I finished Clive Cusslers White Death today. Excellent as always. It was not his best, but still good reading!
The book I wanted to write about is called Stealing the Network. This has started a mini research interest for me over the past week. I’ve already written about it: See the post to my chrischaos blog dated Sunday, August 03, 2003. The two best chapters are 2 (The Worm Turns) and 10 (The Art of Tracking). Chapter 2 is the one I want to pursue. What exactly am I talking about? Setting up a honeypot that’s tuned to capture worms “in the wild” as they are called. ie, new worms nobody has seen. Then becoming smart enough to analyze the new worm before anyone else.
What’s involved in this?
1) setting up a honeypot…
One solution, (the one I like) is getting VMWare running on one of my computers. I can then have a “honeynet,” ie, multiple honeypots running different operating systems all on the same physical computer, all tuned to capture worms. VMWare would effectively “quarantine” the worm from the underlying PC. Getting this setup would be fun and require lots of new knowledge.
2) sending an SMS to my phone whenever a new worm is captured.
3) rushing home to analyze the new worm…. I would have to learn IDAPro which is a disassembler. It would also have to know how other worms have worked in the past. Nimda, Code Red, etc. Hackers “borrow” code. This step would get me up to speed on operating systems faults.
All of this would be just an ongoing interest. Not somthing that I want to solve in a week, but something that perhaps could occupy me for years… After all, it’s the journey that matters, not the destination.
Chapter 10 is also good, but is too much to chew on I think. It involves computer forensics. Reconstructing what the hacker did after he got in. Something that sounds fascinating, but too hard.
The other chapters in the book are from the hackers point of view. I liked the ones from the “white hat” POV. IE, the good guys.
Leave a Reply