The Cuckoo's Egg (book)

The Cuckoo's Egg (book)
The Cuckoo's Egg  
Author(s) Clifford Stoll
Country United States
Language English
Publisher Doubleday
Publication date 1989
Media type Print
Pages 326
ISBN 0-385-24946-2
OCLC Number 43977527
Dewey Decimal 364.16/8/0973 21
LC Classification UB271.R92 H477 2000

The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage is a 1989 book written by Clifford Stoll. It is his first-person account of the hunt for a computer cracker who broke into a computer at the Lawrence Berkeley National Laboratory (LBL).



Clifford Stoll (the author) managed some computers at Lawrence Berkeley National Laboratory in California. One day, in August 1986, his supervisor (Dave Cleveland) asked him to resolve a USD$ 0.75 accounting error in the computer usage accounts. He traced the error to an unauthorized user who had apparently used up 9 seconds of computer time and not paid for it, and eventually realized that the unauthorized user was a cracker who had acquired root access to the LBL system by exploiting a vulnerability in the movemail function of the original GNU Emacs.

Over the next ten months, Stoll spent a great deal of time and effort tracing the hacker's origin. He saw that the hacker was using a 1200 baud connection and realized that the intrusion was coming through a telephone modem connection. Stoll's colleagues, Paul Murray and Lloyd Bellknap, helped with the phone lines. Over the course of a long weekend he rounded up fifty terminals, mostly by "borrowing" them from the desks of co-workers away for the weekend, and teleprinters and physically attached them to the fifty incoming phone lines. When the hacker dialed in that weekend, Stoll located the phone line, which was coming from the Tymnet routing service. With the help of Tymnet, he eventually tracked the intrusion to a call center at MITRE, a defense contractor in McLean, Virginia.

Stoll, after returning his "borrowed" terminals, left a teleprinter attached to the intrusion line in order to see and record everything the cracker did. Stoll recorded the hacker's actions as he sought, and sometimes gained, unauthorized access to military bases around the United States, looking for files that contained words such as "nuclear" or "SDI". The hacker also copied password files (in order to make dictionary attacks) and set up Trojan horses to find passwords. Stoll was amazed that on many of these high-security sites the hacker could easily guess passwords, since many system administrators never bothered to change the passwords from their factory defaults. Even on army bases, the hacker was sometimes able to log in as "guest" with no password.

Over the course of this investigation, Stoll contacted various agents at the FBI, CIA, NSA, and Air Force OSI. Since this was almost the first documented case of hacking (Stoll seems to have been the first to keep a daily log book of the hacker's activity), there was some confusion as to jurisdiction and a general reluctance to share information.

Studying his log book, Stoll saw that the hacker was familiar with VMS, as well as AT&T Unix. He also noted that the hacker tended to be active around the middle of the day, Pacific time. Stoll hypothesized that since modem bills are cheaper at night, and most people have school or a day job and would only have a lot of free time for hacking at night, the hacker was in a time zone some distance to the east.

With the help of Tymnet and various agents from various agencies, Stoll eventually found that the intrusion was coming from West Germany via satellite. The Deutsche Bundespost, the German post office, also had authority over the phone system, and they traced the calls to a university in Bremen. In order to entice the hacker to reveal himself, Stoll set up an elaborate hoax (known today as a honeypot), inventing a new department at LBL that had supposedly been newly formed because of an imaginary SDI contract. He knew the hacker was mainly interested in SDI, so he filled the "SDInet" account (operated by the imaginary secretary Barbara Sherwin) with large files full of impressive-sounding bureaucratese. The ploy worked, and the Deutsche Bundespost finally located the hacker at his home in Hanover. The hacker's name was Markus Hess, and he had been engaged for some years in selling the results of his hacking to the Soviet KGB. There was ancillary proof of this when a Hungarian spy contacted the fictitious SDInet at LBL by mail, based on information he could only have obtained through Hess (apparently this was the KGB's method of double-checking to see if Hess was just making up the information he was selling them).

Stoll later had to fly to Germany to testify at the trial of Hess and a confederate.

References in popular culture

  • The book was chronicled in an episode of WGBH's NOVA entitled "The KGB, the Computer, and Me", which aired on PBS stations on October 3, 1990.[1][2].
  • Another documentary, entitled Spycatcher was also made by Yorkshire Television.[2]
  • The number sequence mentioned in Chapter 48 has become a popular math puzzle, known as the Cuckoo's Egg, the Morris Number Sequence, or the look-and-say sequence.
  • In the summer of 2000 the name "Cuckoo's Egg" was used to describe a file sharing hack attempt that substituted white noise or sound effects files for legitimate song files on Napster and other networks.[3]
  • These events are referenced in Cory Doctorow's speculative fiction short story "The Things that Make Me Weak and Strange Get Engineered Away", as "(a) sysadmin who’d tracked a $0.75 billing anomaly back to foreign spy-ring that was using his systems to hack his military".[4]

See also


External links

Wikimedia Foundation. 2010.

Игры ⚽ Нужна курсовая?

Look at other dictionaries:

  • Cuckoo's Egg (novel) — For the non fiction story by Clifford Stoll, see The Cuckoo s Egg (book). Cuckoo s Egg   …   Wikipedia

  • cuckoo egg — n. An MP3 song file that contains either a song different than what its name suggests, or a short sample of the song followed by noises or an anti Napster message. Example Citation: Working after hours at the hardware store, the Fix brothers… …   New words

  • The Chanur novels — The Chanur Saga omnibus The Pride of Chanur Chanur s Venture The Kif Strike Back Chanur s Homecoming Chanur s Legacy Author …   Wikipedia

  • The Russian Stories (C. J. Cherryh) — The Russian Stories Chernevog, the second book in the Russian series Rusalka Chernevog Yvgenie Author C. J. Cherryh Illust …   Wikipedia

  • The Merchanter novels — is a term that describes several loosely connected novels by science fiction and fantasy author C. J. Cherryh set in her Alliance Union universe. These science fiction novels explore her merchanter subculture: the extended families that own and… …   Wikipedia

  • The Morgaine Stories — For other uses of Morgaine , see Morgaine (disambiguation). The Morgaine Stories Gate of Ivrel, the first novel in the Morgaine Cycle. The cover art depicts Morgaine and Vanye in front of a time gate; Morgaine is unsheathing her gate destroying… …   Wikipedia

  • The Backyardigans — Infobox Television show name = The Backyardigans format = Animated television series runtime = approx. 24 minutes creator = Janice Burgess executive producer = Janice Burgess Robert Scull starring=Jake Goldberg Jordan Coleman LaShawn Tináh… …   Wikipedia

  • The Raven in popular culture — This article is about the use of Edgar Allan Poe s poem in popular culture. For the use of the bird itself in culture, see Cultural depictions of ravens. Topics related to …   Wikipedia

  • List of The Nostalgia Critic episodes — The Nostalgia Critic is a Web review series hosted by Doug Walker. The series began in July 2007 on YouTube, but after having a large amount of his episodes removed from YouTube, those, along with new ones, started appearing in April 2008 on… …   Wikipedia

  • The Life of Birds — Infobox nature documentary bgcolour = show name = The Life of Birds caption = The Life of Birds DVD cover picture format = 4:3 audio format = Stereo runtime = 50 minutes creator = developer = producer = executive producer = Mike Salisbury… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”