Team 16 Main
Initial discusion
I will be able to work on the weekend and contribute mostly towards the programming and debugging part. As with other, I will take part in the writing and reviewing the project report too. I agree with Tony, Sean you could go ahead with the policy portion.
Once root access for machine is obatined, one can pretty much do anything with that machine including misuse. It can be then used as base station for further attacks keeping the anonymity of the hacker.
Also once a exploit on machine is dicovered there can be range of machines with similart OS or SW that can be targeted.
Anil
Sean,
You don't really have to wait for us hack into the system in order to write the policy portion.
You can just image... if we can get the root access to a system, we can steal and change/delete/format any information stored in that system plus other connected systems that are in trust. We can forge the user of that system and send out bogus emails on behalf of him/her. We can run various programs on that system, i.e. monitoring keystrokes for password to get into other critical systems and do further damages.
-Tony
Original Message -----
Fro: Sean West To: Relkuntwar Anil Cc: arelkun@u.washington.edu ; hcosand@u.washington.edu ; seanwest@berkeley.edu ; tonychan@u.washington.edu ; tigeru@u.washington.edu Sent: Wednesday, October 12, 2005 10:00 AM Subject: Re: Red Team 16 - Project
Hi All,
I am a Master of Public Policy student at Berkeley with virtually no understanding of computer science. I am interested to learn about this particular subject which explains my enrollment in the course. My limitations do not make me much of a candidate of a candidate for the hacking portion but my skills will be quite useful for the policy portion. I do know that I will be out of town (though not completely unconnected) from October 20th to the 24th (this is what happens when course deadlines are set on the fly!) so I would really like to get as much done as possible before hand. Of course, the policy portion can't begin until the hacking portion is completed, so I guess it would require all of us to start the project ASAP.
I wanted to notify you all of this and ask how you think its best to be handled. I want to make sure that I am pulling my fair share as a group member even as I am out of touch on the tail end. Thank you very much.
Best Regards, Sean West
On 10/12/05, Relkuntwar Anil <anil.relkuntwar@siemens.com> wrote: Hi All, I mostly attend my lectures at the Microsoft campus though I do not work in Microsoft. Any body else attends at Microsoft.
I skimmed the paper/articles that were pointed out by the project page. The paper discusses major-ly about the buffer overflow. Did anybody find anything more. With that in mind I think we have find max number of programs that are vulnerable.
Jeffrey, As a common means of communication, can we have a group private Wiki page? Holly, Sean, Tony and Honlok will you be OK with if a Wiki page is possible.
Any Thoughts.
Regards Anil
Original Message-----
From: Jeffrey Bigham [1] Sent: Tuesday, October 11, 2005 1:40 PM To: arelkun@u.washington.edu ; hcosand@u.washington.edu; seanwest@berkeley.edu; tonychan@u.washington.edu; tigeru@u.washington.edu Subject: Red Team 16
Hi Team 16,
This email is meant to introduce you to your teammates, which are
listed below. You were already sent an email about the programming
portion of the project and this page has more information about the
overall assignment:
http://www.cs.washington.edu/education/courses/csep590/CurrentQtr/project.html
You should find out even more about the project tomorrow night in
lecture, but I encourage your to start discussing the project early.
- Relkuntwar, Anil Vijay (arelkun@u.washington.edu) - UW
- Watson, Holly M. ( hcosand@u.washington.edu) - UW
- West, Sean Paul ( seanwest@berkeley.edu) - Berkeley
- Chan, Tony Yick-Chung (tonychan@u.washington.edu ) - UW
- Yu, Honlok (tigeru@u.washington.edu) - UW
-Jeff
