Internet Connection Security for Windows Users
by Steve Gibson, Gibson Research Corporation


TechZone

The Mind of an Internet Hacker:
The term "Hacker" has been badly maligned through misuse. Hacking into a system is often necessary for many different reasons. For example, most of my own products could never have been created by following "established" guidelines. I've spent many happy hours "hacking" Windows in order to create more powerful solutions for you. So, I try to refer to "bad hackers" as "vandals" or "crackers" in order to retain the original correct and benign sense of the term "hacker."

I think you'll enjoy the following statement, made by Greg Hoglund, the author of the powerful Asmodeus Internet scanner, a true hacker in the correct sense of the word:



To me, the Internet is a giant game of Core Wars. TCP/IP is only a way of InterProcess Communication... It's more than a bunch of computers, its a bunch of memory spaces.. a bunch of process spaces... The Internet is just one giant distributed machine.

Ultimately that is what Asmodeus is about, mapping the locations of all processes on the Net. Asmodeus isn't smart enough yet to interrogate those processes to learn what they do. That job is up to you, the Hacker. Asmodeus provides you with a tool to manage your "map" of the Net. It places everything in address space, handles scanning and basic information retrieval, and sorts this for you in a database.

Network power is related to the number of nodes it contains and the number of processes which can be accessed. The endpoints of process communications must be labelled or identified in a unique way, otherwise how do we find them? Enter the arena of Internet, the global IPA Space if you will, a million computers, and millions of processes.... Processes that serve files and information, databases, and CPU time. This is true cyberspace.

So how do we make a *gods map* to this cyberspace? I am beginning to live there (cyberspace), but not in front a web browser. What maps the Internet? It's NOT URL links on web sites, with their chaotic cross-pollination and 404 errors... The web is not a map for the Internet, it's spaghetti. What about the Internic domain name system? Nah, it's overlord commercialism. One entity trying to control the commercialism of the net thru a name. That's downright wrong.

You see, Hackers don't follow links, they map them. At any particular point on the "wire" that connects us, what information can be gained? The true structure of the Internet is based on numbers, 32 bit addresses and associated port numbers. All this binary data forms a packet, encapsulating destination ports, data fields, and option flags. Magnify the data packets and take a look at the payload. What information is going where? How does it effect the machines and processes who receive this packet?

Eventually I would like Asmodeus to function as a pattern analysis tool. Look at the data stream, see it for what it is, find the tell tale patterns and analyse analyse analyse. For instance, we know that if we frame out octets 26 thru 29 of an ethernet packet, we have the destination IP address of the packet.. ie., 127.0.0.1 or something similar.. and that if we look at the 4th bit of octet 18, and it is set, then the packet is going to cause the machine located at 127.0.0.1 to crash (if it is running Micro$loth Windoze, that is...).. give it the "Blue Screen of Death" as it's so kindly known.

To my mind, and indeed mathematics, the Internet is an abstract collection of data spaces, each mappable with some unique methodology. Information Theory. Every particular frame of bits from the packet can be thrown in it's respective bucket, and we can create "spaces". Number spaces. Address spaces, port spaces... It's only a matter of detail to look at what's stored within something. The web space, the file space, any particular pattern of data behind a port...

— Greg Hoglund
    Dec 2. 1997

Please press your browser's BACK button to return ...