Home

Feedback

Credits

About Raj
Hacking at VSNL

*
 Introduction: Guidelines which will safeguard your system
*
 Cracker/Hacker controls a user's system by sending a file through ICQ
*
 Social Hacking
*
 Hacking the computer system by the use of cookies
*
 Chat with a VSNL Cracker

VSNL Alert!: Hacking at VSNL
Controlling of User's computer system

by Raj Mehta, Bruce Gingery and Peter Doshi

Introduction

Recently hackers have been active at VSNL sites and they have put up passwords on the their websites. But, the target has shifted directly to USERS' computer systems from VSNL servers. This is a rather alarming happening, as individual users are not equipped to take adequate measures to protect themselves and run the serious risk of losing their data and/or computer system.

Before we get into the details, here are guidelines which will minimize your exposure:

  • Don't receive any file form anyone you don't trust either through ICQ or IRC
  • Be cautious about the attachment you receive by email.
  • Don't visit websites which may be questionable in nature.
  • If you realize that your system has been infected, don't go on the Internet at all until you have corrected the problem, and that may not be easy.
  • Immediately log on to shell account and change your password by dialing to shell account.
  • Use a boot diskette from a system that you know is uninfected and write-protect any diskettes before you insert them into the infected system.
  • Do not use any web-based password facilities, even those offered by VSNL. Instead change your password through your shell account. Directions are available.
  • If you believe your computer's security has been compromised, please contact us immediately.

We report four instances which have occurred in last four days along with the comments of Mr. Bruce Gingery who has who has been advising "The Guide" on these matters in the past. There are three articles on the website you must read:

Computer Security Primer-The Internet

When Legends Get Teeth -- Email Bug-- Dangerous?

About Computers, The Internet, and Alternatives for Operating System

Bruce points out how your computer system security can be compromised. The three things said in there have come true. With each instance I will reproduce the actual comments by Bruce about each specific instance.

Buggy software which exploits the inherent weaknesses of Windows95/98/NT/2000 (NT5 will be called Windows2000 - announced today) which can especially surface involving OLE and Active-X.

On August 3, a group of hackers called, "Cult of Dead Cow" released a program called "Back Orifice" which can be transmitted by even a slight opening to your system e.g. email or ICQ file transfer and once in your system it keeps the door open for the cracker do what he/she pleases with your system, including reading/erasing all the content of your hard disk, destroying your computer system or whatever worst you can think of.

The main purpose of reporting is to to act as warning to users of VSNL system. There are no simple precautions but alertness can go a long way. Of course a solution is to not use Windows but go to alternative operating systems like Linux or FreeBSD.

Be Alert and Beware!


Copyright © 1996, 1997, 1998 Dr. Raj Mehta. All rights reserved.