Guest column: Hacker lessons

You can learn a lot from hackers. No, seriously. And not just how to send fake e-mail or sneak around a firewall. Consider the Linux Death Match, a competition that was part of the recent Chaos Communication Camp in Altlandsberg, Germany. Teams of network administrators, all expert hackers, attacked one another's servers, trying to knock out network services. But the winning team, from Munich, Germany, wasn't the one with the most devastating attack strategy. It was the team that bulked up its server with extra security.

Wait, the story gets better. According to Computerworld security reporter Ann Harrison, who camped out with the 1800 hackers from around the world (you can read more at http://www.computerworld.com), the winners were convinced from the start that they were doomed. They couldn't win. They didn't have a devastating attack strategy. They didn't even know much about Linux, the operating system on the server they would be using. In short, they were toast.

Or to put it another way, they were in about the same position as most corporate IT people who are faced with the task of protecting their systems against outside attacks.

So what did these less-than-stellar hackers do? They just piled on the security, in the form of FreeBSD software.

It worked. They won.

The best defence, it seems, is a lot of defence.

Hackers understand what really matters in running a system, and they actually share many of the same priorities we have -- or should have.

It might surprise you to learn that the way to score points in the Linux Death Match wasn't by knocking out your opponent's system. You scored points by keeping your own server up, running and providing network services.

Which, after all, is also what matters to us.

The winners realised they weren't experts. They understood that they didn't know as much about their vulnerabilities as their attackers did. So instead of trying to become instant security gurus, they paid attention -- a lot of attention -- to what really matters.

We can do that, too. Maybe every hacker, cracker, industrial spy, saboteur and antisocial seventh-grader knows more about the vulnerabilities of your systems than you ever will. And maybe you can't afford to hire big-name consultants and network security geniuses.

But you can keep firewalls and server patches and antivirus software up-to-date. You can scan access logs to watch for evidence that someone is probing your systems. You can make sure you're current on tools, free or otherwise, that can be used to attack and defend your machines. You can tune your servers to limit the information they send out about your systems. You can make checking for easy-to-crack passwords as much a part of your routine as making backups.

And you can pay attention to reports of attacks on the Web sites and networks of your competitors (word gets out through news Web sites and internet newsgroups) and your sister companies (there should be a formal way of getting this information, but the corporate grapevine is probably faster and more accurate). Where there's a hack, there's a hole. You can find and close it on your own systems.

None of this stuff is rocket science. It's good, basic security practice. It's also the stuff that won the Linux Death Match by holding off some of the smartest, most dedicated hackers in the world.

So if you want to beat back your own attackers, learn from the hackers. Otherwise, you really will be toast.

Frank Hayes, Computerworld's staff columnist, has covered IT for 20 years. His e-mail address is frank_hayes@computerworld.com.

Join the newsletter!

Error: Please check your email address.

More about HayesIT People

Show Comments

Market Place