A Denial-of-Service Tale of Woe

Once upon a time there were three systems administrators. They were

great friends and spent the summer playing ultimate Frisbee, roaming

the street markets and drinking espresso at the local java joint. But

the days passed quickly, and soon it was time for them to turn once

again to matters of business. There were rumors of evil hackers afoot

on the Internet, and tales of deadly distributed denial of service

attacks being launched from unguarded systems.

The first systems administrator, his mind still full of Frisbee and

flowers, told his friends that he wasnt going to take any precautions.

"After all," he asked, "what could possibly happen?"

"It's not safe!" the other administrators cried. "The evil hackers will

break in and destroy your systems!"

But the first systems administrator didn't listen. He was too busy

having fun to bother with silly things like firewalls and systems

security.

The second sysadmin was more industrious. She built a firewall using an

old PC and the Linux operating system. She was very proud of her

firewall and moved all of her department's systems behind it.

"I built a firewall," she proclaimed. "Now I can relax and have fun."

"Not so fast," the last systems administrator warned. "You haven't

secured your systems by installing TCP wrappers, and you built your

firewall in five minutes. Don't you know that a poorly configured

firewall is worse than no firewall at all? And have you even bothered

to study the SANS Top 10 list?"

But the second sysadmin didn't want to listen. She was already on her

way back to Starbucks for another espresso.

The third systems administrator shook his head sadly.

"Poor innocents," he thought to himself. "Their time will come. The big

bad hackers will huff, and puff, and blow their systems down."

He trudged back to his office and began installing the latest systems

patches.

Not long afterwards, the first systems administrator was sitting in his

office enjoying a cup of coffee and thinking of nothing in particular.

Suddenly there was a horrendous crash in the hallway and his door flew

open.

"You have to help me!" shouted the wild-eyed faculty member. "All of my

research files are GONE! And I can't get them back! I've lost

EVERYTHING! Do something!"

The first systems administrator grabbed his keyboard. Tappity-tappity-

tap -- his fingers flew across the keys. What he saw made him very

frightened. He slowly turned a sickly shade of green.

"Ummm, I think you've been hacked," he muttered. "Excuse me. I'm going

to be sick now." And he pushed his way past the wild-eyed faculty

member and ran across campus to the office of the second systems

administrator.

The second systems administrator looked up in alarm as the first admin

burst into her office.

"What's wrong?" she asked? "Why are you so green?"

"I've been hacked!" cried the first sysadmin. "All of our files are

corrupt. They own root! I'm going to be fired! You have to help me!"

The second systems administrator leaned back in her chair and pulled at

her chin.

"Not to worry," she said. "We'll just put your critical systems behind

my nifty Linux firewall and they'll be fine. Let's get to work."

So the two sysadmins went to work and began moving machines and

reconfiguring network addresses. After several hours they had the first

system administrator's most critical systems up and running behind the

Linux firewall. They felt very safe and were quite pleased with

themselves. They fired up a Papa Roach MP3 file and kicked back. All

was well with the world.

Not long afterwards the second systems administrator's console beeped.

After she read the message she began to slowly turn white. She shook

her head in disbelief. This couldn't be happening.

"What's wrong, dude?" asked the first admin. "Those burritos you ate at

lunch give you gas?"

The second sysadmin shook her head.

"It's not gas -- it's that darn hacker. He's gotten through my Linux

firewall and is going for root on our departmental server. If that

system gets hacked, my butt is in a sling. That's where our chairman

keeps his research results."

The two admins looked at each other. They both knew there was only one

thing to do: pull the plug. They raced down the hallway to the data

closet and disconnected the network from the building backbone.

"That was close," said the first admin, wiping his brow.

"Yeah, a little too close for comfort," agreed the second. "Now what do

we do? I need to get those systems back on line as soon as possible."

"Why don't we see if the third systems administrator will let us move

the critical machines behind his firewall?" asked the first admin.

So the two chagrined admins gathered their critical systems, loaded

them on a cart and pushed them across campus. The third systems

administrator didn't say a word when they arrived. He simply sat

quietly and looked at them, a sad expression creeping across his face.

"Dudes, I warned you not to leave your systems open. You didn't listen

to me, and now you want me to bail you out. I suppose you want to put

those boxes behind my firewall?"

They nodded slowly and tried to look suitably humble. The third

sysadmin sighed.

"Then let's get started," he said. "Your users will want these machines

back online as soon as possible, and the hacker will be back. But this

time he won't be able to huff, and puff, and blow your systems down."

The three friends spent several hours installing TCP wrappers and IP

chains, adding tripwire and swatch, and configuring the machines to

operate behind a firewall. By the time they finished it was late, and

they were tired and hungry.

"Dudes, I'm ready for some 'za and a beer," said the first admin.

"Excellent suggestion," agreed the second.

"Not so fast," said the third. "Let's sit tight and watch the firewall

logs. That hacker will be back, I can guarantee it, and I want you to

see what happens when he tries go get past my security features."

So the three administrators sat and waited. And watched. And waited. As

they were about to give up and leave, the firewall console beeped.

"It's starting," muttered the third admin. "Here he comes. Let's see

what chops he has."

The wily hacker poked and prodded at all the systems. He huffed and

puffed and tried every technique he knew. But he couldn't get past the

firewall and security software. The third administrator leaned back in

his chair and grinned.

"That old wolf can huff and puff all he wants," he said. "He's not

quite as lame as a script kiddie, but he ain't good enough to get past

what we've put in place. I expect he'll be back, though. With more

tools, more skills and an attitude. We'll need to stay alert by reading

the bugtraq mailing list. But right now I'm feeling the need for

sustenance. Food. Pizza." He grinned.

"Y'all are welcome to leave your systems behind my firewall until we

can build one for each of you. I'll give you a hand tomorrow. Let's

jet."

So the three administrators, being great friends and connoisseurs of

fine beer and pizza, left to find food, while the wily hacker huffed,

and puffed, and pounded unsuccessfully on the firewall.

The End.

Insider: How the basic tech behind the Internet works
Join the discussion
Be the first to comment on this article. Our Commenting Policies