Kevin Mitnick is - Computer Science
Transcript of Kevin Mitnick is - Computer Science
![Page 1: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/1.jpg)
1/16
Kevin Mitnick
I First hacker on the FBI’s Most Wanted list.
I ”Anything out there is vulnerable to attack given enough timeand resources.”
![Page 2: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/2.jpg)
2/16
Kevin Mitnick
I Was a hacker, is a computer security consultant.
I https://en.wikipedia.org/wiki/Kevin_Mitnick
I Never stole or profited from any information he hacked into
I Follow him on twitter: @kevinmitnickhttps://twitter.com/kevinmitnick (as of spring 2021,256K followers)
![Page 3: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/3.jpg)
3/16
The Kevin Mitnick Attack
Who: Kevin Mitnick (The Attacker); Tsutomu Shimomura (TheVictim)When: December 25, 1994Where: San DiegoWhat: Shimomura’s computer was hacked by Kevin MitnickHow: ??
![Page 4: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/4.jpg)
4/16
The Kevin Mitnick Attack
Attack against the TCP 3-way handshake.Attacking mechanisms used:
I IP spoofing
I SYN flood
I TCP sequence number prediction
![Page 5: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/5.jpg)
5/16
TCP 3-way Handshake
![Page 6: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/6.jpg)
6/16
TCP Header
![Page 7: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/7.jpg)
7/16
TCP Header
![Page 8: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/8.jpg)
8/16
TCP 3-way Handshake
![Page 9: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/9.jpg)
9/16
IP Spoofing
A technique in which an attacker creates IP packets with a falsesource IP address, so as to conceal its identity or impersonateanother computer system.
![Page 10: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/10.jpg)
10/16
IP Spoofing
![Page 11: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/11.jpg)
11/16
SYN Flood
![Page 12: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/12.jpg)
12/16
TCP Sequence Number Prediction
Mitnick sent SYN request to the Target and received SYN/ACKresponse. Then he sent RESET response to keep the Target frombeing filled up. He repeated this for twenty times. He found thereis a pattern between two successive TCP (initial) sequencenumbers. It turned out that the numbers were not random at all.The latter number was greater than the previous one by 128000.
![Page 13: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/13.jpg)
13/16
The Kevin Mitnick Attack
![Page 14: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/14.jpg)
14/16
Consequence
I Caught in 1995
I Charged with wire fraud (14 counts), possession ofunauthorized access devices (8 counts), interception of wire orelectronic communications, unauthorized access to a federalcomputer, and causing damage to a computer
I 46 months and 3 years probation
I Released 21 Jan 2000
I Could not have anything to do with a PC until 20 Jan 2003
![Page 15: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/15.jpg)
15/16
Interesting Resources
Takedown: also known as trackdown, a movie based on KevinMitnick’s story, released on 2000.
Freedom Downtime: A documentary produced by 2600: The
Hacker Quarterly in response to Track Down. (Available onyoutube.)
The Art of Deception: A book written by Kevin Mitnick in2002, explains how social engineering can be combined withhacking.
![Page 16: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/16.jpg)
16/16
Question
Why the attack happened on Christmas Day?
Shimomura’s machine has to be idle for the attack to succeed.New Internet connections would change the initial sequencenumber and make it more difficult to predict the sequence number.
![Page 17: Kevin Mitnick is - Computer Science](https://reader033.fdocuments.us/reader033/viewer/2022052017/628674a8a4f9511bba1fc523/html5/thumbnails/17.jpg)
16/16
Question
Why the attack happened on Christmas Day?
Shimomura’s machine has to be idle for the attack to succeed.New Internet connections would change the initial sequencenumber and make it more difficult to predict the sequence number.