In computing, a backdoor is a secret point of entry to a computer program or computer. Legitimate backdoors may be created by a system developer, but more commonly they are used by hackers for penetrating a computer over a network. The most popular method of establishing a backdoor to a computer is through the 'Backdoor Mail Spam' in which an unsolicited email is sent to a victim with a
backdoor program attached to it. This backdoor program will be disguised (a Trojan) pretending to be perhaps a computer game or a screensaver. Further, the email may pretend to originate from a trusted source, such as the mail program of the network or a well-known computer company. When the recipient executes the attachment, the backdoor program installs itself secretly onto the computer and monitors a predefined port on the network waiting to allow a hacker in 'through the back door'. Research Backdoor
Originally, a benchmark was a surveying term. A land surveyor, when taking levels, required some fixed point or datum as a standard of height by which to regulate and verify measurements and operations. This basic point was indicated by a mark resembling a bench (in ordnance they took the form of a broad arrow), hence the term benchmark.
In later parlance benchmarks became understood as a relative measure of performance, often a standard or fixed value against which other data can be compared. In computing terms they are considered (by hackers) as an inaccurate measure of computer performance. 'In the computer industry, there are three kinds of lies: lies, damn lies, and benchmarks.' Well-known ones include Whetstone, Dhrystone, Rhealstone, the GabrielLISP benchmarks, the SPECmark suite, and LINPACK. Research Benchmark
COBOL (Common Business-Oriented Language) is a computer programming language described by hackers as 'a weak, verbose, and flabby language used by card wallopers to do boring mindless things on dinosaur mainframes'. Research COBOL
EMACS is a programmable computer text editor with an entireLISP system inside it. It was originally written by Richard Stallman in TECO under ITS at the MITAI lab; AIMemo 554 described it as 'an advanced, self-documenting, customisable, extensible real-time display editor'. It has since been reimplemented any number of times, by various hackers, and versions exist which run under most major operating systems. Perhaps the most widely used version, also written by Stallman and now called 'GNU EMACS' or GNUMACS, runs principally under UNIX. It includes facilities to run compilation sub-processes and send and receive mail. Other variants include GOSMACS, CCA EMACS, UniPress EMACS, Montgomery EMACS, jove, epsilon, and MicroEMACS. Research EMACS
Operation Sundevil was a two year investigation into alleged illegal computer hacking activities by Secret Service agents and state and local law enforcement officials in the USA during 1988 to 1990. Federal search warrants were executed in Chicago, Cincinnati, Ohio, Los Angeles, Miami, Newark, New York, Phoenix, Pittsburgh, Plano, Richmond, San Diego and SanJose. The United States Secret Service, in co-operation with the United States Attorney's Office, and the Attorney General for the State of Arizona, established an operation utilizing sophisticated investigative techniques, targeting computerhackers who were alleged to have trafficked in and abuse stolen credit card numbers, unauthorized long distance dialing codes, and who conduct unauthorized access and damage to computers. The total amount of losses was estimated at millions of dollars, comprised of for example, the unauthorized accessing of long distance telephone cards that resulted in uncollectible charges and the use of stolen credit card numbers enabling individuals to
utilise the charge accounts to purchase items for which no payment was made. Research Operation Sundevil
Twenex was the TOPS-20 operating system by DEC - the second proprietary OS for the PDP-10. TOPS-20 began in 1969 as Bolt, Beranek & Newman's TENEX operating system using special paging hardware. By the early 1970s, almost all of the systems on the ARPANET ran TENEX. DEC purchased the rights to TENEX from BBN and began work to make it their own. The first in-house code name for the operating system was VIROS; when customers started asking questions, the name was changed to SNARK so DEC could truthfully deny that there was any project called VIROS. When the name SNARK became known, the name was briefly reversed to become KRANS; this was quickly abandoned when someone objected that `krans' meant `funeral wreath' in Swedish (though some Swedish speakers have since said it means simply `wreath'; this part of the story may be apocryphal). Ultimately DEC picked TOPS-20 as the name of the operating system, and it was as TOPS-20 that it was marketed. The hacker community, mindful of its origins, quickly dubbed it TWENEX (a contraction of `twenty
TENEX'), even though by this point very little of the original TENEX code remained (analogously to the differences between AT&T V6 UNIX and BSD). DEC people cringed when they heard 'TWENEX', but the term caught on nevertheless (the written abbreviation ` 20x' was also used). TWENEX was successful and very popular; in fact, there was a period in the early 1980s when it commanded as fervent a culture of partisans as UNIX or ITS but DEC's decision to scrap all the internal rivals to the VAXarchitecture and its relatively stodgy VMSOS killed the DEC-20 and put a sad end to TWENEX's brief day in the sun. DEC attempted to convince TOPS-20 hackers to convert to VMS, but instead, by the late 1980s, most of the TOPS-20 hackers had migrated to UNIX. Research Twenex
A CGI scanner is a computer program that searches a specified web site for vulnerable CGI scripts which may be exploited by a hacker. CGI scanners are used both by security staff to check for vulnerable scripts, and by hackers searching for ways to exploit security loopholes in a web site. Research CGI Scanner
Hackers Paradise is a network backdoor Trojan that communicates through port 31.
Hackers Paradise is a network backdoor Trojan that communicates through port 456. Research Hackers Paradise
The Unicode Attack is a system whereby hackers gain access to a web hosting computer via a security hole in the Microsoft IIS V5.0 http server software. This web server software allowed users of the web server to run the operating system shell program, 'cmd.exe', in order to run any program they like on the remote web server. Unicode attacks rely upon substituting the / character with Unicode characters so that a malicious user can circumvent the Web root restrictions to access resources outside of the Web path. Unicode attacks are very common, or at least attempted attacks are very commonm, and can be identified by entries in the http log file similar to: 216.234.125.210 - - [31/Aug/2004:21:41:20 -0600] 'GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0' 302 247 '-' '-' Here, a malicious hacker is probing the web server to see if he can achieve a directory listing using the shell program cmd.exe. Had he been successful he may then have used the shell program to take over the web server for his own purposes. This server, however, was a Linux server and immune to this attack.
Microsoft web servers can protect against the Unicode Attack by installing the Microsoft security patches and also removing permission to execute programs in the %winnt%/system32 directory from the 'EVERYONE' group. Research Unicode Attack
The Probert Encyclopaedia was designed, edited and programed by
Matt and Leela Probert
Abbreviations
Research Backdoor
