*Five hours into their assault on West Point, the hackers got serious.
*
The SQL [structured query language] inserts that came earlier were just pablum intended to lull the Army cadets into a false sense of security.
But then the bad guys unleashed a stealthy kernel-level rootkit that burrowed into one workstation, started scraping data and "calling home."*
*...**The SQL injections, targeting their Fedora Core 8 Web server, were a piece of cake for these IT combatants. Each injection tried to smuggle malicious code inside the seemingly harmless language used by the network’s MySQL software. The cadets handily defended with open source
Apache web server modules, plus some manual tweaking of the SQL
database to "avoid any surprises," in the words of Lt Col. Joe Adams, a
West Point instructor who helped coach the team.
*
*But the kernel-level rootkit was much more dangerous. This stealthy operating-system hijacker can open unseen "back doors" into even highly protected networks. When they detected the rootkit's "calls home" the cadets launched Sysinternal's security software to find the hijacker, then they manually scoured the workstation to find the unwelcome executable file. *
Then they terminated it. With extreme prejudice.*
