pwlk blog

So I’m taking a class called, “Network Security.” The first assignment was to send our professor two emails, one containing the word “devolution” and the second containing the word “fallow” during the hours of 00:00 and 23:59, yesterday. The project has a simple explanation, intercept all emails and create a spreadsheet telling the professor at what time each student in the class sent him an email with one of those two keywords. The first email with devolution had to be plain text and the second could be either plain text or encrypted.

To make things interesting, each student was allowed a max of 10 emails send to the professor or would face disqualification.

All of us were given logins to the email server and EXTREMELY limited permissions on what we could do. When logging on, we were greeted with the following message:

———————————————————————-

HELIOS v3.14159265

Here is what you can do:

1. Use tethereal_wrapper to sniff – the output goes to /tmp/<username>

2. Use tethereal_kill to kill the sniffer

3. Use chown_wrapper to make your /tmp file readable

4. Use ls to see what is in your directory

5. Use nano to view a file – e.g. nano /tmp/f####

6. Use scp to copy files to your account…

7. Use ssh to login to your account (not outbound though)

8. Use less to view a file

9. mail and mutt are available to send mail

Here is what you cannot do:

A. Just about everything else – do not squirrel files away

in some deep dark location.

B. Cry. Crying is prohibited.

C. Get root access. It’s easy and encouraged!

Note: If you have any requests send them to both

f####@#### and

n####@####

Happy Hunting

———————————————————————-

Throughout the day, the server went crazy. Things changed by the second. I don’t know how many of the things that were happening actually happened … but I am very interested to get back to class on Tuesday and find out all that did happen. Many times during the day someone would kick me off the server, at one point someone had deleted all my wireshark log files (but luckily I had been emailing out logs to myself all day to have local copies).

But then the kicker came. Just minutes after I sent in my first email with the keyword “devolution” I got the following email back from my professor:

Subject: You have reached your email limit

User-Agent: Heirloom mailx 12.4 7/29/08

Content-Type: text/plain; charset=us-ascii

Status: R

Dear Student,

You have surpassed your maximum quota of emails (-100 points).

Please refrain from sending any more emails during this assignment.

J### F####

And just as quick as that, I was disqualified. Someone had spoofed my email address and quickly put me over the 10 max emails. But then I got paranoid and thought … well maybe someone spoofed the disqualification email and I’m still in the game! Granted, it seems as though this exact same thing happened to most other students.

Today, we got an email from the professor talking about the first project that I thought was very funny and then caused me to write this post. The email is pasted below. All in all, I really enjoyed the project and had a great time.

Dear Network Security student

As you can probably tell, this quarter’s Network Security class is chock-full of nefarious people. This is great news because they will be able to tell us some interesting ways that nefarious people try to compromise a computer. The most important lesson learned from this assignment is that Network Security can be no better than Computer Security – we can employ the most advanced techniques for keeping network traffic secure but these are all wasted if some machine through which the traffic flows is compromised.

Notes:
1. All OSes have vulnerabilities. This includes Linux,
Windows, FreeBSD and others.
2. J#### L######, J### W########, J#### B#####, N####
H##### and I (principally L##### and I – so do
not blame the others) tried our best to harden helios
against attack but we apparently did not know as much
about unix as some other students who figured out how
to exploit the wrappers. Please realize that this is
common – a systems administrator of a networked
system must know as much about security as all people
on the rest of the planet to keep a system secure (ok
slight exaggeration) to prevent that one person who
knows something more from compromising the computer
and since systems are so complex, this has become a
major challenge.
3. It is interesting that about six people were capable
of getting out of jail but in the end only one was
dominant. Hopefully we will find out why.
4. Everyone who participated will receive full credit
for doing the assignment. Do not think that the final
score as calculated according to the assignment is
going to be used to compute a homework score – it is
only going to be used to determine the prize winner.
5. Some people sent email to gauss instead of helios.
I will consider those people as participating.
6. Due to the craziness involved, I will now have to
read over 2500 emails. It may be some time before a
prize is given. If the top scorer turns out not to
be the nefarious dominator, I will award two $25
prizes – one to each.
7. Finally – I would have used the word “sketchy” to
describe the people who caused so much havoc but the
definition of nefarious is closer to being accurate
- see for yourself:
Nefarious Ne*fa”ri*ous, a. [L. nefarius, fr. nefas crime,
wrong; ne not + fas divine law; akin to fari to speak. See
No, adv., and Fate.]
Wicked in the extreme; abominable; iniquitous; atrociously
villainous; execrable; detestably vile.

That’s all for now
J### F#####