The only way someone could circumvent this power was by typing in the full numerical IP address instead of a proper alphabetical address. But few people knew the up-to-twelve-digit IP equivalent of their alphabetical addresses, and fewer still actually used them.
Controlling NIC offered other benefits as well. Control NIC, and you owned a virtual pass-key into any computer on the Internet which `trusted' another. And most machines trust at least one other system.
Whenever one computer connects to another across the Net, both machines go through a special meet-and-greet process. The receiving computer looks over the first machine and asks itself a few questions. What's the name of the incoming machine? Is that name allowed to connect to me? In what ways am I programmed to `trust' that machine—to wave my normal security for connections from that system?
The receiving computer answers these questions based in large part on information provided by NIC. All of which means that, by controlling NIC, you could make any computer on the Net `pose' as a machine trusted by a computer you might want to hack. Security often depended on a computer's name, and NIC effectively controlled that name.
When Prime Suspect managed to get inside NIC's sister system, he told Mendax and gave him access to the computer. Each hacker then began his own attack on NIC. When Mendax finally got root on NIC, the power was intoxicating. Prime Suspect got root at the same time but using a different method. They were both in.
Inside NIC, Mendax began by inserting a backdoor—a method of getting back into the computer at a later date in case an admin repaired the security flaws the hackers had used to get into the machine. From now on, if he telnetted into the system's Data Defense Network (DDN) information server and typed `login 0' he would have instant, invisible root access to NIC.
That step completed, he looked around for interesting things to read. One file held what appeared to be a list of satellite and microwave dish coordinates—longitude, latitudes, transponder frequencies. Such coordinates might in theory allow someone to build a complete map of communications devices which were used to move the DOD's computer data around the world.
Mendax also penetrated MILNET's Security Coordination Center, which collected reports on every possible security incident on a MILNET computer. Those computers—largely TOPS-20s made by DEC—contained good automatic security programs. Any number of out-of-the-ordinary events would trigger an automatic security report. Someone logging into a machine for too long. A large number of failed login attempts, suggesting password guessing. Two people logging into the same account at the same time. Alarm bells would go off and the local computer would immediately send a security violation report to the MILNET security centre, where it would be added to the `hot list'.
Mendax flipped through page after page of MILNET's security reports on his screen. Most looked like nothing—MILNET users accidentally stumbling over a security tripwire—but one notice from a US military site in Germany stood out. It was not computer generated. This was from a real human being. The system admin reported that someone had been repeatedly trying to break into his or her machine, and had eventually managed to get in. The admin was trying, without much luck, to trace back the intruder's connection to its point of origin. Oddly, it appeared to originate in another MILNET system.
Riffling through other files, Mendax found mail confirming that the attack had indeed come from inside MILNET. His eyes grew wide as he read on. US military hackers had broken into MILNET systems, using them for target practice, and no-one had bothered to tell the system admin at the target site.