Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: Writing a novel

  1. #1
    Junior Member
    Join Date
    Jun 2004
    Posts
    4

    Writing a novel

    Ok i am new to this forum and am unsure if i can gain any assistance from the members knowledge but i have some questions regarding computer hacking and security. I am presently working on a novel, and part of this novel is a killer that has a web site that he uses to broadcast his deeds etc. My first question is, how difficult would it be for some one to do this and not be caught by the police etc. Can you have a site on 24/7 that is undetectable? Next how would fellow hackers try to hack into this illegal broadcast. I have many more questions but will leave it at this to see if i get any responses. If this is unsuitable for this forum i understand and will seek my answers elsewhere. I am not looking for a how too manual, just broad answers that will allow me to add more realism into my story.
    thankyou in adavnce

  2. #2
    Maybe the person has used a stolen identity, and with the stolen identity he opened up a website, and each time the police are close to exposing the web-site he closes it down and moves it to another location, for instance he/she changes the URL name to something else.
    Other then that i'd like to defiantly read this Novel your writing, it sounds good.

    f2b:.

  3. #3
    First, welcome to the forum!

    My first question is, how difficult would it be for some one to do this and not be caught by the police etc. Can you have a site on 24/7 that is undetectable?
    A computer that is up 24/7 (literally 100% uptime) is going to have a single IP until the ISP (the internet service provider) resets the service long enough to release a new IP (if dynamic). Even then, we are talking about domain name to IP translation. Finding out what IP belongs to google.com is as simple as doing the translation for it. Ping, whois, tracert, and a few other typical everyday tools do that minor conversion.

    In conjunction with the whois command/tool, if he did register his webaddress it involves paperwork, even if just on his home connection. So, before I can answer how easy it would be to find the location of the website, where is he hosting it? In his home? An office? A company?

    For now though, concealing the identify of a webserver and it's location is next to impossible. This is because the routers and main internet gateways (computers that connect you to him) will be open to the public, and thus it is easily assumable that if the router (his ISP's) is in one state, he is too. Also, calling up an ISP to ask about a certain IP address they are hosting also means even more information could be found out easily.

    Next how would fellow hackers try to hack into this illegal broadcast.
    They could exploit a hole in his web server. Maybe the killer was using an FTP server along with his webserver ot upload files, and they could exploit the ftp server. Maybe the killer was using ssh to connect directly to the computer, and the hackers exploited ssh. A ton of things could happen here. So, it all depends on how in detail you can give us about his webserver setup etc etc.

    edit You know, since it is just a story we could preassume a few things. I mean, it's a story not a research paper. So, I think leaving out a fact or two would be fine and acceptable so long as you make it a bit vague.

  4. #4
    No, you cannot have a site 24/7 that is undetectable. It would take a immense abount of hacking and log hiding with the ISP to do so, and would probably be a full time job maintaining that cover.

    Here's a second scenario-

    The killer regulary defaces sites posting his deeds, covering his tracks on each defacement? Much easier to do. Defacements happen everyday and can be covered. Visit http://www.Zone-h.org. There is a listing of defacements there. Other hackers would have to use the same method or different vulnerability to change the "broadcast" on each server. In that case, the killer would have to know how to fix what he exploits.

    You probably don't want to get into the specifics of vulnerabilities, so you can just throw the term, "zero-day" into the novel. It pretty much means that the hacker has an exploit that nobody has discovered yet. Sorta like magic with no counter-magic, in harry potter terms.

    Are you being published? Maybe you can mention the AO community


    edit You know, since it is just a story we could preassume a few things. I mean, it's a story not a research paper. So, I think leaving out a fact or two would be fine and acceptable so long as you make it a bit vague.
    That's what I was thinking. Nobody wants to hear about buffer overflows and whatnot... defining the Zero-Day and using that can be something everyone can understand.

  5. #5
    Junior Member
    Join Date
    Jun 2004
    Posts
    4
    thanks for the prompt replies, and thanks for the welcome. Ok i am presently gaining as much knowlege on this subject so giving you detail on how his webserver is set up is a bit difficult, this book is set in the not so distant future (arn't they all) and i will of course use creative licence, ie ill make it up if i have to and introduce the impossable if need be. What i do want is a sence of realism so if someone like yourselves read the book you would be convinced that this is possable. I am downloading as much info as possable on the subject as i can find. Any areas that i should target?

    I will certainly mention AO online, i have an intereasted publisher, the response to my submissions to date has been positive, but as i am still on first draft nothing solid as yet.

  6. #6
    Encryption (SSH, PGP), networking (ports, Nmap, nessus) , the Apache Webserver, IIS webserver, Look up some linux tools, knoppix boot discs (murderer with no HDD ), Honeypots (Catch the bastard!) and IRC (who knows, maybe they like to chat) and check out vulnerability databases. MS security bulletins. Check out the Sans reading room.



    Encryption (how does he hide his data?)
    blowfish, DES, AES, EFS (I hate EFS), ciphers?

    Networking (What port does he exploit? May be confusing to readers)

    Servers (What is the site hosted on, windows, linux?)

    Linux tools (Stereotype hackers use linux, safe to say in your book that they do. John the ripper, Nmap, Nessus, Hping, ethereal (probably wont use this, but maybe an investigator will)

    Boot Discs (allow computer functionality w/o a harddirve, therefore no footprints)

    Honeypots (investigator tool, would be an awesome climax with HoneyD or something google Honeynet project)

    Check out what vulnerabilities look like in the databases I mentioned. It'll give you an idea of how they work, although all you need to do is throw Zero-Day around once the reader knows what it is. (title? haha)

    Keep us informed of the books progress!

  7. #7
    I agree with Soda on quite a bit here.

    Any areas that i should target?
    Read up and understand exactally how a "Zero-Day" exploit works for the killer to keep his website up, and consider using Soda's idea of instead of having him keep one continual computer, maybe he cracks into other companies servers (won't have to go into detail, just say he did it again) and places his website over theirs. Having the hackers break in through SSH is MUCH more real than having them exploit a webserver, merely because a webserver won't allow as much of an ability to fully hack as ssh will (I have my reasons for saying that, so just trust me on it) This means you need to read up on ssh, how it works, what it does, and a basic understanding of how it was exploited.

    So, things to target:

    1. What a "Zero-Day" exploit is, and to remember to not overuse the term as an excuse to each hack in the book. Zero-Day exploits require a lot of skill in computer security, so maybe only use it once or twice for VERY important situations?

    2. SSH. What it is, how it is used, how it works, and how it has been exploited in the past.

  8. #8
    Junior Member
    Join Date
    Jun 2004
    Posts
    4
    Thanks again, will go and research the areas you have suggested before i ask any more questions. I appreciate the advice and will keep you up to date on how i go.

  9. #9
    By the way- The movie fear.com is exactly like your description. Check it out, its kinda bad though.

  10. #10
    Junior Member
    Join Date
    Jun 2004
    Posts
    1
    You may want to include the use of an off-shore ISP, with DDNS (Dynamic DNS) to provide you with an accessible site, which is constantly on different IP addresses... (That's how a lot of small sites are setup these days, so not REALLY a stealthy approach, but you have to be cognisant of your audience's skill-level).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •