From: Mike Fletcher <fletch@ain.bls.com>
Date: Wed, 12 Jun 1996 17:47:16 +0800
To: cypherpunks@toad.com
Subject: Re: Anonymous return addresses
In-Reply-To: <Pine.SV4.3.91.960611172935.20391B-100000@larry.infi.net>
Message-ID: <9606120354.AA16387@outland.ain_dev>
MIME-Version: 1.0
Content-Type: text/plain


> Can anyone "give away the Ending" of Cliff Stoll's book - and describe 
> the basic methodology used to track back to the German hacker?

	Can't remember the exact details (and I can't remember where
my copy is :), but basically they used the ACK/NAK times in the kermit
protocol to guess his distance.  After tracing him back to some firm
in Va, they worked out to Germany and then the Bundespost ran a phone
trace to find him.  (So all y'all malicious crackers that have the
TLAs trembling in their jackboots remember to tweak your kermit (or
rz) progs to randomize response times. :)

	I'd reccommend reading the book.  It's pretty interesting.  Or
Nova did an episode ~2 years back (whenever the book came out) that
was a quick 1hr version of the whole story.

---
Fletch                                                     __`'/|
fletch@ain.bls.com  "Lisa, in this house we obey the       \ o.O'    ______
404 713-0414(w)      Laws of Thermodynamics!" H. Simpson   =(___)= -| Ack. |
404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43  U      ------