Jurors witness hacking demonstration

[InfoSec News <isn () c4i org>]

http://www.nzherald.co.nz/storydisplay.cfm?storyID=198267&thesection=technology&thesubsection=general

04.07.2001 By PETER GRIFFIN 

Jurors were given a step-by-step guide to hacking techniques
yesterday, in the first such simulation carried out in a New Zealand
court.

Former website administrator Andrew Garrett is on trial in the Manukau
District Court on 10 charges of fraud, wilful damage and threatening
to cause damage.

The charges relate to events nearly three years ago when Garrett
allegedly used the common hacking program Back Orifice to obtain
passwords of customers of internet service providers Xtra, ihug and
BestNet.

Using a cloned copy of Garrett's hard drive and projecting images of
Back Orifice at work against the court wall, crown witness and
security expert Daniel Ayers said a disk found by police at Garrett's
house contained incriminating computer logs which showed he had probed
other computers to obtain internet passwords.

The logs, said Mr Ayers, also revealed that Garrett had used Back
Orifice to snoop around other people's computers, looking at picture
files, their "little black book" of e-mail addresses and taking
"snapshots" of their computer screens when they were on the internet.

The presence of an extension to Back Orifice called Butt Trumpet was
also found on Garrett's computer.

The program allowed an e-mail to be sent to his computer every time an
account holder connected to the internet, enabling the remote probes
to take place.

Garrett's defence so far has centred on the point that he could have
unwittingly infected other users' computers or may even have been the
subject of a virus infection himself.

Lawyer Michael Levett said Garrett's computer might have been
controlled remotely.

The trial is scheduled to run for up to four weeks.




ISN is hosted by SecurityFocus.com
---
To unsubscribe email isn-unsubscribe () SecurityFocus com.