Metropolis: King of Hackers!

Chapter 146 : Steal account!

The IP header is a data structure in which there is a place to save the source address and the destination address.

That is, just like a letter, the data packet is sent from the “source address” to the “destination address”, and this information is contained in the IP header.

Of course, just like the letter, the “source address” of the “sender” is not necessary and can be omitted.

The IP protocol sends IP data packets according to the destination address item in the IP header.

If the destination address is an address in the local network, the IP packet is sent directly to the destination.

If the destination address is not in the local network, the IP packet will be sent to the gateway, and the gateway will decide where to send it-this is the method of IP routing IP packets.

When IP routing an IP packet, it does not do any check on the IP source address provided in the IP header, and recognizes that 553 is the IP source address in the IP header, which is the IP address of the machine that sent the packet.

When the destination host receiving the packet wants to communicate with the source host, it uses the IP source address in the IP header of the received IP packet as the destination address of the IP packet it sends to communicate with the source host.

Although this data communication method of IP is very simple and efficient, it is also a security risk of IP. Many network security accidents are caused by the shortcomings of IP.

The network denial of service attack is a low-level application of this principle, and TCP connection requires three hands (cdai).

If the source address is forged, the attack target will never get a response from the other party within the limited time limit (the third handshake), which leads to a huge consumption of resources.

The use of IP address spoofing technology like this time to forge legal user addresses to gain the trust of network management and firewalls is an advanced application of this principle.

Because the technical content involved is too high, so few people know this kind of attack, basically know this kind of intrusion method, and can already be regarded as a first-class expert.

The other party’s technology was so superb that it did not leave any useful information in the machine, and ANSG’s investigation fell into a deadlock.

WELL is an online community. It was originally a BBS created by a Los Angeles magazine to contact users. After rapid development, it became a very large-scale virtual community in the M Empire.

In WELL, there are many discussion groups on various topics, usually 30 to 40 people to 100 people, and they form groups with similar interests and even rapport.

The main mode of operation of WELL is that everyone announces their screen name and real name, and then communicates via text on the Internet. They can get to know each other without having to meet each other. Bohr is a member of the New York City WELL Computer Network.

On this day, Bohr received a notice from WELL, reminding him to take away the data that took up too much space in the storage space of the computer center.

Since Bohr is an administrator in the community, he has a certain amount of storage space in the computer center. But after receiving this notice, Bohr was taken aback, because he had been deactivated for a long time for this computer account.

With a strange mood, he tried to log in to that account, and it turned out that the password was incorrect.

“How is this going?”

Bohr called the administrator of the computer center and asked about the details again.

Let me find that this account is indeed still in use, and the last login time turned out to be early this morning!

“Someone is pretending to use the resources of the computer center!” Bohr said to the administrator. .