I read that shortly after it was originally published. And I thought to myself: COOL!
I was seventeen. I had a spare Windows 95c (or was it 98se?) box laying around, and some experience with inctrl5, a linux box which could operate as a router, and some basic knowledge of tcpdump(1). Importantly, I could also script the behavior of an IRC client.
At the time I was a channel operator in a relatively popular IRC channel on EFnet... "Don't ask to ask!" :) Users would come in and request assistance with malware all the time, so I was already roughly familiar with the mechanisms of infection and CnC.
This is a long story that I must cut short: I ended up in the same CnC room as Gibson did. Not the same type--the same one. I met some of the people in the story. :D
First, read this. Note the date. http://www.crime-research.org/library/grcdos.pdf
I read that shortly after it was originally published. And I thought to myself: COOL!
I was seventeen. I had a spare Windows 95c (or was it 98se?) box laying around, and some experience with inctrl5, a linux box which could operate as a router, and some basic knowledge of tcpdump(1). Importantly, I could also script the behavior of an IRC client.
At the time I was a channel operator in a relatively popular IRC channel on EFnet... "Don't ask to ask!" :) Users would come in and request assistance with malware all the time, so I was already roughly familiar with the mechanisms of infection and CnC.
This is a long story that I must cut short: I ended up in the same CnC room as Gibson did. Not the same type--the same one. I met some of the people in the story. :D