure your users use 8 character random character passwords. UofT sysadmins should take this advice most seriously. Today. Tom Molnar -- Tom Molnar Unix Systems Group, University of Toronto Computing Services.