The Journey from Poacher to Gamekeeper

I recently finished writing a book for O'Reilly & Associates titled Network Security Assessment. The book is a technical breakdown of all the Internet-based attack and penetration techniques used by hackers and security consultants alike, so that readers can assess their networks and secure them against attack.

I have a large number of friends in the security industry and in the underground hacking scenes with whom I share my knowledge all the time. I also have a small number of anonymous enemies who have branded me a "terrorist" in the reader review section of the O'Reilly site, even though my book is not yet published! My libelous enemies would have you believe that I am a terrorist who is hell-bent on destroying the Internet, so I offer here a true account of my career as both a teenage hacker (from 1996-1999) and a professional security consultant (from 2000 to present).

It all started in 1996, when I first used the Internet from my parents' PC with its 28.8K modem. I'd been interested in security and hacking ever since watching WarGames on TV. I came across IRC, joined a few hacking channels, and quickly established relationships with others in the underground, swapping user passwords and exploits. By 1997, I was a 16 year old using the handle "so1o." Later that year, I got involved with a couple of amusing web defacements on the Spice Girls and Janet Jackson sites. Hacking for me back then was just a game, breaking into web servers to modify their HTML and get a buzz in the process.

IRC is a great place to meet people and talk about the latest security issues and tools. In 1998 and early 1999, I continued to operate in various underground circles, joining security research groups such as Rhino9, and eventually joining a group called the Masters of Downloading (MoD). The mission of MoD was to induce media hype based on a piece of Department of Defense (DoD) management software that we downloaded from a public DoD FTP server. On the grounds that we socially engineered the media, the Associated Press and Reuters ran a story in 1999, documenting that the MoD group had hacked the Pentagon and could control satellites and other pieces of hardware. The facts were massively embellished, as the software we downloaded from the public FTP server was in fact useless. Many people in the media branded the MoD group as terrorists, but the truth is that it was all in the name of media hype.

Related Reading Network Security Assessment Know Your Network By Chris McNab Table of Contents Index Sample Chapter Read Online--Safari Search this book on Safari:   Only This Book All of Safari Code Fragments only

The MoD fiasco was when my illicit teenage hacker antics ended abruptly. Since then, I have not gained unauthorized access to a single computer. In spring 1999, I was contacted by the U.K. Computer Crimes Unit (CCU), which wanted to know a little more about the MoD and the embellished claims by the press. For the record, I have never been convicted of any computer-related crime, and to this day I provide technical advice to what is now the National High-Tech Crime Unit (NHTCU). My dialogue with the CCU in the U.K. resulted in no further action being taken by either U.K. or U.S. authorities. This was a wake-up call, and since January 2000, I've worked successfully in the IT security industry here in the U.K., training the security teams of various companies and assessing their networks for security issues.

The reason I wrote this book for O'Reilly was to give back a bit to both sides of the security scene, by fully documenting the technical assessment process as laid out by a true poacher-turned-gamekeeper, and not by a whitehat who doesn't fully understand the blackhat threat.

I've worked hard to make a name for myself in the industry over the last four years, helping numerous large and small organizations improve their network security. From time to time, people have a problem with my past, but if you know me or speak to someone who does, you'll realize that I'm not a nefarious terrorist. By reading my book, its Forward, and its technical information, I hope that you'll appreciate the fact that it's written by someone with a track record on both sides of the fence, which is important if you're tasked with securing your networks from determined attack.

I'll continue to run my successful applied hacking courses in Europe, and to work hard and responsibly in the industry. I hope that you'll judge me on these facts and on the quality of my book, and not on hearsay libel and speculation that you will inevitably come across if you look hard enough.

Chris McNab is the technical director of Matta, a vendor-independent security consulting outfit based in the United Kingdom.

Return to security.oreilly.com.